HorridModz

Can you see the rewards before opening the chest? If not, maybe you can try pausing the game while opening the chest. But if the game generates the chest reward at the same time that you open / claim it, editing it may not be possible without hex patching the function itself. One more idea is to try searching for the chest rewards *after* you open it and editing + freezing the values so you get modified rewards next time.

Besides analyzing the code, there is no real way to know what is server sided and what is client sided. The best way is to try stuff, and if something doesn't work you move on. Unfortunately, modding is often a game of guessing and checking rather than getting what you want on the first try. I am unfamiliar with Virtual Master, but for most Virtual spaces any files will not show up in them. Either download it inside of Virtual Master (go to this post in a web browser, inside of that space) or you can see if there is an option to transfer files.

This should probably go in Help. But anyway - what's the app, and what did you change?

I am confused by what exactly you did - it sounds like you used parallel space on your phone and opened the game with the taskwall on a computer? If this is what you did, it will not work. I don't know exactly how these taskwalls work (you can definitely research it if you wish), but I believe they have several restrictions. One of these is that you must download and play the game on the *same device* as the one you one you initially start the offer on.

Also, another method is to directlly edit those fields you mentioned. Editing fields is doable, but a bit of a pain. Here is a script for doing so: https://hackershouse.tech/feild-offset-finder-game-guardian

Perhaps the game has yet to call the method. Try updating your coins (gaining or spending some).

Thank you for the info! This is very interesting.

Out of curiosity, why have I never seen a script that supports x86 and x64? In fact, as far as I know gameguardian only supports target.isx64 or whatever it is and only supports armv7 / arm64 opcodes, etc. etc. - I'm unaware of Gameguardian supporting these alternative architectures at all. It would be great if you could point to some references for this. Update: hmm the *only* resource I could find for this was a stackoverflow post... https://stackoverflow.com/questions/17770907/is-android-os-only-used-for-arm-cpus

Interesting! I will have to implement that when I get a chance - should be simple. Thanks for the advice. The documentation does say search pattern - it's simply an array of bytes search. The program generates an aob by reading bytes from the function's start offset and keeping the bytes that represent static instructions. Then it generates a group search by converting strings of static bytes into qwords, dwords, etc. This will not work between Architectures. Sadly, as far as I know the instructions aren't one-to-one so "transpiling" the aob to another architecture wouldn't work. Out of curiosity, why have I never seen a script that supports x86 and x64? In fact, as far as I know gameguardian only supports target.isx64 or whatever it is and only supports armv7 / arm64 opcodes, etc. etc. - I'm unaware of Gameguardian supporting these alternative architectures at all. It would be great if you could point to some references for this.

Should be the exact same as for libil2cpp.so. Find the start address of libunity.so with gg.getRangesList("libunity.so")[1].start, and subtract that from the address of your value.

The game is probably detecting something overlayed over the screen in some way. Try minimizing the app window while keeping the app open (go to your home screen), then clicking Gameguardian. If that doesn't trigger it, you can use Gameguardian from outside the app - open app, go to home screen and use gameguardian, close gameguardian, go back to the app.

@MC874Thank you! This technique works for any game or app - all it needs to do is take the hex from the lib file and generate an array of bytes by reading the opcodes (nothing il2cpp-specific). It does this with python's keystone and capstone modules. As it is for Gameguardian, it only works for ARM and ARM64 (Android's architectures). However, it could be made to work with other architectures: ` def make_ks(architecture: str) -> keystone.Ks: """ Only do this once, because it is expensive. """ if architecture == "32bit": return keystone.Ks(keystone.KS_ARCH_ARM, keystone.KS_MODE_ARM) elif architecture == "64bit": return keystone.Ks(keystone.KS_ARCH_ARM64, keystone.KS_MODE_LITTLE_ENDIAN) else: raise ValueError(f"Unrecognized architecture: {architecture}. Only '32bit' and '64bit' are valid strings") def make_cs(architecture: str) -> capstone.Cs: """ Only do this once, because it is expensive. """ if architecture == "32bit": return capstone.Cs(capstone.CS_ARCH_ARM, capstone.CS_MODE_ARM) elif architecture == "64bit": return capstone.Cs(capstone.CS_ARCH_ARM64, capstone.CS_MODE_LITTLE_ENDIAN) else: raise ValueError(f"Unrecognized architecture: {architecture}. Only '32bit' and '64bit' are valid strings") Keystone and Capstone support a wide range of architectures, so simply editing these functions would extend the tool to work for others. However, as I said Android only has ARM and ARM64, so I don't see why this would be necessary.

Hello, I couldn't figure out where to post this so I hope this is in appropriate place. I've finally completed my CLI tool that makes your Gameguardian scripts work on all updates! Normally, things that rely on function offsets - like hex patches and hooks - break when the game updates. However, this tool generates scripts that use pattern scanning to dynamically find the functions. Here's the Github. Enjoy! all_updates_generator.zipall_updates_generator.zip all_updates_generator.zip

Wow, I never knew that! This explains why so many hex patches have to be run before a game has finished loading. I've always wondered why - that makes so much sense.

I just wanted to point out that it looks like this script will call SelectLanguage() whenever gameguardian is clicked. That works, but it doesn't make sense to select the language more than once. It is much more logical to select the language once, then directly call Main() after that: gg.setVisible(false) SelectLanguage() while true do if gg.isVisible() then gg.setVisible(false) Main() end gg.sleep(100) end