Help/Support Help with IDA function

[jacktorpey 3 5]

Hi guys, i currenrtly trin to make my first hack. I'm using IDA. I am tryin to hack for 1 hit kill and i search manually for a function (since my IGG not working). And i found this function:

 

 

 

 

MOV             R0, #(paMaxhitcount_0 - 0x306B9C)

__text:00306B98                 ADD             R0, PC ; paMaxhitcount_0

__text:00306B9A                 LDR             R1, [R0] ; "maxHitCount"

__text:00306B9C                 MOVS            R0, #8

__text:00306B9E                 STR             R1, [sP,#0x88+var_70]

__text:00306BA0                 STR             R0, [sP,#0x88+var_48]

__text:00306BA2                 LDR             R0, [sP,#0x88+var_68]

__text:00306BA4                 BLX             _objc_msgSend

__text:00306BA8                 CMP             R0, #0

__text:00306BAA                 BEQ             loc_306C5E

__text:00306BAC                 MOVS            R0, #9

__text:00306BAE                 STR             R0, [sP,#0x88+var_48]

__text:00306BB0                 LDR             R0, [sP,#0x88+var_68]

 

 

 

My question is:

- is this the right function?

- if its right, how can i chane it to make 1hit kill

 

Thank you so much for your help

[Mikedamen9 1.6k 24]

is this the xref from a string or where did you found this GDB  @@jacktorpey

[Guest]

Why is it prefixed with "pa"? The only time I have seen that is when I disassemble dylibs...

 

You also might want to set a breakpoint at the beginning of the function to see if it actually does anything. But I doubt it will.

 

For GDB, use break *0xaddress

For LLDB, use break s -a 0xaddress

[jacktorpey 3 5]

Why is it prefixed with "pa"? The only time I have seen that is when I disassemble dylibs...

 

You also might want to set a breakpoint at the beginning of the function to see if it actually does anything. But I doubt it will.

 

For GDB, use break *0xaddress

For LLDB, use break s -a 0xaddress

 

Oke i'll try. thanks

is this the xref from a string or where did you found this GDB  @@jacktorpey

it's from string. somehow m GDB can't attach to the game, eventhough i have remove ASLR

[Mikedamen9 1.6k 24]

Oke i'll try. thanks

it's from string. somehow m GDB can't attach to the game, eventhough i have remove ASLR

what is the game i dont want to stel your offsets BTW and try to xref the function and go to graph view so you can see the full function

[Guest]

Oke i'll try. thanks

it's from string. somehow m GDB can't attach to the game, eventhough i have remove ASLR

Do you get Segmentation Fault: 11 when you try to attach?

 

Again, I doubt this will do anything.

[jacktorpey 3 5]

what is the game i dont want to stel your offsets BTW and try to xref the function and go to graph view so you can see the full function

One Piece Pirate Saga (https://itunes.apple.com/app/dream-pirate-one-piece-edition/id899009284?mt=8). Its been a week i'm tryin to hack this games, but i have a difficulties in finding the correct function and offsets 

Do you get Segmentation Fault: 11 when you try to attach?

 

Again, I doubt this will do anything.

YEs you were right, doesn't do anything. That is even not the correct function for the 1 hit kill. Damn, i have to start all over again