Jump to content
Community Announcements, Giveaways & More!

Help with disabling _syscall

Guest

By Guest
in Help & Support

 Share
Go to solution Solved by Aswag1,

36 posts in this topic

Recommended Posts

  • Replies 35
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Aswag1
Aswag1

Well after laying dormant for quite awhile, I thought I might add a couple of pointers....   It seems that for 64-bit devices, there are certain additional checks in the binary in most GameLoft game

Diversityy
Diversityy

shmoo, you have to do this: %hook GameloftSoSecured -(bool) syscallgtfo { return TRUE; } %end

Oxytyramine Apprentice

Oxytyramine 42.3k
  •   iPhone X 
  •   13.3

    • Posted
    Posted

    I know that already, this is one of the first forums I've signed up with. I know how to use GDB to find offsets in IDA and I know how to patch a binary. My first hack was a savegame for COD: BOZ for v1.3.3, I already learned MS, MSHook, and I'm doing IDA and code inject (writeData) right now and I'm working on Dead Trigger 2 but decided to take a break and do this because I get angry very easily lol

     

    so im not really a beginner ;)

     

    @ 

    @

    sorry u were new thats why i thought that! ok then keep it up bro

    haha worked for me in bia3 too :p

    hack it or i will :p

    Guest

    Guest

    Posted
    Posted

    I'm using a 5S by the way

     

    I've never worked with disabling _syscall and _dlsym before so this is pretty hard, and I can't figure this out. I know that NOP'ing a BLX or any branch would result in a crash, so I stayed away from that. I xref'ed to operand for _dlsym and it gave me this:

     

    __text:00648B04 loc_648B04                              ; CODE XREF: sub_648A04+D8j

    __text:00648B04                 LDR             R0, [sP,#0x70+var_1C]
    __text:00648B06                 BL              sub_649168
    __text:00648B0A                 MOVS            R2, #1
    __text:00648B10                 MOV             R1, #(_objc_msgSend_ptr - 0x648B1C)
    __text:00648B18                 ADD             R1, PC ; _objc_msgSend_ptr
    __text:00648B1A                 LDR             R1, [R1] ; __imp__objc_msgSend
    __text:00648B1C                 MOV             R3, #(selRef_cStringUsingEncoding_ - 0x648B28)
    __text:00648B24                 ADD             R3, PC ; selRef_cStringUsingEncoding_
    __text:00648B26                 STR             R0, [sP,#0x70+var_2C]
    __text:00648B28                 LDR             R0, [sP,#0x70+var_2C]
    __text:00648B2A                 LDR.W           R9, [sP,#0x70+var_20]
    __text:00648B2E                 LDR             R3, [R3] ; "cStringUsingEncoding:"
    __text:00648B30                 STR             R0, [sP,#0x70+handle]
    __text:00648B32                 MOV             R0, R9
    __text:00648B34                 STR             R1, [sP,#0x70+var_50]
    __text:00648B36                 MOV             R1, R3
    __text:00648B38                 LDR             R3, [sP,#0x70+var_50]
    __text:00648B3A                 BLX             R3
    __text:00648B3C                 LDR             R1, [sP,#0x70+handle]
