Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 07/30/2016 in all areas

  1. Introduction Starting as a legit player, I have been playing Brave Frontier for around 2 months. After that I got bored of the game and decided what exploits could be done to this game to get more fun out of it. Initially, I leeched off damage hacks and stats of my units. This made the game fun but there was never a mod that gave me exactly what I wanted, thus, I started to learn how to mod the game myself through tutorials. Learning ARM from scratch has been quite a challenge for me even with some programming knowledge. As I have seen motivated people wanting to learn how to mod as well as the lack of tutorials of how to get started, I decided to write this guide to help people out as well as get help from people that will eventually surpass me. While I started from scratch, I have been trying to tinker around with IDA Pro and might use some rather advanced terms, please notify me if you do not understand anything so I can make the tutorial easier to understand. Update: I can be found at trybeat.us, come join the community! More guides will be written there too! TL;DR Started Legit Got bored Leeched hacks Hacks not what I want Learnt to make own mod Now want to teach others how to mod Required Tools · IDA Pro 6.1 · HxD · WinRaR for extracting the apk file · ARM to ASM Converter Optional Tools Here are some extra files that are good for your reading reference/ modding reference · Original 1.1.6 Brave Frontier Global libgame.so · Book on ARM · Android Multi-tool (For non-rooted devices) Steps Now, let us get started to finally make your own mod for brave frontier with all the hacks that you yourself can customize! Step 1 (Preparation) 1. Install IDA Pro as well as HxD, how this works is you will look for the parts to edit in IDA Pro and edit the file using HxD. This will be explained later on 2. Download the latest Brave Frontier apk file 3. Open the apk with WinRar and go to lib>armeabi>libgame.so 4. This is the file which we will be going to mod, so extract it somewhere where you will be able to access it later on. We will need 2 copies, 1 file for viewing with IDA Pro and another for the main modding with HxD. Try to take note which one is which to prevent confusion. Step 2 (Opening the file to mod) 1. Right-click your libgame.so and open with “The Interactive Disassembler” A.K.A IDA Pro. 2. You will come across a “Load a new file” window, this is for IDA Pro to set up the program for you to do your viewing and editing. 3. Ensure “ELF for ARM (Shared object) [elf.Idw]” option is highlighted as well as the “Load resources” checkbox at the Options pane. 4. Click OK and wait for IDA Pro to load! This will take quite some time as the file is generally quite big 5. If you see this “ARM AND THUMB MODE SWITCH INSTRUCTIONS” window pop up, click okay and let IDA Pro continue its loading. 6. You can track the progress at the top where there is a coloured bar and arrows pointing to where in the file is being accessed, it is quite obvious when it is done, here is a screenshot of when the loading is completed. Step 3 (Getting Information for modding) 1. Finally! You have managed to load everything! Now is the time to start getting information to do the modding! But how to start? Everything looks so… alien D: 2. Don’t worry, let me start you off with some simple mods such as stats which can be found using simple keywords and experimenting: · Monster Stats -> MonsterUnit::getMaxHP() (set R0 <- you will know what this is for later) 3. You can search by clicking on the “Search” Tab up at the toolbar of IDA Pro or use ALT+T to search for the terms. To go to the next searched term, use CTR+T to go to the next term 4. Let’s set the monster’s HP to 1 in this tutorial as an example of how to mod. Search for the keyword “getMaxHp”, keep going through the search until you find “MonsterUnit::getMaxHP(void)”. This will be the method you will want to modify to edit the HP of the monsters (Look at the highlighted part). 5. Well, if you can “kind of” read the English, you can see there is some blue text that says “blabla…getBaseMaxHp…blabla”. Logically thinking and with some common sense, this should be some “magic” (Let’s call this a function) done to get the HP of the monster… right? 6. To put away some technicalities, this function stores the retrieved HP of the monster in this storage “R0. These registers stores a number up to 255 in value. This is known through reading further into the function and reading the codes. You can view these stuff by clicking on the function and scrolling down to see the whole thing although not really advisable due to its complexity. 7. Now, we know that this function gets the monster HP and stores it into the register R0, what if we forced R0 to always be 1…? That would be awesome right? 