Jump to content

HorridModz

Contributor
  • Posts

    287
  • Joined

  • Last visited

  • Days Won

    8

Everything posted by HorridModz

  1. Fricking magic what the hell. Can you explain where that came from? Did you download the game yourself?
  2. @Xwl522How did you get this value? Depending on how it was obtained, it may actually be a different data type and that is just the first byte. Try editing the value as dword instead of byte (click the value, hit goto address, then hit it again and select edit - this type it should ask you which data type you want to edit it as). However, if that byte does reflect the value in the game and editing is as dword doesn't work, then it is indeed of byte type. If this is the case, then you simply cannot exceed 255. Just like you can't edit a dword value past the integer limit. Instead of asking how, you should be asking why. If a value is of byte type, that means the game will never need it to be greater than 255. So why do you need it to be? For example, currency will never be stored as byte (unless that type of currency happens to be extremely rare, and in that case, editing it to 255 should be more than enough of it). So if it is of byte type, then no, you can't make the value greater than 255 - but you shouldn't need to.
  3. Nostalgia hits hard
  4. Lmao I've been working on *my* own VED at the same time! I actually have it but can't test it because emulator won't work... mind if I share it with you? By the way, I never gave you the all update script generation tool. I can send you it if you want (super helpful):
  5. What the heck YOU'RE BACK? You were gone for two years! Did you Discord get hacked or something?
  6. It did change, but the game didn't refresh. It should update when you open a chest. Or just reload the game, and next time run the script before clicking the Lottery.
  7. @EnybyHello, I am reporting a behavior that appears to be a bug in gameguardian. It seems that the "Copy as group search", when used with "UTF-8" and "UTF-16", assumes that the values are consecutive, i.e. one byte apart. However, this is not always the case, causing group searches to sometimes fail. This is best illustrated by examples: Let's search the string "abc" in UTF-8 and save the first 3 results, but leave out the second one: gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber(":abc", gg.TYPE_BYTE) gg.addListItems(gg.getResults(1)) -- first result - "a" gg.addListItems(gg.getResults(1, 2)) --third result - "c" Now, we have two results: 97 byte, representing the character "a", and 99, representing the character "c". These results are a byte apart - so they do not directly form the string "ac" and would not be searchable as ":ac"; rather, they would be searchable by a group search that accounts for the byte in between: 97B;0~~0B;99B::3. However, the Copy as Group Search function, when I select UTF-8, gives ":ac". This is not the right group search and seems to be a bug. In order to show why this is wrong, here is the situation where I discovered the bug. I had a script that writes a string to memory, like this: function Write_String(mystring) --[[ Allocate memory in Anonymous region and write string to allocated memory ]]-- address = gg.allocatePage(gg.PROT_READ | gg.PROT_WRITE, gg.REGION_ANONYMOUS) values = {} for i = 0, #mystring do values[#values + 1] = {address = address + i, value = ":" .. mystring:sub(i, i), flags = gg.TYPE_BYTE} end gg.loadResults(values) -- must load results before we can edit with setvalues gg.setValues(values) end Write_String("Here is my special string!") If I run this script, I get the string written in consecutive byte values. I use Copy as Group Search for UTF-8, and it gives me the correct search: ":Here is my special string!". But now let's revert what we just did by refreshing the game, change the address spacing to every 2 bytes, so the string is no longer consecutive, and copy it as a group search again: function Write_String(mystring) --[[ Allocate memory in Anonymous region and write string to allocated memory ]]-- address = gg.allocatePage(gg.PROT_READ | gg.PROT_WRITE, gg.REGION_ANONYMOUS) values = {} for i = 0, #mystring do values[#values + 1] = {address = address + i*2, value = ":" .. mystring:sub(i, i), flags = gg.TYPE_BYTE} end gg.loadResults(values) -- must load results before we can edit with setvalues gg.setValues(values) end Write_String("Here is my special string!") We copy it as group search again, and get the exact same thing: ":Here is my special string!". However, now that the addresses are 2 bytes apart, this is wrong and will not work. If we try to search it, nothing comes up. So, this is definitely not working right. I'm pretty sure that it's a bug. My suggestion for fixing this would simply be displaying an error message if the addresses were not consecutive, like this: "UTF-8 [or UTF-16] group search only works for consecutive addresses. Please use a different type of group search." If there's any other information anyone would like, feel free to ask.
  8. HorridModz

