[Day R Survival]

[ @cth ]
---
The games pretty much have been exposed. It's like ultimate patch can be seen in the future. It is weird that all the transaction happen on the Client side.
---

[Day R Survival]

[ @enriquecor ]
---
It is interesting, the game might send some request to verify your in-game purchases on certain caps. Mind sending the script? as I also wanted to test it against the AC.
---

[Day R Survival]

[ @enriquecor ]
---
Isn't increasing it gradually with some interval could also avoid the ban?
---

[Minecraft Script]

[ @sanctiondecision ]
---
Minecraft Bedrock doesn't have mods, only addon. It is a separate thing as addon utilizes hardcoded feature, there's alternative however using Scripting API which only available on Windows platform. Addon is only made-up using JSon which you can read the Bedrock documentation here: Minecraft Bedrock Documentation
---

[LUA scripting]

[ @Mohit1611 ]
---
You should ask about this at: HELP section. Explain your problem and attach your script in there. So others can help you with this. It is not clear why you're mentioning "bypass execution list" here.
---

[How to convert xapk or apks to apk]

[ @DARK_DEMON_SCRIPTER ]
---
Welp, even though I'm not decompiling all files and just merging stuff, it is still slow AF.
---
[ @AMIYA ]
---
Did you know some modded MT Manager that can be used as alternative to this? I think I've seen one on Telegram, asking since you're MT users.
---

[How do I dump non-unity games?]

[ @DanishBro ]
---
Are you referring to: "Fifa Soccer: Beta" ?
---

[How do I dump non-unity games?]

[ @DanishBro ]
---
LibNeon is not UE4 (Unreal Engine 4), it's usually named as "LibUE4.so". In UE4, you need to find GWorld & GNames, basically like a namespace which will hold in-game properties. Yes, you can technically dump UE4 using only Android (since IDA or Ghidra is Windows based), but you need to use Termux:

• - MemDumper : to dump UE4 / any lib.
• - UE4 Tutorial :  : Finding Offsets & Dumping Lib

---
It is prefered to use IDA Pro or Ghidra (You need some Computer with Linux OS or Windows) as it is more advanced, analyzing manually using Game Guardian Memory Viewer or Android Dissasembler is pain in the butt. Also, I'm not sure what "LibNeon" is, but you can try the same dumping steps and analyze it manually.
---

[How to convert xapk or apks to apk]

[ @XEKEX ]
---
This is not the case with APKS since it is merging split apks into one, so the content will be bunch of apk. You can't just merge a bunch of apk into a single apk without signing it.
---
The same with XAPK, the content would be Base.apk & the game OBB. You can just install them manually, base.apk using default android installer and save obb into OBB folder inside Internal Storage -> OBB (Make the folder if doesn't exist)
---

[GameGuardian]

[ @Mochaidj ]
---
Parallel Space is considered deprecated by now, I suggest to use Virtual Machine instead:

• - VPhoneGaGa
• - F1 VM
• - x8Sandbox
• - VMOS Pro

---
If you're insist in using Virtual Spaces, might try this instead of Parallel Space:

• - GSpace

---

[Jurassic World the Game: Trade Harbor (Mega Hack)]

[ @Bruh666 ]
---
It is great to see that you're still on-going on this, dedicated stuff. Is there any chance to setup some github for preservation?
---

[HWID Lock Script?]

[ @_insidious ]
---
For the last couple of days, I found Universal pattern to find most ID on Google Play.

• - Most UUID starts with "$" sign
• - Hash starts with "AB-"
• - Token starts with "CAMS"
• - Long unique string often carries ":" on the front
• - Cached memory usually starts with six "00", then the content comes after it.

