MC874

October 8, 2024

Hi @APEXggV2. If the coordinate is constant, the above solution will work. In Minecraft, player coordinate will stay in place except if the player switch into a server, realm, or dimension. If the coordinate address keep changing, then just modify the code above:

function find_address()
	gg.searchNumber("233;5;100::9", gg.TYPE_DWORD)
	gg.refineNumber('233', gg.TYPE_DWORD)
	result = gg.getResults()
	gg.editAll('45000', gg.TYPE_DWORD)
	gg.clearResults()

	gg.searchNumber("1667;2;5731::9", gg.TYPE_DWORD)
	gg.refineNumber('1667', gg.TYPE_DWORD)
	results = gg.getResults()
	gg.editAll('2000', gg.TYPE_DWORD)
	gg.clearResults()

	return result, results
end

result, results = find_address()

while(true)
	if gg.getValues({{address=result[1].address, flags=result[1].flags}}).value == '233' then
		result, results = find_address()
	gg.sleep(5000) --in milisecond (5 second)
end

October 7, 2024

Hi too @Yasii

October 6, 2024

Hi @ninjavour

Quote

when you try to update it from google play store it will refused to be updated

If you're trying to update modded games, you can't expect your mods to carried over to newer version. Modded games only work for that apk only and that version only, when you update modded games, the apk will simply replaced with a new version that DOES NOT have mods.
---
If you are okay with that, try to update your game from third-party website like: APKCombo

October 1, 2024

Hi @moh4mmed, as I said earlier:

Quote

RVA = same VA = change everytime

That's why you need to use RVA because it's constant. Just grab the library base address and add RVA to it (Base address + RVA)
---

Quote

protected Void [[[][]][[][[[][[[[[]]]]][[[][[][]]][][[[][[][[](Int32 [[]]][[]][]]][][][[[][[[[[][[]]][][[[[]]]]][[[]) { }

You're trying to hook a method, also it is void types. You can change the "int32" as desired, but you need to find some instruction based on parameter it's located. For example, if "int32" is the first parameter, you need to find register R1 and change it to your value. For example:

MOV R0, R1 -> MOV R0, #1

---
So yeah, editing void method is kind of hard. You need to understand assembly first.

September 30, 2024

Hi @moh4mmed, RVA is Relative Virtual Address, it takes the offset from the beginning of a file / the start of lib address that exist on memory. Meanwhile VA (Virtual Address) is the method address while you're dumping the game. VA should not be used, you need to use only RVA.

Quote

RVA: 0x2760510 Offset: 0x275F510 VA: 0x2760510 (float value)

It seems the RVA & VA is the same. It should be different. Try redumping.

September 27, 2024

Hi @DoDevil,

Quote

I tried dump from radare2 and got Offset but it's in unreadable format string

It is not 'unreadable', it's a normal function name. Decompiler tends to rename 'unknown' function from what that function corresponds to and probably most of the function name is obsecured when the library is being compiled.

September 24, 2024

Hi @kai_nevan, I'm LDPlayer5 user. Game Guardian works perfectly on my end. Is your Game Guardian crashing a lot? Or is there something else that happened? Atleast attach some screenshot here.

September 21, 2024

Hi @Exit-, you need to read on how to use adb: How to install ADB on Windows

April 14, 2024

Quote

Does it also find libil2cpp registration offset?

Yeah, I forgot. It's just printing the address of metadata and libil2cpp.so. Just use Zygisk instead for easy use.

April 13, 2024

Hi @missmcp, that's weird. If GGIL2CPP works, then it can find it, otherwise it's not. For me it is working:

April 5, 2024

Hi @Saaammii, the game has some kind of protection. Please read this comment: AntiCheat

April 1, 2024

Hi @Collen, asking for permission to attach this apk to the thread.

March 31, 2024

Hi @missmcp, you can use: GGIL2CPP to find metadata registration offset.

require("Il2cppApi")
Il2cpp()
gg.alert(tostring(Il2cpp))

March 30, 2024

Hi @FlashNUT,

Quote

This still doesnt work. I tried the same location as you wrote (i checked and it is the same), after that i tried to change the name of the apk into GameGuardian.101.1.apk and still it show the same thing, no such file or directory.

Pardon me, you need to put the APK inside your Windows (not inside your android storage). Save this command as a .bat file and game guardian apk in the same location as your adb.exe.

cd/d "%~dp0"
adb.exe install gameguardian.apk

March 29, 2024

Hi @FlashNUT, you need to indicate where you save the Game Guardian apk, for example:

adb install --bypass-low-target-sdk-block /storage/emulated/0/Download/gameguardian.apk

Also, you need to place your apk inside your phone, not in Windows.

March 22, 2024

Hi @kotako,

Quote

On PC yes, but i need way unban my phone

The easiest way but probably takes long is to just simply reflash your rom (or factory reset?) or use Virtual Machine on your phone like VPhoneGaGa. I'll check the game on my freetime.