    Get process size

    I'm wondering if there's some way to do it by seeing the highest address in the game. Like if I can somehow find the base address of the game, then I do an address search for base address + 0x1AD27480 (450000000) - equivalent to 450 million, or 450 mb. Then if the search comes up with a result, game process size is at least 450 MB. Could that work?
  9. Uh-oh, that's weird! For me, it works fine. Maybe if you make a new emulator and move from 32bit to 64bit, or vice versa, it will work?
  10. Sorry, I no longer maintain that script. That sucks, looks like pixel gun 3d is detecting gameguardian. This is device-specific, it seems, and not an issue with my script. So I can't help you - sorry! Perhaps you can ask around and see if anyone else has managed to circumvent this detection.
  11. Okay, that's what I figured. You're right about the block not being continuous; sorry. @CmPprovided actual code which solves that problem by trying to allocate continuously, but I have no idea how often that would work and the tendency of it to fail (I'm unaware of how the kernel decides where to allocate the memory). A solution to that might be to allocate the first block in an obscure region (maybe an unused memory region, like c++ heap, would work? This is a gray area for me, so I wouldn't really know.) where you are sure there's enough consecutive space. If I were you, I would first take CmP's code and play around with it, seeing if you encounter any issues.
  12. HorridModz

    Get process size

    Hi, I have a hex patch that must be run when the game's process size is before approximately 450 MB. After this point, the game has gotten to the point in its initialization where the function I am patching has already been called. So, if you patch it when the game's process size is over around 450 MB, it will not work. I'm trying to write a script to do this patch. I want the script to detect if the game's process size is below 450 MB, and if not, tell the user to restart the game. However, I couldn't find anything for this in gg.getTargetInfo() or any other functions. So, I'm stumped on how to do this. I've given up with gameguardian and, as a workaround I'm now just trying to locate some kind of value in memory or function in the game that can give me a hint on the process size or initialization progress. My best guess right now is to see how much the game has loaded by finding the function that reports the % loaded. Is there any way to do this natively in gameguardian? Or is there any easy workaround I can use? Thanks!
  13. I don't believe that's directly possible, but you can allocate as many pages as you need and chain them together. To do this calculate how many pages you need by dividing by 4KB, and in a loop allocate a block and add the return address of the allocated block to a list. You can then combine all of your memory into a table of values by looping over the list and adding the 1000 values (taking the start address and adding 4 each time, 1000 times) to the table for each address. If you don't understand, I can code that for you - it's pretty simple to do. Though I wonder what you're writing to memory that takes so much space? An image or save code, or something?
  14. Do you just mean multiplication? Or do you want to add the value N separate times, with a pause in between? For the latter, you could write a simple script, like this: N = 10 -- how many times add = 100 -- value to add on every time timebetween = 1000 -- how long to wait between times (milliseconds) values = gg.getResults(gg.getResultsCount()) for _ in N do for i in values do values[i].value = values[i].value + add end gg.sleep(timebetween) end
  15. It's here! Sorry it took me the whole day LOL. https://gameguardian.net/forum/files/file/3887-updated-pg3d-2432-actual-32bit-support-pixel-gun-3d-all-update-custom-lottery-rewards-hack-32bit-and-64bit/ I will hop on discord right now.
  16. View File UPDATED PG3D 24.3.2+ + ACTUAL 32bit SUPPORT - Pixel Gun 3D ALL UPDATE Custom Lottery Rewards Hack (32bit and 64bit) Contact Me: User123456789#6424 / @horridmodz on discord Ahhh, it's finally here! Over a year and a half after posting the original, and many, many requests, it's back! I promised to get this done today, and here it is, just barely in time. Since it's been so long, I am posting this update as a new thread. I've been meaning to update this for a while; and I'm sorry for such a looong wait. But this should be the last time you have to wait - because, if my crazy WIP All Update Script Generator tool works as well as I hope, this will be made so resilient it's practically unpatchable! So, here we are. The script is the same as last time, but with some minor improvements - and 32bit support! Unfortunately, I couldn't get 32bit custom values to work, but I got the predetermined values working. I was finally able to figure out that the issues I've been having are actually not my fault, but a limitation with the way lua itself handles integers - to get technical, the 32bit edit values exceed lua's integer limit, but the 64bit ones do not. I tried to workaround this, but just couldn't do it. However, a big rework of the script that I have planned, which changes the way editing is done, will fix this problem. I finally updated this script because I have time over spring break. Shoutout to @dizzy252for sending a request to update the script that I coincidentally saw right before spring break started - if it hadn't been for him, I probably wouldn't have had the thought to do this! Alongside this script, I've in the process of developing a revolutionary tool that creates resilient all update scripts; all you have to do is input your offset or hex and it spits out the full script. If you're interested, here's a sneak peak: https://www.youtube.com/watch?v=sVwODQcSy4A Want to update the script yourself? I have created a lotto sets template! Disclaimer: This script is bannable! Getting too much currency within a certain time frame will flag your account as suspicious and you will be banned in the next ban wave. I recommend only getting at most a few thousand gems per day, or your account will have a high risk of being banned. Even if you do play it safe, you can still be banned. By the way, due to a rework of sets by the developers, sets no longer work. Only lottery rewards are modified. Warning: Using the custom value option and setting the reward values to over 45,000 will instantly ban you! This is not an ordinary lottery script. Here's what unique about it: -This script will work on all game updates (the lowest game version tested is 22.4.3, but downgrading is impossible anyway), even future updates -The script supports various values, and lets you enter a custom value (currently custom values do not work for 32bit) if it does not have what you want. Currently, only whole numbers (no decimal values like 1.5) in the range of 0 to 65536 are supported. -This script supports both 32bit and 64bit devices -This script has a small antiban feature that warns you when you try to edit the reward values over 45,000 Enjoy! Submitter HorridModz Submitted 04/02/2024 Category LUA scripts  
  17. Version 2.1.0

