[Request Cheat Capybara Go]

Hybrid CLR or HotFix Game

[Disney Pixel RPG]

18 hours ago, Kimastar said:

I have an Redmi note 10 PRO with A12 and with developer option/USB debug ON and i can play without problem, also im able to use GG on this game.

BUT i noticed on Redmi note 8 PRO with A10 im unable to run even with developer option/USB debug OFF.

So if someone can help to hack this game its appreciate.

 

Have you try patch XA Memory? In my side game detect value change and crash

[Disney Pixel RPG]

I try patching memory but game crash i think no hope for GG

[Error metadata Il2cppdumper]

Game?

[[HELP] Find Offset by using Classname or Method on Non-Unity Games]

1 hour ago, MC874 said:

Hi @DoDevil, 

It is not 'unreadable', it's a normal function name. Decompiler tends to rename 'unknown' function from what that function corresponds to and probably most of the function name is obsecured when the library is being compiled.

Oh yeah i just found out my dump file not fully completed so i need IDA Pro to do the rest part Thanks you anyway

[[HELP] Find Offset by using Classname or Method on Non-Unity Games]

4 hours ago, kiynox said:

[ @DoDevil ]
---

You surely cant do that with classname or even method. It depends on how the game stored it's string. But the concept is like this:
Search for string -> pointer -> may lead to method
---
You need surely try with: IDA Pro. Or find anything that starts with: "PUSH" (Mostly PLT Function) or "ADD", it most likely the start of the function.
---

Well, sadly i know IDA Pro can do but maybe when i have a pc i will try again

[[HELP] Find Offset by using Classname or Method on Non-Unity Games]

Hi, i'm trying to hack game base on non-unity btw i can't figure out how to find Offset by using Classname or Methodname that i got from DumpMemory

I tried dump from radare2 and got Offset but it's in unreadable format string

 

[Star Chef 2]

Fixed

[Final squad coin hack help]

4 hours ago, MAARS said:

Hi, your game is protected with CodeStage anti cheat, thankfully this is one of easy one to bypass.
First you will need to dump the game using Il2cppDumperGUI any or il2cpp dumper of your choice.
next you're going to look for CodeStage detection methods.
note those StartDetection methods, most have some overload if you want to be safe you will need to bypass them all, but it is rare that the game use them all, but better be safe than sorry.
so here is the list and overloads.
 

CodeStage.AntiCheat.Detectors.ObscuredCheatingDetector StartDetection(); // 0x00818a3c
static CodeStage.AntiCheat.Detectors.ObscuredCheatingDetector StartDetection(System.Action callback); // 0x00818ce8
CodeStage.AntiCheat.Detectors.ObscuredCheatingDetector StartDetectionInternal(System.Action callback); // 0x00818b70
System.Void StartDetectionAutomatically(); // 0x00819058
static CodeStage.AntiCheat.Detectors.SpeedHackDetector StartDetection(); // 0x008190e0
static CodeStage.AntiCheat.Detectors.SpeedHackDetector StartDetection(System.Action callback); // 0x0081948c
static CodeStage.AntiCheat.Detectors.SpeedHackDetector StartDetection(System.Action callback, System.Single interval); // 0x008194e4
static CodeStage.AntiCheat.Detectors.SpeedHackDetector StartDetection(System.Action callback, System.Single interval, System.Byte maxFalsePositives); // 0x0081954c
static CodeStage.AntiCheat.Detectors.SpeedHackDetector StartDetection(System.Action callback, System.Single interval, System.Byte maxFalsePositives, System.Int32 coolDown); // 0x008195c4
CodeStage.AntiCheat.Detectors.SpeedHackDetector StartDetectionInternal(System.Action callback, System.Single checkInterval, System.Byte falsePositives, System.Int32 shotsTillCooldown); // 0x008192dc
System.Void StartDetectionAutomatically(); // 0x00819a54
static System.Void StartDetection(); // 0x00818648
static System.Void StartDetection(System.Action<System.String> callback); // 0x008186b0
System.Void StartDetectionAutomatically(); // 0x008187e8

there is two way to bypass those.

1. you can just patch each of them using the "NOP RET/BX LR" opcode.
2. allocate memory page and replace and replace those method with there respective StopDetection, that mean when the game call StartDetection instead it will call StopDetection

 

Now for GEMS/XP/Gold/Health

Note at this stage since you have already bypassed the AntiCheat editing your stat wont trigger anything. but you need first to understand how ObscuredInt work.
note every obscure value you see on your screen is a fake value. you should not edit it directly but the edit the hidden value using the crypto key. Here bellow is what you need to remember about the structure.

