MC874

Hi @kotako So this problem is fixed then?

Hi @kotako, This is weird. VM/Emulator is sandboxed Android, it will have random id each VM/Emulator instances you created. (Yes. You don't need to reinstall the whole Emulator/VM). Every Emulator/VM supports for Multi-instance, just create a new one each time you getting banned. Your game has Emulator detection, you can simply disable it from offsets. And also, I dont recommend getting Bluestacks, it is so bloated, hard to root (you literally need to change the boot config). Here's emulator I recommend: - MuMuPlayer - LDPlayer - GTArcade - Wakuoo Send your Diamond script through DM, I will do some testing on my part using VM/Emulator.

Hi @kotako, it usually means that your previous banned account info still saved somewhere inside the game files. Re-downloading resources won't help as game tends to download specific resources according to your account id. Removing banned account from your device requires heavy lifting: - You need to spoof your any device information from external and internal. You can use modules and apps mentioned above, while also changing device information from offsets. Inside dump.cs look for: deviceid, devid, cpuid, playerid, accountid, oaid, imei, uuid, uniqueidentifier, etc. - Modify your account id from /data/data/your_game/sharedprefs -> save the file somewhere -> uninstall your game -> install it again (dont use the same resources for data, but you can still use the same obb) -> don't open the game first, create game folder manually: /data/data/com.your_game/sharedprefs -> put your modified file to sharedprefs. I would suggest you to just using emulator or any virtual machine, so you can reset the emulator/virtual and play with new account.

Hi @Rxhacker, this is great. Since 'hooking' is being mentioned, is there a chance to add feature such as: method linking, update() hooking, etc?

Hi @derbeyonder, It is not different, you're doing it incorrectly. As it's name, offset is displacement, so you need the first address where the libil2cpp is located: lib_address = gg.getRangesList('libil2cpp.so')[1].start method_address lib_address + 0x0DF91EE4 /*****************\ Try 'WZR', it is zero-point register, meaning the register value is always empty MOV W23, WZR Or try immediate value, I mean 0x0 is the same as #0 MOV W23, #0 Or you can enforce it by changing it's hex string to: hF7031F2A or h17008052 /*****************\

Hi @derbeyonder, Good, you're on the right track. You need to remember that method/function usually starts with 'PUSH' and ends with 'POP' or if you find another 'PUSH' it means that you're reaching another method/function. So, find any 'MOV' instruction beetween both 'PUSH', and make sure that it contains 'R3', something like this: MOV ..., R3 and change the 'R3' to '#0'

Been familiar with it too, but never purely try it on Android. Always need a helping hand with windows.

Hi @derbeyonder, No, you don't have to. Just goto that method address and look for: Find this instruction from the method: mov [r1-r10], r3 Replace it with: mov [r1-r10], #0 Since 'int price' is the 3rd parameter, it would likely that the value is saved on register r3. You can see it on Memory Viewer. If you didn't found it, the value might be on different register (from r1 to r10). Just test every single 'mov' instruction: Search any 'mov' from the method: mov [r1-r12], [r1-r10] Replace it with: mov [r1-r10], #0 If change all the mov from the method doesn't work, it is probably that the value is stored on some address and not on the register. If that's the case, look for any LDR instruction: Find these instruction at the start of the method: LDR [r1-r10], ... LDRB [r1-r10], ... and change it to: MOV [r1-r10], #0

Hi @Fujimkad, I wouldn't recommend doing debugging on Android, as there's no apps that have a full feature for debugging, but you can still do it: - Game Guardian: itself can be used as a debugging tool but if you know what you're doing. - radare2: You can try to install radare2 on your Termux. It can read most of the function from a library, so it is still kinda useful. - ADA: Or you can do conventional dissasembling using Android Disassembler. So as far as I know, there's no advanced way of doing debugging on Android except with the help of computers.

Hi @Error-404, using virtual apps is not recommended. I have provided list of virtual machine below that you can use it as replacement to virtual apps. I suggest using VPhoneGaGa.

Hi @Dezo If the Virtual Machine freezes, it means that you don't have enough memory or the app itself is bugged out. You might want to try another VM, I suggest to use VPhoneGaGa: - VPhoneGaGa - VMOS Pro

Hi @DSz, On Android 12-14, Android introduces 'phantom processes' that will kill any intensive app and also limiting app, so it can't access another app namespace. Read more about it here: Android Phantom. I'm refering "Game Breaking" feature to changes that significantly affect kernel, how app works, system, and etc.

Hi @St3gm4, Actually, Cheat Engine Android is already exist for a long time now. The only downside is, it is not as advanced as Game Guardian. We can just hope that Android doesn't introduce a game breaking feature, just like Microsoft did with their Windows 11.