---
I've utilize most of that and come up with multiple pattern, save it as "tablet.lua" :

patterns =
{
	[1]= {
		[1]= {
			["pattern"] = "h 24",
			["init"] = 1,
			["ended"] = 37
		},
		["message"] = "Universal ID",
		["regex"] = "^[a-zA-Z0-9-]*$",
		["must"] = "",
		["flags"] = true
	},
	[2]= {
		[1]= {
			["pattern"] = "h 41 42 2D",
			["init"] = 0,
			["ended"] = 204
		},
		["message"] = "Universal Hash",
		["regex"] = "^[a-zA-Z0-9-_]*$",
		["must"] = "",
		["flags"] = true
	},
	[3]= {
		[1]= {
			["pattern"] = "h 43 41 4D 53",
			["init"] = 0,
			["ended"] = 208
		},
		["message"] = "Universal Header",
		["regex"] = "^(.*=)",
		["must"] = "^[a-zA-Z0-9-_=]*$",
		["flags"] = true
	},
	[4]= {
		[1]= {
			["pattern"] = "h 63 6F 6D 2E 67 6F 6F 67 6C 65 2E 61 6E 64 72 6F 69 64 2E 67 6D 73",
			["init"] = 29,
			["ended"] = 65
		},
		[2]= {
			["pattern"] = "h 67 6D 73",
			["init"] = 10,
			["ended"] = 46
		},
		["message"] = "GMS UUID",
		["regex"] = "^[a-zA-Z0-9-]*$",
		["must"] = "-",
		["flags"] = true
	},
	[5]= {
		[1]= {
			["pattern"] = "h 70 68 65 6E 6F 74 79 70 65 5F 73 65 72 76 65 72 5F 74 6F 6B 65 6E",
			["init"] = 38,
			["ended"] = 246
		},
		["message"] = "Phenotype Server Token",
		["regex"] = "^(.*=)",
		["must"] = "^[a-zA-Z0-9-_=]*$",
		["flags"] = false
	}
}

---
Now you can call the pattern from "tablet.lua" (save it on the same Directory!) into our main script:

app = gg.getTargetInfo().packageName
dofile("./tablet.lua")
options = {}
results = {}

function is_unique(datas, parent, flags)
	unique = false
	gg.clearResults()
	gg.searchNumber(datas["pattern"], gg.TYPE_BYTE, false, gg.SIGN_EQUAL, 0, -1, 0)
	result_count = gg.getResultsCount()
	if result_count > 0 then
		bases = gg.getResults(result_count)
		for _ = 1, result_count do
			raw_init = const(bases[_].address, datas["init"])
			raw_end = const(bases[_].address, datas["ended"])
			deciph = hexdecode(raw_end:gsub(raw_init, ""))
			regex = deciph:match(parent["regex"])
			must = false
			if regex ~= nil then
				if regex:match(parent["must"]) then
					must = true
				end
			end
			if regex ~= nil and must ~= false then
				unique = regex
				table.insert(results[parent["message"]], regex)
				if flags == true then
					break
				end
			end
		end
	end
	return unique
end

function const(addr, buffer)
	construct = ""
	current = {}
	for _ = 1, buffer do
		current[_] = {address = (addr - 1) + _, flags = gg.TYPE_BYTE}
	end
	for k, v in ipairs(gg.getValues(current)) do
		construct = construct .. string.format("%02X", v.value & 0xFF)
    end
	return construct
end

function hexdecode(hex)
   return (hex:gsub("%x%x", function(digits) return string.char(tonumber(digits, 16)) end))
end

function looper(datas, flags)
	pattern = false
	results[datas["message"]] = {}
	for key, value in ipairs(datas) do
		if type(key) == "number" then
			for ___ = 1, 2 do
				pattern = is_unique(value, datas, flags)
				if pattern ~= false then
					break
				end
			end
		end
		if pattern ~= false then
			break
		end
	end
end

function printer()
	flags = false
	for k in pairs(results) do
		if flags == true then
			break
		end
		for v in pairs(results[k]) do
			print(results)
			choice = gg.alert(k .. ': ' .. results[k][v], 'OK', 'Exit')
			if choice == 2 then
				flags = true
				break
			end
		end
	end
end

for k, v in ipairs(patterns) do
	table.insert(options, v["message"])
end

while true do
	choice = gg.choice({"Exit", "Search", "Printer"}, nil, "Selections:")
	if choice == 2 then
		choice = gg.choice(options, nil, "Patterns:")
		looper(patterns[choice], patterns[choice]['flags'])
	elseif choice == 3 then
		printer()
	else
		os.exit()
	end
end

---
Using Universal pattern can take a while (even long time), but it can captures all possible unique ID.

