MC874

Hi! Thank You for replying. Here's some thought: Since it's Read Only, what the difference with .rodata? Isn't it .data is still writeable and .rodata not? The core function that contain codes is definitely on .TEXT segment. Upon checking, it's True that all the previous Pattern are on .TEXT Segment except: (ADD-LDR) are on separate .PLT Segment. Also come to realize that Other Segment (.bss, .data) are mostly for preservation, got it from this: Section and Label. This clears my confusion about Function on Other Segment, since Function are basicly calls to .data or .bss

This is certainly True, there's also different start-end for function. Identifying start-end Function is also still confuse me but there's some pattern: > MOV [Random?] - BX PC / BX LR > PUSH - POP > ADD - LDR Some Function can contain one instruction: CDPLT or Memory Segment that also have start-end. Altho those Pattern covers most of the Function, some Memory Segment such as .bss also have SHT Size which defines start-end, I'm not sure if this is a function but the Methodology I'm currently using is: - Using Dissasemblers such as IDA Pro or Ghidra - Using Patterns in Hex form - Find repeated AoB: In the end, I'm still confused to find function in other Memory Segment. The Patterns above is mostly are close to each other (In the same Memory Segment?) but what about in other segment?

It depends on what Kernel You're using. Some Kernels aren't allow changes to Selinux workload. But You can try it Yourself. Here's the step: - Alternative to that: Switch SELinux on Custom Android 10 ROMs - Download Termux: or create a Shell Script. - Change the SELinux into Permissive:

I have mixed feelings: Using Custom ROMs certainly recommended as it's mostly has wide Community Supports. While this can cause Unnecessary problem such as Bootloop. I think just downgrade GG should enough since the OP says it's working a day earlier before installing New Version:

this time when in install up to date version right away, it asked me to install newer version autamatically and it asked another name different than game guardina , so i dont know if its virus or it suppose to be that way, -why it installs another app with unrelated name ? Hi! It's supposed to be that way, when Updating GG, it will delete previous version and install the latest one with another different name. This hides GG from game that has App Checking (Checking Running App based on PKG Name). Mentioned above commenters. anyway after all this new stuff i open up game search for value moment i touch search button it causes my phone to reboot, and when i open back it says closed unexpectedly and never get it to work It would be helpful if You also provides some Logs.txt to see the reasons (Well, if GG ables to create it just in times before rebooting event). Alternatively, You can just install Older version of Game Guardian if it doesn't fit Your Device. Overall, the Latest Version is working fine on my Devices.

Hi! As non-rooted user, You have no choice other than installing Virtual Space or Virtual Machine. Or You can just 'JailBreak' Your Phone by Installing SuperSu or Custom ROMs. - Use VPhoneGaga Instead; it has more compability for Apps and Games. Check it here: VPhoneGaga. If You wish to use Root in there, I suggest use the Mod Version such as: VPhoneGaga - VMos. - Install Root to Pixel 2: Root Pixel 2: WallEye & Root Pixel 2 XL: Taimen (Check Your Pixel 2 Type first) - Get Your phone a Custom ROMs that has atleast Android 9-11 to Avoid deprecation.Might check: LineAge OS 18.1 for Pixel 2 or Pixel 2 ROMs - I see that You're not in favor of Virtual Machine. Sadly, Virtual Spaces are giving more problem as it's a Sandboxed Apps and not Sandboxed Android like Virtual Machine does. This means: it doesn't have a full Native Root ecosystem (For Daemon spawn) and also more poor in terms of Compability. the rest are too laggy Well to run Virtual Machine, You need more Memory (RAM) for smoother experience. From Reviews, Google Pixel has atleast 4GB Memory, this is pretty Standard. Virtual Machine are considered Mid-Heavy apps, to eliminate lags is to have a minimal 6/8GB RAM. Or You can Optimize Your phone: - Removing Bloatware Apps and Services [Need Root] - Set Unnecessary Apps to not Run in Background (Check Battery Settings for this) [No Root] or Disable the Apps using Shell command [Need Root] - Force GPU Uses for Apps (Check Developer Settings), I see that Google Pixel 2 has a good Snapdragon 835 [No Root] - Force OpenGL for Games (Check Developer Settings) [No Root] - Set Apps Priority to 1 using Shell Comment [Need Root] - Set SELinux to Permissive [Need Root] Even to Fix lags, You still need Roots. Other than that, there's little for what You can do.