    3,940 downloads

    Contact Me: User123456789#6424 / @horridmodz on discord Ahhh, it's finally here! Over a year and a half after posting the original, and many, many requests, it's back! I promised to get this done today, and here it is, just barely in time. Since it's been so long, I am posting this update as a new thread. I've been meaning to update this for a while; and I'm sorry for such a looong wait. But this should be the last time you have to wait - because, if my crazy WIP All Update Script Generator tool works as well as I hope, this will be made so resilient it's practically unpatchable! So, here we are. The script is the same as last time, but with some minor improvements - and 32bit support! Unfortunately, I couldn't get 32bit custom values to work, but I got the predetermined values working. I was finally able to figure out that the issues I've been having are actually not my fault, but a limitation with the way lua itself handles integers - to get technical, the 32bit edit values exceed lua's integer limit, but the 64bit ones do not. I tried to workaround this, but just couldn't do it. However, a big rework of the script that I have planned, which changes the way editing is done, will fix this problem. I finally updated this script because I have time over spring break. Shoutout to @dizzy252for sending a request to update the script that I coincidentally saw right before spring break started - if it hadn't been for him, I probably wouldn't have had the thought to do this! Alongside this script, I've in the process of developing a revolutionary tool that creates resilient all update scripts; all you have to do is input your offset or hex and it spits out the full script. If you're interested, here's a sneak peak: https://www.youtube.com/watch?v=sVwODQcSy4A Want to update the script yourself? I have created a lotto sets template! Disclaimer: This script is bannable! Getting too much currency within a certain time frame will flag your account as suspicious and you will be banned in the next ban wave. I recommend only getting at most a few thousand gems per day, or your account will have a high risk of being banned. Even if you do play it safe, you can still be banned. By the way, due to a rework of sets by the developers, sets no longer work. Only lottery rewards are modified. Warning: Using the custom value option and setting the reward values to over 45,000 will instantly ban you! This is not an ordinary lottery script. Here's what unique about it: -This script will work on all game updates (the lowest game version tested is 22.4.3, but downgrading is impossible anyway), even future updates -The script supports various values, and lets you enter a custom value (currently custom values do not work for 32bit) if it does not have what you want. Currently, only whole numbers (no decimal values like 1.5) in the range of 0 to 65536 are supported. -This script supports both 32bit and 64bit devices -This script has a small antiban feature that warns you when you try to edit the reward values over 45,000 Enjoy!
  18. Wait, what? MY script? Great, it works! I never thought anyone would use that thing, lmao.. I guess it actually works, to some degree - I have rejected the script because it doesn't appear to work, but it seems that it is producing a weird side effect here that someone makes it work. Out of curiosity, how the heck did you find this out? And as @Shyysaid, when the heck do you use it? Haha, it's your lucky day! After a year of it being requested, you got me to do update it! I'm in the process of posting the script right now Should be coming in the new version today
  19. I don't understand. What does disposing memory have to do with the memory layout? Also, I have an idea for dynamically finding out the address, though I don't quite know how to do it myself. If you know the field offset, perhaps you could find a method that references the field by using a hex search or offset calculation, then navigate to the instruction that references the field? From that point, I believe that you could extract the offset from the assembly instruction - it would be relative to something, maybe an ldr or an instruction of the like - and then determine the field's address in memory. Just a suggestion; again, I don't have the experience to know if that would work. Have you tried poking around in the dump using dnspy to find anything peculiar, such as an anticheat?