1HP Monsters all the way! But what do we need to know in order to edit? The codes look too hard to edit right? Here are some commonly used codes for ARM that is used for modding: · MOV <Target>, #<Value up to 255> (Setting the register R0 to 0 would be MOV R0, #0) · ADD/SUB/MUL/DIV <Target>, <First>, <Second> (For bigger numbers, e.g. MUL R0, #30, #30 makes R0 store the value of 900) · ADD/SUB/MUL/DIV <Target as First>, Second (Similar MUL R0, #30 will multiply the value in R0 by 30 and store it back into R0) 8. Now we want to set R0 to 1 in order to make the monsters HP 1, there are 3 things you need to know and confirm: · The address of where you are editing, which is on the left (In this case its: 00348A22) · What is your intended modifications (we want to set R0 to 1, so the instruction will be “MOV R0, #1”) and its direct translation modify the program (I will explain this later) · Is the modification the same length as the original? (Not in this case, I will show you some stupid remedies that can be done, Step 10. If it is the same length, you can directly replace. If it is shorter than the original, it is best to place it at the bottom of the whole function so that other codes will not affect your modded codes) 9. For step number 3 in part 9, you can check if the length is same in the Hex View-A tab just below the blue-ish bar at the top. This is what you see when you click on the function. To compare the length, usually the mod codes used is 4 alphanumberic characters, in this case it is twice the length of what we need, what I usually do is just repeat the command twice. This can be done as we are setting the R0 to 1. You can also use codes which does nothing, these can be done through NOP(No Operation), or you can put 00 00 to make it not do anything. Examples of alternatives that can be done: [ 01 20 ] MOVS R0, #1 [ C0 46 ] NOP or [ 01 20 ] MOVS R0, #1 [ 00 00 ] 10. Now we have 2 need-to-knows done, the last part is the translation which can be easily done using the program I have provided above. Use the ARM to ASM Converter program to convert the code to the 4 alphanumeric characters which can be used to replace the code later on. Here is the screenshot, hopefully it is self-explanatory: 11. We will use the 2-Byte translation. If you want to have a preview, you can edit the code in the Hex View-A by right clicking and pressing “Edit…” or F2, then typing in “0120” twice. This is what you should see after doing that In Hex View In IDA View 12. Note that if you want to set R0 to above 255, you will have to multiply them. Here is an example: MOV R0, #30 <- Making R0 set to 30 MUL R0, R0 <- Multiplying R0 by itself to total up to 900 and storing it into R0 (From command above) 13. Now we have confirmed that everything looks okay, we will finally do the real modding. A few more steps before our mod is done! Step 4 (Modding the real deal) 1. Now we have the 3 need-to-knows, you want to open the other libgame.so (Yes, the one you did not touch at all) with HxD. Here is what you should see 2. Yes, it looks confusing, you don’t need to know what is all these. It is actually the 4 character equivalent to what we saw in IDA PRO, however, we are able to edit the values directly in this program. So we need our address, the first need-to-know! Aha, 00348A22! 3. You can go to the address by pressing CTR+G or through the Search tab, search the address and it should bring you right onto it! 4. Now you are at that area, try not to use your arrow keys to navigate around as you don’t want to accidentally touch other parts of the code! The 2nd need-to-know, which is the length and intended modification will be needed to replace the original code (01 20 01 20). So go ahead and type it in. 5. Save and you have successfully modded your libgame.so, all that’s left is to copy in and ensure your brave frontier works with your mod! Congratulations for making it this far! Step 5 (Loading the Mod) 1. Hurrah! We have finally modded the libgame.so file! Now how do we loading it in? 5a (Rooted devices) 1. For rooted devices its easy, copy the libgame.so into your phone and move it to /data/data/sg.gumi.bravefrontier/lib/ directory 2. You might want to rename the original libgame.so in case there you screwed up the mod or want to revert back to the original. I have provided the original libgame.so for the version 1.1.6 in case you deleted the file. 5b (Non-Rooted Devices) 1. You are going to need to sign the apk before installing it back. 1. Once you are done with the libgame.so, move it back to the same place in the apk using WinRAR. 2. Extract the AndroidMulitiool folder into your C:Disk 3. Copy the .apk with the modified libgame.so into the files section of the AndroidMultitool (not needed but recommended) 4. Make sure the .apk doesn't have any spaces in the name of it. (Eg: BraveFrontierMod.apk) 5. Go back to the AndroidMultitool folder and run the AndroidMultitool.exe. 6. Go to Signing and click on the ellipses [...] and go to the location of your .apk with the modified libgame.so (C:\AndroidMultitool\Files ; if you moved it to the files section as recommended.) 7. Click sign. 8. Go to your C:\AndroidMultitools\Signed_apk and you should see name_signed.apk (Eg: BraveFrontierMod_signed.apk) 9. Rename it to whatever you like. 10. Move it to your device, install, and play. Conclusion While the guide is lengthy with lots of words, I have tried putting pictures to make it easier to understand for beginners. After all, I was once a beginner and learnt modding through tutorials and videos. I hope experienced modders can help make my guide easier to understand as well as help me out with more advanced stuff. (PM me!) For those that has managed to complete their very own first mod, here is a challenge for you. Can you find the function that will modify your stats (most of you guys like 2katk/4kdef mods)? J *Hint* You will need to use multipliers stated above to make your stats more than 255, thus needing at least 2 lines of instructions. This is my first contribution, I hope it isn’t as bad as I think it currently is :x I hope some of you learnt something from this guide! Thanks and Happy Modding! Credits I would like to thank Optimum for the steps to load the mod into your non-rooted devices and AnonThanatos for alternatives of filling up spaces with nothing instead of repeated codes to make it less confusing.