Yeah you're right, they have both MITM and Custom Proxy Method that's enough to do TLS Decryption. Is saving the Password on a script is more better? I mean, You can still get the Password from Memory using other Memory Editor such as Cheat Engine. Honestly, this left me Insecure xD.

I've been testing their API and discover some basic idea: - To get your Pastebin content, you need API_USER_KEY and API_DEV_KEY. The Dev Key are Hardcoded into your Account and User Key are Change-able. - There's no time limit on API_USER_KEY and can be defined into a script variable to access your Pastes. - Pastebin only accept HTTPS (SSL), entire Payloads are encrypted and not view-able. Safe from Packet Capturers. Here's some Python Script while testing Pastebin API for anyone interested (Might convert to Lua?) *Edit: (User Input -> Script with API_USER_KEY -> Compare Password from Pastebin -> If correct -> Get Online Script from Pastebin -> Use the script) A good idea? test.py

Hi! Yeah you're right, but I'm sorry for the misconception. Pastebin is infact use PHP and it does not use Headers but Payloads (POST Request) to get Your Private Pastes. Payloads can't be captured since decompressing HTTP Packets are required, so they aren't seen RAW but just scrambled hex data if captured. Reference: Getting Pastes.

Which one that's bad? and What's your Solution?. It would be more helpful if you also contribute Your own 'ways'.

Hi! I think this is not really bad, since you can remotely changing your Script Password. They can only capture the password using a Packet Sniffer or once the Password is loaded to Game Guardian. Also, Pastebin supports for Authentication through Headers (Even they have the Pastebin link, they can't access it without an Auth). Well, since this is a Free Service, what you might expect? Serving Password on Client-Side is more bad and using Owned Server are costly.

Hi! I've tested the Script and it works fine. The Input value must the same as password ('cdaa') defined here: local password = 'cdaa' The reason for this is: to reject user that gives wrong password. If the user gives the correct password, then the password is saved into a file (/storage/emulated/0/.pass/.pwd). Read my Implementation list on #Client-Sided The folder are hidden by purpose as it's only used by the script. However you can unhide the folder by changing lines 2 into this: (Remove the dots ...) local file = 'pass/pwd' You can now access them on /storage/emulated/0/pass/pwd. If this helps You, consider to approve this post as Solution. *Edit: I've Updated the script to Unhide the Folder & More Description on what the script does. test.lua

Hi! to use Postman, You need to Understand 'How Transaction Works' on your game. Usually, the game use POST/GET methods to receive desired data (Currency, Item, etc). It doesn't have a steep learning curve, You just need things to be prepared: - Understanding of HTTP GET/POST Methods - Crafting Request Method with Headers - Finds out data to be sent by the game (Parameters/Payload) In Summary; Most server-sided games has it's own API with Authentication (Off course) that crafted inside POST request along with Data that will access API. Here's some Learning Material: - HTTP Methods, Headers & Status Codes - Basic POST Requests - Basic POST/GET using Postman - Postman Beginner Course I've also Added some Overview on Postman using Microsoft Store API: https://youtu.be/Np6R3vDWfr8

Hi! It depends on your Approach. Well you can do something like this: Client-Sided: You can define your Password inside your Script (Make sure to Encrypt & Obfuscate them). You can always add this on your Updated script. 1) Implement if the folder already exist. If not, it will ask user for the password. If exist, it will read the folder that contains the password. 2) If User Password is correct, it will create a hidden folder and file that contains password. If wrong, the script will stop with warnings. local password = 'cdaa' local file = '.pass/.pwd' --Folder: .pass & File: .pwd if not (io.open(gg.EXT_STORAGE .. '/' .. file, 'r')) then input = gg.prompt({'Enter a value :'},{[1] = nil},{[1] = 'string'}) if input[1] == password then gg.saveList(gg.EXT_STORAGE .. '/' .. file, gg.LOAD_APPEND) --Add new file io.open(gg.EXT_STORAGE .. '/' .. file, 'w'):write(password) --Save password to file print('Correct!') else print('Not Correct') end else content = io.open(gg.EXT_STORAGE .. '/' .. file,'r'):read('*a') --Read file if content == password then print('Correct!') else os.remove(gg.EXT_STORAGE .. '/' .. file) --Delete if file not match with password print('Not Correct!') end end Server-Sided: It would be more better if you also save the password separated on Pastebin. So create a 2 Pastebin: 1 for your script and 1 for your password. This gives you more control over password and make it easier to update your script. Read more here: - Password on Pastebin - Online Script on Pastebin

