Jump to content

From the category:

Video Tutorials

· 593 images
  • 593 images
  • 2,239 image comments


Recommended Comments

nalcwap

Posted

thabks for this, i have a question is possible make the inverse, i mean with a code in gameguardian make a lucky patcher patch?because when exit the game he changes the address,thanks

  • Moderators
NoFear

Posted

@Enyby

Brilliant.

I've actually been doing more with Xa memory range.

Think you will add a new section to gg, like a "lib patcher"/"lua"? The ability to set what lib to edit, which when you check xa memory range, you'll see lib name. Then you also have stored the offset and the edit. 

The idea is you don't search "values" within the range like the video, but just goto the start of lib, offset, edit, done.

nalcwap

Posted

1 hour ago, NoFear said:

@Enyby

Brilliant.

I've actually been doing more with Xa memory range.

Think you will add a new section to gg, like a "lib patcher"/"lua"? The ability to set what lib to edit, which when you check xa memory range, you'll see lib name. Then you also have stored the offset and the edit. 

The idea is you don't search "values" within the range like the video, but just goto the start of lib, offset, edit, done.

good idea

  • Moderators
NoFear

Posted

2 hours ago, nalcwap said:

thabks for this, i have a question is possible make the inverse, i mean with a code in gameguardian make a lucky patcher patch?because when exit the game he changes the address,thanks

This is different.... This is like ida modifying lib file. Gg can modify lib file in real time. It doesn't save the mod. So you basically can have an unmodded game and apply offset edits to lib file with gg.

  • Administrators
Enyby

Posted

3 hours ago, nalcwap said:

i mean with a code in gameguardian make a lucky patcher patch?because when exit the game he changes the address,thanks

Most often not. In most cases, changes do not occur in the library, but in shared memory.
But even if in the library, it is most often the memory that changes after loading.

2 hours ago, NoFear said:

Think you will add a new section to gg, like a "lib patcher"/"lua"? The ability to set what lib to edit, which when you check xa memory range, you'll see lib name. Then you also have stored the offset and the edit. 

The idea is you don't search "values" within the range like the video, but just goto the start of lib, offset, edit, done.

All this can be done now. Both manually and scripts. But it rarely works.
The magical relocation of saved lists works something like this.
The problem is that libraries are not always loaded according to simple rules and very rarely you can understand from GG how and what to change in the library. This usually requires IDA and a lot of knowledge.

nalcwap

Posted

2 hours ago, Enyby said:

Most often not. In most cases, changes do not occur in the library, but in shared memory.
But even if in the library, it is most often the memory that changes after loading.

All this can be done now. Both manually and scripts. But it rarely works.
The magical relocation of saved lists works something like this.
The problem is that libraries are not always loaded according to simple rules and very rarely you can understand from GG how and what to change in the library. This usually requires IDA and a lot of knowledge.

thanks

  • Moderators
NoFear

Posted

4 hours ago, Enyby said:

Most often not. In most cases, changes do not occur in the library, but in shared memory.
But even if in the library, it is most often the memory that changes after loading.

All this can be done now. Both manually and scripts. But it rarely works.
The magical relocation of saved lists works something like this.
The problem is that libraries are not always loaded according to simple rules and very rarely you can understand from GG how and what to change in the library. This usually requires IDA and a lot of knowledge.

With live debugging and hex arm converter and gg, that's potentially all you need. 

With lib offset, it will never change the offset. It's just where that lib starts in memory, which can be scripted to locate, yes.

Could do something like, you goto launch script, and you have a check box, lib patcher. In the file would be a lib file name to be patched and then the list of offsets followed by the hex edit.  

Just a thought ? thank you

  • Administrators
Enyby

Posted

All this can be done now.

And the libraries are not so simple. Libraries are loaded at boot time.
File offset and memory offset are not the same thing.
It is not always possible to find the offset in the file by the memory offset.

In general, this is a complex topic that is difficult to automate.

If you have the knowledge, you can do it yourself manually.

Chairokun

Posted (edited)

Just ask how i can know the offset? Like a 00 8B 1A 

I need an explanation 

Or i need to know Hex in file libil.so?

Edited by Chairokun
  • Moderators
NoFear

Posted

12 hours ago, Enyby said:

All this can be done now.

And the libraries are not so simple. Libraries are loaded at boot time.
File offset and memory offset are not the same thing.
It is not always possible to find the offset in the file by the memory offset.

In general, this is a complex topic that is difficult to automate.

If you have the knowledge, you can do it yourself manually.

But the start of library to the "offset" will always be the same distance. It's start point depends on that libs loaded location. So ANY ida offset edit can quickly be gg edit too.

  • Administrators
Enyby

Posted

Not always. Usually - yes, but not always. Base address can be not zero.

If user understand IDA then he able use gg memory editor to go to need address/offset.

But as I say - offset in file not always same as in memory. .so file is not load like ..dll. It is complicated process doned by linker.

 

  • Moderators
NoFear

Posted

26 minutes ago, Enyby said:

Not always. Usually - yes, but not always. Base address can be not zero.

If user understand IDA then he able use gg memory editor to go to need address/offset.

But as I say - offset in file not always same as in memory. .so file is not load like ..dll. It is complicated process doned by linker.

 

Know what... Might be il2cpp games. Offset of lib in memory and in file always the same.

 

Hae14

Posted

Whoah,'-)

This is Becoming so Powerful;)

i think in the Near Future this will also Become an Xposed/Magisk Module? ?  SuuPaaahhh!!!?? 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.