    __text:00648B3E                 STR             R0, [sP,#0x70+symbol]
    __text:00648B40                 MOV             R0, R1  ; handle 
    __text:00648B42                 LDR             R1, [sP,#0x70+symbol] ; symbol
    __text:00648B44                 BLX             _dlsym
    __text:00648B48                 MOV             R1, #(_objc_msgSend_ptr - 0x648B54)
    __text:00648B50                 ADD             R1, PC ; _objc_msgSend_ptr
    __text:00648B52                 LDR             R1, [R1] ; __imp__objc_msgSend
    __text:00648B54                 MOV             R2, R1
    __text:00648B56                 MOV             R3, #(selRef_setObject_forKey_ - 0x648B62)
    __text:00648B5E                 ADD             R3, PC ; selRef_setObject_forKey_
    __text:00648B60                 MOV             R9, #(selRef_valueWithPointer_ - 0x648B6C)
    __text:00648B68                 ADD             R9, PC ; selRef_valueWithPointer_
    __text:00648B6A                 MOV             R12, #(classRef_NSValue - 0x648B76)
    __text:00648B72                 ADD             R12, PC ; classRef_NSValue
    __text:00648B74                 MOV             LR, #(dword_B062A4 - 0x648B80)
    __text:00648B7C                 ADD             LR, PC ; dword_B062A4
    __text:00648B7E                 STR             R0, [sP,#0x70+var_30]
    __text:00648B80                 LDR.W           R0, [LR]
    __text:00648B84                 LDR.W           R12, [R12] ; _OBJC_CLASS_$_NSValue
    __text:00648B88                 LDR.W           LR, [sP,#0x70+var_30]
    __text:00648B8C                 LDR.W           R9, [R9] ; "valueWithPointer:"
    __text:00648B90                 STR             R0, [sP,#0x70+var_58]
    __text:00648B92                 MOV             R0, R12
    __text:00648B94                 STR             R1, [sP,#0x70+var_5C]
    __text:00648B96                 MOV             R1, R9
    __text:00648B98                 STR             R2, [sP,#0x70+var_60]
    __text:00648B9A                 MOV             R2, LR
    __text:00648B9C                 LDR.W           R9, [sP,#0x70+var_5C]
    __text:00648BA0                 STR             R3, [sP,#0x70+var_64]
    __text:00648BA2                 BLX             R9
    __text:00648BA4                 LDR             R1, [sP,#0x70+var_24]
    __text:00648BA6                 LDR             R2, [sP,#0x70+var_64]
    __text:00648BA8                 LDR             R3, [R2]
    __text:00648BAA                 LDR.W           R9, [sP,#0x70+var_58]
    __text:00648BAE                 STR             R0, [sP,#0x70+var_68]
    __text:00648BB0                 MOV             R0, R9
    __text:00648BB2                 STR             R1, [sP,#0x70+var_6C]
    __text:00648BB4                 MOV             R1, R3
    __text:00648BB6                 LDR             R2, [sP,#0x70+var_68]
    __text:00648BB8                 LDR             R3, [sP,#0x70+var_6C]
    __text:00648BBA                 LDR.W           R9, [sP,#0x70+var_60]
    __text:00648BBE                 BLX             R9
    __text:00648BC0                 LDR             R0, [sP,#0x70+var_30]
    __text:00648BC2                 STR             R0, [sP,#0x70+var_18]
     
