Leaderboard

Hi @MarioRossi93i Thanks for updating your scripts. Unfortunately it does not work for me. Here's my setup: Nox 7.0.3.5 (Windows) - latest available. Emulator instance #1 - Android 7.1.2 @ x64, emulating Samsung Galaxy S20 Ultra. Latest available ROM image. Unfortunately GG detects RR3 process as running in 32-bit mode (see screenshot below). Tried all sort of tricks (reinstalling GG, default, 32 and 64-bit mode etc.) none of it worked. I blame Nox and GG so this is purely FYI. Emulator instance #2 - Android 9 (no minor & patch level info) @ x64, emulating Samsung Galaxy S20 Ultra. Latest available ROM image. Here GG detects RR3 as 64-bit process. Your script (10.7.2.4.6 ) works but only in slow (search) mode. In fast mode it crashes with this traceback Script ended: Script error: luaj.o: /storage/emulated/0/Download/rr3_race_mode.v10.7.2.4.6.x64.bin.lua:-1 attempt to index ? (a nil value) with key 'start' (field '1') level = 1, const = 6, proto = 0, upval = 4, vars = 3, code = 16 GETTABLE v0 v0 "start" ; PC 7 CODE 0040C007 OP 7 A 0 B 0 C 259 Bx 259 sBx -130812 stack traceback: /storage/emulated/0/Download/rr3_race_mode.v10.7.2.4.6.x64.bin.lua: in function </storage/emulated/0/Download/rr3_race_mode.v10.7.2.4.6.x64.bin.lua:83> /storage/emulated/0/Download/rr3_race_mode.v10.7.2.4.6.x64.bin.lua: in function </storage/emulated/0/Download/rr3_race_mode.v10.7.2.4.6.x64.bin.lua:101> /storage/emulated/0/Download/rr3_race_mode.v10.7.2.4.6.x64.bin.lua: in function </storage/emulated/0/Download/rr3_race_mode.v10.7.2.4.6.x64.bin.lua:122> /storage/emulated/0/Download/rr3_race_mode.v10.7.2.4.6.x64.bin.lua: in main chunk [Java]: in ? at luaj.LuaValue.f(src:989) at luaj.LuaValue.c(src:2864) at luaj.LuaValue.i(src:2767) at luaj.LuaValue.w(src:1094) at luaj.LuaClosure.a(src:363) at luaj.LuaClosure.l(src:160) at luaj.LuaClosure.a(src:533) at luaj.LuaClosure.a(src:167) at luaj.LuaClosure.a(src:538) at luaj.LuaClosure.l(src:160) at luaj.LuaClosure.a(src:537) at luaj.LuaClosure.l(src:160) at android.ext.Script.d(src:6056) at android.ext.Script$ScriptThread.run(src:5785) Good luck bug hunting.

I recommended used arm code

New version 10.7.2.4.6 (64bit) released! I can't run the game on 32bit as it crashes, so for this release I can only update the 64bit version of the scripts. I hope that with the next release the problem will be solved.

Thank you for answering so many questions. It was a great help. In order to approach it any more, I have to take time to study on my own. Cuz it's lazy to ask for help without trying on my own.

since this thread gained attention i will post here on how to hack gold. Gold can be hacked from the map where you collect gold. Level each zone 1 by 1. Search level by D-word. once you have 1 value of level left. Change it to 99999 and upgrade. Your gold will increase based on the level. Keep doing this for every new gold farm zone you unlock. Diamond is a bit more complicated but is possible to hack. i figured this out from the PVP rewards. once you unlock a PVP tier level, lets say wood, silver whatever tier you unlock, it gives you a chest as reward. once you open the chest you get diamonds as reward. Once you open the chest i think it had a long cool down. So basically the trick is to reset the timer of the chest so you can open infinitely. Search time in game by fuzzy search and value float. so for e.g. lets say the PVP chest has a 12 hr cooldown (12 hr * 3600 = 43200.00) so do a fuzzy search for value type of float. And keep refining search by decreasing. So check how much time is left on your pvp rewards chest and keep refining value until search matches the value closest to your PVP chest time. set it to 0 and freeze. Then spam open the pvp chest for unlimited diamonds. This method is tiresome but it works. The only method i could find. I haven't logged in game for a while, so not sure if its patched or not. Give it a try and see what you can find. Hope this helps.

@HorridModz Provides a Nice detailed explanation. Hex patching is rather easy as it's only a form of data that simply overwrited / added, the important thing is: to understand the assembly itself. Probably I'll provide a little more coverage about the topic. [ Usage ] - Replacement: You can only replace hex at fixed length. The hex length is depends on Data types that you're dealing with, it could be a Set / Subset Instruction. In general it can take 2-4 bytes, make sure to read the instruction as a string not in hex form. More simple coverage on the next section. - Addition: This used when doing references such as memory allocation. To manually add a custom instruction; you need to write it in empty/unread memory region (the indication is: it's filled with 00) and then reference the game function to your allocated memory. It's the general idea, you shouldn't be worry about it; most tools already provide this feature. Why no substraction? You can't remove a function even after proper patching and 'disabling' any reference to that function, directly or memorily. It leads to data corrupt/crashing; so it's uncommon. You can use this to cut fake data (such as malware app that filled with 00 to make a large size) because "they" only add additional hex at the end. There's more reason to this. [ Data Types ] - Function/Instructional data takes 4 length; mov r0, r0 #00 00 A0 E1 bx lr #1E FF 2F E1 - Inner Function/Subset Instruction takes 2-4 length. It's called as thumb and can be found on 32-bit architecture. mov r0, r0 #00 46 bx lr #70 47 [ Patching ] - Lazy Patch: You can 'remove' instruction without removal, simply fills with 00. This off course wouldn't work if the app have high security but the benefit is: You don't need to understand Assembly. - Proper Patch: You can just memorize this common patch and applies it anywhere; it's simple and not a time consuming. Well, for more instruction patches; you need to learn assembly. Learn returning values and Jump instruction (BL/JMP) patches would mostly help. [Patch 1] Instruction: mov r0, r0 Arm Encoded: 00 00 A0 E1 Thumb Encoded: 00 46 [Patch 2]: Usually a boolean/takes value Instruction: mov r0, #0 Arm Encoded: 00 00 A0 E3 Thumb Encoded: 4F F0 00 00 [End Patch]: Indicate closing, put after patches Instruction: bx lr Arm Encoded: 1E FF 2F E1 Thumb Encoded: 70 47 [ Misc ] - 00 is equal to 1 Hex - Hex can present in 00 or 0x00 - Thumb can be found on 32-Bit Architecture (x86, Armeabi / Armv7 / Arm32 ) - Thumb can also takes 4 length; the same length as Arm encoded - To differentiate Thumb and Arm encoding; 1) Copy the instruction hex, 2) Compare hex and instruction, including after and before offset

Mod detected, no future updates, sorry

Ok thank you

Enyby, gameguardian is detected in crisis action since last version. The anticheat only kick you until you run the game without gg. Please let us try if they detect known filnames, packetnames, md5 whatever, or if they scanning for a typ of process gg is. Please make me a unique testbuild

Sure, you can't remember on this version? I uploaded tons of log cats....? You didnt found a solution You tryed a lot gentlemen

I dont think there would be a mod future for this game. Enyby (coder of gg) tryed to bypass the china version (2.5) of this game. Its very hard to get this s***. The only thing i see, are privat mods Gesendet von meinem SM-G925F mit Tapatalk

This is german, the mother of all languages. I will make real tutorial next weekend. How to hack crisis action with gameguardian!!! Gesendet von meinem SM-G925F mit Tapatalk

This forum is english only

Maybe a alternative hardware button would be nice

How you got the root?

Try this https://mega.nz/#!IBUUWZZD!DKZfeevgsCYHgoZ46b4XxZiHxNQVHKgr93Yskc6dlZA

A great, thank you

Ok, please give me a short guide for little stupid geri's. I found a adress and there is another one i need, 80 adresses on top of the found one. The only i know, i must search for a floating value of 10 How to set the filter? Gesendet von meinem SM-G925F mit Tapatalk

Yea, thats would ne a usefull feature. Newer phones have enough memory, dont care about. And please add a search for nearby results!!!!

Wtf, you changed the Improved injection of speedhack. Whatever you did, now speedhack work with every game on arm64 devices and this is very great

Here is the obb https://mega.nz/#!IBUUWZZD

I will upload the obb.

On hit kill and shoot through walls: 1034147594;1051931443 Change all adresses to 1132593152 Will add more values tomorrow

Changelog from game? Its important to use no values like 9999999. Speedhack still works for me. The video is one week old. Only problem is you cant see enemys if you are faster than normal speed.

Btw: i like the actually forum design Black purple would be nice too

Lol, exactly in this second it happend again. I switched from game to tapatalk to answer you shortly. Used google translator to see the English translation for menstruation..lol "Your game is death" and gg injects in the translator app.... In 3 minutes i will forget this, start the game, using speedhack width google translator because i forget to switch to the game... Its more funny than a problem, but its complete useless. Maybe im the only one who care that. But there is a positive thing, i know now the english word for menstruation... Gesendet von meinem SM-G925F mit Tapatalk

But it would be a good idea if gg save last used apps and we can start or restart the app directly from this list. Other wise sounds this game is dead question question like "Hey your game is death, s*** happens, let me inject in the chrome browser, whats app or let us hack your menstrual calendar app running in background" Gesendet von meinem SM-G925F mit Tapatalk

This process list gg showing me, there are sometimes apps i used longtime ago and never with gg, would be make more sense if can show me a list of apps i use together with gg and i can easily start the game i want to play with gg. Youn know what i mean?

Sorry for brainstorming today but there is one thing i dont like. GG its a allways running app on my phone. I know normally start gg, then start your game click on the gg icon and it injects automatically in the running prozess. But i happens multiple times every day gg injects in the wrong process because of some reasons. But if the game crash and gg shows the "is your game dead?" Menu, there are 2 options: i can stop gg what make not sense because if the game crash, normally i start the game again immediately after crash or whatever (switching app for a moment like fb, whats app and the game in background closed by android system) happens with this game. Or i can press ok end gg ask me for the next process to inject. I must choose any other app i never want to use with gg, if it dont to this,, gg injects in automatically in the first running process in the list. Complete useless because i want to play the crashed game again...WITH GG What I try to say. I have no choice Either i stop gg after game is dead and must restart booth apps again, or gg injects every time in a process i dont want to use with gg. You can now say, no problem, start the game again and switch in gg to the game, easily. Isnt because i forget every time to switch the app and after few minutes in game, i wonder that valuechanges or speedhack dont work, but chrome or any other app ( in background)chrashes because of my gg actions A logical step of gg after gamecrash would be the question Either: "your game is death, do you want to stop to play and want to stop to use gg too?" Or: "your game is death, restart the game and press ok to play again" The perfect solution for game death would be: the game is crashed, gg can start the game for you again, without tapping out to menu or something. Or another idea, running the deamon allways in background without floating icon. I can save a list of games i want to use with gg and always i start one of these games, gg start at the same time. If a game crash, force closed by system or myself, GG going to the background automatically until i start or restart any if the games in the list. I don't know how to explain what i mean, im sure you cant understand it. With simple words: This forced autoinject in any app on the list annoying me sometimes. I cant say "dont inject until i start the game" I think its better i make a video, its better to understand Sorry for brainstorming today but there is one thing i dont like. GG its a allways running app on my phone. I know normally start gg, then start your game click on the gg icon and it injects automatically in the running prozess. But i happens multiple times every day gg injects in the wrong process because of some reasons. But if the game crash and gg shows the "is your game dead?" Menu, there are 2 options: i can stop gg what make not sense because if the game crash, normally i start the game again immediately after crash or whatever (switching app for a moment like fb, whats app and the game in background closed by android system) happens with this game. Or i can press ok end gg ask me for the next process to inject. I must choose any other app i never want to use with gg, if it dont to this,, gg injects in automatically in the first running process in the list. Complete useless because i want to play the crashed game again...WITH GG What I try to say. I have no choice Either i stop gg after game is dead and must restart booth apps again, or gg injects every time in a process i dont want to use with gg. You can now say, no problem, start the game again and switch in gg to the game, easily. Isnt because i forget every time to switch the app and after few minutes in game, i wonder that valuechanges or speedhack dont work, but chrome or any other app ( in background)chrashes because of my gg actions A logical step of gg after gamecrash would be the question Either: "your game is death, do you want to stop to play and want to stop to use gg too?" Or: "your game is death, restart the game and press ok to play again" The perfect solution for game death would be: the game is crashed, gg can start the game for you again, without tapping out to menu or something. Or another idea, running the deamon allways in background without floating icon. I can save a list of games i want to use with gg and always i start one of these games, gg start at the same time. If a game crash, force closed by system or myself, GG going to the background automatically until i start or restart any if the games in the list. I don't know how to explain what i mean, im sure you cant understand it. With simple words: This forced autoinject in any app on the list annoying me sometimes. I cant say "dont inject until i start the game" I think its better i make a video, its better to understand

