Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation on 06/26/2019 in Posts

  1. 2 points
    Let me explain this real quick. How they load offset, and calculate address ? Explanation: * PC = (Current Instruction Address + 0x8) 00000000 LDR R0, [PC, 0x1C]; Its calculated like this, R0 = (PC:00000008 + 0x1C = 00000024). Read val at 00000024 which is 0x14, then put into R0. 00000004 ADD R0, PC, R0 ; Again, R0 = (PC:0000000C + 0x14 (Offset) = 00000020) 00000008 MOV R1, #0x1234; Move 0x1234 into R1 0000000C STR R1, [R0]; Store R1:0x1234 value into R0:00000020 address. 00000010 BX LR; Jump into LR (LR is register that store address of this function caller.) 00000014 ALIGN 0x10 00000020 MyValue DCD 0x0 00000024 Offset DCD 0x14 You can find lot of information here, The ARM instruction set
  2. 2 points
    Arena of Valor has good protection, some of the best in the market. even with root the gg app will still be detected because the application in question has a debugger docked in it that detects any scan in its memory. but there are hacks for this game, but not for free and the methods used for such a feat are closed and VIPs.
  3. 1 point
    Yep, Ida make we confuse by looking its value pointing directly to target address. Actually, true opcode look like this LDR R0, [PC, #0x4] Idk how to explain it, you can find arm opcode documentation on google. They describe how each instruction work. @Un_Known
  4. 1 point
    I love this nfs, it's one of my daily games. Yes some mods have been patched such as unlock all cars, blueprints and player levels (at least I can no longer get them to work). I can confirm as of today the gold and cash mod still works. Other working mods that I know of include VIP, scrap points, tuning tools and fuel.
  5. 1 point
    Offset from PC in LDR location. Useless in any other place.
  6. 1 point
    Yes, you're correct. This push offset into register, then add it with PC. So PC + Offset lead to dword_36BD38 which is targeted address. R3 is address of dword_36BD38
  7. 1 point
    0000 LDR R3, =(dword_36BD38 - 0x19D86C) -- Load offset to R3 0004 ADD R3, PC, R3 ; dword_36BD38 -- R3 = PC + Offset (R3) 0008 CMP R0, #0 -- Check if R0 value equal to 0 000C STR R0, [R3] -- Store R0 value into R3 (R3 = dword_36BD38) 0010 MOVLT R2, #0x7FFFFFFF -- If R0 value less than 0, then put (0x7FFFFFFF) 2147483647 into R2. 0014 STRLT R2, [R3] -- If R0 value less than 0, then store R2 value which is 2147483647, into R3 (R3 = dword_36BD38) Conclusion is, if R0 value less than 0.. then put 2147483647 into bss:dword_36BD38. Anyway, if you not understand about the logic. F5 hotkey may come handy.
  8. 1 point
    G-Presto can be bypass only on rooted device. I've bypass their detection within 5 click.
  9. 1 point
    View File Battleland Royal | ESP, Radar, ... Features: ○ ESP ○ Radar ○ Instant Pickup • If you like my script, Don't forget to ❤ it ! Submitter saiaapiz Submitted 06/25/2019 Category LUA scripts  
  10. 1 point


×
×
  • Create New...