-
Posts
33 -
Joined
-
Last visited
Content Type
Profiles
Forums
Downloads
Gallery
Posts posted by darklinux
-
-
On 5/29/2022 at 4:02 PM, MrKendom said:
`pthread_create` is only on C++ / C Language , Lua has `coroutines` it does the same thing as threads , but Enyby has removed them for no reason maybe because they're useless in Game Guardian.
GG supports web requests via makeRequest, multi threading would help a lot when making multiple requests.
0 -
Jad3d arm64 .so injector
Info:
- This project is in a "work in progress" state.
- Please report any bugs or suggestions.
- Many features are missing, like "create thread", "save settings", ...
- Testing was limited, not all .so will work
How to use:
- Attach GG to target process
- Run script, click "Inject"
- Locate file via file prompt
- Select function by name that you would like to run
- Toggle target app to background and then to foreground
- Done!
-
Submitter
-
Submitted07/26/2022
-
Category
3 -
You would need to log API requests, unless its over a socket, then its much harder to narrow down.
0 -
12 hours ago, Platonic said:
So i can as well allocate a memory page and writhe a function in assembly, and make the pointer that points to the original function point to the new function that has been allocated?
I don't understand a thing of C++ to be fair, a little bit ARM 32/64, so was thinking about writhing it out and converting to hex and past it in the new allocated memory page. Then setting pointers to new function.
I have been writing an arm64 .so lib loader for GG over the last week. I'm going to be releasing it soon. It will have some examples of shellcode and hooks. Yes, that's the idea, you would allocate a page and write your asm byte code to it.
0 -
14 hours ago, DARK_DEMON_SCRIPTER said:
Guys can I get any tutorials for it pls
https://gameguardian.net/help/classgg.html#a15e72eaba99c1eadac1ccdeb8e2b5009
Has some good info
I would use a site like https://godbolt.org/
I'm using ARM64 gcc trunk
You can write some c++ code like,
int square(int num) { return num * num; }
and get asm for it
sub sp, sp, #16 str w0, [sp, 12] ldr w0, [sp, 12] mul w0, w0, w0 add sp, sp, 16 ret
then use something like http://shell-storm.org/online/Online-Assembler-and-Disassembler/
I'm using AArch64
This will take your asm and convert it to byte code
"\xff\x43\x00\xd1\xe0\x0f\x00\xb9\xe0\x0f\x40\xb9\x00\x7c\x00\x1b\xff\x43\x00\x91\xc0\x03\x5f\xd6"
You will need to write your own functions, but something like this,
local shell_code = "\xff\x43\x00\xd1\xe0\x0f\x00\xb9\xe0\x0f\x40\xb9\x00\x7c\x00\x1b\xff\x43\x00\x91\xc0\x03\x5f\xd6" local shell_address = gg.allocatePage(gg.PROT_READ | gg.PROT_WRITE | gg.PROT_EXEC) local result = hook(offset + base, shell_code, shell_address)
I would recommend reading over this project,
2 -
24 minutes ago, Platonic said:
Hmm i see. All this is done in Lua?
Not the shell code part, that's why I wish GG supported hooks. GG would handle the allocation and hooking, and then passes the values to lua. GG is currently external, so it would be a drastic change. I have implemented my own hooking library for lua, so it can be done.
Hook example,
hookFun = function(x) return x * 2 end -- address -- lua hook function -- arg sizes array -- return arg size -- return or complete function (ret, complete) gg.hook(offset + base, hookFun, [TYPE_DWORD], TYPE_DWORD, HOOK_RET)
Native call example
-- address -- name -- arg sizes array -- return arg size gg.regsiterNative(offset + base, 'sendPacket', [TYPE_DWORD, TYPE_DWORD], TYPE_DWORD) function StopFalling() packetStopFallingId = 154 return sendPacket(packetStopFallingId, 1) == 1 end
0 -
On 6/22/2022 at 2:05 PM, Platonic said:
Hmm, never used it but it looks useful. How you mean for a hook? Can you explain? Would be appreciated.
If you wanted to hook a function to change values, or call thread specific functions.
- allocate new page
- write shell code to page
- write hook to target function
GG does something like this for speed hacks, but they load a shared library and not shell code.
I have used this method to send packets on a specific game play trigger. Lots of fun and powerful but you start to get into native hacks real quick. I wish GG supported hooks and more native stuff.
0 -
5 hours ago, DARK_DEMON_SCRIPTER said:
Hi guys I want to know about this code gg.allocatePage() I didn't understand how to use this pls help me
It allows you to allocate a new page in the target processes. You can write code to the page for a hook, or data or anything. What are you looking to do?
0 -
Nice addition! New goal hype! What happened to the donation rank? Is that still a think?
0 -
LIAPP ALERT
in Help
4 hours ago, darklinux said:Ya, that would be cool, I'm not sure where to post requests, but its probably too much work. I haven't checked if they would even be able to catch the access violation via an exception handler. Still learning
nvm, this does not look easy
https://stackoverflow.com/questions/1083154/how-can-i-catch-sigsegv-segmentation-fault-and-get-a-stack-trace-under-jni-on/1083335#10833350 -
LIAPP ALERT
in Help
On 5/6/2022 at 2:26 PM, CYBORG-WARRIOR said:Arrrggg but i hope next update enyby add mprotect
Ya, that would be cool, I'm not sure where to post requests, but its probably too much work. I haven't checked if they would even be able to catch the access violation via an exception handler. Still learning
0 -
LIAPP ALERT
in Help
18 hours ago, CYBORG-WARRIOR said:Yes changing code read write data
If you are changing code it would be easy for them to detect changes. I'm not sure if GG supports hardware debugging to find who is read the address. I don't see anything under the api section. You could find a page of code that does not get executed and remove the page read flag. This would cause an access exception pointing to the code doing the check.
--edit
Looks like GG does not support page protection changes Should request to have mprotect added as a new feature.0 -
LIAPP ALERT
in Help
7 hours ago, CYBORG-WARRIOR said:It's get detected after change data in some address
Are you changing code, read data, or read write data? If its read write data then they probably have two copies of the same data to check against.
0 -
gg.pthreadCreate
in General Discussion
Posted · Edited by darklinux
Ah, in that case I have a feeling GG will not support native threads. I do want to release a small shellcode lib for native functions. I have "LoadLibrary" working, next is CreateThread, VirtualProtect and so on. Should be easy to do with little asm.