Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 05/02/2017 in all areas

  1. 7 points
    Watch on YouTube: 73.0: Formula calculator - GameGuardian
  2. 6 points
  3. 5 points
    Watch on YouTube: 8.69.0: Bypass ptrace protection - GameGuardian
  4. 5 points
    Watch on YouTube: How to get offline help on scripts - GameGuardian
  5. 4 points
    for _=1, #Menu - 0.5 do if _ % 2 == 1 then -- ... end end is identical to for _ = 1, #Menu - 0.5, 2 do -- ... end but second option is more effective and clear.
  6. 4 points
    Check e_machine from specific lib using GameGuardian. function GetLibraryTextBase(lib) for _, __ in pairs(gg.getRangesList(lib)) do --print(string.format("%s | Start: 0x%08x | End: 0x%08x | Size: 0x%x | State: %s | Protection: %s", lib, __["start"], __["end"], __["end"] - __["start"], __["state"], __["type"])) if __["state"] == "Xa" or __["state"] == "Xs" then return __["start"], __["end"] end end return nil end function GetLibraryArch(LibName) e_machine = GetLibraryTextBase(LibName) + 0x12 -- e_machine offset _ = {{address = e_machine, flags = gg.TYPE_WORD }} return gg.getValues(_)[1].value & 0xFFFF -- Format end Arch = GetLibraryArch("libc.so") -- http://www.sco.com/developers/gabi/2000-07-17/ch4.eheader.html if Arch == 40 then ArchName = "Advanced RISC Machines ARM: " else ArchName = "Unknown" end gg.alert(string.format("libc.so\n\nArchitecture: %s (0x%02X)", ArchName, Arch)) References: http://www.sco.com/developers/gabi/2000-07-17/ch4.eheader.html
  7. 4 points
  8. 4 points
    Mirrored from YouTube with some crop: Bloons TD Battles: Money Hack NO ROOT 5.0.2 GameGuardian | Working 2018 GameGuardian (#6vzrbm91) VirtualXposed (#1hw64j76)
  9. 3 points
    Have you tried it at least? I highly doubt that searching for 500 consecutive addresses and editing all of them to one value can noticeably slow down your script. So are you sure that it does not suffice because of performance reasons? As pointed out above, editing values one-by-one in a loop is very inefficient. This approach should be used instead, if simple one with fuzzy search does not suffice: Example of implementing it: local startAddress = 0x12340000 local count = 500 local editValue = '555444' local values = {} for i = 1, count do values[i] = {address = startAddress; flags = gg.TYPE_DWORD; value = editValue} startAddress = startAddress + 4 end gg.setValues(values)
  10. 3 points
    Good intuition... magic is still not part of hacking, sorry. ? I think you didn't really get what is this [value] in the video: "[value]X4" Just to be sure I say this, but I think you already know that and it's not the problem here. Let's say you search for Dword: Searching for "[value]X4" means: "find a Dword, containing [value] (not encrypted) xored with the Dword (see nofear following post) 4 bytes after or before (= just the length of the Dword containing [value], so the following/preceding Dword)" Well if you understand that, you have to know what [value] you want to search for. I think you were confused because it wasn't maybe the best example. Nofear is searching for an odd thing. He's looking for the number of coins here, not the actual money value you see. So he does "1~9X4" first because he just collected between 1 and 9 coins, and then he searches for "53X4" because he counted the number of coins the arrow of coins he collected was made of, which is exactly 53 coins ^-^. Why? Because the money is probably not Xor encrypted, and the numbers of coins collected are xor encrypted and can indirectly change money, and/or Nofear just wanted to show another way to hack money that the way you'll first think about, which is directly changing the money. You second problem is related to the definition of "[value]X4" I wrote, or most probably to the xor encryption itself. Xor operation is reversible: the value which is xored with [value] can be after or before it. In this case it is before. Plus you have to know that [value] xor 0 = [value]. So eventually, in this case, nofear sets the xor key to 0 and then he can simply change the encrypted coins number as if it wasn't encrypted at all!


×
×
  • Create New...