Jump to content

CmP

Contributor
  • Posts

    663
  • Joined

  • Last visited

  • Days Won

    49

Everything posted by CmP

  1. CmP

    Set the value faster!

    The problem is because you use global variable without previously assigning a value to it. By default global variables have value "nil", a special value that means absence of value. So when nil is passed to "refineNumber" function, it raises an error, because it expected first argument to be string. A simple way of fixing the problem (with minimal changes to the code) may be to assign needed value to global variable "IDAP" before "ModAPet" function is called: if choice ~= nil then IDAP = menuID[choice] menuFunctions[choice]() end A better option may be to refactor the code to make "ModAPet" function accept parameter of search string to use for the call to "refineNumber".
  2. CmP

    Set the value faster!

    Only as long as you keep GG running. To freeze values from script there is "addListItems" function. Set "freeze" field of tables to "true" for them to be frozen after the call to the function. For example: local results = gg.getResults(10) local values = {} for i, v in ipairs(results) do values[i] = {address = v.address + 0x1234, flags = gg.TYPE_DWORD, value = "4321", freeze = true} -- value will be frozen to 4321 end gg.addListItems(values)
  3. CmP

    Set the value faster!

    Don't call "setValues" function in loop. The code above from @HEROGAMEOfficial's post illustrates the approach that should be used instead: construct table with all desired values and pass it to "setValues" function. Something like this: gg.searchNumber("2219816;6::25", gg.TYPE_DWORD) gg.refineNumber("2219816", gg.TYPE_DWORD) local count = gg.getResultsCount() local results = gg.getResults(count) local values = {} for i, v in ipairs(results) do local index = (i - 1) * 4 local addr = v.address values[index + 1] = {address = addr + 64, flags = gg.TYPE_DWORD, value = "7"} values[index + 2] = {address = addr + 80, flags = gg.TYPE_DWORD, value = "8"} values[index + 3] = {address = addr + 96, flags = gg.TYPE_DWORD, value = "9"} values[index + 4] = {address = addr + 112, flags = gg.TYPE_DWORD, value = "10"} end gg.setValues(values)
  4. Regarding the needed details about "IsMatchHash" function in the variant of the library for arm64-v8a. The function is located at offset 0x18E078 from the start of the library. Here is the result of decompilation of function's code: The assignment on line 23 can be modified to achieve desired result (for function to always return 1). The assignment is performed by this instruction at offset 0x18E0EC from library start ("this" is a label for x0/w0 register): Modification of this instruction to MOV W0, #1 (hex bytes: 20 00 80 52) will cause the function to return 1 even when computed hash doesn't match stored hash. This modification of function's behavior is sufficient for bypassing in-memory data integrity check.
  5. You missed one important detail: The offset from library start to instructions of the function and new values for them that were mentioned are only applicable for library of the game for x86. On your device library for arm64-v8a is expected to be used, so the offset to the function and which instructions to modify in it need to be located exactly in this variant of library.
  6. No, with root in most cases something can be done. In this case, for example, you can modify file of installed library for the game to use it. Installed library is (should be) located at the following path: "/data/app/com.happylabs.hotelstory/lib/".
  7. Rooted devices usually don't have such limitation of not being able to modify values in memory ranges with application's code (or maybe in any memory range that doesn't have "w" permission). Possibly that it is somehow related with security improvements in android 11, but this is just a guess.
  8. It's not necessary to convert values from decimal to hex or from hex to decimal, because GG understands both formats. Consider an example that you need to edit value of byte type to 0x88. Instead of converting 0x88 to decimal and using the result to edit the value, you can just edit the value right away by adding "h" suffix to hex value. So to edit the value you need to input "88h". Which device or emulator do you use to run the game and GG? Which version of android is used there? Is device/emulator rooted or a virtual space application is used?
  9. In memory editor's toolbar choose "Goto" option, then click on "Xa" button and locate entry with library name. Starting address will be specified there. Clicking on the entry will put the address in the input field. From there it can be copied and/or navigated to.
  10. Apk of the game has 4 sets of libraries for different ABIs: armeabi-v7a, arm64-v8a, x86, x86_64. In my case 32-bit android emulator for Windows was used causing game libraries for x86 to be used. Correspondingly, all library-specific values like offsets that will be shown or mentioned in this post are only applicable to game's library for x86. Values of interest (coins, diamonds, max workers) are located in bss section of libnative-lib.so library. They can't be edited directly because game computes sha-256 hashes of several blocks of memory with important values and checks validity of stored hashes during every operation that includes reading or writing protected values. So in order to be able to directly edit values of interest in process memory verification of hashes needs to be disabled first. With GG it can be done by editing instructions in code segment of the library in process memory. The function that needs to be modified in library is named "IsMatchHash". It is located at offset 0x16E480 from library start. There are at least several different modifications of function's instructions to achieve