[How to make JMP/BR Opcode Injections in ARM64]

[ @Silento ]
---
OP wants 2 things: constantly check register value & load allocated memory. So I will cover more about loading memory allocation, since we don't know yet what this memory allocation holds, either instruction/strings:

• - If it's single instruction, then the OP is in right direction using mov pair (mov, movk, movz), to load immediate address. If it's fails, then you can use ADRP/ADD pair or using Offset/PC relative address, as most instruction doesn't support immediate address.

ldr x0, 0x100 --Offset/PC relative (ldr address to our target address)

• - If it hold strings, it is doable using Game Guardian: Load Address from Allocated Memory or load immediate address (like #1)

---

[How to make JMP/BR Opcode Injections in ARM64]

[ @GuyLian ]
---

Quote

I want to change W21 value if it's equals to (0xB0FF) then change it to (0xB0CC) that's it.

The reason I ask you is because:

• Software/Hardware sets the register value at current state, meaning that you need to change all/specific instruction that does "mov w21, 0xB0FF" to "mov w21, 0xB0CC"
• Since the value on the register is often changing (based on current execution), meaning that you need to always hook the register/watch any changes into register. You can't done this using Game Guardian, it is only for Memory editing not debugging. You need to use Memory Debugging app like GDB or Ghidra.
• Your ARM64 Assembly OPCode: ("cmp w21, #0xb0ff ...") will not affect anything since it is not being executed. Beside using Memory Debugger, you can also create seperate thread within the App (Like Mod Menu) to always constantly check for Register value. Although this is bad, constantly checking register means that it is resource extensive and the thread will likely killed by the OS. Yes, Android have auto-prevention that will shut threads/apps that resource extensive (Phantom processes).

---
Albeit, constantly checking Register value is bad in general and not doable in Game Guardian for reasons above. Better just changing any "mov w21, 0xB0FF" instruction into "mov w21, 0xB0CC".

[How to make JMP/BR Opcode Injections in ARM64]

[ @GuyLian ]
---

Quote

failed to organize arm64 opcode (movz x0, #0xE000)

Have you tried to change it as Hex (not as ~A8) ?
---

Quote

I already allocated memory page it starts from address 78D26AE000 and here is the ARM64 Assembly Code I want to use

Have you tried with mov?

mov x0, #0xE000
movk x0, #0x6AE0, LSL #16
movk x0, #0x78D2, LSL #32

---

Quote

So I can check if W21 is equals to (0xB0FF) then change it to (0xB0CC) using this ARM64 Assembly Opcode :

Can you tell me what you're trying to achieve?

---

[Game Guardian: Android 14]

[ @john316 ]
---
Then the problem is: you need to enable "USB Debugging" on Developer Settings, or you need to repeatedly kill-start the ADB server until it works:

---

[Game Guardian: Android 14]

[ @Hann26 ]
---
It means the adb didn't start correctly, restart the adb server:

sudo adb kill-server
sudo adb start-server

---

[Not able to download parallel space]

[ @Vaibhavmeghe13 ]
---

1) Perhaps you IP is banned from Cloudflare CDN, you can either:

• - Change your DNS settings to "1.1.1.1"
• - Use VPN like SSH/V2Ray or etc: SSH Ocean

2) Or the files is no longer exist (removed), so you no longer able to download it. If you're looking for virtual apps, I recommend to switch into Virtual Machine (VPhoneGaGa) as it is much better in terms of compatibility and many others:

• - VPhoneGaGa
• - VMos Pro
• - x8Sandbox
• - F1VM

---

[My game Guardian Is Crashing Continually]

[ @INVISIBLE007 ]
---
Try to do the following:
- Run this command on Termux:

su
setenforce 0

- Open Game Guardian -> "Fix It" button -> Switch to work with SELinux
- The crash might be caused from Legacy Storage, try:

su
cmd appops set <package name> android:no_isolated_storage allow
cmd appops set <package name> android:legacy_storage allow

