Jump to content

🛡️ Introducing Shiro Security - Game Security Research & Engineering

×
Community Announcements, Giveaways & More!

Help With LLDB

kaid420

By kaid420
in Help & Support

 Share

2 posts in this topic

Recommended Posts

kaid420 Newbie

kaid420 0
  •   1 

    • Posted
    Posted

    Hi, I was wondering if I could get some help with lldb. I am currently trying to mod the Gold value for ZombieVille.

    I first found the address using iGG(1999c12e0). I then set a watchpoint using LLDB. This is what I got. 

    Process 2550 resuming
(lldb) Process 2550 stopped
* thread #1: tid = 0x19746, 0x000c1c0a Zombieville, stop reason = watchpoint 1
    frame #0: 0x000c1c0a Zombieville
-> 0xc1c0a:  andeq  r1, r0, r1, lsl r1
   0xc1c0e:  .long  0xf2c03178                ; unknown opcode
   0xc1c12:  ldrbtmi r0, [r9], #-277

    I also used "image list" and found the asrl to be 5c000. I rebased in IDA Pro and went to the address which was

    __text:000C1BEC ; GameUser - (int)money
__text:000C1BEC
__text:000C1BEC ; int __cdecl -[GameUser money](struct GameUser *self, SEL)
__text:000C1BEC __GameUser_money_                       ; DATA XREF: __objc_const:0020249Co
__text:000C1BEC                 MOV             R1, #(_OBJC_IVAR_$_GameUser.money_ - 0xC1BF8) ; int money_;
__text:000C1BF4                 ADD             R1, PC  ; int money_;
__text:000C1BF6                 LDR             R1, [R1] ; int money_;
__text:000C1BF8                 LDR             R0, [R0,R1]
__text:000C1BFA                 BX              LR
__text:000C1BFA ; End of function -[GameUser money]
__text:000C1BFA
__text:000C1BFC
__text:000C1BFC ; =============== S U B R O U T I N E =======================================
__text:000C1BFC
__text:000C1BFC ; GameUser - (void)setMoney:(int)
__text:000C1BFC
__text:000C1BFC ; void __cdecl -[GameUser setMoney:](struct GameUser *self, SEL, int)
__text:000C1BFC __GameUser_setMoney__                   ; DATA XREF: __objc_const:002024A8o
__text:000C1BFC                 MOV             R1, #(_OBJC_IVAR_$_GameUser.money_ - 0xC1C08) ; int money_;
__text:000C1C04                 ADD             R1, PC ; aTimezoneoffset ; int money_;
__text:000C1C06                 LDR             R1, [R1] ; int money_;
__text:000C1C08                 STR             R2, [R0,R1]
__text:000C1C0A                 BX              LR <<<<<<<<<<<<<<< LANDS HERE

    The problem seems to be that I cant change anything. Maybe I am doing it wrong but I do

     

    "Memory write -s 4 0xC1C04 0x19C9"

     

    However, the value never changes. I've tried to NOP, BX LR, MOV R1,R7.

    It seems like no matter what address I get from LLDB I cant modify it with "memory write." 

    I have tried modifying Both functions, including Gold.

    Am I doing something wrong, or missing something?

    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now
     Share
    Go to topic listing
    ×
    ×
    • Create New...

    Important Information

    We would like to place cookies on your device to help make this website better. The website cannot give you the best user experience without cookies. You can accept or decline our cookies. You may also adjust your cookie settings. Privacy Policy - Guidelines