Jump to content

saiaapiz

Ascended
  • Content Count

    156
  • Donations

    $0.00 
  • Joined

  • Last visited

  • Days Won

    4

Everything posted by saiaapiz

  1. View File Call Of Duty: Mobile Cheats ! Features :- - Wallhack - Radar - Distance ESP - Aimlock - No Recoil - No Spread - Instant Fire - Much more coming soon ! How to use :- - Execute aPizClient. - Use 'freemium' as username. - Select xCODM. - Toggle your desire cheats, and enjoy ! Note : - - Make sure you hide GG to prevent from getting banned ! - This script will outdated in 3 days ! For more information, checkout http://t.me/apizhax ! Gameplay :- Submitter saiaapiz Submitted 11/19/2019 Category LUA scripts
  2. Spray random data to target address, and crash the app. There, get your exception which show PC and other register that use your target address !
  3. Version 1.0.0

    4,188 downloads

    Features :- - Wallhack - Radar - Distance ESP - Aimlock - No Recoil - No Spread - Instant Fire - Much more coming soon ! How to use :- - Execute aPizClient. - Use 'freemium' as username. - Select xCODM. - Toggle your desire cheats, and enjoy ! Note : - - Make sure you hide GG to prevent from getting banned ! - This script will outdated in 3 days ! For more information, checkout http://t.me/apizhax ! Gameplay :-
  4. saiaapiz

    Offset

    gg.clearResults() gg.searchNumber("100;300;450;25" , gg.TYPE_DWORD) gg.refineNumber("25", gg.TYPE_DWORD) p = gg.getResults(2) local q = { { -- First target address you wanna modified. address = p[2].address + 16, flags = gg.TYPE_DWORD, value = 100 }, { -- Make another table to modified other address. address = p[2].address + 0x30, -- Offset flags = gg.TYPE_DWORD, value = 1000 } } gg.setValues(q) gg.alert('Done') Search your question before creating new thread. Use table to add new address.
  5. Maybe this would be useful, function rwmem(Address, SizeOrBuffer) assert(Address ~= nil, "[rwmem]: error, provided address is nil.") _rw = {} if type(SizeOrBuffer) == "number" then _ = "" for _ = 1, SizeOrBuffer do _rw[_] = {address = (Address - 1) + _, flags = gg.TYPE_BYTE} end for v, __ in ipairs(gg.getValues(_rw)) do _ = _ .. string.format("%02X", __.value & 0xFF) end return _ end Byte = {} SizeOrBuffer:gsub("..", function(x) Byte[#Byte + 1] = x _rw[#Byte] = {address = (Address - 1) + #Byte, flags = gg.TYPE_BYTE, value = x .. "h"} end) gg.setValues(_rw) end -- Usage: readedMem = rwmem(0xAABBCCDD, 128) -- Read 0xAABBCCDD with 128 size. rwmem(0xDDCCBBAA, readedMem) -- Write readedMem memory into 0xDDCCBBAA.
  6. Thanks, no plan yet for x86, maybe armv8 soon.
  7. View File Regview (ARMv7) Spent alot of time with debugging ? Breakpoint crashing ? blablabla xD ? Use this, might usefull when you want to know the caller, encrypted pointer, anything inside register. - Features: Dump register Copy register to clipboard Jump onto register Note: Only work on ARMv7. Don't forget to leave ❤, if it help you. Source: Github Submitter saiaapiz Submitted 10/02/2019 Category Tools  
  8. saiaapiz

    Regview (ARMv7)

    Version 1.1

    589 downloads

    Spent alot of time with debugging ? Breakpoint crashing ? blablabla xD ? Use this, might usefull when you want to know the caller, encrypted pointer, anything inside register. - Features: Dump register Copy register to clipboard Jump onto register Note: Only work on ARMv7. Don't forget to leave ❤, if it help you. Source: Github
  9. Yeah, im thinking about the same thing. Maybe they check for gg dex code ?
  10. Sound like rocket science to me xD Anyway thumbs up for giving explaination
  11. Actually, i've seen some apps requesting for access to devices screen. I think maybe they would do remote screenshot, then manually find for hacking tool overlay. I wish you could filter any access that required root, give user a warning like you do in gg.makeRequest. That would scripting enviroment better.
  12. I wish @Enyby could add this, i think other scripter will need this too. Control GG icon overlay visibility. We need this to hide GG from getting caught from screenshot. Get 'Hide GameGuardian from game status'. Sometime user that uses script complain about game being crashed, or script has no effect on game. Drawing abilities. xD Access game data, such /data/data/<target app>.
  13. Currently, only one way i know possible for that. Use 0 ~ 255 for unknown byte pattern. and add it with known pattern. So it will become 0~255;0~255;C8h;42h ...
  14. Thanks ! Really usefull feature to analyse script.
  15. I see, There alot of work need to do. Handling, hiding, lot more thing to cover up. So i stayed with trampoline. Thank you.
  16. Not watchpoint support. Backtrace ? I only can find LR (Address of current function caller.) I've created shellcode that save R0-R12, LR into stack. Then copy the stack address into my allocated region, so i can read it with script. ROM:00000000 STMFD SP!, {R0-R12,LR} ROM:00000004 LDR R0, =0xBBBBBBBB ROM:00000008 STR SP, [R0] ROM:0000000C ROM:0000000C isLocked ; CODE XREF: ROM:00000014↓j ROM:0000000C LDR R0, =0 ROM:00000010 CMP R0, #1 ROM:00000014 BNE isLocked ROM:00000018 LDMFD SP!, {R0-R12,LR} ROM:0000001C LDR PC, =0xAAAAAAAA ROM:0000001C ; --------------------------------------------------------------------------- ROM:00000020 _returnaddress DCD 0xAAAAAAAA ; DATA XREF: ROM:0000001C↑r ROM:00000024 _stackaddress DCD 0xBBBBBBBB ; DATA XREF: ROM:00000004↑r ROM:00000028 _spinlockctl DCD 0 ; DATA XREF: ROM:isLocked↑r It work like this, Firstly, i hooked an address that contain interesting info. Then, i make it jump into this shellcode, After it jump.. Shellcode will save R0-R12, LR into stack. then write the stack address at _stackaddress. this shellcode will wait for spinlock before continuing execution.
  17. Yes, it look like when you setting up breakpoint with gdb, where you can view/change register in realtime. In short terms, can you add api for PTRACE_SETREGS and PTRACE_GETREGS into GG, So we can view register on any address. Nope, Chainer was used to find pointer chain.
  18. Yep, u can change any value inside register.
  19. I wish enyby would add this feature into GG, so i can avoid compatibility issue with shellcode. We can get dynamic pointer by viewing its register, and make cheating more advanced.
  20. I've tried hacking this game too, which i stopping hacking cuz time consuming.. this game based on Corona Engine which all files can be pulled from *.car archive. Inside *.car archive there alot lua script handling how the games work. Maybe you should try to mod the apk.
  21. Read this, there also answer for question about PC + 8. https://azeria-labs.com/memory-instructions-load-and-store-part-4/
  22. Sorry, my bad. It only failed when i enabled 'Hide from game 4'. Latest GG work just fine.
  23. I see, so the problem was from GG after 76.1 ?
  24. When i tried to modified .text region on PUBG Mobile, GG was failed to alter its memory. Maybe they utilize like this technique https://github.com/changeofpace/Self-Remapping-Code or something else ? What do you think ?
×
×
  • Create New...