Jump to content
Community Announcements, Giveaways & More!

IDA SUB_X HELP

Mr. Hyperion

By Mr. Hyperion
in Help & Support

 Share

20 posts in this topic

Recommended Posts

NitroxicDemon Rookie

NitroxicDemon 3.2k
  •   8.1.2

    • Posted
    Posted (edited)

    LDR is not read from left to right, only STR is.

    @AxCE what that means is loading the value of R0 into R7, it should be the other way around

    LDR R0, [R7]

    Load the value of R7 into R0

     

    Anyways, I dont think this is the function anyways hes having some issues ASLR.

    That tut worked for me on removing ASLR on ios 9, your only option really is to try the strings

     

    And if your having issues with strings then

    hack the arm64 portion using LLDB then compare binaries

    @

    Updated by Alyce Fan
    AxCE Newbie

    AxCE 5.4k
  •   iPhone 6s 
  •   11.3.1

    • Posted
    Posted

    LDR is not read from left to right, only STR is.

    @AxCE what that means is loading the value of R0 into R7, it should be the other way around

    LDR R0, [R7]

    Load the value of R7 into R0

    Anyways, I dont think this is the function anyways hes having some issues ASLR.

    That tut worked for me on removing ASLR on ios 9, your only option really is to try the strings

    And if your having issues with strings then

    hack the arm64 portion using LLDB then compare binaries

    @

    Yes i know :3 I guess, that r7 is holding the value of the coins, so wit would be correct.
    Elreys Newbie

    Elreys 974
  •   iPad Air 
  •   10.3.1

    • Posted
    Posted (edited)

    Hi 

     

    So I'm hacking coins in Hungry Shark Evolution and LLDB landed me at the highlighted MOVE (in the pic linked below). So I look around and I found LDR R0, [R0] (thinking that R0 is Coins and R0 is loading into R0! (Confused, sorry bout that). I modified that to MOV R0, R7 (in hex it's 381C) and put binary back into device iPhone 6 iOS 9.0.2! I open game and that coins aren't infinite! Why is this??

    I used the tut of bypassing ASLR but Ida didn't show the outcome (what I'm supposed to search in Ida) of subtracting ASLR from address LLDB gave me!

    So what the hell do I do?. I'm a beginner at SUB_X and I already know how to do MSHOOK and modify plist and also hex edit and also Ida functions (no subx)! (I know. I get it. so much for a 14 year old) I need help with sub X! Please!

    What do I do/what do I modify??

    Picture: http://imgur.com/lG7A91p

    Hi Asian Plus,

     

    If i look your code, i think you reach a memory check, its a trap to stop hacking ; but fortunally shmoo help us with a wonderfull tutorial.

     

    https://iosgods.com/topic/6995-ida-tutorialhow-to-disable-memory-checks/

     

     

     

    i think you did the same mistake with ASLR removing  that i did for Months please try this..  ;)

    Solution:

    Step 1. Remove Thin and remove ASLR with Online Tool

    Step 2 .Important!! Move your  Hungry Shark Evolution executable -> to var\mobile\

    Step 3 ldid -s Hungry Shark Evolution executable

    Step 4 copy file back to the Hungry Shark Evolution executableroot folder

    Step 6 .Important!! set premission  777

    Im sure this works perfect:)

     

     

     

    Updated by ELREYS
    Mr. Hyperion Newbie

    Mr. Hyperion 624
  •   9 
  •   9.0.2

    • Posted
    • Author
    Posted

    Hi 

     

     

    Hi Asian Plus,

     

    If i look your code, i think you reach a memory check, its a trap to stop hacking ; but fortunally shmoo help us with a wonderfull tutorial.

     

    https://iosgods.com/topic/6995-ida-tutorialhow-to-disable-memory-checks/

     [/size]

     

     

    i think you did the same mistake with ASLR removing  that i did for Months please try this..  ;)

    Solution:

    Step 1. Remove Thin and remove ASLR with Online Tool

    Step 2 .Important!! Move your  Hungry Shark Evolution executable -> to var\mobile\

    Step 3 ldid -s Hungry Shark Evolution executable

    Step 4 copy file back to the Hungry Shark Evolution executableroot folder

    Step 6 .Important!! set premission  777

    Im sure this works perfect:)

     

     

     

    The are no memory checks in this game. I have change the value of coins to billions and it let me use them. My problem is the aslr

    NitroxicDemon Rookie

    NitroxicDemon 3.2k
  •   8.1.2

    • Posted
    Posted

    Yes there are no memory checks, its an issue with ASLR.

    @AsianPlus you sure you did everything correctly to remove ASLR? Because it works perfectly for me on iOS 9.3.3 :/

     

    Guess you just got to use strings then :p

    AxCE Newbie

    AxCE 5.4k
  •   iPhone 6s 
  •   11.3.1

    • Posted
    Posted

    Yes there are no memory checks, its an issue with ASLR.

    @AsianPlus you sure you did everything correctly to remove ASLR? Because it works perfectly for me on iOS 9.3.3 :/

    Guess you just got to use strings then :p

    Stings <3
    Mr. Hyperion Newbie

    Mr. Hyperion 624
  •   9 
  •   9.0.2

    • Posted
    • Author
    Posted

    Yes there are no memory checks, its an issue with ASLR.

    @AsianPlus you sure you did everything correctly to remove ASLR? Because it works perfectly for me on iOS 9.3.3 :/

    Guess you just got to use strings then :p

    Fixed it already

    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now
     Share
    Go to topic listing
    ×
    ×
    • Create New...

    Important Information

    We would like to place cookies on your device to help make this website better. The website cannot give you the best user experience without cookies. You can accept or decline our cookies. You may also adjust your cookie settings. Privacy Policy - Guidelines