 

public struct ObscuredInt
		[FieldOffset(Offset = "0x0")]
		private int currentCryptoKey;

		[FieldOffset(Offset = "0x4")]
		private int hiddenValue;

		[FieldOffset(Offset = "0xC")]
		private int fakeValue; (what you see on screen)

 

What you see on your screen is the fakeValue. to edit it you will need to edit the hidden value.
Here is how to. (note offset might varies depending on the game and version so you better have the latest dump and check the correct offset)

When you find an ObscureInt fakeValue. you need to go back into the base pointer so in this case: fakeValue.Address - 0xC which will bring you to currentCryptoKey copy the value of currentCryptoKey in (DWORD) then offset to currentCryptoKey.address + 0x4 this will bring you to the hiddenValue now to edit this to your desired value you need to perform XOR (exclusive OR) to your desired value using the currentCryptoKey as a key. you can do that inside gg, you type the value then apply the xor key

   

 

That it you are done. you can edit any ObscureInt using this method.

now specially for your game there are some vulnerabilities that i found you can exploit to edit your stat and in game money. there are some method likes:
 

public class game_manager : MonoBehaviour
	[Address(RVA = "0xA65A94", Offset = "0xA65A94", VA = "0xA65A94")]
	public void gem_plus(int gem)

	[Address(RVA = "0xA65890", Offset = "0xA65890", VA = "0xA65890")]
	public void gold_plus(int gold)

	[Address(RVA = "0xA64DFC", Offset = "0xA64DFC", VA = "0xA64DFC")]
	public void iron_plus(int iron)

All those share the almost the same structure so i will be giving an example only for gem_plus

In this de-compiled function gem_plus, you can see  that they are loading the value of the ObscureInt field

public ObscuredInt gem_total; // 0x2CC

into the variable puVar1 which later on they add it value + param_2  which is the gem  parameter, to instantiate a new ObscureInt from that sum. the result of that sum will be stored into the register W0,  so all we have to do is just hijack this register and change the value to what we want. here is a video of how to do that.

This method do not trigger the anti cheat cause the game is writing legit value for us. also if you want to move large value you might want to explore the MOVZ instruction or you can allocate a memory page and spam multiple ADD instruction like this
add w0, w0, #500000000

add w0, w0, #500000000
add w0, w0, #500000000
add w0, w0, #500000000
add w0, w0, #500000000

....
Last thing for gems you will need to stay on the main screen like in the video when you start the game cause that function trigger only there.
I kinda like the game i might continue working on it and update this thread

look like i need to learn some thing new

Edit: after add gem to the game look like it's freeze until you restart so you can spend unlimited to get everything before close game

[Homescapes Golden Ticket (Item Swap)]

5 hours ago, NoFear said:

Armv8

C80E42B8r;081540FDr::3809

Edit

28008052r;E803679Er

 

And if you want to set so you can claim all without playing (set number of keys collected).

Offset (Version 6.9.5)

3FBCA54

Edit

00FA8052r

 

 

Golden Pass work well but set number of keys not work for me

[Animal Restaurant]

work but got ban

[Master Chef - Match & Merge]

@NoFearso far i can find both diamond, gold and energy but i don't get how to add them or edit them, can you guide me? or just trick about encrypt

every time i edited game always freeze

 

 

btw i can copy cat QWORD of gem value to Coin or Energy and game not freeze

[Master Chef - Match & Merge]

No clue and well i can only freeze currencies, i will wait for someone who can dump full file or more understand about values encryption

[Master Chef - Match & Merge]

well, i don't know how to edit but if i freeze values it's work well

 

 

[Master Chef - Match & Merge]

4 minutes ago, NoFear said:

Fairly certain dump is incomplete and of no use...

Hybridclr

https://github.com/AkiKurisu/HybridCLR_IL2CPP_Modding

But even with that, I don't think you'll have much luck either.

well i found some value of energy but look like it's encrypt

sometime it's negative or positive

i try to edit sometime game crash but sometimes no crash

hmmmm

[Master Chef - Match & Merge]

dump file

dump - Copy.zip

[Master Chef - Match & Merge]

4 minutes ago, NoFear said:

You have VIP at iosgods? It's exactly the same method. 

No, i just saw when exploring

[Master Chef - Match & Merge]

2 minutes ago, NoFear said:

It is possible with GG if that helps you any...

i saw your post on iosgod and then try with GG but no clues

i will try again with unknown search on directly values

[Master Chef - Match & Merge]

Yoyo, everybody

i have new game and can't hack by myself and so I've tried search many way but can't seem to find any values even find some after edit game crash or freeze

Google Play:  https://play.google.com/store/apps/details?id=com.aidiangames.merge.gp&hl=en_US

[Top Troops]

you can hack free summon

[[ CAFE LAND ] MEGA MENU SCRIPT x64]

Any update?

[Day R Survival]

On 2/4/2024 at 11:37 AM, AngelWolf said:

what game there's to hack, i've been bored

 

Hero Legacy

[Fury Survivor: Pixel Z]

5 hours ago, Kimastar said:

Its already inside this script electric part and copper ore.

oh look like it's add to new version

[Fury Survivor: Pixel Z]

Anyone found out Material Part? I need electric part and copper ore

[Fury Survivor: Pixel Z]

4 minutes ago, ItsSC said:

Hi, after swapping the item, you have to make one change to anything in your backpack, for example change your weapon, change attachment, consume a medic, consume a food, etc. Then, you have to pause the game, and go to advanced setting, save data and upload game data. Next, restart the game, and the item will be swapped.

 

For more context, you may refer to this guide

Fury Survivor: Pixel Z (#5e7gi4ew)

The script uses the mechanism outlined in the guideline, restart is required in order for the swap to be success. I know it is tedious, but the script comes in handy for all the modification tasks.

work well after restart, thanks again