Jump to content

Help with disabling _syscall


Go to solution Solved by Aswag1,

36 posts in this topic

Recommended Posts

  • Solution
Posted

Well after laying dormant for quite awhile, I thought I might add a couple of pointers....

 

It seems that for 64-bit devices, there are certain additional checks in the binary in most GameLoft games. Most notably, the addition of a __sysctl. What this call does is check whether the __syscall flag is checked. If it sees that it has been manipulated in some fashion (such as NOPing the BLX or NOP the MOV) it will immediately give a EXEC_BAD_ADDRESS error.

 

Now here are some of my findings to combat this...

 

I have seen that making any alterations in a binary patch have led to the game crashing once I attach to it in lldb. So, logically I just patch the memory of the game rather than make crude adjustments. It seems to work, though it is a pain in the ass and you have to keep stepping through the memory stack to make sure that all checks are thoroughly disabled. I had all the checks for Brothers In Arms 3 before, I am not sure if I have them still. I would like to help, but I'm not really into iOS hacking anymore so there's that. Hopefully one of the young bloods can help you out and resolve your problem.

Posted

Well after laying dormant for quite awhile, I thought I might add a couple of pointers....

 

It seems that for 64-bit devices, there are certain additional checks in the binary in most GameLoft games. Most notably, the addition of a __sysctl. What this call does is check whether the __syscall flag is checked. If it sees that it has been manipulated in some fashion (such as NOPing the BLX or NOP the MOV) it will immediately give a EXEC_BAD_ADDRESS error.

 

Now here are some of my findings to combat this...

 

I have seen that making any alterations in a binary patch have led to the game crashing once I attach to it in lldb. So, logically I just patch the memory of the game rather than make crude adjustments. It seems to work, though it is a pain in the ass and you have to keep stepping through the memory stack to make sure that all checks are thoroughly disabled. I had all the checks for Brothers In Arms 3 before, I am not sure if I have them still. I would like to help, but I'm not really into iOS hacking anymore so there's that. Hopefully one of the young bloods can help you out and resolve your problem.

 

Thank you for a great explanation. So basically, I cannot use my 5S to make hacks for Gameloft games (except for patching the memory, which would be temporary because the addresses would change every time) because it is 64-bit, but I can use a device that is not 64-bit, for example my old ipod touch 5g. So if I load up the binary from my iPod, I might be able to patch __syscall so that I can attach it to GDB?

Posted

Find the syscal method, and BX LR the first instruction.

That's right. If calls to the functions can easily be disabled, you could simply make the actual syscall function to return and do nothing. Can you post the disassembly for the syscall function?

Posted (edited)

@@Aswag1 yeah, it has been jailbroken four times and freezes regularly... i don't think i can use it, and out of curiosity, is android hacking easier than ios?

 

@@Gh0stByte i feel like if i BX LR the first instruction, it will crash because of what aswag1 said

 

@jx1992 i can post the disassembly here later, just not now, i'm going to a movie in 5 mins :p

Updated by Guest
Posted

@@jx1992 here are the things that i think are the _syscall function.

 

1.

 

