Search the Community

Here a Pointers for MAX values for HP, Food, Water, Energy ( They're grouped close ) Since they're grouped, we just only need the HP pointer to finds the others Query this Value: 327,613,640 Type: Dword We should get one address then offset it by Offset: -C (Hex) Type: Dword The result should be 0 in Dword, i checks it multiple times after that pointer search that new address you offset-ed then we'll find alot of addresses Offset all of these addresses you got from pointer search by Offset: 20 (Hex) Type: Double p.s : you can use tool called Change Address / type on list tab. and then we refine these addresses by Value: 100 Type: DOUBLE and we should get 2 address, one of the address just a dummy address (i assume) next, find the real one by increment. after you find the real HP address. p.s: remember to make copy of them, Change Address / type tool should have make a copy option copy the address and offset it by 70 (hex), and that's your Food Address (value will be 100 too) and offset the Food address by 70 (hex) again, and that's your Water, and offset Water by 70 (hex) again, yes i know. And that's your Energy address. and that's the groups. so the end structure will be Name - Value - Offset (Hex) HP - 100.0 - Reference point Food - 100.0 - 70 from HP Water - 100.0 - 70 from Food | E0 from HP Energy - 100.0 - 70 from Water | 150 from HP if you interested to add these to scripts, feel free to do so btw.

Okay, after spending quite hours on GG, i find a static group value for level hack ( i use new game save to test it, and it might changed for each devices, i use v1.730 fa) Search : 112;4;0;0.5E;1.75F;3;0;5;68;16,842,780 Default Group Type: Dword Im unsure about the ordered value, i use default :512 and also those group search are offset-ed by 4 (as gg offset calculator suggested). **64 - **68 = 4 This group search will gives you 200+ results now filter it with Filter : 0.5 Type: Double Now, you should have 1 results ( 0.5 Double), change it to 1, Do search/hunt, something that adds levels, and you should be lvl 100 after that, feel free to revert it back to 0.5 if you want. P.S I also tried on my other profile that's level 49 and it works fine, it'll not go beyond lvl 100. for perk it'll gave you 91 in total

Here are the steps you need to follow to invite your friends to a WhatsApp group. The CHATS tab can also be tapped and held to select a group. Select More options > Group information. Invite via the link by tapping it. Select whether to send the link via WhatsApp, copy the link, or share the link via another app.

Ever Tried Offset Group Search? I cannot help much but try it maybe it works

Any idea group search adress since its 690 I wanted to search with following the main adress since i tried it on old adress and not work only Saw 0 the adress on my script 7846F75290 What to do

Try this app it can even dump protected libil2cpp.sp with no error Il2CppDumperGUI 2.0.0.apk I got this from apk editor pro telegram chat group

Dumping the whole thing isn't a good idea, believe it or not it can sizes more than 40 gig's If you cant find the il2cpp that mean the game is not unity based or the dev have changed the lib name to confuse people like us

You need clear before make another search, and also make sure that GG are finding that group search. You need use gg.clearResults() always at the function start, works for me.

Please help me understand how group search works. I read the description in "GG Help", but in fact nothing is clear. In the game CodyCross: Crossword Puzzles, I wanted to change the reward that gives achievements. "https://play.google.com/store/apps/details?id=com.fanatee.cody&hl=en" For example, I entered - 10;10:512 gave me 1100 values, and if I enter 10;10;10:512, then 500 values will already be displayed, and if 10;10;10;10:512, already 0. I don’t understand why this is so, because there are about 30 achievements in the game for completing which give 10 currencies each, but at the same time I can’t find a value that would change at least one of them. Each time the search returns different results and I don't understand why. Help me understand, once I accidentally found 1 value that can change the reward, it was in Dword A:Anonymous, but when I tried to find it again, nothing came of it.

@HorridModz Provides a Nice detailed explanation. Hex patching is rather easy as it's only a form of data that simply overwrited / added, the important thing is: to understand the assembly itself. Probably I'll provide a little more coverage about the topic. [ Usage ] - Replacement: You can only replace hex at fixed length. The hex length is depends on Data types that you're dealing with, it could be a Set / Subset Instruction. In general it can take 2-4 bytes, make sure to read the instruction as a string not in hex form. More simple coverage on the next section. - Addition: This used when doing references such as memory allocation. To manually add a custom instruction; you need to write it in empty/unread memory region (the indication is: it's filled with 00) and then reference the game function to your allocated memory. It's the general idea, you shouldn't be worry about it; most tools already provide this feature. Why no substraction? You can't remove a function even after proper patching and 'disabling' any reference to that function, directly or memorily. It leads to data corrupt/crashing; so it's uncommon. You can use this to cut fake data (such as malware app that filled with 00 to make a large size) because "they" only add additional hex at the end. There's more reason to this. [ Data Types ] - Function/Instructional data takes 4 length; mov r0, r0 #00 00 A0 E1 bx lr #1E FF 2F E1 - Inner Function/Subset Instruction takes 2-4 length. It's called as thumb and can be found on 32-bit architecture. mov r0, r0 #00 46 bx lr #70 47 [ Patching ] - Lazy Patch: You can 'remove' instruction without removal, simply fills with 00. This off course wouldn't work if the app have high security but the benefit is: You don't need to understand Assembly. - Proper Patch: You can just memorize this common patch and applies it anywhere; it's simple and not a time consuming. Well, for more instruction patches; you need to learn assembly. Learn returning values and Jump instruction (BL/JMP) patches would mostly help. [Patch 1] Instruction: mov r0, r0 Arm Encoded: 00 00 A0 E1 Thumb Encoded: 00 46 [Patch 2]: Usually a boolean/takes value Instruction: mov r0, #0 Arm Encoded: 00 00 A0 E3 Thumb Encoded: 4F F0 00 00 [End Patch]: Indicate closing, put after patches Instruction: bx lr Arm Encoded: 1E FF 2F E1 Thumb Encoded: 70 47 [ Misc ] - 00 is equal to 1 Hex - Hex can present in 00 or 0x00 - Thumb can be found on 32-Bit Architecture (x86, Armeabi / Armv7 / Arm32 ) - Thumb can also takes 4 length; the same length as Arm encoded - To differentiate Thumb and Arm encoding; 1) Copy the instruction hex, 2) Compare hex and instruction, including after and before offset