--Change <package_name> to Game Guardian package name, for example: com.abdcde

---

4 gb main ram and 4 gb virtual

Are you refers into virtual apps or virtual ram?
---
If this continues, please send us some logs:
> Game Guardian logs: Game Guardian -> "Fix It" button -> generate logs -> Send the log here at your internal storage.
> Send your android logcat: use MyAndroidToolsPro or ADB:

adb logcat > logs.txt

---

[Online android game hacking]

[ @ZED_E ]
---
Mention the games name. Hacking online games is the same as offline games, for most part, unless you're trying to hack currencies or online anti-cheat, basically anything related to the game API.
---

[How to dump protected libil2cpp.so file?]

[ @MAARS ]
---

Quote

Better redirect the output to a file instead of printing, print is slow

Sure, but you get the idea.
---

[How to dump protected libil2cpp.so file?]

[ @vaibhavi ]
---
You can use: GGIL2CPP or Zygisk-Il2CppDumper as an Magisk module. For example using GGIL2CPP:

require("Il2cppApi")
Il2cpp()
print(Il2cpp)

---

[Hiding GameGuardian from a game]

[ @KezzaFr ]
---
You can use Magisk on LDPlayer, then use these LSPosed modules:

• - HideMyAppList
• - Shamiko
• - XPrivacyLua
• - SudoHide

After that, do the following on Game Guardian:

• - Prevent Unload: level 1-4
• - Hide Game Guardian from the Game: 1-4
• - Bypass PTrace: Restore/Freeze

----
Goodluck.

[Can somebody help me figure out how to avoid game restarts]

[ @mswfeijiang ]
---
I recommend for you to use: Magisk and use these modules along with LSPosed:

• - HideMyAppList
• - Shamiko
• - XPrivacyLua
• - SudoHide

After that, do the following on Game Guardian:

• - Prevent Unload: level 1-4
• - Hide Game Guardian from the Game: 1-4
• - Bypass PTrace: Restore/Freeze

----
Goodluck.

[HELP]

[ @MASTERKILLAHSV ]
---
This is a common occurence when using Virtual Apps, I recommend to just use Virtual Machine instead:

1. - VPhoneGaGa
2. - F1VM
3. - x8Sandbox
4. - VMos Pro

I would recommend using VPhoneGaGa.
---

[HOW TO FIND A OFFSET TO METHOD NAME / CLASS NAME WITHOUT DUMP.CS]

[ @Gaming_Boy ]
---
Use GGIL2CPP, then use this script:

require("Il2cppApi")
Il2cpp()
print(Il2cpp)

---

[Increments]

[ @Koolie ]
---
You just need to save the earlier results into memory:

function increments(memo)
	gg.clearResults()
	memo_temp = {}
	second_memo = gg.getValues(memo)
	for k, v in ipairs(second_memo) do
		memo_temp[k] = { ['address'] = v.address, ['flags'] = v.flags, ['value'] = tonumber(v.value) + 1 }
	end
	gg.setValues(memo_temp)
end

gg.searchNumber('10', gg.TYPE_DWORD)
memo = gg.getResults( gg.getResultsCount() )

--First Increment
increments(memo)

--Second Increment
increments(memo)
...

---
*Fixed. I forgot something

[Help with waydroid]

[ @ash_9 ]
---
There's nothing useful to read on the waydroid logs. Here's what I need to see:

• - MyAndroidToolsPro: check on logs.
• - Alternatively use ADB:

adb -d logcat > logcat.txt

• - Send Game Guardian logs: Game Guardian -> Fix It Button -> Generate logs. Generated logs will exist on Internal Storage and send it here.

---
This is tough, to provide some context, please attach Android Logs, Game Guardian Logs, and WayDroid Logs (perhaps find another one). And yes, I just recommend to use another emulator.

[Need Admin support upload script to our forum]

[ @leuxua ]
---
That's so many. Are you just made the same script on 6 different language?
---
*Bump: @NoFear, @Collen

[Work around with libil2cpp and GG using offset]

[ @Mygmus ]
---
You alone. The reasons:

• - Crushing ordinary players makes me happy.
• - Their badwords is a lullaby for me
• - Their rages is my entertainment
• - Their emotions makes me want to do it more
• - Their despair is my destiny

---
Just kidding, I couldn't tell If I'm joking or not.