__text:0000C5C8   sub_C5C8                                ; CODE XREF: -[sendInfoInterface IGPSendGameInfo:::::]+536p

__text:0000C5C8                 PUSH            {R7,LR}
__text:0000C5CA                 MOV             R7, SP
__text:0000C5CC                 SUB             SP, SP, #0x6C
__text:0000C5CE                 MOVW            R1, #(:lower16:(aLibraryMobiles - 0xC5DE)) ; "/Library/MobileSubstrate/MobileSubstrat"...
__text:0000C5D2                 MOV             R2, SP
__text:0000C5D4                 MOVT.W          R1, #(:upper16:(aLibraryMobiles - 0xC5DE)) ; "/Library/MobileSubstrate/MobileSubstrat"...
__text:0000C5D8                 MOVS            R0, #0xBC ; int
__text:0000C5DA                 ADD             R1, PC  ; "/Library/MobileSubstrate/MobileSubstrat"...
__text:0000C5DC                 BLX.W           _syscall
__text:0000C5E0                 CMP             R0, #0
__text:0000C5E2                 BEQ             loc_C66C
__text:0000C5E4                 MOVW            R1, #(:lower16:(aApplicationsCy - 0xC5F4)) ; "/Applications/Cydia.app"
__text:0000C5E8                 MOV             R2, SP
__text:0000C5EA                 MOVT.W          R1, #(:upper16:(aApplicationsCy - 0xC5F4)) ; "/Applications/Cydia.app"
__text:0000C5EE                 MOVS            R0, #0xBC ; int
__text:0000C5F0                 ADD             R1, PC  ; "/Applications/Cydia.app"
__text:0000C5F2                 BLX.W           _syscall
__text:0000C5F6                 CMP             R0, #0
__text:0000C5F8                 BEQ             loc_C66C
__text:0000C5FA                 MOVW            R1, #(:lower16:(aVarLibApt - 0xC60A)) ; "/var/lib/apt"
__text:0000C5FE                 MOV             R2, SP
__text:0000C600                 MOVT.W          R1, #(:upper16:(aVarLibApt - 0xC60A)) ; "/var/lib/apt"
__text:0000C604                 MOVS            R0, #0xBC ; int
__text:0000C606                 ADD             R1, PC  ; "/var/lib/apt"
__text:0000C608                 BLX.W           _syscall
__text:0000C60C                 CMP             R0, #0
__text:0000C60E                 BEQ             loc_C66C
__text:0000C610                 MOVW            R1, #(:lower16:(aVarLibCydia - 0xC620)) ; "/var/lib/cydia"
__text:0000C614                 MOV             R2, SP
__text:0000C616                 MOVT.W          R1, #(:upper16:(aVarLibCydia - 0xC620)) ; "/var/lib/cydia"
__text:0000C61A                 MOVS            R0, #0xBC ; int
__text:0000C61C                 ADD             R1, PC  ; "/var/lib/cydia"
__text:0000C61E                 BLX.W           _syscall
__text:0000C622                 CMP             R0, #0
__text:0000C624                 BEQ             loc_C66C
__text:0000C626                 MOVW            R1, #(:lower16:(aVarTmpCydia_lo - 0xC636)) ; "/var/tmp/cydia.log"
__text:0000C62A                 MOV             R2, SP
__text:0000C62C                 MOVT.W          R1, #(:upper16:(aVarTmpCydia_lo - 0xC636)) ; "/var/tmp/cydia.log"
__text:0000C630                 MOVS            R0, #0xBC ; int
__text:0000C632                 ADD             R1, PC  ; "/var/tmp/cydia.log"
__text:0000C634                 BLX.W           _syscall
__text:0000C638                 CMP             R0, #0
__text:0000C63A                 BEQ             loc_C66C
__text:0000C63C                 MOVW            R1, #(:lower16:(aEtcApt - 0xC64C)) ; "/etc/apt"
__text:0000C640                 MOV             R2, SP
__text:0000C642                 MOVT.W          R1, #(:upper16:(aEtcApt - 0xC64C)) ; "/etc/apt"
__text:0000C646                 MOVS            R0, #0xBC ; int
__text:0000C648                 ADD             R1, PC  ; "/etc/apt"
__text:0000C64A                 BLX.W           _syscall
__text:0000C64E                 CMP             R0, #0
__text:0000C650                 BEQ             loc_C66C
__text:0000C652                 MOVS            R0, #2  ; int
__text:0000C654                 BLX.W           _syscall
__text:0000C658                 MOV             R1, R0
__text:0000C65A                 MOVS            R0, #0  ; int
__text:0000C65C                 CMP             R1, #0
__text:0000C65E                 BEQ             loc_C672
__text:0000C660                 CMP.W           R1, #0xFFFFFFFF
__text:0000C664                 IT GT
__text:0000C666                 MOVGT           R0, #1
__text:0000C668                 ADD             SP, SP, #0x6C
__text:0000C66A                 POP             {R7,PC}
__text:0000C66C ; ---------------------------------------------------------------------------
__text:0000C66C
__text:0000C66C loc_C66C                                ; CODE XREF: sub_C5C8+1Aj
__text:0000C66C                                         ; sub_C5C8+30j ...
__text:0000C66C                 MOVS            R0, #1
__text:0000C66E                 ADD             SP, SP, #0x6C
__text:0000C670                 POP             {R7,PC}
__text:0000C672 ; ---------------------------------------------------------------------------
__text:0000C672
__text:0000C672 loc_C672                                ; CODE XREF: sub_C5C8+96j
__text:0000C672                 BLX.W           _exit
__text:0000C676                 NOP
__text:0000C676 ; End of function sub_C5C8

