Kingofslavs

View File Smash hit script (works by changing instructions) script for the game smash hit. It works without searching for values, it finds instructions by the base address of the main library of the game and offset and changes them. works only on a device with arm64 architecture. Submitter Kingofslavs Submitted 04/05/2025 Category LUA scripts  

thanks for the answer, I understood what the problem was, the game was launched through an emulator on a PC because the mod menu was loaded through arm64_v8a, the arm instructions appeared but they are not real, they were created by the system library libhoudini.so, so this is only a simulation of instructions, this library ensures compatibility of arm applications on the x86-64 architecture

I tried to transfer my mod menu to the GameGuardian script but encountered a bug, Through the gameguardian script I change the instruction, it changes and this becomes visible but in fact nothing changes in the game the results are not visible, at the same time when I change the same instruction through the mod menu my changed instruction starts to work! I can give a link to a video showing this bug if you ask me.

How to find out the base address of the region others.

I mistakenly mixed up the offsets, changed the offsets for the 32 system with the 64 bit one and everything worked

function isProcess64Bit() -- Function -> by CmP: https://gameguardian.net/forum/topic/36604-how-to-get-instruction-set-architecture-on-emulator-virtual-memory-addresses/?do=findComment&comment=135506 local regions = gg.getRangesList() local lastAddress = regions[#regions]["end"] return (lastAddress >> 32) ~= 0 end local ISA = isProcess64Bit() function offsetExe() if ISA == false then offset_cdExe = 0x04 offset_AnonToPtrVal = 0x7C offset_PtrToVal = 0xA0 offset_toJump = 0x50 offset_ToPointer = 0x30 dataType = gg.TYPE_DWORD elseif ISA == true then offset_cdExe = 0x08 offset_AnonToPtrVal = 0xE8 offset_PtrToVal = 0x118 offset_toJump = 0x88 offset_ToPointer = 0x18 dataType = gg.TYPE_QWORD end end offsetExe() function dec2hex(dec) local hex = string.gsub(dec, " ", "") local hex = string.format("%X", hex) return "0x"..hex end function searchString() local t = {} local replaceManager = {} gg.clearResults() gg.setRanges(gg.REGION_CODE_APP) gg.searchNumber("h 00 4E 53 74 36 5F 5F 6E 64 6B 31 32 30 5F 5F 73 68 61 72 65 64 5F 70 74 72 5F 65 6D 70 6C 61 63 65 49 31 31 41 74 74 61 63 6B 53 74 61 74 65 4E 53 5F 39 61 6C 6C 6F 63 61 74 6F 72 49 53 31 5F 45 45 45 45 00", gg.TYPE_BYTE) t = gg.getResults(2) gg.clearResults() gg.setRanges(gg.REGION_C_DATA | gg.REGION_OTHER) gg.searchNumber(t[2].address, dataType) t = gg.getResults(1) gg.clearResults() gg.searchNumber(t[1].address - offset_cdExe, dataType) t = gg.getResults(1) t[1].address = t[1].address + offset_cdExe gg.clearResults() gg.setRanges(gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS) gg.searchNumber(t[1].address, dataType) t = gg.getResults(1) t[1].address = t[1].address + offset_AnonToPtrVal t = gg.getValues(t) if ISA == false then t[1].value = t[1].value&0xFFFFFFFF end t[1].address = t[1].value + offset_PtrToVal t[1].flags = gg.TYPE_DWORD replaceManager = gg.getValues(t) gg.addListItems(replaceManager) new_address = replaceManager[1].address - offset_toJump gg.addListItems({{address = new_address + 0x4, flags = gg.TYPE_DWORD}}) -- value gg.addListItems({{address = dec2hex(new_address), flags = gg.TYPE_DWORD}}) end function replayTics() local tt = {} local replaceManagerr = {} gg.clearResults() gg.setRanges(gg.REGION_CODE_APP) gg.searchNumber("h 00 4E 53 74 36 5F 5F 6E 64 6B 31 31 30 5F 5F 66 75 6E 63 74 69 6F 6E 36 5F 5F 66 75 6E 63 49 5A 4E 31 31 41 74 74 61 63 6B 53 74 61 74 65 31 36 6F 6E 52 65 70 6C 61 79 52 65 63 65 69 76 65 64 45 4F 4E 53 5F 31 30 75 6E 69 71 75 65 5F 70 74 72 49 36 52 65 70 6C 61 79 4E 53 5F 31 34 64 65 66 61 75 6C", gg.TYPE_BYTE) tt = gg.getResults(2) gg.clearResults() gg.setRanges(gg.REGION_C_DATA | gg.REGION_OTHER) gg.searchNumber(tt[2].address, dataType) tt = gg.getResults(1) gg.clearResults() gg.searchNumber(tt[1].address - offset_cdExe, dataType) tt = gg.getResults(1) tt[1].address = tt[1].address + offset_cdExe gg.clearResults() gg.setRanges(gg.REGION_C_ALLOC | gg.REGION_ANONYMOUS) gg.searchNumber(tt[1].address, dataType) tt = gg.getResults(1) tt[1].address = tt[1].address + offset_ToPointer tt = gg.getValues(tt) if ISA == false then tt[1].value = tt[1].value&0xFFFFFFFF end tt[1].address = tt[1].value tt[1].flags = gg.TYPE_DWORD replaceManagerr = gg.getValues(tt) gg.addListItems(replaceManagerr) end searchString() replayTics() The search string function works on 32-bit and 64-bit systems. But replayTics does not work on 32-bit systems.

in cheat engine there is a function that allows you to see which address changes the value of another address, is there such a function in GameGuardian?

The decryption key is very far from the encrypted values, I found it using fuzzy search

These are gem cost values, but they are encrypted, how can I decrypt them? The value changes every time I enter a dungeon, but the cost of the gems is the same

does this work for you?

Yes

View File King of thieves script This is one of the few scripts for the game king of thieves. This script has the following functions: 1. Rage 1.1 Instant win (The character instantly appears at the chest, works everywhere, even in the labyrinth, does not get banned, but crashes) 1.2 Catacombs 100% (the best cheat for the catacombs, allows you to collect all the skulls on the map and go through the catacombs in 2 minutes) 1.3 Change character speed 1.4 Change jump force 1.5 Disable all saws 2. Legit 2.1 Collect exp (The character instantly collects all the exp, flasks and skulls on the map, does not ban) 2.2 Opening the door on the first attempt 2.3 Anti AFK 2.4 Immortality in the catacombs 2.5 Install a timer in the mystic realm for 2 seconds 2.6 slow motion effect (doesn't work on 32 bit system) Operation on emulators is not guaranteed. I developed a bot for automatic search of stones of a given quality, it works on values so it searches very quickly, but it is only for PC. values are searched automatically. you just need to write the cost of the gem and press start to run the bot, it will automatically skip dungeons until it finds the gem you need, you can continue to use the computer during the search. write to me in telegram to buy the bot @ZetaReserX Submitter Kingofslavs Submitted 04/20/2023 Category LUA scripts  

dont work but im run decrypt on 450 mb plz help me