    And I was not really sure about what to do with any of this. I feel like changing these four lines would do the trick, but I really have no idea what to change them to.
     
    __text:00648B3C                 LDR             R1, [sP,#0x70+handle]
    __text:00648B3E                 STR             R0, [sP,#0x70+symbol]
    __text:00648B40                 MOV             R0, R1  ; handle 
    __text:00648B42                 LDR             R1, [sP,#0x70+symbol] ; symbol
    __text:00648B44                 BLX             _dlsym ----> I wouldn't change this, I just put it there for clarity.
     
    So, not knowing really what to do there I xref'ed to operand loc_648B04 and got this:
     
    __text:00648A50 loc_648A50                              ; CODE XREF: sub_648A04+1Ej
    __text:00648A50                                         ; sub_648A04:loc_648A4Ej
    __text:00648A50                 MOVS            R0, #0
    __text:00648A56                 MOV             R1, #(_objc_msgSend_ptr - 0x648A62)
    __text:00648A5E                 ADD             R1, PC ; _objc_msgSend_ptr
    __text:00648A60                 LDR             R1, [R1] ; __imp__objc_msgSend
    __text:00648A62                 MOV             R2, R1
    __text:00648A64                 MOV             R3, #(selRef_objectForKey_ - 0x648A70)
    __text:00648A6C                 ADD             R3, PC ; selRef_objectForKey_
    __text:00648A6E                 MOV             R9, #(dword_B062A4 - 0x648A7A)
    __text:00648A76                 ADD             R9, PC ; dword_B062A4
    __text:00648A78                 MOV             R12, #(stru_AE58E0 - 0x648A84) ; "%@:%@"
    __text:00648A80                 ADD             R12, PC ; "%@:%@"
    __text:00648A82                 MOV             LR, #(selRef_stringWithFormat_ - 0x648A8E)
    __text:00648A8A                 ADD             LR, PC ; selRef_stringWithFormat_
    __text:00648A8C                 MOV             R4, #(classRef_NSString - 0x648A98)
    __text:00648A94                 ADD             R4, PC ; classRef_NSString
    __text:00648A96                 LDR             R4, [R4] ; _OBJC_CLASS_$_NSString
    __text:00648A98                 LDR             R5, [sP,#0x70+var_1C]
    __text:00648A9A                 LDR             R6, [sP,#0x70+var_20]
    __text:00648A9C                 LDR.W           LR, [LR] ; "stringWithFormat:"
    __text:00648AA0                 STR             R0, [sP,#0x70+var_34]
    __text:00648AA2                 MOV             R0, R4
    __text:00648AA4                 STR             R1, [sP,#0x70+var_38]
    __text:00648AA6                 MOV             R1, LR
    __text:00648AA8                 STR             R2, [sP,#0x70+var_3C]
    __text:00648AAA                 MOV             R2, R12
    __text:00648AAC                 STR             R3, [sP,#0x70+var_40]
    __text:00648AAE                 MOV             R3, R5
    __text:00648AB0                 STR             R6, [sP,#0x70+var_70]
    __text:00648AB2                 LDR.W           R12, [sP,#0x70+var_38]
    __text:00648AB6                 STR.W           R9, [sP,#0x70+var_44]
    __text:00648ABA                 BLX             R12
    __text:00648ABC                 STR             R0, [sP,#0x70+var_24]
    __text:00648ABE                 LDR             R0, [sP,#0x70+var_44]
    __text:00648AC0                 LDR             R1, [R0]
    __text:00648AC2                 LDR             R2, [sP,#0x70+var_24]
    __text:00648AC4                 LDR             R3, [sP,#0x70+var_40]
    __text:00648AC6                 LDR.W           R9, [R3]
    __text:00648ACA                 MOV             R0, R1
    __text:00648ACC                 MOV             R1, R9
    __text:00648ACE                 LDR.W           R9, [sP,#0x70+var_3C]
    __text:00648AD2                 BLX             R9
    __text:00648AD4                 STR             R0, [sP,#0x70+var_28]
    __text:00648AD6                 LDR             R0, [sP,#0x70+var_28]
    __text:00648AD8                 LDR             R1, [sP,#0x70+var_34]
    __text:00648ADA                 CMP             R0, R1
    __text:00648ADC                 BEQ             loc_648B04
    __text:00648ADE                 MOV             R0, #(_objc_msgSend_ptr - 0x648AEA)
    __text:00648AE6                 ADD             R0, PC ; _objc_msgSend_ptr
    __text:00648AE8                 LDR             R0, [R0] ; __imp__objc_msgSend
    __text:00648AEA                 MOV             R1, #(selRef_pointerValue - 0x648AF6)
    __text:00648AF2                 ADD             R1, PC ; selRef_pointerValue
    __text:00648AF4                 LDR             R2, [sP,#0x70+var_28]
    __text:00648AF6                 LDR             R1, [R1] ; "pointerValue"
    __text:00648AF8                 STR             R0, [sP,#0x70+var_48]
    __text:00648AFA                 MOV             R0, R2
    __text:00648AFC                 LDR             R2, [sP,#0x70+var_48]
    __text:00648AFE                 BLX             R2
    __text:00648B00                 STR             R0, [sP,#0x70+var_18]
    __text:00648B02                 B               loc_648BC4
     

    I'm pretty sure that these lines mean to

     

    __text:00648AD4                 STR             R0, [sP,#0x70+var_28] ----> store the value of R0 into SP+70+var_28

    __text:00648AD6                 LDR             R0, [sP,#0x70+var_28] ----> load SP+70+var_28 into R0
    __text:00648AD8                 LDR             R1, [sP,#0x70+var_34] ----> load SP+70+var_34 into R1
    __text:00648ADA                 CMP             R0, R1 ----> compare R1 with R0
    __text:00648ADC                 BEQ             loc_648B04 ----> branch if equal to loc_648B04
     
    I changed CMP R0, R1 to CMP R0, #0 to at least try to make it false and CMP R0, R7 because I know it would never be equal to 800 million. I'm used to having to set MOVS R1, #0x1F to MOVS R1, #0x00 to make this work, not all of this stuff.
     
    @@Laxus you said that you got it to work, would you be able to send me a binary with all of this stuff disabled? And I have a 5S, would that affect anything?
     