 

2.

 

__picsymbolstub4:0095AEE8 _syscall                                ; CODE XREF: sub_C5C8+14p
__picsymbolstub4:0095AEE8                                         ; sub_C5C8+2Ap ...
__picsymbolstub4:0095AEE8                 LDR             R12, =(_syscall_ptr - 0x95AEF4)
__picsymbolstub4:0095AEEC                 ADD             R12, PC, R12 ; _syscall_ptr
__picsymbolstub4:0095AEF0                 LDR             PC, [R12] ; __imp__syscall
__picsymbolstub4:0095AEF0 ; End of function _syscall
 
Again, I'm not used to doing all of this just to debug a game. I was surprised that there where almost no answers from when I first searched this, or no guide on any website. I am also surprised that there are so many people that are willing to help me, it really means alot :)
Posted

@@Shmoo419

 

In the disassembly posted on page 1, the syscall is made to ptrace with the argument "PT_DENY_ATTACH".

In linux, this would be used to deny debuggers from attaching to the current process (in this case, Nova 3).

 

Since the disassembly shows that the program doesn't check for the return value of the ptrace syscall, what you can do is one of these 2.

 

1) Set r1 to -1

 

Because -1 is not a valid ptrace request argument, the ptrace syscall will return with an error and the call will not succeed.

 

2) Nop the branch to syscall

 

This simply stops the function from making a syscall. Simple as that.

 

From what I can infer, I suppose you are trying to attach a debugger to the Nova 3 app. You can try the above 2 methods to see if you can get your debugger to attach.

 

For more details you can reference this site : http://www.coredump.gr/articles/ios-anti-debugging-protections-part-1/

 

Good luck

Posted

@@jx1992 I know that PT_DENY_ATTACH keeps the debugger from attaching, but I never tried -1, but instead anything other than 31 (0x1F) or I NOP'ed it. And I usually stay away from NOP'ing branches because it usually results in a crash (for me at least), but I'll give it a go. That website was really useful, too.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Our picks

    • Dead Impact: Survival MMORPG v1.09 +11 Jailed Cheats [ Unlimited Everything ]
      Modded/Hacked App: Dead Impact: Survival MMORPG By SYNTHEZ GAMES LIMITED
      Bundle ID: games.synthez.zombie.survival.multiplayer
      App Store Link: https://apps.apple.com/us/app/dead-impact-survival-mmorpg/id6444281832?uo=4

       
       

      🤩 Hack Features

      - Freeze Currencies
      - Freeze Items
      - 1 Stat Point Requirement
      - Level Threshold Modifier -> Amount of XP required to advance to the next level.
      - No Craft Item Requirement
      - Unlimited Durability
      - No Consumable Cooldown

      VIP
      - Unlimited Currencies -> Will increase instead of decrease.
      - Unlimited Items -> Will increase instead of decrease.
      - Unlock All
      - Unlock All Classes
        • Informative
        • Agree
        • Haha
        • Thanks
        • Winner
        • Like
      • 177 replies
    • Dead Impact: Survival MMORPG v1.09 +11 Cheats [ Unlimited Everything ]
      Modded/Hacked App: Dead Impact: Survival MMORPG By SYNTHEZ GAMES LIMITED
      Bundle ID: games.synthez.zombie.survival.multiplayer
      App Store Link: https://apps.apple.com/us/app/dead-impact-survival-mmorpg/id6444281832?uo=4

