Help/Support ASLR Crash

[Astronaut 596 iPhone Xs Max 12.4]

I am trying to remove ASLR from a game but when I load the game it crashes instantly. 

How do I go about doing this without crashing?

Also, I used the online tool.

armconverter.com

Using an iPhone 7 on iOS 10.1.1.

[K_K 167.3k iPhone 13 Pro Max 15.1]

20 minutes ago, Astronaut said:

I am trying to remove ASLR from a game but when I load the game it crashes instantly. 

How do I go about doing this without crashing?

Also, I used the online tool.

armconverter.com

Using an iPhone 7 on iOS 10.1.1.

so did you crack the binary before you removed the ASLR?

[Astronaut 596 iPhone Xs Max 12.4]

I'm guessing it was already cracked since I didn't download it from the App Store.

Updated August 24, 2017 by Astronaut

[WaveCheck 2k iPhone 8 Plus 11.3.1]

The problem is that either 

1. You didn't thin the binary to armv7

2. Didn't sign it using ldid -s BINARY

3. You're using an arm64 binary and that crashes without aslr

[Astronaut 596 iPhone Xs Max 12.4]

25 minutes ago, oZarmo said:

The problem is that either 

1. You didn't thin the binary to armv7

2. Didn't sign it using ldid -s BINARY

3. You're using an arm64 binary and that crashes without aslr

#2 seemed to do have fixed my problem. But in case of #3, what would I have to do?

[WaveCheck 2k iPhone 8 Plus 11.3.1]

7 minutes ago, Astronaut said:

#2 seemed to do have fixed my problem. But in case of #3, what would I have to do?

Well normally to crack a binary you have to install it on your Device with iTunes from your computer which means that the binary has both arm64 and armv7 portions. So if you used lipo to thin it to arm64 and then removed aslr your game would crash. There is no way to fix but you would just have to thin it to armv7 after cracking it and then remove aslr. Now assuming you didn't crack it yourself and the cracked binary was arm64 you can't remove aslr. To defeat aslr on arm64 check out this: 

 

Updated August 24, 2017 by oZarmo

[Ysterperd 1 iPhone 6s 9.3.2]

On 8/24/2017 at 6:19 AM, oZarmo said:

Now assuming you didn't crack it yourself and the cracked binary was arm64 you can't remove aslr.

Hi @oZarmo! I would really like some help on this. I think I might not understand fully. Let me explain. I would like to do a mod on CSR Racing 2 which permanently changes the prices of the cars, upgrades, etc. This is what I've done so far:

• Downloaded and installed app with iTunes.
• Cracked with Clutch2 on an iPhone 6S on 9.3.2.
  • Crack was tested and working.
• Thinned binary using armconverter.com
  • Thinned binary runs fine.
  • Was able to do some mods without removing ASLR, but is inconsistent (maybe due to ASLR?).
  • Some mods seem to work consistently, but others work then I tried uploading the same binary again later then it crashes. 
• Thinned and removed ASLR also using armconverter.com
  • Crashes instantly with no mods.
• Signed binary after thinning and removing ASLR (as explained here: [Tutorial] How to Make RemoveASLR Work on iOS 8.3 & 8.4!)
  • I know this tut is for 8.3 and 8.4, but I don't know what else to try.
  • Game still crashes instantly.

So, please tell me, is my understanding that some of the mods work and then later don't due to ASLR and that ASLR can't be removed on iOS9+?