Jump to content

Silento

Members
  • Posts

    11
  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Silento's Achievements

Rookie

Rookie (2/14)

  • One Month Later
  • Week One Done
  • Collaborator Rare
  • Conversation Starter Rare
  • Dedicated Rare

Recent Badges

0

Reputation

  1. @Count_NosferatuYes please do if possible
  2. @Count_NosferatuOkay the library is librealracing3.so. From the start in the Xa code region.
  3. @Count_Nosferatu The library is "librealracing3.so" at offset 0x89CBA4 arm64 or x64.
  4. @MarioRossi93i To alter ingame values I had to set a breakpoint and write values at register level. Its a bit inefficient than a GG script that requires only one program to run. As far as I know GG can't read at register level so going that way is impossible. That function is called with am XNORRED value whose key changes every second and the value is updated every second so the only possible spot to see the real value is at offset 0x89CBA4 when its returning from an "unXNORRING" function so that it can be "reXNORRED" again. I dont know If its possible but you seem to have the knowledge to do this. Also as for the working Real Racing 3 script, is it for the Current 12.0.1 version? If it is please send link.
  5. BEWARE!!!!!!! THIS MAY OR WILL GET YOU BANNED! Test on dummy account Tools used: Gameguardian Another term(for LLDB) Radare2(disassembler) Platform: arm64 samsung android 13 What I did: In librealracing3.so go to this offset 0x89CBA4. This is where the programs returns to after previous instruction(function call). Register x0 returns with the various values of games. The function is called many times each time returning a value from game. For me is stared with RS amount, amount gained amount spent. Then gold amount, amount gained. Then MS amount amount gained and amount spent. Set a break point at the abouve offset and watch register x0 every sebsequent iteration to see the values and manipulate at own will. KUDOS Those who can create the Lua script you are welcome to do so.
  6. Silento

    Please Help

    @Count_Nosferatu 's comment covered all I wanted to say.
  7. Yes you actually have two accounts. Two seperate worlds. Only rooted devices alter the original world. Best bet if the game uses accounts would be to back up to cloud in the game and restore on the real device.
  8. @kiynox I kind of thought the OP wanted to branch to the code cave to insert his altering code and he failed to do so because game guardian failed to assemble his first branching opcode. If I'm right then yes you are right. The OP should use the ADRP/ADD pair. Why didn't I thjnk of it in my past encounter? That would have made it a lot easier in my case instead of doing it the hard way as my first reply.
  9. Silento

    Please Help

    Try long pressing the desired value and open the address. Change value formats to show WORD,DWORD, QWORD etc. If you see the value the same in many data types e.g 1000 is WORD ,DWORD , etc which means you can change the largest data type in which the value exists. This is because the game reads the memory location as a specific data type. If you change in QWORD while game reads in DWORD, you will have problems. Also you could try adding instead of overwriting.
  10. @john316 How about you try the adb pc method and see if it works? If it does then the problem is installing via termux.
  11. Hello @GuyLian Yes game guardian fails to assemble quite a lot of opcodes especially those which involve immediate values. Option 1: To circumvent a similar situation I had in the past patching Payback 2 in an armv7-a device(though im sure it will work here too) , you could patch the binary(lib.so or whatever) before opening the game so that you can use an external assembler. Option 2: Try to use an alternative command e.g instead of mov w0, w21 you could use add w0, w21, wzr Adjusting to specific needs. Option 3: Try to break the commands down even further because I think gamegurdian fails to assemble it into specific immediate number. E.g mov w1, #2000 but it failed to assemble so i had to mov w1, #1990 which worked so the code had to be changed to mov w1, #1990 add w1, w1, #10 Remember to reinsert all replaced code into the destination after you are done
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.