TuT [Tutorial] How to Perform a Binary Patch / How to Thin your Binary

[Guest]

no why?show mem

because it randomizes the offsets so what you think you are hacking could be completely different

 

http://iosgods.com/topic/687-tool-remove-aslr-v200/

[ipaarchive.com 11.1k]

because it randomizes the offsets so what you think you are hacking could be completely different

 

http://iosgods.com/topic/687-tool-remove-aslr-v200/

i know what aslr but still its not a problem when using show mem , x64 cant have aslr removed so ..

[Guest]

i know what aslr but still its not a problem when using show mem , x64 cant have aslr removed so ..

thats why you thin it to remove aslr btw what is show mem?

[ipaarchive.com 11.1k]

thats why you thin it to remove aslr btw what is show mem?

me r bla bla in lldb

[MART938G 4.9k]

me r bla bla in lldb

  

thats why you thin it to remove aslr btw what is show mem?

  

i know what aslr but still its not a problem when using show mem , x64 cant have aslr removed so ..

  

because it randomizes the offsets so what you think you are hacking could be completely differenthttp://iosgods.com/topic/687-tool-remove-aslr-v200/

  

no why?show mem

  

you don't patch aslr?

  

so basically nothing useful

  

For me:

1. It takes off the arm64 portion of the binary cos its useless to me

2. It makes it so that I can patch syscall (debugging protection) successfully

3. It makes it so that I can remove ASLR (address space layout randomization, basically makes it so that the original offset is hidden)

4. It makes it so that I'm able to set watchpoints and so that there are no 64 bit memory addresses

5. It makes it so that I can attach GDB to the app successfully (for breakpoints)

6. It makes it so that LLDB won't flip out when I try to attach

7. It makes it so that I don't have to patch the arm64 part as well as the armv7 part

8. Smaller binary size = less time to load in IDA

For you:

1. It makes the hack work

I'm completely lost in this conversation +_+

[LilMaku 15 9]

lipo nameofbinaryhere -thin armv7 -o tempnameofbinary

 

I'm lost at this part, what is nameofbinary and tempnameofbinary for the game Blitz Brigade that I want to hack?

[Fabyan123 2 23]

I can't do the lipo part it keeps failing I try over 30 times

Updated June 19, 2015 by Fabyan123

[Swampfox 0 5]

I inatalled the hack and did everything i was told too but it doesnt work on my replicated blitz brigade

[xGanjiemaru 1 iPad Mini 9.3.5]

2. Go into MobileTerminal, switch to root, and run clutch. Then crack the binary and go to /var/mobile/Documents/Cracked. There should be a new .ipa file there. Just change the extension to .zip and unzip it.

3. Take the unzipped binary and put it in /var/mobile.

 

how can i do this

[xGanjiemaru 1 iPad Mini 9.3.5]

Then crack the binary and go to /var/mobile/Documents/Cracked. There should be a new .ipa file there. Just change the extension to .zip and unzip it.

3. Take the unzipped binary and put it in /var/mobile. im lost here can you explain it to me how to crack the binary and where will i go