Jump to content


Popular Content

Showing content with the highest reputation on 06/18/2021 in all areas

  1. 2 points
  2. 2 points
  3. 1 point
    They are very quick on banning people so be careful. Say you have 5 of an item search 5 dword. Then split them. Refine the search using the number of the item you have left in the spot where the item is first located in your inventory. So in this case it would be 3 because the split should put 2 elsewhere. If you still have many results then either split again or put the 2 back with the 3 and refine again. I seem to remember I used to get it to 2 results then I would make them 20 and freeze. You can then split them and you'll get another 10 and still have the 20 as well. Once the item is frozen don't move it in your inventory or you'll have to start again. I got banned so many times I gave up. I know there were items in the game that could only be achieved if you hacked them. If you havent already then join their discord and you can learn some of the stuff they look out for to catch hackers. Didn't help me much as I still kept getting caught Good luck
  4. 1 point
    You can just sort "playerMonsters" table before using it so that "IDandNames" table elements will be in desired order right after it is constructed: table.sort(playerMonsters, function (a, b) return a.name:upper() < b.name:upper() end)
  5. 1 point
    @sammax71 can you pls share how to do that ?
  6. 1 point
    Items in your inventory can be hacked too. Looks like there might be a max limit of 20 though. You can always freeze the value.
  7. 1 point
    I've only had a quick look but quest rewards look like they can be changed. I managed to give myself loads of the gold coins and XP.
  8. This post cannot be displayed because it is in a forum which requires at least 1 post to view.
  9. 1 point


    Hello Guys . Today i will show you simple file rename blocker for GG Lua Script . It is by me ( no coyright ) . If you have any questions ask me in comments . Also Guys here is small variant of this script : if gg.getFile():match('[^/]+$') == 'Block Rename.lua' then else print('⚠ File Rename Is Detected ⚠') return end
  10. 1 point
  11. 1 point
    I love this constructive diskussions i miss on other forums. that's great gentlemens
  12. 1 point
    This is EXACTLY what I would love to have added to GG. Most games the distance between certain key values will always be the same. Location won't always be the same. Pewdiepie game is perfect example. Finding one value can sometimes be easy, then use offset to find difficult to search values. Another benefit to using offset/distance is patterns. Ex: Hp->Atk is 32bytes Atk->Def is 32bytes Then sometimes going - 32 from HP and 32 from Def you can find more. Great example is This War of Mine. That game has offset pattern between items ID values. @Enyby If you want, contact me, I have ideas for adding offset calc and making it simple/seamless.
  13. 1 point
    For @NoFear need next offset I suppose: He find level, gold, and tokens in previous searches. And now want after find gold fast go to level and tokens with known offsets. For this he need calculator of offset. I am right, @NoFear?
  14. 1 point
    It is only for PC. On Android ASLR. For working this offset you need persistent address or offset between two address. Base entry point for example and your value. Now I check one thing. I use Zombie Hive game. It have gold value. it can be easy finded. I search gold and get next data for two different runs: 31BF2C38 3D6E1408 313b8000-3198a000 rw-p 00000000 00:04 2134 /dev/ashmem/dalvik-heap (deleted) 3198a000-31c9a000 rw-p 005d2000 00:04 2134 /dev/ashmem/dalvik-heap (deleted) 31c9a000-34bb8000 ---p 008e2000 00:04 2134 /dev/ashmem/dalvik-heap (deleted) 34bb8000-34c98000 rw-p 00000000 00:04 2135 /dev/ashmem/dalvik-bitmap-1 (deleted) 34c98000-34d78000 rw-p 00000000 00:04 2136 /dev/ashmem/dalvik-bitmap-2 (deleted) 3d066000-3d69e000 r-xp 00000000 08:11 8089 /data/data/com.mobirix.zombiehive/lib/libcocos2dcpp.so 3d69e000-3d69f000 r-xp 00000000 00:00 0 3d69f000-3d6e2000 rw-p 00638000 08:11 8089 /data/data/com.mobirix.zombiehive/lib/libcocos2dcpp.so 3d6e2000-3d719000 rw-p 00000000 00:00 0 3db19000-3db1d000 rw-p 00000000 00:00 0 31BF2C38 - 3198a000 = 268C38 3D6E1408 - 3d69f000 = 42408 31C01720 3CAED408 313b8000-3198a000 rw-p 00000000 00:04 2134 /dev/ashmem/dalvik-heap (deleted) 3198a000-31c9a000 rw-p 005d2000 00:04 2134 /dev/ashmem/dalvik-heap (deleted) 31c9a000-34bb8000 ---p 008e2000 00:04 2134 /dev/ashmem/dalvik-heap (deleted) 34bb8000-34c98000 rw-p 00000000 00:04 2135 /dev/ashmem/dalvik-bitmap-1 (deleted) 34c98000-34d78000 rw-p 00000000 00:04 2136 /dev/ashmem/dalvik-bitmap-2 (deleted) 3c472000-3caaa000 r-xp 00000000 08:11 8089 /data/data/com.mobirix.zombiehive/lib/libcocos2dcpp.so 3caaa000-3caab000 r-xp 00000000 00:00 0 3caab000-3caee000 rw-p 00638000 08:11 8089 /data/data/com.mobirix.zombiehive/lib/libcocos2dcpp.so 3caee000-3cb25000 rw-p 00000000 00:00 0 3cd25000-3cd29000 rw-p 00000000 00:00 0 31C01720 - 3198a000 = 277720 3CAED408 - 3caab000 = 42408 3CAED408 - 3c472000 = 67B408 Now we get next results: First value is from Java and stored by different offsets. I think it is cache of loaded data. Second value is real data and stored as global variable in C lib. Because of that it have persistent offset from lib base. I try check this on Droid4X: 14000000-14638000 r-xp 00000000 08:13 868382 /data/app-lib/com.mobirix.zombiehive-1/libcocos2dcpp.so 14638000-14639000 r-xp 00000000 00:00 0 14639000-1466f000 r--p 00638000 08:13 868382 /data/app-lib/com.mobirix.zombiehive-1/libcocos2dcpp.so 1466f000-1467c000 rw-p 0066e000 08:13 868382 /data/app-lib/com.mobirix.zombiehive-1/libcocos2dcpp.so 1467c000-146b3000 rw-p 00000000 00:00 0 146b3000-14800000 ---p 00000000 00:00 0 1466f000 + 42408 = 146B1408 - no luck. May be different? I search value. 1467b408 1467b408 - 1466f000 = C408 Hmm. 1467b408 - 14639000 = 42408 1467b408 - 14000000 = 67B408 Results: different firmwares use different regions names. But idea can be used. This is very lucky case because data stored as global variable of shared lib. In this case it work. In another - not. Currently we have case with Gold1 and offset1. It is easy case. But for Gold2 or Gold3 we do not have any information about offset2-offset7.
  15. 1 point
    It is only offset from begin load ELF in most cases. You can call cat /proc/pid/maps from root and get first address of ELF file (lib*.so). After that you can substract this address from any memory address and get same of IDA value. _______________________________________________ added 1 minute later But I do not see any practical sense in these numbers. You can go to HEX tabs to ida, copy 16 bytes and search them as group search on code region. it wiil be find need place very fast.
  • Create New...