Android Tutorial Some C# To Il2cpp Conversions

[mrcas 0 Oppo X9009 5.0.1]

4 minutes ago, Ahmd bdr said:

Retce

What do you mean? Sorry, i am new. I usually edit .dll. But now, i need to learn to edit .so file.

[EpicCode 1 Razer]

On 10/24/2019 at 6:21 AM, mrcas said:

 

Here is a function which i want to edit.

 

 

It maybe like this

 

public void set_Damage(int value)

{

damage = value;

}

I want to change damage = 9999

 

I edit add the offset: 0x22B7414 or 0x22B7450 with this hex:

F5E184D2C0035FD6

 

It means:

 

mov x21,0x270f

Ret

 

But the game was crashed. Is there any wrong with my patch?

Wow I'm not sure how in the world you came up with this of course it would crash your game. Here is the correct way.

 

0x22B740C

01 08 A0 E3 1E FF 2F E1

 

This will mod your damage to 1000

 

Sorry I'm a bit late on it, I just returned to the site.

[EpicCode 1 Razer]

I would like all the conversions. For some dumb reason my computer hates anything to do with Unity, ndk, or sdk. Haha I can't blame it though. Anyways this is a excellent post and I learned a few things from it. I'm actually rather quite curious on how the forcing a field offset works. That is one of the very few things I don't get how to modify. The games I work on have protection on smali code so you cannot even popup a simple toast. Really annoying when you want to figure out a pointer from the field offset but have no way of going about it.

[mrcas 0 Oppo X9009 5.0.1]

On 11/11/2019 at 1:11 PM, EpicCode said:

Wow I'm not sure how in the world you came up with this of course it would crash your game. Here is the correct way.

 

0x22B740C

01 08 A0 E3 1E FF 2F E1

 

This will mod your damage to 1000

 

Sorry I'm a bit late on it, I just returned to the site.

Thanks friend. It seems your code is ARMv7. I need to edit on x64 bit. Your code is same with me. But it was crashed. Do you have any advice for anti anti patching?

 

1 more thing. I see that you told me to patch at 0x22B740C? It mean patch at starting address of the block?

Updated November 12, 2019 by mrcas

[EpicCode 1 Razer]

On 11/12/2019 at 12:03 PM, mrcas said:

Thanks friend. It seems your code is ARMv7. I need to edit on x64 bit. Your code is same with me. But it was crashed. Do you have any advice for anti anti patching?

 

1 more thing. I see that you told me to patch at 0x22B740C? It mean patch at starting address of the block?

Ah yea sorry I didn't know it was armv8 anyhow yes I told you the correct offset to mod since you were doing the wrong one. Never mod set values it's pointless. Only mod get. What game is it I can help you do it. Not sure why your doing armv8 anyhow just force the download to armv7 and work with that.

[epiccode2014 0]

On 2/9/2018 at 4:56 PM, Jbro129 said:

You CANNOT use hexadecimals longer than 4 character long

Working example => Movt r0, #447A (1000 int)

Not-Working Example => Movt r0, #4479C (999 int)

There is a way to use longer hexadecimal floating points with MOV and I plan on adding it in the future.

Can you please explain how this is done?  I need it for a really high float im doing.

[mrcas 0 Oppo X9009 5.0.1]

On 12/14/2019 at 8:22 PM, EpicCode said:

Ah yea sorry I didn't know it was armv8 anyhow yes I told you the correct offset to mod since you were doing the wrong one. Never mod set values it's pointless. Only mod get. What game is it I can help you do it. Not sure why your doing armv8 anyhow just force the download to armv7 and work with that.

Thanks for your reply. I've done my mod. Now i am learning to edit large float.

[n1ce0n3 1.4k]

I am really curious about that "force i/f  into a field", do I undersatnd it correctly? e.g. if I have something like that, and I wanna modify attack speed for example, do I overwrite the hex at 0xE38474?

I've tried that:
MOV             R1, #0x0000804C
STR             R1, [R0,#0x10]
BX              LR
4C1008E3101080E51EFF2FE1

I did try some small values too, but all of them end up crashing the game, and that seems like a pretty normal behaviour, considering what exactly I am doing to the class, lol.

Am I doing something wrong, or there is actually no way, to modify those?

Updated February 22, 2020 by n1ce0n3

[ThienTeakee 0 Xiaomi RM Note 5 9.0]

Quote

Force Int or Float into a field: IDA Arm

Get your field offset from your generated dump.cs from Il2CppDumper by Prefare.

//float field
 MOV             R1, #0x447A
 STR             R1, [R0,#0x10] // replace "0x10" with your field offset inside of dump.cs
 BX              LR
hex -> 7A 14 04 E3 10 10 80 E5 1E FF 2F E1
   
//int field
 MOV             R1, #1000
 STR             R1, [R0,#0x14] // replace "0x14" with your field offset inside of dump.cs
 BX              LR
hex -> FA 1F A0 E3 14 10 80 E5 1E FF 2F E1

Thanks for sharing. I have to find the offset of the field in HEX Editor then replace them with that new HEX codes. Is that right?

[DevEddy 0]

Hi, thank you for sharing. I am wondering how a value of type long could be returned, can someone help?

// RVA: 0x124D8E8 Offset: 0x124D8E8 VA: 0x124D8E8
public long get_prizeAmount() { }

Is it possible to set a field with a value? 

public float spinAmount; // 0x80

Thank you,
Eddy

Updated May 11, 2020 by DevEddy
Question