Jump to content

Un_Known

Ascended
  • Content Count

    75
  • Donations

    $0.00 
  • Joined

  • Last visited

  • Days Won

    1

Un_Known last won the day on July 6

Un_Known had the most liked content!

Community Reputation

25 Learning

About Un_Known

  • Rank
    Advanced Member

Additional Information

  • Android
    9.x (Pie)

Recent Profile Visitors

2,232 profile views
  1. Because tencent Upgraded 3rd party app prevention system and enhanced detection of cheating behavior via Virtual App, emulators and modifiers.
  2. Introducing Some themes would be a great idea!
  3. Okk so continuing........ Now What's the possibility okk if VMLS is changed to VMLA then Fuel won't reduce instead it will increase! VMLA (Vector Multiply Accumulate) multiplies corresponding elements in two vectors, and accumulates the results into the elements of the destination vector. To edit it open this file in hex editor and navigate to address 0009ec84 and change Value 479B06EE to 079B06EE or directly search for pattern 479B06EE and replace it. NOP can also be used because it do nothing so that fuel will neither increase nor decrease. For NOP hex code is 00F020E3 Instruction set is Armv7
  4. Project HillClimb Mega Mod (#64ml2stj)
  5. Guide 1: Game version : 1.42.2 How to mod so that fuel Increase Instead of decreasing!! Steps: Load the libgame.so into IDA Note: Modding the ARMEABI-v7a is preferred! Use lib from this folder And delete other two Folders ARMEABI and ARM64-v8 Lets start! Find the offset of mechanism which decides the amount of fuel we have. I will explain it in another guide on how to find that! So Now I know that Offset is Libgame.so+0x9ec84 which means when you would load lib file in IDA, press G and enter 0009ec84 it would be the required address! VMLS.F64 D9 D6 D7 Ohh! This would be instruction at given address. What is it doing? so here prefix V stands vector ML for Multiplication and S for Subtraction. This instruction would be processed by floaing point coprocessor! Here F.64 means double precision and if it would be F.32 then it would means single precision. D9 D6 D7 are double precision registers for results and operand VMLS(Vector Multiply Subtract) multiplies corresponding elements in two vectors, subtracts the results from corresponding elements of the destination vector, and places the final results in the destination vector. Vector multiplication between content of D6 and D7 Then SUB the above results from D9 and then placing result of subtraction in D9. So this is the mechanism. We will alter this mechanisms in next guide to get unlimited fuel! Check out ARM reference guide for more information about these instructions.
  6. I will Post guides here About how to mod : Unlimited Coins Unlimited Diamonds Get Unlimited Fuel Unlock All Worlds Unlock All Vehicles Remove ads All vehicles Full upgraded! All guides would be posted here so stay tuned Prerequisites: I won't start from scratch Basic Knowledge About Using IDA Basics knowledge of ARM instruction set Apk signing and libgame.so extraction and putting modified libgame.so into apk. Hex editor! Some useful links: Orginal Apk Link: https://www.google.com/amp/s/m.apkpure.com/hill-climb-racing/com.fingersoft.hillclimb/amp Hxd Hex Editor: https://mh-nexus.de/en/hxd/
  7. A quick and easy guide on how to mod Hill Climb Racing (1.41.1) to get unlimited fuel mod (fuel will increase instead of decreasing) Working on version 1.41.1 Prerequisites: Hex Editor Apk or Zip Signer libgame.so Note: Generally 3 lib folders are found in this game but only edit libgame.so in Armeabi-v7a and delete other two folders. Steps: Extract the libgame.so file from apk Open it using hex editor search for hex pattern 479B06EE There would be two occurrences of this pattern Only edit the first one to 079B06EE save changes put libgame.so back to apk sign the Apk and install it. Enjoy and Explaination coming soon. It doesn't require a pc or laptop you can it it only using Your smartphone! com.myprog.hexedit_98.apk kellinwood.zipsigner2_31.apk
  8. Un_Known

    Base Address!!

    I got answers thnx everyone.
  9. Un_Known

    Base Address!!

    So i loaded lib in IDA it start from 00000000 and ends at 00378A98. Load segment 00000000-00064994 .plt segment 00064994-00065308 .text segment 00065308-002DCABC and so on. So here what should be my base address to which offset shouls be added! I think it should be 00000000 but want any further confirmation! @Enyby
  10. Un_Known

    Base Address!!

    I found a value in Game located at libgame.so + 0x8AE13. But when I would open lib in IDA what should be base address to which I have to add this offset to find that value? would it be 0000000 OR something else
  11. While lib files on android can be analysed statically very easily but dynamic lib debugging is also another option to get to know what is happening during runtime. When static analysis may take up alot of time dynamic analysis is always a better option! So how to debug libs? lib files are not independent they need a running process to be debugged. Let's Start: Perquisites: IDA PRO ADB Rooted Device USB cable Note: Enable usb debugging And don't select Filetransfer mode select PTP mode otherwise device won't be listed by ADB Google if you don't Know how to Connect to PC using ADB Now Load lib in IDA PRO first which is to be analysed. Now connect your device to PC over ADB Go to IDA PRO installation directory and from folder dbgsrv copy file android_server to adb folder And execute following commands: adb devices [To make sure device is connected ] adb push android_server /local/data/tmp adb shell su cd /data/local/tmp ll [To Get list of files incurrent directory] chmod 755 android_server ./android_server Minimizethe windows where android_server is running and open a new command prompt window and run following command: adb forward tcp:23946 tcp:23946 select the "Remote ARM Linux/Android debugger", go into "ProcessOptions" in the debugger menu, and set the hostname to localhost.And port : 23946 Now Run the apk on your device from which this lib was extracted! And In IDA go to: Debugger menu Choose attach to process and from list of processes select the process of your apk. Thnx Any correction and suggetion would be welcomed!
  12. I was dynamically analysing LIB file of a game using IDA pro's debugger when I got SIGTRAP exception. And control Flow stopped! How to work around such anti debugging techniques.
  13. You have to make a search first! It only work if values are available in search list!
×
×
  • Create New...