-
Posts
547 -
Joined
-
Last visited
-
Days Won
19
Content Type
Profiles
Forums
Downloads
Gallery
Everything posted by MC874
-
Hi @ninjavour, Judging from this, it is Windows Tekken, meaning there's no Emulation involved. It is likely to be downloaded from Steam (or elsewhere) but the point is, it is Native Windows OS game. From this value, you can tell that it is boolean (true/false). Probably the game has some kind of check wether the main player is bot or actual player: meaning that the main player can be played both ways.
-
Hi @nigaer, Sure, what do you want to apply? Fields or Methods? Before continuing, better to look up: GGIL2CPP
-
Hi @nigaer Game Guardian can't create custom UI like LGL did. It was utilizing existing GG API, you can use something like: gg.prompt(), gg.multiChoice(), gg.choice(), etc. I don't exactly get what you mean. Do you have difficulties in writing a lua script? Or finding the correct offsets?
-
Hi @kotako, The easiest way but probably takes long is to just simply reflash your rom (or factory reset?) or use Virtual Machine on your phone like VPhoneGaGa. I'll check the game on my freetime.
-
Hi @Gayesh01, are you trying to get in-game assets? (Animation/Video/Texture,etc)
-
Hi @kotako So this problem is fixed then?
-
Hi @kotako, This is weird. VM/Emulator is sandboxed Android, it will have random id each VM/Emulator instances you created. (Yes. You don't need to reinstall the whole Emulator/VM). Every Emulator/VM supports for Multi-instance, just create a new one each time you getting banned. Your game has Emulator detection, you can simply disable it from offsets. And also, I dont recommend getting Bluestacks, it is so bloated, hard to root (you literally need to change the boot config). Here's emulator I recommend: - MuMuPlayer - LDPlayer - GTArcade - Wakuoo Send your Diamond script through DM, I will do some testing on my part using VM/Emulator.
-
Hi @kotako, it usually means that your previous banned account info still saved somewhere inside the game files. Re-downloading resources won't help as game tends to download specific resources according to your account id. Removing banned account from your device requires heavy lifting: - You need to spoof your any device information from external and internal. You can use modules and apps mentioned above, while also changing device information from offsets. Inside dump.cs look for: deviceid, devid, cpuid, playerid, accountid, oaid, imei, uuid, uniqueidentifier, etc. - Modify your account id from /data/data/your_game/sharedprefs -> save the file somewhere -> uninstall your game -> install it again (dont use the same resources for data, but you can still use the same obb) -> don't open the game first, create game folder manually: /data/data/com.your_game/sharedprefs -> put your modified file to sharedprefs. I would suggest you to just using emulator or any virtual machine, so you can reset the emulator/virtual and play with new account.
-
Hi @Rxhacker, this is great. Since 'hooking' is being mentioned, is there a chance to add feature such as: method linking, update() hooking, etc?
- 4 replies
-
- void hooking
- calling methods
-
(and 1 more)
Tagged with:
-
Hi @mac0912, as long as you have root permission. Yes.
-
Hi @Jorides, we're happy to see you too! If you have any questions, don't hesitate to ask
-
Hi @Xcasqq58, from what I read in another forum, PUBGM Skin Changer requires hooking, which is not a simple memory editing. I believe it involves multiple function or class: Player -> WeaponManager -> WeaponID, it is also seems to requires a separate thread to watch player inventory. I suggest you to visit: PUBGM
-
Hi @derbeyonder, It is not different, you're doing it incorrectly. As it's name, offset is displacement, so you need the first address where the libil2cpp is located: lib_address = gg.getRangesList('libil2cpp.so')[1].start method_address lib_address + 0x0DF91EE4 /*****************\ Try 'WZR', it is zero-point register, meaning the register value is always empty MOV W23, WZR Or try immediate value, I mean 0x0 is the same as #0 MOV W23, #0 Or you can enforce it by changing it's hex string to: hF7031F2A or h17008052 /*****************\
-
Hi @derbeyonder, Good, you're on the right track. You need to remember that method/function usually starts with 'PUSH' and ends with 'POP' or if you find another 'PUSH' it means that you're reaching another method/function. So, find any 'MOV' instruction beetween both 'PUSH', and make sure that it contains 'R3', something like this: MOV ..., R3 and change the 'R3' to '#0'
-
Been familiar with it too, but never purely try it on Android. Always need a helping hand with windows.