    Thanks everyone for trying to help, I really appreciate it :)
    K_K Experienced

    K_K 165.8k
  •   iPhone 13 Pro Max 
  •   15.1

    • Posted
    Posted

     

    I'm using a 5S by the way

     

    I've never worked with disabling _syscall and _dlsym before so this is pretty hard, and I can't figure this out. I know that NOP'ing a BLX or any branch would result in a crash, so I stayed away from that. I xref'ed to operand for _dlsym and it gave me this:

     

    __text:00648B04 loc_648B04 ; CODE XREF: sub_648A04+D8j

    __text:00648B04 LDR R0, [sP,#0x70+var_1C]

    __text:00648B06 BL sub_649168

    __text:00648B0A MOVS R2, #1

    __text:00648B10 MOV R1, #(_objc_msgSend_ptr - 0x648B1C)

    __text:00648B18 ADD R1, PC ; _objc_msgSend_ptr

    __text:00648B1A LDR R1, [R1] ; __imp__objc_msgSend

    __text:00648B1C MOV R3, #(selRef_cStringUsingEncoding_ - 0x648B28)

    __text:00648B24 ADD R3, PC ; selRef_cStringUsingEncoding_

    __text:00648B26 STR R0, [sP,#0x70+var_2C]

    __text:00648B28 LDR R0, [sP,#0x70+var_2C]

    __text:00648B2A LDR.W R9, [sP,#0x70+var_20]

    __text:00648B2E LDR R3, [R3] ; "cStringUsingEncoding:"

    __text:00648B30 STR R0, [sP,#0x70+handle]

    __text:00648B32 MOV R0, R9

    __text:00648B34 STR R1, [sP,#0x70+var_50]

    __text:00648B36 MOV R1, R3

    __text:00648B38 LDR R3, [sP,#0x70+var_50]

    __text:00648B3A BLX R3

    __text:00648B3C LDR R1, [sP,#0x70+handle]

    __text:00648B3E STR R0, [sP,#0x70+symbol]

    __text:00648B40 MOV R0, R1 ; handle

    __text:00648B42 LDR R1, [sP,#0x70+symbol] ; symbol

    __text:00648B44 BLX _dlsym

    __text:00648B48 MOV R1, #(_objc_msgSend_ptr - 0x648B54)

    __text:00648B50 ADD R1, PC ; _objc_msgSend_ptr

    __text:00648B52 LDR R1, [R1] ; __imp__objc_msgSend

    __text:00648B54 MOV R2, R1

    __text:00648B56 MOV R3, #(selRef_setObject_forKey_ - 0x648B62)

    __text:00648B5E ADD R3, PC ; selRef_setObject_forKey_

    __text:00648B60 MOV R9, #(selRef_valueWithPointer_ - 0x648B6C)

    __text:00648B68 ADD R9, PC ; selRef_valueWithPointer_

    __text:00648B6A MOV R12, #(classRef_NSValue - 0x648B76)

    __text:00648B72 ADD R12, PC ; classRef_NSValue

    __text:00648B74 MOV LR, #(dword_B062A4 - 0x648B80)

    __text:00648B7C ADD LR, PC ; dword_B062A4

    __text:00648B7E STR R0, [sP,#0x70+var_30]

    __text:00648B80 LDR.W R0, [LR]

    __text:00648B84 LDR.W R12, [R12] ; _OBJC_CLASS_$_NSValue

    __text:00648B88 LDR.W LR, [sP,#0x70+var_30]

    __text:00648B8C LDR.W R9, [R9] ; "valueWithPointer:"

    __text:00648B90 STR R0, [sP,#0x70+var_58]

    __text:00648B92 MOV R0, R12

    __text:00648B94 STR R1, [sP,#0x70+var_5C]

    __text:00648B96 MOV R1, R9

    __text:00648B98 STR R2, [sP,#0x70+var_60]

    __text:00648B9A MOV R2, LR

    __text:00648B9C LDR.W R9, [sP,#0x70+var_5C]

    __text:00648BA0 STR R3, [sP,#0x70+var_64]

    __text:00648BA2 BLX R9

    __text:00648BA4 LDR R1, [sP,#0x70+var_24]

    __text:00648BA6 LDR R2, [sP,#0x70+var_64]

    __text:00648BA8 LDR R3, [R2]

    __text:00648BAA LDR.W R9, [sP,#0x70+var_58]

    __text:00648BAE STR R0, [sP,#0x70+var_68]

    __text:00648BB0 MOV R0, R9

    __text:00648BB2 STR R1, [sP,#0x70+var_6C]

    __text:00648BB4 MOV R1, R3

    __text:00648BB6 LDR R2, [sP,#0x70+var_68]

    __text:00648BB8 LDR R3, [sP,#0x70+var_6C]

    __text:00648BBA LDR.W R9, [sP,#0x70+var_60]

    __text:00648BBE BLX R9

    __text:00648BC0 LDR R0, [sP,#0x70+var_30]

    __text:00648BC2 STR R0, [sP,#0x70+var_18]

     

    And I was not really sure about what to do with any of this. I feel like changing these four lines would do the trick, but I really have no idea what to change them to.