Again with this list of speeds, gg ignored points like 0.5 0,5 (comma) still work until you restart gg. The app delete the 0 and change the 0,5 to 5 Try it, its a bug Gesendet von meinem SM-G925F mit Tapatalk

Let the actually help menu untouched for these people. add a "advanced guide (only eng)" link at the bottom of help menu where you list a sortet linklist to the several guides. The good guides are all in one thread, so if you want to know how a special thing works, you must everytime search the forum or this thread. Would be helpfull believe me. The guids are very good, but to find it at the moment you need it...complicated Gesendet von meinem SM-G925F mit Tapatalk

There are good advanced guides in the forum What do you think about to add direct links to the these forum guides in the help menu of the app would be usefull because users dont need to search the forum?

What is a gameguardian? Rofl

I like themes which don't make my account unusable

I found the answer in a xml Called "hint" 0.5;0.1 ...

I would pay a lot for a service who help me to find right values in a game. I find a lot but there are games with complicated protections, needs programmer knowledge to understand how to hack.

O want to make the floating speedhack menu smaller. I mean after long press the gg icon. Its to large in game Is this the right file i need to change?

How It work? I can find the actually value, can freeze or edit it, but there is always a new adress with new value. Enyby is it possible to hack floating values? I got it for this game. In this game is everything clientside. I played 5 hours with 999999 health and other things. After that i got banned. Theire are two adresses for the same value. I found out if you search and change the standard adress in menu you get an instant ban. If you chang the value while next round loading, you can change whatever you want. Seems they use simple server checks. If you change the "in app" value, gou get a ban. If you change the synced value from server, it works. Made no sense i know. BTW. Enby, did you changed any speedhack things for 64 bit devices? This is the first game where i had luck with speedhack I had tons of fun BTW. They sell it as Mutiplayer online game. Look at the enemy's, since when work a speed hack for all player on a server. This game is full of bots. Like i said, in this game is everything clientside, even the onlineplayers/bots....laugh

How It work? I can find the actually value, can freeze or edit it, but there is always a new adress with new value. Enyby is it possible to hack floating values?

Thank you

I played this game few weeks ago and i played it online with this mod

@chilly, there is a modded version on alphagamers.net with working buildin speedhack Its more stable than using a external app for speeding up the game.

Thank you for the last update enyby/dyno GG is nearly perfect now!!! But the first thing what i want to do tomorrow is to upload a new german language file. These autotranslator u used is terrible

@Enyby, is there a way to protect a app like gg for leaking? A "premium" version of gg would make sens to push the vip section. But only if nobody can crack it

Modding=more detectable, i dont like the modding scene. I mean hacking the game on external way. Enyby is a good coder. Let him code a aimbot with a simple esp, and let us sell this hack Edit: for a known game Gesendet von meinem SM-G925F mit Tapatalk

Kk Gesendet von meinem SM-G925F mit Tapatalk

There is a translation problem, "undo" means..."the last step was wrong, going to the penultimate Gesendet von meinem SM-G925F mit Tapatalk

Welcome back gentleman, thats a great news. What do you think about real hacking games, like ESP, BOTS, GAMEENGINE *****?

This is a great idea, enyby. Undosearch would be very nice feature SIR!