Hi @KINGVINAYYY If that's the case. You can just use Zygisk Modmenu as replacement to Game Guardian: Zygisk-ImGui-Menu

Hi @KINGVINAYYY, Is it detecting Magisk Zygisk too?

Hi @KINGVINAYYY, This is not the case with LiApp, so Cheat Engine can still be used. You can either do: - Bypass Emulator: it is quite easy to do, you just have to spoof libBluetooth, libhoudini, build.prop, cpuinfo, and /proc related. You can pull this off by using "mount --bind" on /proc directory between emulator and real devices. - Or you can instead use Magisk Zygisk module or frida to disable AppSealling detection.

It is. It acts like external cheat program that runs outside Android, so the game couldn't be able to detect it. I mean you need some Android emulator to pull this off. Cheat Engine that runs on Windows and the game runs on Android emulator, it is separated.

Hi @MooExplosion, you're handling it incorrectly, the 'for'-loop is only enumerating 'specify' table and not 'specifytwo' gg.searchNumber("1620;728;1620;728::13", gg.TYPE_DWORD) results = gg.getResults(gg.getResultsCount()) if results ~= nil then specify = {results[1], results[3], results[5], results[7], results[9], results[11]} specifytwo = {results[2], results[4], results[6], results[8], results[10]} --Notice the bracket: (specify) for k, v in ipairs(specify) do specify[k].value = '2400' specifytwo[k].value = '1080' end for k, v in ipairs(specifytwo) do specifytwo[k].value = '1080' end gg.setValues(specify) gg.setValues(specifytwo) end /*********\ Since this is group searches, You can just refine the value first to specific value then change it all Example 1: --'d' suffix is for DWORD gg.searchNumber('1620d;728d::5') results = gg.getResults(gg.getResultsCount()) --Refining '1620' from result then change it to '2400' gg.refineNumber('1620', gg.TYPE_DWORD) gg.editAll('2400', gg.TYPE_DWORD) --Reload results -> refine '728' -> Change it to '1080' gg.loadResults(results) gg.refineNumber('728', gg.TYPE_DWORD) gg.editAll('1080', gg.TYPE_DWORD) gg.clearResults() Example 2: --'d' suffix is for DWORD gg.searchNumber('1620d;728d::5') results = gg.getResults(gg.getResultsCount()) --Changing specific value from results for k, v in ipairs(results) do if tonumber(v.value) == 1620 then results[k].value = 2400 elseif tonumber(v.value) == 728 then results[k].value = 1080 end end gg.setValues(results) /*********\

Hi @MooExplosion, gg.getResults() returns a table, and yes, you can specify which value to grab just by defining what index table that you want to get. So, you can either be specific or eliminate value to narrow it down (if changed value exist) --Get the 2nd and 9th position from the results results = gg.getResults() if results ~= nil then --Notice results[2] & results[9] specify = {results[2], results[9]} for k, v in ipairs(specify) do specify[k].value = '2400' end gg.setValues(specify) end --Eliminate changed values / refining results = gg.getResults() gg.refineNumber('2400', gg.TYPE_FLOAT)

Hi @St3gm4, Yes, it safe as it only sends signal for Android to allow lower sdk apps. /***********\ The development has been stagnated for almost 3 years. It looks like that it reaches EOL (end of life). /***********\

Hi @Modingph, I have the same problem but with different game. I suspect there's something wrong with the dumper causing incorrect offset in dump.cs, because of that, I always take offset from another dumper that dumps from memory. You might try: GGIl2CPP or badcase-toolbox.

Hi @Hann26, you are adding a quotation mark (") at the end, you should close that quotation at the front, perhaps you forgot to add that:

Hi @john316, yes you're correct. Could you mention which part that made you confused? I'll improve the thread to give more context, thanks

Yeah, thank you for the correction. At first, I thought it's start from 0 like most language. No, it's only load the third result, not first three (1-3) results. Forgot to mention, you can also do pointer search for only the third result like this: --Save results to variable "results" results = gg.getResults( gg.getResultsCount() ) --Specifying number of pointers to find MAX_VALUE = 512 --Load specific (3rd) result gg.loadResults( { results[3] } ) --Search for a pointer with specified "MAX_VALUE" gg.searchPointer( MAX_VALUE ) Read the documentation here: gg.searchPointer() & gg.loadResults() Your welcome

Hi @Ardit19, to load the 3rd results, you can just do this: results = gg.getResults( gg.getResultsCount() ) gg.loadResults({results[2]}) Do note that LUA tables behave like an Array, it starts from 0. So 3rd results will be 2 (Location - 1).