     

    __text:00648B3C LDR R1, [sP,#0x70+handle]

    __text:00648B3E STR R0, [sP,#0x70+symbol]

    __text:00648B40 MOV R0, R1 ; handle

    __text:00648B42 LDR R1, [sP,#0x70+symbol] ; symbol

    __text:00648B44 BLX _dlsym ----> I wouldn't change this, I just put it there for clarity.

     

    So, not knowing really what to do there I xref'ed to operand loc_648B04 and got this:

     

    __text:00648A50 loc_648A50 ; CODE XREF: sub_648A04+1Ej

    __text:00648A50 ; sub_648A04:loc_648A4Ej

    __text:00648A50 MOVS R0, #0

    __text:00648A56 MOV R1, #(_objc_msgSend_ptr - 0x648A62)

    __text:00648A5E ADD R1, PC ; _objc_msgSend_ptr

    __text:00648A60 LDR R1, [R1] ; __imp__objc_msgSend

    __text:00648A62 MOV R2, R1

    __text:00648A64 MOV R3, #(selRef_objectForKey_ - 0x648A70)

    __text:00648A6C ADD R3, PC ; selRef_objectForKey_

    __text:00648A6E MOV R9, #(dword_B062A4 - 0x648A7A)

    __text:00648A76 ADD R9, PC ; dword_B062A4

    __text:00648A78 MOV R12, #(stru_AE58E0 - 0x648A84) ; "%@:%@"

    __text:00648A80 ADD R12, PC ; "%@:%@"

    __text:00648A82 MOV LR, #(selRef_stringWithFormat_ - 0x648A8E)

    __text:00648A8A ADD LR, PC ; selRef_stringWithFormat_

    __text:00648A8C MOV R4, #(classRef_NSString - 0x648A98)

    __text:00648A94 ADD R4, PC ; classRef_NSString

    __text:00648A96 LDR R4, [R4] ; _OBJC_CLASS_$_NSString

    __text:00648A98 LDR R5, [sP,#0x70+var_1C]

    __text:00648A9A LDR R6, [sP,#0x70+var_20]

    __text:00648A9C LDR.W LR, [LR] ; "stringWithFormat:"

    __text:00648AA0 STR R0, [sP,#0x70+var_34]

    __text:00648AA2 MOV R0, R4

    __text:00648AA4 STR R1, [sP,#0x70+var_38]

    __text:00648AA6 MOV R1, LR

    __text:00648AA8 STR R2, [sP,#0x70+var_3C]

    __text:00648AAA MOV R2, R12

    __text:00648AAC STR R3, [sP,#0x70+var_40]

    __text:00648AAE MOV R3, R5

    __text:00648AB0 STR R6, [sP,#0x70+var_70]

    __text:00648AB2 LDR.W R12, [sP,#0x70+var_38]

    __text:00648AB6 STR.W R9, [sP,#0x70+var_44]

    __text:00648ABA BLX R12

    __text:00648ABC STR R0, [sP,#0x70+var_24]

    __text:00648ABE LDR R0, [sP,#0x70+var_44]

    __text:00648AC0 LDR R1, [R0]

    __text:00648AC2 LDR R2, [sP,#0x70+var_24]

    __text:00648AC4 LDR R3, [sP,#0x70+var_40]

    __text:00648AC6 LDR.W R9, [R3]

    __text:00648ACA MOV R0, R1

    __text:00648ACC MOV R1, R9

    __text:00648ACE LDR.W R9, [sP,#0x70+var_3C]

    __text:00648AD2 BLX R9

    __text:00648AD4 STR R0, [sP,#0x70+var_28]

    __text:00648AD6 LDR R0, [sP,#0x70+var_28]

    __text:00648AD8 LDR R1, [sP,#0x70+var_34]

    __text:00648ADA CMP R0, R1

    __text:00648ADC BEQ loc_648B04

    __text:00648ADE MOV R0, #(_objc_msgSend_ptr - 0x648AEA)

    __text:00648AE6 ADD R0, PC ; _objc_msgSend_ptr

    __text:00648AE8 LDR R0, [R0] ; __imp__objc_msgSend

    __text:00648AEA MOV R1, #(selRef_pointerValue - 0x648AF6)

    __text:00648AF2 ADD R1, PC ; selRef_pointerValue

    __text:00648AF4 LDR R2, [sP,#0x70+var_28]

    __text:00648AF6 LDR R1, [R1] ; "pointerValue"

    __text:00648AF8 STR R0, [sP,#0x70+var_48]

    __text:00648AFA MOV R0, R2

    __text:00648AFC LDR R2, [sP,#0x70+var_48]

    __text:00648AFE BLX R2

    __text:00648B00 STR R0, [sP,#0x70+var_18]

    __text:00648B02 B loc_648BC4

     

