Jump to content

kiynox

Contributor
 View Profile  See their activity

  • Posts

    444

  • Joined

  • Last visited

  • Days Won

    11

 Content Type 

Posts posted by kiynox

    Help me please

    in Help

    Posted

    [ @xxxadxxx6 ]
    ---

    Quote

    I'm in a phase and I wanted to send this offset to complete the map, can you tell me if I can do this through the game guardian?

    You can use jump instruction, like: b, bl, or jmp: 

    B your_offset_address
BX LR

    ---

    0

    Game Guardian with Shizuku APIs?

    in General Discussion

    Posted

    [ @Mari01d ]
    ---

    Quote

    So, can GameGuardian support Shizuku on non-rooted devices?

    Game Guardian development is on hold now, it's been almost 3 years without any hearing from the developers. I don't think Game Guardian will support Shizuku.
    ---

    Quote

    Do you think it has any potential here?

    Just find out what Shizuku is from this thread. Looking at the Shizuku repo, it is really cool. But since it is a middle man for system-binder; is it have the ability to read app memory? while also writing on it? My judge is: it would be limited, just like Android did to ADB.
    ---
     

    0

    Daemon could not start.

    in Help

    Posted

    [ @Aker666 ]
    ---
    I recommend to stop using any virtual apps in general, virtual machine is much better in terms of overall compatibility. Just grab VPhoneGaGa or others:

    ---
    If you still facing 'daemon' error, use: termux and execute these command: 

    su
setenforce 0

    Then go inside Game Guardian --> 'Fix It' button --> Switch to work with SELinux
    ---

    0

    Offset with multiple values

    in Help

    Posted

    [ @derbeyonder ]
    ---

    Quote

    Does the address I changed to #0 have an offset address in dump.cs? 

    It is function/method parameter, it's taking values from somewhere / field. It is likely that the value is from "public int price; // 0x24", so just change that instead.
    ---

    Quote

    If not, how can I find the first 8 bytes of hex, from the address I changed with gameguardian, in libil2cpp.so file with a hex editor and change it to 00 00 A0 E3 1E FF 2F E1?

    What you're trying to do here? "00 00 A0 E3 1E FF 2F E1" is equivalent to: 

    mov r0, #0
bx lr

    It is used for function/method that returns boolean/int/dword. It is not clear what "CreateOffer" method returns but I would say it is not returning anything, a void type method.
    ---

    Quote

    Or how can i make a simple gameguardian script?

    Calculate the address that you've changed with the method address. In this case: 08938738 - 08938724 = 20 (decimal) or 14 (hex), so you would need to find method address first and add the offset to it: 

    base_address = 'do some logic here to find the method address from libil2cpp.so'
target_address = base_address + tonumber(20, 16)

    ---

    0

    Can't find address

    in Help

    Posted

    [ @elactix364 ]
    ---

    Quote

     it looks that the address is encrypted in some way?

    There's no such 'encrypted address', only encrypted value. Address is based on what memory-region:

    • - RW: the address can be Readed and Writed / the value can be changed
    • - RO: the address can only be Readed and not writed (the value cannot be changed)

    Comes to the question, yes, some value can be encrypted, it's either by XOR-ing or using some kind of hashes. First thing you want to do is doing fuzzy search --> change the in-game value by spending it or do something --> search for value that changes --> repeat.
    ---

    0

    Online Script Error

    in Help

    Posted · Edited by kiynox

    [ @AxelGameGuardian ]
    ---

    Quote

    my customer but some of my customer has issue they got like error they cant go in the script is it like there wifi or something that why they getting error?

    Please provide some screenshot, it is really vague. I suspect that it is because your client didn't allow internet access when using the script. You need to know that gg.makeRequest() requires internet access, it must be granted to 'allow', each time you execute the script. If your client deny internet access, then the script will simply complain about 'no internet' or 'wifi' or etc. Tell your client to just execute the script again and make sure to 'allow' internet access if Game Guardian asked.
    ---

    1

    Somebody please Help

    in Help

    Posted

    [ @anonymouxnash ]

    --- 

    function changes(results_search)
 ::retries2::
 inputs = gg.prompt({'Set Values'}, {nil}, {'number'})
 if inputs == nil or inputs[1] == nil then
  goto retries2
 else
  for key, value in ipairs(results_search) do
   results_search[key].value = inputs[1]
  end
  alerts = gg.alert('Results:\n\n' .. tostring(results_search), 'continue', 'refine')
  if alerts ~= 1 then
   goto retries2
  else
   gg.setValues(results_search)
  end
 end 
end

function asks()
 ::retries::
 inputs = gg.prompt({'Search Number'}, {nil}, {'number'})
 if inputs == nil or inputs[1] == nil then
  goto retries
 else
  gg.searchNumber(inputs[1], gg.TYPE_DWORD)
  results_search = gg.getResults(gg.getResultsCount())
  alerts = gg.alert('Results:\n\n' .. tostring(results_search), 'continue', 'refine')
  if alerts ~= 1 then
   goto retries
  else
   changes(results_search)
  end 
 end
end

asks()

