Help/Support IDA SUB_X HELP

AxCE · November 11, 2016

Why change ldr to mov?

Try:

ldr r7, [r0]

Idk

Updated November 11, 2016 by AxCE

NitroxicDemon · November 11, 2016

LDR is not read from left to right, only STR is.

@AxCE what that means is loading the value of R0 into R7, it should be the other way around

LDR R0, [R7]

Load the value of R7 into R0

Anyways, I dont think this is the function anyways hes having some issues ASLR.

That tut worked for me on removing ASLR on ios 9, your only option really is to try the strings

And if your having issues with strings then

hack the arm64 portion using LLDB then compare binaries

@

Updated November 11, 2016 by Alyce Fan

AxCE · November 11, 2016

LDR is not read from left to right, only STR is.

@AxCE what that means is loading the value of R0 into R7, it should be the other way around

LDR R0, [R7]

Load the value of R7 into R0

Anyways, I dont think this is the function anyways hes having some issues ASLR.

That tut worked for me on removing ASLR on ios 9, your only option really is to try the strings

And if your having issues with strings then

hack the arm64 portion using LLDB then compare binaries

@

Yes i know

I guess, that r7 is holding the value of the coins, so wit would be correct.

Elreys · November 11, 2016

Hi

So I'm hacking coins in Hungry Shark Evolution and LLDB landed me at the highlighted MOVE (in the pic linked below). So I look around and I found LDR R0, [R0] (thinking that R0 is Coins and R0 is loading into R0! (Confused, sorry bout that). I modified that to MOV R0, R7 (in hex it's 381C) and put binary back into device iPhone 6 iOS 9.0.2! I open game and that coins aren't infinite! Why is this??

I used the tut of bypassing ASLR but Ida didn't show the outcome (what I'm supposed to search in Ida) of subtracting ASLR from address LLDB gave me!

So what the hell do I do?. I'm a beginner at SUB_X and I already know how to do MSHOOK and modify plist and also hex edit and also Ida functions (no subx)! (I know. I get it. so much for a 14 year old) I need help with sub X! Please!

What do I do/what do I modify??

Picture: http://imgur.com/lG7A91p

Hi Asian Plus,

If i look your code, i think you reach a memory check, its a trap to stop hacking ; but fortunally shmoo help us with a wonderfull tutorial.

https://iosgods.com/topic/6995-ida-tutorialhow-to-disable-memory-checks/

i think you did the same mistake with ASLR removing that i did for Months please try this..

Solution:

Step 1. Remove Thin and remove ASLR with Online Tool

Step 2 .Important!! Move your Hungry Shark Evolution executable -> to var\mobile\

Step 3 ldid -s Hungry Shark Evolution executable

Step 4 copy file back to the Hungry Shark Evolution executableroot folder

Step 6 .Important!! set premission 777

Im sure this works perfect:)

Updated November 11, 2016 by ELREYS

Mr. Hyperion · November 11, 2016

Hi

Hi Asian Plus,

If i look your code, i think you reach a memory check, its a trap to stop hacking ; but fortunally shmoo help us with a wonderfull tutorial.

https://iosgods.com/topic/6995-ida-tutorialhow-to-disable-memory-checks/

[/size]

i think you did the same mistake with ASLR removing that i did for Months please try this..

Solution:

Step 1. Remove Thin and remove ASLR with Online Tool

Step 2 .Important!! Move your Hungry Shark Evolution executable -> to var\mobile\

Step 3 ldid -s Hungry Shark Evolution executable

Step 4 copy file back to the Hungry Shark Evolution executableroot folder

Step 6 .Important!! set premission 777

Im sure this works perfect:)

The are no memory checks in this game. I have change the value of coins to billions and it let me use them. My problem is the aslr

NitroxicDemon · November 11, 2016

Yes there are no memory checks, its an issue with ASLR.

@AsianPlus you sure you did everything correctly to remove ASLR? Because it works perfectly for me on iOS 9.3.3

Guess you just got to use strings then

AxCE · November 11, 2016

Yes there are no memory checks, its an issue with ASLR.

@AsianPlus you sure you did everything correctly to remove ASLR? Because it works perfectly for me on iOS 9.3.3

Guess you just got to use strings then

Stings

Mr. Hyperion · November 11, 2016

Yes there are no memory checks, its an issue with ASLR.

@AsianPlus you sure you did everything correctly to remove ASLR? Because it works perfectly for me on iOS 9.3.3

Guess you just got to use strings then

Fixed it already