-
Hi @derbeyonder, No, you don't have to. Just goto that method address and look for: Find this instruction from the method: mov [r1-r10], r3 Replace it with: mov [r1-r10], #0 Since 'int price' is the 3rd parameter, it would likely that the value is saved on register r3. You can see it on Memory Viewer. If you didn't found it, the value might be on different register (from r1 to r10). Just test every single 'mov' instruction: Search any 'mov' from the method: mov [r1-r12], [r1-r10] Replace it with: mov [r1-r10], #0 If change all the mov from the method doesn't work, it is probably that the value is stored on some address and not on the register. If that's the case, look for any LDR instruction: Find these instruction at the start of the method: LDR [r1-r10], ... LDRB [r1-r10], ... and change it to: MOV [r1-r10], #0
-
Hi @Henkli, it is weird to me. What happen if you use Nox inbuilt apk installer? (click on +apk on the right bar)
-
Hi @PONLANGSAKALAM, for finding the right value, you must go through trial and error. You can try to find something related to: "currency", "gold", "coin" or something. Just test it one by one if there's multiple result, I suggest to edit the field first to find the right class. You can provide the dump.cs here so I could create a config for testing.
- 1 reply
-
1
-
Hi @Fujimkad, I wouldn't recommend doing debugging on Android, as there's no apps that have a full feature for debugging, but you can still do it: - Game Guardian: itself can be used as a debugging tool but if you know what you're doing. - radare2: You can try to install radare2 on your Termux. It can read most of the function from a library, so it is still kinda useful. - ADA: Or you can do conventional dissasembling using Android Disassembler. So as far as I know, there's no advanced way of doing debugging on Android except with the help of computers.
-
Hi @Error-404, using virtual apps is not recommended. I have provided list of virtual machine below that you can use it as replacement to virtual apps. I suggest using VPhoneGaGa.
-
Hi @Domofon5, it is not offset, it is savedlist config. The value you modified inside game guardian can be saved into -> saved list -> then you can export it as a config file. You can load the 'savedlist' config again from icon.
-
Hi @option_user, the speedhack works for a little while before it doesn't work: 03-01 19:44:39.724 3678 3678 I android-daemon: Load shell: af 03-01 19:44:39.820 2821 2830 I android-daemon: SH load... 03-01 19:44:39.820 2821 2830 I android-daemon: SH loaded 03-01 19:44:39.820 2821 2830 I android-daemon: c 2830 0 0xd1e82fa0 354 03-01 19:44:39.833 3678 3678 I android-daemon: breakpoint: status(57f) WIFSTOPPED(1) WIFEXITED(0) WIFSIGNALED(0) WTERMSIG(127) WEXITSTATUS(5), WCOREDUMP(0) WSTOPSIG(5) 03-01 19:44:39.833 3678 3678 I android-daemon: Got breakpoint! 03-01 19:44:39.833 3678 3678 I android-daemon: Got trap 03-01 19:44:39.836 3678 3678 I android-daemon: VM_FAIL 2: -1 12c00000, 4, 14, Bad address Now the thing is, it seems that you're playing browser game. Speedhack is absolutely wouldn't work if you're playing browser games, especially it is server-side game. I can tell that you're using browser because the speedhack try to hook browser lib: 03-01 19:44:39.437 3678 3678 I android-daemon: elf_hook32 [/system/lib/libwebviewchromium_loader.so] baseOffset: 5000 - 5000 5000 0
-
Hi @Emmyboi, you can try download: termux then run these command: su setenforce 0 Then open Game Guardian -> 'Fix It' button -> Switch to work with SELinux.
-
Hi @Dr4gon65, the files is generated from savedlist. You can just goto saved list () inside game guardian -> use load saved list () -> located the file -> then 'load' it.
-
Hi @Howrang, ESP hack cannot be done by Game Guardian. You need to create an overlay in order to pull this off. You might want to start with learning Mod Menu as ESP hack is rather hard for starters. However, you can try to modify existing mod menu by adjusting it's bone offset and player class. Here go take a look: Make ESP for Unity games.