[How to convert xapk or apks to apk]

[ @DARK_DEMON_SCRIPTER ]
---
I also suffer from that "waiting times". I often recompiles APK to make a cracked one, and it rocks into 2 hours of compile times. Alternative option is to use Modded MT Manager or GM Manager (Modded MT), it has: decompiles, recompiles, merge apks into one. Unfortunately, I wasn't able to use it because of bugs (crash upon runtime), so there's a chance it might works on your device.
---
You can get MT Manager or GM Manager through Telegram, there's alot of them.

[How to convert xapk or apks to apk]

[ @DARK_DEMON_SCRIPTER ]
---
You can use: APKToolM, you can use the cracked one, it is paid. You can also use: SAI for APKS.
---
For windows you can also use: SAP for APKS.
---

[How to determine why speedhack does not work]

[ @Ishaan77 ]
---
It is interesting to see that Android Daemon aren't able to hook system framework:

Quote

> android-daemon: elf_hook32 failed open: '[anon:libc_malloc]' 2 [No such file or directory]
> android-daemon: VM_FAIL 2: -1 13706000, 4, 14, Bad address
> android-daemon: elf_hook32 [/system/framework/arm/boot.oat] baseOffset: 709aa000 - 709aa000 709aa000 0
> android-daemon: VM_FAIL 2: -1 74006000, 4, 14, Bad address

There's a lot of "Bad Address" mentioned which the Game Guardian couldn't find the correct address.
---

android-daemon: SH loaded
android-daemon: c 30097 1 0xd3932020 385
android-daemon: Reader started 30679
breakpoint: status(57f) WIFSTOPPED(1) WIFEXITED(0) WIFSIGNALED(0) WTERMSIG(127) WEXITSTATUS(5), WCOREDUMP(0) WSTOPSIG(5)
elf_hook32 failed open: '[anon:libc_malloc]'
VM_FAIL 2: -1 13706000, 4, 14, Bad address

It looks like the SpeedHack is working fine for a while but then it is abruptly exitted by a breakpoint and being led to "Bad Address" again. I don't exactly know what causing this behavior since there's no mention of anything, I guess the logs isn't verbosed enough to show the footprint.
---

Quote

android-daemon: system_ out: setenforce: SELinux is disabled

It is interesting that SELinux is already on Permissive, is there any different when you try to change the SELinux state through Termux:

su
setenforce 1 --Enforcing/Enable
setenforce 0 --Permissive/Disable

You can try to play with both value (1 and 0) and then set the Game Guardian to works with SELinux:
Game Guardian -> "Fix It" button -> "Work with SELinux"
---
I can only offer some suggestion on why this could happen:
> The game somehow have patch this, either through detection, then relocate the actual speedhack to another address.
> If the game is online multiplayer, the server may enforce the actual value to the game while relocate the address.
> Unwanted behavior of Game Guardian or SELinux that prevent accessing system framework.
---
I can only judge based on the logs that you've provide. Either try to stay in the older version or find individual speedhack, since Game Guardian Speedhack is accelerating the entire game. More like player speedhack, etc.

[Help me with this command]

[ @SamePerson ]
---

if gg.isVisible(true) then
HMM = 1 --Also change "HMM" variable to 1
gg.setVisible(false) --Hide Game Guardian UI
end

The script will try to Hide Game Guardian UI if it's being showed on the screen. It is also changing variable "HMM" to 1 if the UI is being showed. I'm not sure what's variable "HMM" being used for as you don't show us the full script. Perhaps you need to find something like:

if HMM ==

or any reference to variable "HMM" to really see what's going on.
---
I suggest you to send the script to my Private Message. I'm more than happy to help. Here's some reference:

• isVisible
• setVisible

[Help me with this command]

[ @SamePerson ]
---
Most language are ordered from up to down and left to right. This is common concept that you should declare something before it's called. It includes function and variable. Consider moving all the function block to upper script (including global variable). Perhaps you should attach your script here so others can fix the problem.
---
If your script is for personal use only, you can send the script through Direct Message. We can't fix all the errors from your script only based a few screenshots.