  20. Unrelated, but I'm trying to learn Frida myself. I know you have posted some youtube videos on the subject; is there any description you could give me or tutorial you could link to show me just how you did this? Props!
  21. I hate to answer for Michael (and he's been gone for years), but as he updated my script, I do of course know exactly how it works. So, to answer, your question, yes: This value does come from the libil2cpp.so. This script is at its core a basic hex patch, but it incorporates some extra magic to make it work for all updates. While it's not obvious, the root idea is something called a pattern search, as described in this post. But it is much more complicated than that, so if you're looking to utilize this method in your own scripts, there is a lot of new stuff to understand. If you'd like me to further discuss it with you, contact me on discord - User123456789#6424 / @horridmodz
  22. Lmao, I love the meme! What's the error? Video or description? And of course logcat - but it's even more important that you describe what the error is!
  23. Woah, this is great! I'm impressed by your perseverance - if I found a server sided game, I would instantly quit. People who persist always amaze me! It's good that you found some useful hacks, but unfortunately, many games like this simply aren't very hackable. You can only touch what's client sided, and that's not under your control. Of course keep looking, because the more cheats you have at your disposal, the better. Additionally, my suggestion for how to move forward would be exploring how you can use these hacks to gain a significant advantage. A great example of this is the game Township: The game is mostly server-sided, but there are some hacks the community has discovered that are not. There is a cheat that allows you to change the rewards from and cost of a task, but there is a very low ceiling on how much you can gain at once, or else you will be flagged and auto-banned. To workaround this, I used a gameguardian script and autoclicker to automate the process of editing and completing these tasks. I'm telling you this to show that it is possible to get around restrictions and use what you can hack to achieve lofty goals. So, I would suggest seeing what you can do with the hacks you do have. Perhaps you can create some kind of bot or macro? Since you have cheats that seem to make the game much easier, would this allow you to, say, farm games AFK with a simple autoclicker? Again, some stuff simply cannot be achieved (such as gaining VIP, in your case), but you can sometimes still do big things with what you do have. Another piece of advice I have is to look for low-hanging fruit. If the game is only partially server-sided, this suggests that the developers have deliberately made important things server sided and left more trivial things (such as movement speed) to the client. This means that if you do the opposite of your intuition, and seek relatively harmless hacks, you may have a higher chance of succeeding. See what small, seemingly inconsequential things you can do, because these little hacks can do big things if applied right. Lastly, remember that searching for methods is not the only way to mod. Editing values with gameguardian may seem less effective and more failure-prone, but it is easier. quicker, and much more direct. In the same way, you may want to try searching for these trivial values and inconsequential numbers. For instance, how about editing some value in an event, changing a progress bar, or editing strings to swap an ordinary reward in for a better one. This strategy may not work as well, but in my opinion, it is worth exploring - at least for testing things before diving into dump.cs. I'm excited to see if you figure anything else out. Good luck, and happy hacking!
  24. I'm sorry, I don't plan to update the script anytime soon - but who knows, maybe if I feel like it sometime I will. I'm glad that you like my scripts, and thank you for your kind words; sadly, I haven't been making them much lately due to being busy with school. I'm not exactly sure which scripts work, but feel free to download all of mine and see what does. Good luck!
  25. It means you have to be fully loaded into the game (not on the loading screen). The script is patched, though. It will not work.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.