       


      🤩 Hack Features

      - Freeze Currencies
      - Freeze Items
      - 1 Stat Point Requirement
      - Level Threshold Modifier -> Amount of XP required to advance to the next level.
      - No Craft Item Requirement
      - Unlimited Durability
      - No Consumable Cooldown

      VIP
      - Unlimited Currencies -> Will increase instead of decrease.
      - Unlimited Items -> Will increase instead of decrease.
      - Unlock All
      - Unlock All Classes
        • Agree
        • Haha
        • Thanks
        • Winner
        • Like
      • 71 replies
    • Space Outpost: Drone War v0.4.8 [+2 Jailed Cheats]
      Modded/Hacked App: Space Outpost: Drone War By CYBERJOY LIMITED
      Bundle ID: com.cyberjoy.spaceoutpost
      App Store Link: https://apps.apple.com/us/app/space-outpost-drone-war/id6747959347?uo=4



      🤩 Hack Features

      - High Damage
      - Activate SVip
        • Thanks
      • 0 replies
    • Space Outpost: Drone War v0.4.8 [+2 Cheats]
      Modded/Hacked App: Space Outpost: Drone War By CYBERJOY LIMITED
      Bundle ID: com.cyberjoy.spaceoutpost
      App Store Link: https://apps.apple.com/us/app/space-outpost-drone-war/id6747959347?uo=4



      🤩 Hack Features

      - High Damage
      - Activate SVip
       
        • Winner
      • 7 replies
    • Archero Cheats v7.2.0 +5 [ God Mode & More ]
      Modded/Hacked App: Archero by HABBY PTE. LTD.
      Bundle ID: com.habby.archero
      iTunes Store Link: https://apps.apple.com/us/app/archero/id1453651052?uo=4&at=1010lce4



      Hack Features:
      - Multiply Defense to
      - Multiply Damage to
      - God Mode
      - OHK (Must use with God Mode)
      - Freeze Enemies

      NOTE: If you want to use god mode and ohk turn off multiply damage and defense first. I added multiply damage and defense there to avoid ban


      Non-Jailbroken & No Jailbreak required hack(s): https://iosgods.com/topic/100710-archero-v210-enemies-dont-attack-x30-attack/


      Hack Download Link: https://iosgods.com/topic/96783-arm64-archero-cheats-v220-5/
        • Informative
        • Agree
        • Haha
        • Thanks
        • Winner
        • Like
      • 15,884 replies
    • ONE PIECE トレジャークルーズ v15.1.2 +5 Jailed Cheats
      Modded/Hacked App: ONE PIECE トレジャークルーズ By Bandai Namco Entertainment Inc.
      Bundle ID: jp.co.bandainamcogames.NBGI0199
      iTunes Store Link: https://apps.apple.com/jp/app/one-piece-%E3%83%88%E3%83%AC%E3%82%B8%E3%83%A3%E3%83%BC%E3%82%AF%E3%83%AB%E3%83%BC%E3%82%BA/id824116884?uo=4


      Mod Requirements:
      - Non-Jailbroken/Jailed or Jailbroken iPhone/iPad/iPod Touch.
      - Sideloadly / Cydia Impactor or alternatives.
      - A Computer Running Windows/macOS/Linux with iTunes installed.