[How do i hack lumber inc]

[ @Kakapulvur ]
---
This topic is incomplete. Please provide the following information:

• - Provide the game's link
• - Provide kinds of hack that you want
• - Provide some screenshot, video or steps that you've tried, so we can understand more about the problem.

---

[VIP]

[ @Descobertas_Digitais ]
---
Why I can't edit my own comment? I can't even edit my own typos. What should I do to get this feature?
---

[VIP]

[ @XEKEX ]
---
Is there any special permission about having VIP+, Contributors, Modding Team, and Ascended?
---

[Fresh beginners help]

[ @Stillo ]
---
It is normal. Libil2cpp or LibUE4 is popular because there's a lot reference to that, it is a library where the game stores many in-game datas. If your game doesn't have this, you would likely to find the value manually, differs to Libil2cpp.so; where there's many tools that allows you to see the game datas from that library.
---

[HWID Lock Script?]

[ @everyone ]
---
I have fixed the pattern to be applicable on most devices, tested on Emulators and Virtual Machine:

print("GMS ID:", is_unique("h 3A 24", 2, 38, "^[a-zA-Z0-9-]*$"))

---

[HWID Lock Script?]

[ @MAARS ]
---
Oh right. Finding json generated content on memory based on @XEKEX suggestion, only found these at runtime:

{"backend":"dex","compilation-mode":"release","has-checksums":false,"min-api":15,"pg-map-id":"8207912","r8-mode":"full","sha-1":"d0a9eb1e5efb08c60145b38f7ff5028013d0bbc1","version":"8.2.5-dev"}

{"packageName":"com.pubg.newstate","productId":"google.global.preorder.permanent.evcar","purchaseTime":1622560953876,"purchaseState":0,"purchaseToken":"elhfcoiikbmbgocondejdmgf.AO-J1OxvkT-wu3mT46MmpzmK5wGgq19l4jktOmwuRtyieslSRth-3YUi5S2S3rZ6YYlyy3AWCjl523MiI2A0Hlr2UHwXHX_syA"}

Which nothing really unique.
---
I have explore more directories from Google Play Store, which there's only quite amount of thing, unless you're planning to bounds the account with Google Account, there's a lot of them.

print("GMS ID:", is_unique("h 6E 3A 24", 3, 39, "^[a-zA-Z0-9-]*$"))

--Result:
Script ended:
GMS ID: 	2b00f672-c6f5-45ce-b515-a7f2fcdbd6d2

Script ended:
GMS ID: 	9d24361c-5eca-40a2-8f92-382c005a5795

---
Well, that's the concept, I think it should be enough for someone to figure it out themself.

[HWID Lock Script?]

[ @expensivedebris ]
---
Mine also already grabs UUID from "ADID-CACHED-VALUE" :

Quote

Script ended:
Ads Unique ID:     e087a7cb-b04f-4e5d-a527-f665a3a1625

---
The different with @MAARS, he's merging the result of "gg.getTargetInfo()" -> Convert it's character into bytes with some hash key "4294967296" -> and the result is custom unique ID, it is not UUID though. Meanwhile, I'm getting the info purely from Memory which isn't really reliable (but the value is consistent).
---
I might look into this and search some static value.

[HWID Lock Script?]

[ @_insidious ]
---
It means that the pattern being searched is already flushed out of memory, thus resulting in "false" result. There's several ways to avoid this:

• - Freeze the game first while searching the value.
• - Perform with multiple pattern search, meaning if one value is non-existent, the script will perform another search with different pattern.
• - You can do "something" inside the app/game to make the value appear again on memory. For example: you can do comment / download some apps on the playstore to spawn "gsf id" on memory. GSF ID is unique and it is bound to the device, formerly known as Android ID.

---
In this case, I recommend to find a static value, usually only exist in Read-Only region of memory. Off course you can also use the @MAARS suggestion that use Package Naming, but doing it with memory, you can do more beyond that. For example, you can bounds the script to only work with certain in-game account, etc.
---
In this case, I definitely recommends you to do some multiple pattern search (instead of one), if you're going to use this way. Memory is unreliable.