    I'm pretty sure that these lines mean to

     

    __text:00648AD4 STR R0, [sP,#0x70+var_28] ----> store the value of R0 into SP+70+var_28

    __text:00648AD6 LDR R0, [sP,#0x70+var_28] ----> load SP+70+var_28 into R0

    __text:00648AD8 LDR R1, [sP,#0x70+var_34] ----> load SP+70+var_34 into R1

    __text:00648ADA CMP R0, R1 ----> compare R1 with R0

    __text:00648ADC BEQ loc_648B04 ----> branch if equal to loc_648B04

     

    I changed CMP R0, R1 to CMP R0, #0 to at least try to make it false and CMP R0, R7 because I know it would never be equal to 800 million. I'm used to having to set MOVS R1, #0x1F to MOVS R1, #0x00 to make this work, not all of this stuff.

     

    @@Laxus you said that you got it to work, would you be able to send me a binary with all of this stuff disabled? And I have a 5S, would that affect anything?

     

    Thanks everyone for trying to help, I really appreciate it :)

    Nop try this C046C046 done :)

    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now
     Share
    Go to topic listing

    • Our picks

      • Cup Quest - Hero's Journey v1.3 [+3 Cheats]

        Cup Quest - Hero's Journey v1.3 [+3 Cheats]

        Cashlaz posted a topic in Free Jailbreak Cheats,

        Modded/Hacked App: Cup Quest - Hero's Journey By DOGSTER TECHNOLOGIES PRIVATE LIMITED
        Bundle ID: com.felicity.cupquest
        App Store Link: https://apps.apple.com/us/app/cup-quest-heros-journey/id6742395137?uo=4



        🤩 Hack Features

        - One Hit Kill
        - Add Currency
        - Unlock Double Speed
        • 2 replies
        Cashlaz

        Picked By

        Cashlaz,
      • Cup Quest - Hero's Journey v1.3 [+3 Jailed Cheats]

        Cup Quest - Hero's Journey v1.3 [+3 Jailed Cheats]

        Cashlaz posted a topic in Free Non-Jailbroken IPA Cheats,

        Modded/Hacked App: Cup Quest - Hero's Journey By DOGSTER TECHNOLOGIES PRIVATE LIMITED
        Bundle ID: com.felicity.cupquest
        App Store Link: https://apps.apple.com/us/app/cup-quest-heros-journey/id6742395137?uo=4



        🤩 Hack Features

        - One Hit Kill
        - Add Currency
        - Unlock Double Speed
        • 1 reply
        Cashlaz

        Picked By

        Cashlaz,
      • Idle Dungeon Manager v1.7.6 [ +5 Cheats ] Currency Max

        Idle Dungeon Manager v1.7.6 [ +5 Cheats ] Currency Max

        Ik_Ik posted a topic in Free Jailbreak Cheats,

        Modded/Hacked App: Idle Dungeon Manager By ColdFire Games GmbH
        Bundle ID: com.coldfiregames.dungeon.manager.tycoon.idle.game
        App Store Link: https://apps.apple.com/us/app/idle-dungeon-manager/id1538761888?uo=4


        🤩 Hack Features

        - ADS NO [ Rewards Free ]

        - Currency

        - Resources

        - Stars

        - ATK HP SH [ Hero Up ] Tested Not
        • 0 replies
        Ik_Ik

        Picked By

        Ik_Ik,
      • Idle Dungeon Manager v1.7.6 [ +5 Jailed ] Currency Max

        Idle Dungeon Manager v1.7.6 [ +5 Jailed ] Currency Max

        Ik_Ik posted a topic in Free Non-Jailbroken IPA Cheats,

        Modded/Hacked App: Idle Dungeon Manager By ColdFire Games GmbH
        Bundle ID: com.coldfiregames.dungeon.manager.tycoon.idle.game
        App Store Link: https://apps.apple.com/us/app/idle-dungeon-manager/id1538761888?uo=4
         

        🤩 Hack Features

        - ADS NO [ Rewards Free ]