      Hack Features:
      - One Hit Kill
      - Never Die
      - Character Box 
      - Auto Win
      - Skill Turn


      Jailbreak required hack(s): 


      iOS Hack Download IPA Link:

      Hidden Content

      Download via the iOSGods App








      PC Installation Instructions:
      STEP 1: If necessary, uninstall the app if you have it installed on your iDevice. Some hacked IPAs will install as a duplicate app. Make sure to back it up so you don't lose your progress.
      STEP 2: Download the pre-hacked .IPA file from the link above to your computer. To download from the iOSGods App, see this tutorial topic.
      STEP 3: Download Sideloadly and install it on your PC.
      STEP 4: Open/Run Sideloadly on your computer, connect your iOS Device, and wait until your device name shows up.
      STEP 5: Once your iDevice appears, drag the modded .IPA file you downloaded and drop it inside the Sideloadly application.
      STEP 6: You will now have to enter your iTunes/Apple ID email login, press "Start" & then you will be asked to enter your password. Go ahead and enter the required information.
      STEP 7: Wait for Sideloadly to finish sideloading/installing the hacked IPA. If there are issues during installation, please read the note below.
      STEP 8: Once the installation is complete and you see the app on your Home Screen, you will need to go to Settings -> General -> Profiles/VPN & Device Management. Once there, tap on the email you entered from step 6, and then tap on 'Trust [email protected]'.
      STEP 9: Now go to your Home Screen and open the newly installed app and everything should work fine. You may need to follow further per app instructions inside the hack's popup in-game.

      NOTE: iOS/iPadOS 16 and later, you must enable Developer Mode. For free Apple Developer accounts, you will need to repeat this process every 7 days. Jailbroken iDevices can also use Sideloadly/Filza/IPA Installer to normally install the IPA with AppSync. If you have any questions or problems, read our Sideloadly FAQ section of the topic and if you don't find a solution, please post your issue down below and we'll do our best to help! If the hack does work for you, post your feedback below and help out other fellow members that are encountering issues.


      Credits:
      - AlyssaX64


      Cheat Video/Screenshots:

      N/A
        • Informative
        • Agree
        • Haha
        • Winner
        • Like
      • 32 replies
    • ONE PIECE TREASURE CRUISE v15.1.2 +5 Jailed Cheats
      Modded/Hacked App: ONE PIECE TREASURE CRUISE By Bandai Namco Entertainment Inc.
      Bundle ID: jp.co.bandainamcogames.BNGI0218
      iTunes Store Link: https://apps.apple.com/us/app/one-piece-treasure-cruise/id943690848?uo=4


      Mod Requirements:
      - Non-Jailbroken/Jailed or Jailbroken iPhone/iPad/iPod Touch.
      - Sideloadly / Cydia Impactor or alternatives.
      - A Computer Running Windows/macOS/Linux with iTunes installed.


      Hack Features:
      - One Hit Kill
      - Never Die
      - Character Box 
      - Auto Win
      - Skill Turn


      Jailbreak required hack(s): 


      iOS Hack Download IPA Link:

      Hidden Content

      Download via the iOSGods App








      PC Installation Instructions:
      STEP 1: If necessary, uninstall the app if you have it installed on your iDevice. Some hacked IPAs will install as a duplicate app. Make sure to back it up so you don't lose your progress.
      STEP 2: Download the pre-hacked .IPA file from the link above to your computer. To download from the iOSGods App, see this tutorial topic.
      STEP 3: Download Sideloadly and install it on your PC.
      STEP 4: Open/Run Sideloadly on your computer, connect your iOS Device, and wait until your device name shows up.
      STEP 5: Once your iDevice appears, drag the modded .IPA file you downloaded and drop it inside the Sideloadly application.
      STEP 6: You will now have to enter your iTunes/Apple ID email login, press "Start" & then you will be asked to enter your password. Go ahead and enter the required information.
      STEP 7: Wait for Sideloadly to finish sideloading/installing the hacked IPA. If there are issues during installation, please read the note below.
      STEP 8: Once the installation is complete and you see the app on your Home Screen, you will need to go to Settings -> General -> Profiles/VPN & Device Management. Once there, tap on the email you entered from step 6, and then tap on 'Trust [email protected]'.
      STEP 9: Now go to your Home Screen and open the newly installed app and everything should work fine. You may need to follow further per app instructions inside the hack's popup in-game.