[LUA scripting]

[ @tthgj ]
---
You don't need loop, using "gg.editAll" will change all the value of the address to your desires.

# Search for Dword: 10
gg.searchNumber('10', gg.TYPE_DWORD)

# Edit all value to 99
gg.getResults(gg.getResultsCount())
gg.editAll('99', gg.TYPE_DWORD)

---
I recommend to read our documentation: here

[How to find the color value?]

[ @DimoNULL ]
---
You need to specify what colors you're looking for, is it Shaders or Textures? Also, Shaders depends on Device Architecture (Mali or Snapdragon). Here's how you can find it:

1. - Shaders are usually consist of RGB values (Red, Green, Blue). Each values is ranged from 1 to 255, example for color Blue : [0, 0, 255]. You can search this values as Float.
2. - If you're looking for Body Color (changing Player color), you can search for "1" as float, and mess around with it. Usually it is for Unity based game.
3. - You can change color by Hex value: Hex color. You need to change it before the game reach loading screen.
4. - For textures, you can't change it's color. You need to edit the texture itself, which will involve editing the in-game files.
5. - Assuming the game don't have tiled textures, you can change color for any object texture. You need to make the game unload the textures by deleting in-game files or unreferencing it on Memory (before loading screen). The object will turn to purple / pink: No Texture, which then you can find the pink color values and change to anything you want.
6. - As for shaders, you can also debug your in-game renderer (OpenGL or Vulkan) using: Android GPU Inspector (never tried it) . Also, you can go with Android Emulator route and use: SpecialK or: Ninja Ripper to dump your in-game shaders to help you find color values.

---
I have given you 6 answers for each scenario. If you have any questions, just ask me.

[Metadata]

[ @trafo ]
---
If there's no global-metada & libil2cpp, then it is not Unity engine based game. The solution is: you need to cheat it manually. As alternative to dumping, you can just dissasemble the library and do your own research to find the game structure and values. Here's some useful tools:

• - Radare2: use it on Termux (Android)
• - Ghidra or IDA Pro: use it on Windows or Linux
• - Frida: Both Android and (Windows or Linux)

---
Seems like similar to Unity games, S3DMain.smf as Metadata, and libS3DClient.so as libil2cpp.so. Did you have tried to rename those file and see if you can use libil2cpp dumper?
---

[Heya!]

[ @DeathWaves ]
---
Heya! Welcome to our community. You're doing a great choice joining. I hope you're comfortable spending time with us
---

[LUA scripting]

[ @tthgj ]
---
I'm honestly confused on what you're trying to say. Please add punctuation and explain it slowly. So this is what I understand:
Find value -> get the address from result -> address search, you mean pointer? -> and then save it:

gg.searchNumber('10', gg.TYPE_DWORD)
gg.loadResults( gg.getResults( gg.getResultsCount() ) )
gg.searchPointer()

*Use DWORD: for 32-bit & QWORD: for 64-bit
---

[App not optimized]

[ @-SAICOBO- ]
---

Quote

It is not the application

I'm talking about the solution for installing GG on your device, not installing GG on your virtual apps.
---

Quote

it is error 105 in the virtual app

Instead of using Virtual Apps, I recommend you to use Virtual Machine. It has better features and compatibility, check it on this thread: Game Guardian: Android 14
---

[Lua Scripts Not Visible android 13]

[ @PhPhPh ]
---
You're wrong. Run each command separately, you're combining them all in one line.
---

Quote

package name means file name right ? 

No. It's application name of Game Guardian. Look at "/data/data" and send screenshot here (use any kind of File Explorer)
---

Quote

this post is for people using virtual right ? 

Partially, you can use that same solution. @MC874 has give you 2 answer, did you try the second one?
---
*Also remove "<>" from the command. There's some example above.