        - Currency

        - Resources

        - Stars

        - ATK HP SH [ Hero Up ] Tested Not
        • 0 replies
        Ik_Ik

        Picked By

        Ik_Ik,
      • Knights of Pen and Paper 3 v1.4.1 [+5 Cheats]

        Knights of Pen and Paper 3 v1.4.1 [+5 Cheats]

        Cashlaz posted a topic in Free Jailbreak Cheats,

        Modded/Hacked App: Knights of Pen and Paper 3 By Northica Oy
        Bundle ID: com.northicagames.kopp3
        App Store Link: https://apps.apple.com/us/app/knights-of-pen-and-paper-3/id6462194230?uo=4



        🤩 Hack Features

        - High Gold Gain (Enable and Win Fight)
        - Always Can Claim Achievements
        - Auto Win (Enable inside battle)
        - Level Up Characters (Enable and your heroes levels up)
        - Max Level Equipments (Enable and all equipments will be max level)

        • 0 replies
        Cashlaz

        Picked By

        Cashlaz,
      • Knights of Pen and Paper 3 v1.4.1 [+5 Jailed Cheats]

        Knights of Pen and Paper 3 v1.4.1 [+5 Jailed Cheats]

        Cashlaz posted a topic in Free Non-Jailbroken IPA Cheats,

        Modded/Hacked App: Knights of Pen and Paper 3 By Northica Oy
        Bundle ID: com.northicagames.kopp3
        App Store Link: https://apps.apple.com/us/app/knights-of-pen-and-paper-3/id6462194230?uo=4



        🤩 Hack Features

        - High Gold Gain (Enable and Win Fight)
        - Always Can Claim Achievements
        - Auto Win (Enable inside battle)
        - Level Up Characters (Enable and your heroes levels up)
        - Max Level Equipments (Enable and all equipments will be max level)

        • 1 reply
        Cashlaz

        Picked By

        Cashlaz,
      • Eternium Cheats v1.34.12 +11

        Eternium Cheats v1.34.12 +11

        Laxus posted a topic in ViP Cheats,

        Modded/Hacked App: Eternium By Making Fun, Inc.
        Bundle ID: com.makingfun.mageandminions
        iTunes Store Link: https://apps.apple.com/us/app/eternium/id579931356?uo=4

         

        📌 Mod Requirements

        - Jailbroken iPhone or iPad.
        - iGameGod / Filza / iMazing.
        - Cydia Substrate, ElleKit, Substitute or libhooker depending on your jailbreak (from Sileo, Cydia or Zebra).

         

        🤩 Hack Features

        - 5K Gems When Completed Stage
        - Infinite Gold
        - Infinite Cosmetic
        - Infinite Yellow Stone
        - Multiply Attack (Linked with Enemy)
        - No Skills Cooldown
        - No Consumable Cooldown
        - Multiply Attack Speed
        - Instant Regen Health
        - Always Crit
        - Material Drops (When you killed an Enemy it will drop materials for crafts)



        ⬇️ iOS Hack Download Link: https://iosgods.com/topic/194526-eternium-cheats-v13355-6/
        • 34 replies
        Laxus

        Picked By

        Laxus ,
      • June’s Journey: Hidden Objects v3.34.4 Jailed Cheats +2

        June’s Journey: Hidden Objects v3.34.4 Jailed Cheats +2

        Laxus posted a topic in Free Non-Jailbroken IPA Cheats,

        Modded/Hacked App: June’s Journey: Hidden Objects By wooga gmbh
        Bundle ID: net.wooga.junes-journey-hidden-object-mystery-game
        iTunes Store Link: https://apps.apple.com/us/app/junes-journey-hidden-objects/id1200391796?uo=4


        Hack Features:
        - Infinite Currencies
        - Instant Hint


        iOS Hack Download IPA Link: https://iosgods.com/topic/176104-june%E2%80%99s-journey-hidden-objects-v2946-jailed-cheats-2/
        • 42 replies
        Laxus

        Picked By

        Laxus ,
      • Township: Farm & City Building v27.0.1 Jailed Cheats +2

        Township: Farm & City Building v27.0.1 Jailed Cheats +2

        Laxus posted a topic in Free Non-Jailbroken IPA Cheats,

        Modded/Hacked App: Township by PLR Worldwide Sales Limited
        Bundle ID: com.playrix.township-ios
        iTunes Store Link: https://apps.apple.com/us/app/township/id638689075?uo=4&at=1010lce4