      NOTE: iOS/iPadOS 16 and later, you must enable Developer Mode. For free Apple Developer accounts, you will need to repeat this process every 7 days. Jailbroken iDevices can also use Sideloadly/Filza/IPA Installer to normally install the IPA with AppSync. If you have any questions or problems, read our Sideloadly FAQ section of the topic and if you don't find a solution, please post your issue down below and we'll do our best to help! If the hack does work for you, post your feedback below and help out other fellow members that are encountering issues.


      Credits:
      - AlyssaX64


      Cheat Video/Screenshots:

      N/A
        • Informative
        • Agree
        • Haha
        • Thanks
        • Winner
        • Like
      • 133 replies
    • ONE PIECE トレジャークルーズ v15.1.2 +5 Cheats
      Modded/Hacked App: ONE PIECE トレジャークルーズ By Bandai Namco Entertainment Inc.
      Bundle ID: jp.co.bandainamcogames.NBGI0199
      iTunes Store Link: https://apps.apple.com/jp/app/one-piece-%E3%83%88%E3%83%AC%E3%82%B8%E3%83%A3%E3%83%BC%E3%82%AF%E3%83%AB%E3%83%BC%E3%82%BA/id824116884?uo=4


      Hack Features:
      - Go over Character Box Capacity
      - Auto Win
      - God Mode
      - Skill Available after 1 Turn
      - High Damage Hits
        • Informative
        • Agree
        • Haha
        • Thanks
        • Winner
        • Like
      • 92 replies
    • ONE PIECE TREASURE CRUISE v15.1.2 +5 Cheats
      App Name: ONE PIECE TREASURE CRUISE By Bandai Namco Entertainment Inc. v12.1.2
      Bundle ID: jp.co.bandainamcogames.BNGI0218
      Requires: iOS 10.0 or later.
      Price: Free
      iTunes URL: https://apps.apple.com/us/app/one-piece-treasure-cruise/id943690848

      Hack Features:

      - Auto Win

      - God Mode

      - Skill Available after 1 Turn

      - High Damage Hits

      - Go over Character Box Capacity
        • Informative
        • Agree
        • Haha
        • Thanks
        • Winner
        • Like
      • 303 replies
    • ONE PIECE TREASURE CRUISE-RPG v15.1.2 +2 Cheats
      Modded/Hacked App: ONE PIECE TREASURE CRUISE By BANDAI NAMCO Entertainment Inc.
      Bundle ID: jp.co.bandainamcogames.BNGI0218
      iTunes Store Link: https://apps.apple.com/us/app/one-piece-treasure-cruise/id943690848

      Mod Requirements:
      - Jailbroken iPhone/iPad/iPod Touch.
      - Filza / iMazing or any other file managers for iOS.
      - Cydia Substrate, Substitute or libhooker depending on your jailbreak.
      - PreferenceLoader (from Cydia or Sileo).


      Hack Features:
      - one hit kill
      - god mode




      Non-Jailbroken & No Jailbreak required hack(s): https://iosgods.com/forum/79-no-jailbreak-section/
      Modded Android APK(s): https://iosgods.com/forum/68-android-section/
      For more fun, check out the Club(s): https://iosgods.com/clubs/


      iOS Hack Download Link:

      Hidden Content
      Download Hack







      Installation Instructions:
      STEP 1: Download the .deb Cydia hack file from the link above.
      STEP 2: Copy the file over to your iDevice using any of the file managers mentioned above or skip this step if you're downloading from your iDevice.
      STEP 3: Using Filza or iFile, browse to where you saved the downloaded .deb file and tap on it.
      STEP 4: Once you tap on the file, you will need to press on 'Install' or 'Installer' from the options on your screen.
      STEP 5: Let Filza / iFile finish the cheat installation. Make sure it successfully installs, otherwise see the note below.
      STEP 6: If the hack is a Mod Menu, which is usually the case nowadays, the cheat features can be toggled in-game. Some cheats have options that can be enabled from your iDevice settings.
      STEP 7: Turn on the features you want and play the game. You may need to follow further instructions inside the hack's popup in-game.