Hi! I'm trying to clear some-things: - Lib Dumper: Dumping Lib from Memory and Rebuild It back to Library with some ELF fixer (for Arm). The Benefit: to Avoid Protected Library (Usually XORed string & Encrypted Function Name) into more readable structure. - SDK Dumper: Extracting SDK (Includes Offsets, Class, Function, Address) from a Library. Usually this follows how data are reserved on Library based on Game Engine (Unreal Engine, Unity), although this can also be achieved through Manual Decompiling of Libs. The tools are working as Intended, for futher readings: Finding Offsets & Dumping Lib

Hi! Make sure to Input the package name inside the box field (You can also use PID) # Example Package Name com.mojang.minecrafttrialpe # Getting PID of your Game pidof com.mojang.minecrafttrialpe (#Result: 5678) Your dumped lib will be inside your Internal Storage: - /sdcard - /data/media/0/ - /storage/emulated/0 Here's some short Tutorial (See Attachment). In may case, the dumped lib exist but you had to wait several minutes until it's done. 2022-11-09 09-23-44.mp4

Hi! It's possible, haven't you tried this list of tools? - Memory-Dumper - MemDumper - MemDumper APK Try the APK one first, it's should be work accross libs. To run others, you need Termux. Make sure to run the commands using elevated Root permissions:

I would say: Yes and No, most Wallhack involves GLes lib (OpenGL), it act as Shaders. On Lib Dumps, you can search for "vertex", "renderer", "buffer", "shader", "alpha" on Player properties. Or you can play around with Floats, since vertex are mostly stored in Floats. EDIT1: Maybe you can refer to this topic: Wallhack for Most Games

Hi! I don't think Wallhack is simply defined by offset. Infact; it modifies Device OpenGL, kinda like shaders. That's why it depends on Device Processors (Snapdragon, Mediatek, etc). Different from ESP, it hooking player class and then drawed on Overlay. Making ESP is possible from Dumped Lib, while Wallhack not (Correct me if I'm wrong).

Hi! Pseudo-code views doesn't convert offset into literal bytes, it shows as a function name . Usually it named as sub_5678, unk_5678, etc. You can simply click on that function and takes note on the address. Sometimes it's also include encrypted string, so you need to xored that. To view it very clearly, you need to dump the SDK instead of using Disassemblers. Sorry that I can't give a visual example, I don't have much time to do that. Typed this on my mobile phone xD

Hi! IDA by default only dissasembling bytecode into set of instruction, this is harder for starters because they also need to learn assembly language. For easier read, you can use Pseudo-code plugin on IDA. - If you're using IDA Pro crack version, you need to find IDA that has Hex-Rays feature to able use Pseudo-code. - Use CTRL+Enter to open a new Pseudo-code window in IDA - You can search IDA 7.0/7.2 (I forgot) that has Hex-Rays feature. Alternatively, you can use Ghidra. It's a similar app to IDA and it's Free. I think they also have some Decompiler that able to create a Pseudo-code from plain library (I haven't test it yet, so IDK). Or you can learn Assembly itself, usually concatenate MOV, JMP, BL Instruction would lead to an Offset. Anyway here's some Reference related to Assemblies: - Hex-Patching - Libil2cpp.so Editing

- Probably some Admin can rename the 'View' to contents name? @Collen Or is it hardcoded by default? - The second link is not Accessible for Guest, but can only accessed by the Owner. need to update it ASAP (See the Attachment on your DM)

Hi! There's 2 issues on your Post: - The files are named as 'View', please naming them accordingly ( I can't tell the differences which VPhoneGaGa or VMos) - The VMos Pro links are dead, please update the Google Drive link or upload it to Mediafire or ZippyShare

That's unfortunate, what version that you've tried? For me, it's working well using Modded VPhoneGaGa from here: Modded VPhoneGaGa. Also, note that: VPhoneGaGa is using 64-bit Architecture, so you either need Arm64/x64 Phone to make it works well. But i think there's 32-Bit version as well, here: 32-Bit VPhoneGaGa. I haven't tried it though, I don't have x86 device with me. If this still crashing, perhaps it's depends on the device itself.

Hi! You need to restart your VPhoneGaGa after installing magisk. Also don't forget to disable SuperSu option; so it don't conflict with MagiskSu.