Jump to content

Simplified MSHookMemory Usage [ARM64 Only]


Ted2
 Share

23 posts in this topic

Recommended Posts

While MSHookMemory is great, I hate I have to do this:

const uint8_t hack[] = {
    0x00, 0x00, 0x80, 0x52, // mov w0, #0
    0xc0, 0x03, 0x5f, 0xd6, // ret
};

 

 

So I wrote some code which won't need you to do that:

#include <substrate.h>
#include <mach-o/dyld.h>

#define ASLR_BIAS _dyld_get_image_vmaddr_slide(0)

uint64_t getRealOffset(uint64_t offset){
	return ASLR_BIAS + offset;
}

// main func
void inject(uint64_t offset, uint64_t hackedHex) {

    hackedHex = CFSwapInt32(hackedHex);        

    MSHookMemory((void *)getRealOffset(offset), (void *)&hackedHex, sizeof(hackedHex));
}

 

How to import this code to your project?

You have two options:

1. Copy & paste the code from above under your "imports"

2. Download this file & paste it in /var/theos/includes & write this on top of tweak.xm:

#include <inject.h>

 

Usage of the function:

//parameters it takes
inject(0xIDAOffset, 0xHackedHex);

//actual usage on a offset
inject(0x100299DC4, 0xC0035FD6);

 

 

Bugs to be fixed:

1. If you wanna write a hex more than 4 bytes, it won't work the way you think, example:

inject(0x100299DC0, 0x20008052C0035FD6);

/*

	This will write C0035FD620008052 instead of what you entered due the CFSwapInt32

/*

NOTE:  I'm no pro at this kinda stuff (dealing with memory), so if there's anything just mention it ^^

 

Credits

- Saurik

- topics from https://stackoverflow.com/   which helped me understand several things

- Me for this simplified version

Edited by Joey
  • Like 1
  • Winner 3
  • Informative 1
Link to comment
Share on other sites

This topic was moved from Coding Center to Tools.

Throughout life people will make you mad, disrespect you and treat you bad. Let God deal with the things they do, cause hate in your heart will consume you too.
iOSGods Administrator
 Guidelines  Support Donate  FAQ 

Link to comment
Share on other sites

17 minutes ago, TheArmKing said:

is it possible to make the hackedHex param a stirng, make it an array of strings which gets split at every 2nd character and add a 0x to each of them

Yeah I tried that, but couldn’t get something like it to work. I’ve tried multiple things, this is the only one that worked. Will look into an alternative another time. C/C++ isn’t the most user friendly when it comes to arrays it seems 

Edited by Joey
Link to comment
Share on other sites

26 minutes ago, Joey said:

Yeah I tried that, but couldn’t get something like it to work. I’ve tried multiple things, this is the only one that worked. Will look into an alternative another time. C/C++ isn’t the most user friendly when it comes to arrays it seems 

something like this maybe?
 

// Convert long long to string
// Convert string to char array
// loop through char array to make strings of 2 characters or 1 byte, like c00fe3d4 becomes c0 0f e3 d4
// c0 gets converted to int
// the int gets converted to uint8
// the uint8 gets appeneded to aa uint8 array
// copied this from stackexchange 
char str[256];
sprintf(str, "%lld", hackedHex);
printf("%s\n", str); 

for (int x=0; x<str.length; x++ ) { //dk if this is how C works
  if(x%2==0){
    char a = str[x]
  }
  if(x%2==1){
    char b = str[x]
    // do something that combines char a and b to a string
    // then convert to int
    // then to uint
    // then append to array
}


 

Edited by TheArmKing
added some bs

signature.gif&key=8156f94d1568523fcef5a0 

Link to comment
Share on other sites

I don't know why people prefer integers type for this purpose which forces you to deal with endianness.

I just simplified yours too.

void inject(uint64_t offset, const void *bytes, size_t bytes_len) {
	 MSHookMemory((void *)getRealOffset(offset), bytes, bytes_len);
}

Usage:

//offset & bytes literal & bytes length
/* 
mov w0, #1
ret 
*/
inject(0x100299DC4, "\x20\x00\x80\x52\xC0\x03\x5F\xD6", 8);

You can write as many bytes as you want with this.

Link to comment
Share on other sites

5 hours ago, CyberCat said:

I don't know why people prefer integers type for this purpose which forces you to deal with endianness.

I just simplified yours too.

void inject(uint64_t offset, const void *bytes, size_t bytes_len) {
	 MSHookMemory((void *)getRealOffset(offset), bytes, bytes_len);
}

Usage:

//offset & bytes literal & bytes length
/* 
mov w0, #1
ret 
*/
inject(0x100299DC4, "\x20\x00\x80\x52\xC0\x03\x5F\xD6", 8);

You can write as many bytes as you want with this.

The thing is, I hate to have to write it like that ^, it’s almost the same as the original now :p 

7 hours ago, TheArmKing said:

something like this maybe?
 

// Convert long long to string
// Convert string to char array
// loop through char array to make strings of 2 characters or 1 byte, like c00fe3d4 becomes c0 0f e3 d4
// c0 gets converted to int
// the int gets converted to uint8
// the uint8 gets appeneded to aa uint8 array
// copied this from stackexchange 
char str[256];
sprintf(str, "%lld", hackedHex);
printf("%s\n", str); 

for (int x=0; x<str.length; x++ ) { //dk if this is how C works
  if(x%2==0){
    char a = str[x]
  }
  if(x%2==1){
    char b = str[x]
    // do something that combines char a and b to a string
    // then convert to int
    // then to uint
    // then append to array
}


 

possibly, but I think there must be a simpler solution 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic... Posting Guidelines

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

    • Administrator |
    • Special Rank |
    • ViP Pro |
    • ViP Jailed |
    • ViP |
    • Cheater  |
    • Modder  |
    • Novice Cheater |
    • Rookie Modder |
    • Contributor |
    • Senior Member |
    • Member |
×
  • Create New...

Important Information

We would like to place cookies on your device to help make this website better. The website cannot give you the best possible user experience without cookies. You can accept or decline our non-essential cookies. You may also adjust your cookie settings. Privacy Policy - Guidelines