       

      NOTE: If you have any questions or problems, read our Troubleshooting topic & Frequently Asked Questions & Answers topic. If you still haven't found a solution, post your issue down below and we'll do our best to help! If the hack does work for you, post your feedback below and help out other fellow members that are encountering issues.


      Credits:
      - AlyssaX64


      Cheat Video/Screenshots:

      N/A
        • Informative
        • Agree
        • Haha
        • Thanks
        • Winner
        • Like
      • 701 replies
    • ONE PIECE トレジャークルーズ v15.1.2 +2 Cheats
      Modded/Hacked App: ONE PIECE トレジャークルーズ By BANDAI NAMCO Entertainment Inc.
      Bundle ID: jp.co.bandainamcogames.NBGI0199
      iTunes Store Link: https://apps.apple.com/jp/app/one-piece-%E3%83%88%E3%83%AC%E3%82%B8%E3%83%A3%E3%83%BC%E3%82%AF%E3%83%AB%E3%83%BC%E3%82%BA/id824116884


      Hack Features:
      - God Mode 
      - Skill Available after 1 Turn
      - High Damage Hits
        • Informative
        • Agree
        • Haha
        • Thanks
        • Winner
        • Like
      • 702 replies
    • Meow kingdom:cute cat idle rpg v00.26.02 +2 Jailed Cheats
      Modded/Hacked App: Meow kingdom:cute cat idle rpg By Fathermade
      Bundle ID: com.fathermade.catkingdom
      iTunes Store Link: https://apps.apple.com/us/app/meow-kingdom-cute-cat-idle-rpg/id1606840138?uo=4

       

      📌 Mod Requirements

      - Non-Jailbroken/Jailed or Jailbroken iPhone or iPad.
      - Sideloadly or alternatives.
      - Computer running Windows/macOS/Linux with iTunes installed.

       

      🤩 Hack Features

      - Damage Multiplier
      - Defense Multiplier

       

      ⬇️ iOS Hack Download IPA Link


      Hidden Content

      Download via the iOSGods App







       

      📖 PC Installation Instructions

      STEP 1: Download the pre-hacked .IPA file from the link above to your computer. To download from the iOSGods App, see our iOSGods App IPA Download Tutorial which includes a video example.
      STEP 2: Download Sideloadly and install it on your Windows or Mac.
      STEP 3: Open Sideloadly on your computer, connect your iOS device, and wait until your device name appears in Sideloadly.
      STEP 4: Once your iDevice is recognized, drag the modded .IPA file you downloaded and drop it into the Sideloadly application.
      STEP 5: Enter your Apple Account email when prompted, then press “Start.” You’ll then be asked to enter your password. Go ahead and provide the required information.
      STEP 6: Wait for Sideloadly to finish sideloading/installing the hacked IPA. If there are issues during installation, please read the note below.
      STEP 7: Once the installation is complete and you see the app on your Home Screen, you will need to go to Settings -> General -> Profiles / VPN & Device Management. Once there, tap on the email you entered from step 6, and then tap on 'Trust [email protected]'.
      STEP 8: Now go to your Home Screen and open the newly installed app and everything should work fine. You may need to follow further per app instructions inside the hack's popup in-game.

      NOTE: iOS/iPadOS 16 and later, you must enable Developer Mode. For free Apple Developer accounts, you will need to repeat this process every 7 days. If you have any questions or problems, read our Sideloadly FAQ section of the topic and if you don't find a solution, please post your issue below and we'll do our best to help! If the hack does work for you, post your feedback below and help out other fellow members that are encountering issues.

       

      🙌 Credits

      - AlyssaX64

       

      📷 Cheat Video/Screenshots

      N/A
        • Informative
        • Agree
        • Winner
        • Like
      • 47 replies
×
  • Create New...

Important Information

We would like to place cookies on your device to help make this website better. The website cannot give you the best user experience without cookies. You can accept or decline our cookies. You may also adjust your cookie settings. Privacy Policy - Guidelines