desired result of function always returning 1 (true). One of the options is to modify 2 subsequent instructions at offsets 0x16E507 and 0x16E50A (see illustration below) to MOV AL, 0x1 (B0 01), MOV BYTE PTR [EDI + 0x29] (C6 47 29 01) and NOP (90) to edit all 7 bytes of original instructions. To find values of interest in process memory, besides using offsets to them from library start that can be discovered by analysis of library with the help of disassemblers, GG search capabilities can be used. Memory ranges with bss sections of application libraries in GG in most cases are classified as "Cb: C++ .bss". This can be used to find values of interest faster and more accurately by selecting only "Cb" type in list of memory ranges types. Having that done, there is one simple approach to find values of interest by searching for nearby value - player name string. For example, if player name is "TestPlayer123", in GG it can be searched with search string ":TestPlayer123". Colon as first character of search string means to search for specified UTF-8 encoded string. One occurrence of player name string is expected to be found. Values of interest are located within several hundred bytes from first byte of the string. After finding values of interest, adding them to saved list and assigning corresponding names to them, saved list looks like this: Maximal amount of workers is plain dword value that can be simply edited to desired one. Coins and diamonds are each stored as two separate dword values that give real value when they are XOR'ed (value1 XOR value2 = real_value). Either first or second value can be edited to 0 and the remaining value can then be edited to desired one. This works because value XOR 0 = value. Finally, here is an illustration of the result of modifying values of interest:
  11. "Code" option is missing (again?) from toolbar of private messages editor in desktop version of the site.
  12. Encountered this issue as well. Clearing site data has worked to be able to sign in. There also seems to be other possibly related issue that some pages (for example, https://gameguardian.net/forum/) may incorrectly display status as not signed in when user actually is. Here is an illustration:
  13. Some of them remained. Noticed the following ones so far. 1. Default activity stream page - https://gameguardian.net/forum/discover/ - has outdated data when it is loaded. Shortly after this it gets an update and offers to display new items that are up-to-date, but after being reloaded the page will contain outdated data again. 2. Reaction images fail to be loaded, because the path to them is incomplete: <img src="https://gameguardian.b-cdn.net/forum/static/" alt="Like" data-ipstooltip="" loading="lazy" _title="Like"> The issue causes the block with available reactions to look like this:
  14. @Sysadmin Similar to this, spoiler option (with eye icon) has been removed from desktop version of the site. One of it's use case is to make posts more compact by placing media in spoilers. It would be good to have the option available at least in desktop version of the site.
  15. Got me interested as well. In particular where the points come from. It can obviously be posts, reactions, achievements/badges, but it is unknown how many points are added in each particular case (for example, creating a topic or replying to a topic).
  16. Sorry, that was premature conclusion. I didn't find the option in it's usual place: but it appeared to be in post context menu:
  17. @Sysadmin can you please check whether edit posts functionality works properly? The possibility to edit posts for first N minutes after publication seems to be unavailable for me. Moreover, possibility to edit messages in private conversations is gone as well.
  18. Current color that is used for Ascended rank is probably too similar to color that is used for Administrator rank. I would suggest to change the first one, since the latter one is fine.
  19. This one is not an issue, but a question. Can some widget (if there is any applicable one) be added in place of free space in bottom right corner of the main area of forum main page?
  20. Can something be done until their next maintenance release? If not, then it is still alright, since the issue is not a major one.
  21. The issue can still be observed for some reason. The block is hidden according to the attributes. Code of the block (copied from Chrome DevTools): <li class="ipsWidget ipsWidget_horizontal ipsBox ipsWidgetHide ipsHide ipsResponsive_block ipsResponsive_hidePhone ipsResponsive_hideTablet" data-blockid="app_core_whosOnline_sogzncn8h" data-blockconfig="true" data-blocktitle="Who's Online" data-blockerrormessage="This block cannot be shown. This could be because it needs configuring, is unable to show on this page, or will show after reloading this page." data-controller="core.front.widgets.block"></li>
  22. It is shown now, but hasn't been previously, thanks for the fix. Desktop version of the site was meant.
  23. @Sysadmin "Who's online" block at the bottom of forum main page (https://gameguardian.net/forum) has been removed. Will it be added back or this change is final?
  24. CmP

    freeze value

    There is no way to do that. Your understanding is absolutely correct.
  25. CmP

    addListItems with v.name

    Could be the case when elements of traversed table need to be modified themselves. Assigning new value to "v" has no effect on "t[index]", so referring to table element explicitly is required in this case. Example: -- Wrong, table is unchanged for i, v in ipairs(t) do v = {address = 0x10203040 + 4 * i, flags = gg.TYPE_DWORD, value = "0"} end -- Correct for i, v in ipairs(t) do t[i] = {address = 0x10203040 + 4 * i, flags = gg.TYPE_DWORD, value = "0"} end
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.