    ---

    0

    In-app puchases for free?

    in Help

    Posted

    [ @Fujimkad ]
    ---

    Quote

    in what ways can I find out the address of the value responsible for false and true

    True or false is simply presented as 1 and 0. It is dword/integer. You can either find with instruction or dword in general. There would be a lot of results, so I suggest to just disassemble on computers so you can get a grasp of what function that bool is exist. Usually it is formatted like this: 

    mov [r0-r10] #[1-2]

    ---

    0

    In-app puchases for free?

    in Help

    Posted

    [ @Fujimkad ]
    ---

    Quote

    I have seen many videos where people break purchases in the game through GG, but as I understand it, to do this you need to find out the exact address of the instructions and replace it

    It is really depends on the game. But in general, you can still technically doing it on Game Guardian:

    • - Some games you can directly edit the in-game currency (Diamond, Coins, etc). Or usually it is just protected by XOR-ing the value, so by changing the XOR to 0, you can still directly edit the currency.
    • - Alot of in-game currency relies on server (server-sided) which you can't change it by only memory editing. You can use some workaround, for example by changing the price value to 0, so it can still be editable.
    • - If the game is server-sided, there's not much thing you can do. You may can still poke around the in-game function that handles in-game purchases. For example, you can try to dump/debug the game and find a function that verifies wether the purchases is succeeded or not. By changing it to 'succeed' flag, you might able to break the in-game purchases.
    • - Another tricky ways is to swap item id for an existing item. For example you've some free item to claim, you can change that 'free' item id with another one that is 'paid'. However this is not working if the game inventory is handled server-sidedly.

    ---
    There's alot of ways for doing it but these option is not the 'ultimate' ways of doing it, as it's just replacing the existing memory.

    0

    Get field offset by gg value

    in Help

    Posted

    [ @TheKing7899 ]
    ---

    Quote

    Is it possible to get field offset by game guardian value?

    What field offset you're referring to? Is it like dump.cs that contains field name, class name and it's offset? Then it is not possible, every game has it's own code structure, also it can depends on what game engine it's use. You need to understand what offset is, it is basically just a displacement, like 1+2=3 (base address + offset = target address). And yes, offset is doable in Game Guardian:

    • - If you've found what value you want, you can goto memory viewer and see any neighboring address that are static. For example, if your value is close to an address that is utf-8 / text, then you can use 'calculate offset' feature. Just put the text address and your value address. The next time you want to find that value again, just do: text-address + offset = your-value-address
    • - If your game is based on Unreal Engine (check if LibUE exist), then you can use Unreal Engine dumpers: UEDumperUE4-DumperUE4DumperAndUE4Dumper
    0

    can someone help me when i turning off the speedhack the unfreeze isn't it working please help me

    in Help

    Posted

    [ @Lezyi ]
    ---
    You have several problems. The first one is, 1) you need to named things properly: 

    local t = gg.getResults(2500, nil, nil, nil, nil, nil, nil, nil, nil)
for i, t in ipairs(t) do

    ---
    2) You didn't apply the value before saving/removing from savedlist. As @MonkeySAN mentioned, use gg.setValues() before any of these: 

    gg.addListItems(t)
gg.removeListItems(t)

    ---
    3) On function 'MSoff()', why bother to find the values again? You can just reuse the 't' table from function 'MSon()'. 

    gg.searchNumber('1.5554413e-43F;0.40000000596F;4.0F:45', gg.TYPE_FLOAT)
gg.refineNumber('4', gg.TYPE_FLOAT)

    ---
    I have adjusted the script, tell me if it's still need some adjustments: 

    results = ''

function MSon()
gg.alert('ON')
gg.setRanges(gg.REGION_ANONYMOUS)
gg.searchNumber('1.5554413e-43F;0.40000000596F;1.0F:45', gg.TYPE_FLOAT)
gg.refineNumber('1', gg.TYPE_FLOAT)
results = gg.getResults(2500, nil, nil, nil, nil, nil, nil, nil, nil)
for key, value in ipairs(results) do
	if value.flags == gg.TYPE_FLOAT then
		results[key].value = "4"
		results[key].freeze = true
	end
end
gg.setValues(t)
gg.addListItems(t)
gg.toast('Speed Hack On')
end

function MSoff()
gg.alert('OFF')
gg.setRanges(gg.REGION_ANONYMOUS)
for key, value in ipairs(results) do
	if value.flags == gg.TYPE_FLOAT then
		results[key].value = "1"
		results[key].freeze = false
	end
end
gg.setValues(t)
gg.removeListItems(t)
gg.toast('Speed Hack Off')
end

    ---

    0

    Couldn't install

    in Help

    Posted

    [ @lasteva ]
    ---

    Quote

    the phone is not rooted.

    Game Guardian will not work without root. You need tobe rooted first.
    ---

    Quote

    "Reason: Installation package isn't compatible with system. Suggestion: Try using a compatible installation package."

    Read this thread: Android 14. Also download the Virtual Machine there if you're not rooted.

    0
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept