Jump to content

kandinsky

Members
  • Content Count

    6
  • Donations

    $0.00 
  • Joined

  • Last visited

Community Reputation

0 n00b

About kandinsky

  • Rank
    Newbie

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hey, the exports are missing for this game as the so library apparently was stripped during compilation. I am a stuck now as there are too many lrand48 calls and I do not know which one is responsible for the init keys. Can a feature be added to GG to show the base address of the library in order to be able to rebase IDA? This way I could find the value in GG and jump to the offset in IDA. I looked in /proc/PID/smaps for the SO but couldn't find the base address. Thanks, Kandi
  2. Thanks for the explanation Enyby. I'll take a look if I can mod the so in IDA.
  3. Ok, it was for a gameloft game. I can find the coin value with GG and also loaded the game in IDA. It seems the coins are xored and roled a few times but I wasn't able to understand how GG correctly found the encrypted value. I need to freeze a few values as it seems the coins are in several variables xored. If I select the wrong ones the game crashes immediately. I wanted to understand the encrypted algo to be able to calculate the value myself directly and freeze some addresses above/below instead of narrowing the search a few times each time.
  4. Does GG read the assembly code? I´d like to understand the logic to be able to calculate the encrypted value myself.
  5. Hey, GameGuardian is a great software and I appreciate that you provide it for free. I'd like to understand how the encrypted value search works exactly internally. Using encrypted search I find the value I am interested in but how did GG got these search results? I think the value is rol and xored, does GG read the assembly code to find out which XOR keys are applied? Does it XOR the value by the memory addresss? Thanks, Kandinsky
×
×
  • Create New...