March 21, 2024

Hi @kotako

Quote

this time I managed to unban bluestacks

So this problem is fixed then?

March 20, 2024

Hi @kotako,

Quote

in a VM, reinstalling does not help (the VM itself)

This is weird. VM/Emulator is sandboxed Android, it will have random id each VM/Emulator instances you created. (Yes. You don't need to reinstall the whole Emulator/VM). Every Emulator/VM supports for Multi-instance, just create a new one each time you getting banned.

Quote

I also used BlueStacks But today I cant even get in from It

Your game has Emulator detection, you can simply disable it from offsets. And also, I dont recommend getting Bluestacks, it is so bloated, hard to root (you literally need to change the boot config). Here's emulator I recommend:

Quote

if I change the offset to get the identifiers from the device, then i get disabled though server

Send your Diamond script through DM, I will do some testing on my part using VM/Emulator.

March 19, 2024

Hi @kotako, it usually means that your previous banned account info still saved somewhere inside the game files. Re-downloading resources won't help as game tends to download specific resources according to your account id. Removing banned account from your device requires heavy lifting:

- You need to spoof your any device information from external and internal. You can use modules and apps mentioned above, while also changing device information from offsets. Inside dump.cs look for: deviceid, devid, cpuid, playerid, accountid, oaid, imei, uuid, uniqueidentifier, etc.
- Modify your account id from /data/data/your_game/sharedprefs -> save the file somewhere -> uninstall your game -> install it again (dont use the same resources for data, but you can still use the same obb) -> don't open the game first, create game folder manually: /data/data/com.your_game/sharedprefs -> put your modified file to sharedprefs.

I would suggest you to just using emulator or any virtual machine, so you can reset the emulator/virtual and play with new account.

March 17, 2024

Hi @Rxhacker, this is great. Since 'hooking' is being mentioned, is there a chance to add feature such as: method linking, update() hooking, etc?

March 13, 2024

Hi @derbeyonder,

Quote

why is this address different in gameguardian (0DF91EE4)?

It is not different, you're doing it incorrectly. As it's name, offset is displacement, so you need the first address where the libil2cpp is located:

lib_address = gg.getRangesList('libil2cpp.so')[1].start
method_address lib_address + 0x0DF91EE4

/*****************\

Quote

when i change value = "~A8 MOV W23, #0x1" to "~A8 MOV W23, #0x0" i got en error (its's not important. i have no problem in game when i make #0x1)

Try 'WZR', it is zero-point register, meaning the register value is always empty

MOV W23, WZR

Or try immediate value, I mean 0x0 is the same as #0

MOV W23, #0

Or you can enforce it by changing it's hex string to:

hF7031F2A
or
h17008052

/*****************\

March 12, 2024

Hi @derbeyonder,

Quote

i found it. what next?

Good, you're on the right track. You need to remember that method/function usually starts with 'PUSH' and ends with 'POP' or if you find another 'PUSH' it means that you're reaching another method/function. So, find any 'MOV' instruction beetween both 'PUSH', and make sure that it contains 'R3', something like this:

MOV ..., R3

and change the 'R3' to '#0'

March 11, 2024

Quote

Gdb and lldb. Install termux from fdroid. I prefer gdb (more familiar with it). Don't need PC.

Been familiar with it too, but never purely try it on Android. Always need a helping hand with windows.

March 11, 2024

Hi @derbeyonder,

Quote

Do I have to combine the Offset with the Fields?

No, you don't have to. Just goto that method address and look for:

Find this instruction from the method:
mov [r1-r10], r3

Replace it with:
mov [r1-r10], #0

Since 'int price' is the 3rd parameter, it would likely that the value is saved on register r3. You can see it on Memory Viewer. If you didn't found it, the value might be on different register (from r1 to r10). Just test every single 'mov' instruction:

Search any 'mov' from the method:
mov [r1-r12], [r1-r10]

Replace it with:
mov [r1-r10], #0

If change all the mov from the method doesn't work, it is probably that the value is stored on some address and not on the register. If that's the case, look for any LDR instruction:

Find these instruction at the start of the method:
LDR [r1-r10], ...
LDRB [r1-r10], ...

and change it to:
MOV [r1-r10], #0

March 8, 2024

Hi @Fujimkad, I wouldn't recommend doing debugging on Android, as there's no apps that have a full feature for debugging, but you can still do it:

- Game Guardian: itself can be used as a debugging tool but if you know what you're doing.
- radare2: You can try to install radare2 on your Termux. It can read most of the function from a library, so it is still kinda useful.
- ADA: Or you can do conventional dissasembling using Android Disassembler.

So as far as I know, there's no advanced way of doing debugging on Android except with the help of computers.

Sign In

Profiles

Forums

Downloads

Gallery

Posts posted by MC874

Important Information