    2 points
  2. In this topic will be published various useful information.
    1 point
  3. Thankuu so much i shall give it a try.. . Then let you know sir.. Btw i m new to your forum site... ??
    1 point
  4. Algorithms' typical break-ins 1) The value is not encrypted and known. A typical case would be for money, stars, coins, resources, etc. 1. Search Type - "Known". Data type - usually, Auto, if you are not sure. 2. Open GG, search for the number that we are want change in the game. This will find a lot of values. 3. We return to game and making changes in the game to crack parameters: earn or spend. 4. Re-open GG and search again for the new value. 5. Repeat steps 3-4 until there are only a few values. To speed up the drop-out extra values, I recommend using different ways to change the value on 3 step. For example, alternative way for change hacked value. 6. If you have only a few values - change each one, or all of them at once, or however you want to do it. That is all. 2) The value is unknown and/or encrypted. A typical case of an unknown value - any scale/bar. For example health, mana, nitro, etc. The changes are seen, but no numerical values are visible. A typical case for encrypted values would be money, stars, coins, etc., but when searching with 1 algorithm does not find anything, or change of found values do not lead to changes numbers in game. 1. Search Type - "Unknown". Data type - usually, Auto, if you are not sure. 2. Open GG, run a search for the unknown value. This will return lots of search results. 3. We return to game and making changes in the game to crack parameters: earn or spend. 4. Re-open GG, in search of the unknown value, select the desired option: "Value changed". Here it is possible to use variants of "Value increased" or "Value decreased", if you truly believe the value is changing one way or the other. However, I want to say that things are not always as they seem. For example, instead of accounting for the life of the character, it may take into account the damage received, and this value increases with a decrease in life. Therefore it's safer to use variants of "Value unchanged" / "Value changed", because that issue doesn't affect these search types. 5. We hide GG, in the game we do different things that do not change the hacked value. It is desirable that they are complicated and can change all other parameters expect hacked. 6. Open GG, in search of the unknown, select the desired option: "Value unchanged". 7. Repeat steps 3-6 until there are only a few values. To narrow down the results faster, I recommend using different ways to perform steps 3 and 5, because it can more effective rather then run same action every time. For example, drive a race to earn money and then drive a race not earning money. In fact, you can change a lot of parameters, and what there can be, according to the difference between them, to understand which one is correct. 8. If you have a few values - change each one, or all of them at once, or however you want to do it. That is all. 3) The value is encrypted (Mode Hacking). A typical case for encrypted values would be money, stars, coins, etc., but when searching with 1 algorithm does not find anything, or change of found values do not lead to changes numbers in game. 1. Search Type - "Known". Data type - usually, Dword, if you do not know anything further. 2. Open GG, select "Mode Hacking", search for the number that we have in the game, will find a lot of values. 3. We return to game and making changes in the game to crack parameters: earn or spend. 4. Re-open GG and again search for the new value. The checkbox "Mode Hacking" must be selected. 5. Repeat steps 3-4 until there will be little value. To speed up the drop-out extra values, I recommend to use different ways to change the value on 3 step. For example, alternative way for change hacked value. 6. You have small count of values - change, or all at once, or what we want. This is all. 3 algorithm is much faster than 2, but it may not work for all games. General algorithm hacking 1. Make sure that the game is not online: 1. works without connection to the Internet; 2. does not require to choose a server to connect; 3. there is no opportunity to play with other players via the Internet; 2. Check that the hacks parameter is not stored on the server: 1. it should work without the Internet; 3. Try to crack using known search (1 algorithm) for a value in memory. 4. If nothing is found, or a change in the values found does not lead to the desired results - try to crack using a unknown search (2 and 3 algorithm). If, however, in which case nothing is found, or a change in the values found does not lead to the desired results - try to crack not the option, but that affects him. For example, instead of breaking amount of money, you can crack the value of a thing and sell it. Or rather buy a negative price. There may also be doned with a known or unknown searches.
    1 point
  5. For non-rooted devices, the people will have to sign the apk first. Those are the steps I do when signing the apk. 1.All you have to do once you have done what you want with the libgame.so, move it into the apk using WinRAR. 2.Extract the AndroidMulitiool folder into your C:Disk (http://www.mediafire.com/download/7px0d9i51cv5boc/AndroidMultitool_3.3.zip) 3.Copy/ Move the .apk with the modified libgame.so into the files section of the AndroidMultitool (not needed but recommended) 4.Make sure the .apk doesn't have any spaces in the name of it. (Eg: BraveFrontierMod.apk) 5.Go back to the AndroidMultitool folder and run the AndroidMultitool.exe. 6.Go to Signing and click on the ellipses [...] and go to the location of your .apk with the modified libgame.so (C:\AndroidMultitool\Files ; if you moved it to the files section as recommended.) 7.Click sign. 8.Go to your C:\AndroidMultitools\Signed_apk and you should see name_signed.apk (Eg: BraveFrontierMod_signed.apk) 9.Rename it to whatever you like. 10. Move it to your device, install, and play.
    1 point
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.