        Hack Features:
        - Freeze Currencies

        EDIT: Please be aware that this maybe cause your account banned, please use with caution and don’t abuse


        iOS Hack Download Link: https://iosgods.com/topic/116584-arm64-township-farm-city-building-v852-jailed-cheats-2/
        • 1,672 replies
        Laxus

        Picked By

        Laxus ,
      • My Cafe — Restaurant game Cheats v2025050.0.733 +3

        My Cafe — Restaurant game Cheats v2025050.0.733 +3

        Zahir  posted a topic in Free Jailbreak Cheats,

        Modded/Hacked App: My Cafe — Restaurant Game By Melsoft
        Bundle ID: com.Melesta.MyCafe
        iTunes Store Link: https://apps.apple.com/us/app/my-cafe-restaurant-game/id1068204657?uo=4

         

        📌 Mod Requirements

        - Jailbroken iPhone or iPad.
        - iGameGod / Filza / iMazing.
        - Cydia Substrate, ElleKit, Substitute or libhooker depending on your jailbreak (from Sileo, Cydia or Zebra).

         

        🤩 Hack Features

        - Increase Game Speed
        - No Timer to Buy Energy
        - Custom Dice Value


        Notes:
        - DO NOT BUY VIP FOR OTHER FEATURES, IT HAS BEEN PATCHED AND NO LONGER WORK

         

        Non-Jailbroken Hack: https://iosgods.com/topic/134272-my-cafe-%E2%80%94-restaurant-game-v20250205684-3-cheats/

         

        ⬇️ iOS Hack Download Link: https://iosgods.com/topic/130634-my-cafe-%E2%80%94-restaurant-game-cheats-v20250300691-3/
        • 655 replies
        Laxus

        Picked By

        Laxus ,
      • RollerCoaster Tycoon Touch Cheats v3.43.0 +5

        RollerCoaster Tycoon Touch Cheats v3.43.0 +5

        Laxus posted a topic in Free Jailbreak Cheats,

        Modded/Hacked App: RollerCoaster Tycoon® Touch™ By Atari, Interactive
        Bundle ID: com.atari.mobile.rctempire
        iTunes Store Link: https://apps.apple.com/us/app/rollercoaster-tycoon-touch/id1164507836?uo=4

         

        📌 Mod Requirements

        - Jailbroken iPhone or iPad.
        - iGameGod / Filza / iMazing.
        - Cydia Substrate, ElleKit, Substitute or libhooker depending on your jailbreak (from Sileo, Cydia or Zebra).

         

        🤩 Hack Features

        - Infinite Currencies
        - Instant Max Level (Complete some task - Only use when you finished Tutorial and get to Level 8 at least)
        - VIP Member
        - Card only need 1 to be upgraded

         

        Non-Jailbroken Hack: https://iosgods.com/topic/74948-rollercoaster-tycoon-touch-v3413-jailed-cheats-4/

         

        ⬇️ iOS Hack Download Link: https://iosgods.com/topic/73710-rollercoaster-tycoon-touch-cheats-v3420-5/
        • 1,107 replies
        Laxus

        Picked By

        Laxus ,
      • Dragons & Diamonds v2.0.60 [ +9 Jailed ] Auto Win

        Dragons & Diamonds v2.0.60 [ +9 Jailed ] Auto Win

        Ik_Ik posted a topic in Free Non-Jailbroken IPA Cheats,

        Modded/Hacked App: Dragons & Diamonds By Kiloo
        Bundle ID: com.kiloo.dragonsanddiamonds
        iTunes Store Link: https://apps.apple.com/us/app/dragons-diamonds/id1223359380?uo=4

        Hack Features:

        - Gems

        - Gold

        - Energy

        - Battle Cost 0

        - Play Any LvL

        - HP [ Hit Enemy ]

        - DMG

        - Auto Win [ Just One Hit ]

        - Enemy Freeze


        Jailbreak required hack(s): https://iosgods.com/forum/5-game-cheats-hack-requests/
        Modded Android APK(s): https://iosgods.com/forum/68-android-section/
        For more fun, check out the Club(s): https://iosgods.com/clubs/
        • 9 replies
        Ik_Ik

        Picked By

        Ik_Ik,
      View All
    ×
    ×
    • Create New...

    Important Information

    We would like to place cookies on your device to help make this website better. The website cannot give you the best user experience without cookies. You can accept or decline our cookies. You may also adjust your cookie settings. Privacy Policy - Guidelines