btw..the group search codes(armv8) are still working. just increase the group size to 3929

Did some quick checking and its a first for me to, to see the names are scattered around in different locations in memory. I can't give you a solution. There are also two global metadata headers i believe. Can't spectate it because lost access to 010 Editor but you can search the magical bytes in Ca and copy. I believe header size is 272 bytes. But this could be 264 bytes as well i believe. If you would replace the header from the meta in Others with that of Ca il2cppdumper would recognize it as a valid metadata. But then the values in the header don't correspond with the rest of the metadata. So if the metadata is encrypted the meta in Ca is the one that has no encryption. But im just assuming here. You would need to look deeper in to it. Both meta headers point to different code/meta registration. I'm not sure if its realistic to say that you could try to fix the values in the Others metadata so that it corresponds to the data of the Ca meta header? This was just some idea. Further then that i can't help you. But perhaps people more suitable for the issue can help you.

I believe the script is understandable if you understand the game a bit. I just try to avoid group searches and repeating behaviour which slows down the script or increases its size or makes me spend more time writhing. For load all cheats with group search it takes one minute. By making this script with offsets it only takes 10 sec. Then checks are also there to alert if values changed or things like that. Everything has purpose. Its also more easy for me to update as i don't need to change much things.

If still not working, you should search your value again and make a fresh new group search.

I already have the value... Someone helped me searched for it, been using it in my other phone and it was this code "1.0F;0.33333334327F;0.02999999933F::9" The problem is, when I switched to a different phone... The code is not working anymore. Same game, same execution. When I do the group search, there's no values found. Can you help me with this sir? Tnx in advance. received_3229280607337766.mp4

View File XAPK Maker The obb and apk copyr for the app is already installed to generate the complete xapk. Mistakenly created manifest.json file for apxapk installer. Telagram Group Telagram Channel YouTube Channel The steps are as follows: Submitter TisNquyen Submitted 08/26/2022 Category Tools  

View File Tower of Fantasy Features: Player Animation speed Game speed Player object speed Double Jump Player object size Supply Pods detecting Range Dodge range Damage Enemy Teleport Note: Script detects when your in lobby or in match, so no need to restart the script your self as it will do automatically. Creator: Platonic Will more features be added? -> perhaps(when i have time) Video: Submitter Platonic Submitted 08/26/2022 Category LUA scripts  

Thanks for trying to help, but he is also trying to help. Maybe you think your method is better, but we should all be allowed to contribute our methods. Do not try to denounce someone else's advice. This is also quite hypocritical of you because your method also involves editing a large number of values. I have another method. Another way to find the value you want is by group search. If there are multiple items in the shop, try searching multiple of these items with ";" in between (ex: if there is an offer 50 coins for item a and an offset 100 coins for item b, search 50;100 instead of just 50). A group search will only return values that are close together. In something like a shop, the different offers are usually close together in memory because they belong to the same elements of the game.

group search

Way out of range. Tagged pointer is one problem, Bigger problem is that it is the value that has the needed pointers near it which is out of range. Haven't find any other pointers that are properly ordered to get the desired values. Except for manually group searching. If manual group search is the only way then i suggest to install 32 bit apk of the game. Then script will work.

I would suggest to do some prints on the script so we can find the issue. Is instruction set architecture value correct as in your apk? (If not then script uses wrong offsets), (return instructionSetArchitecture) Do you get 500+ results when first qword search happen?(make sure to try region (A, Ca, O) manually(just for sure) If above two are working correct it can be that your offsets for the pointers are different after the search. (Which would be strange, but you can check it manually) Check manually(this is for the first process level of Cafe): group search: 180D;35D;20D;4D;7D;10D;0D;0D;19D:33 18 or 9 results. Refine 4D Go to address of one of the two(there function is same) Go to address. You should see two pointers. They point to same address. 64bit -> - 0x1C and 32bit -> - 0x14 Go to pointer. Then you should see a string named .types = 126,879,515,898,890 and a pointer above that. Pointer should be 64bit -> 0x10 and 32bit -> 0x8 from the value 126,879,515,898,890. That pointer points back to the address where we saw two pointers. You have that?

Hello Jennie1998, Please note: Value is dword. Value is different for each progress rate and object location Decreasing value = increasing % per play How value is found: First thing to try would be searching for nearby values because i could not find that process rate value directly either. Since the game starts with the Cafe i look there. Start with group searching the values from up to down(ignore symbols first): 75;60;19:: I get results, refine to 75. Use increment by 1 on the results to see if anything happens to desired value. 75 became 84, refine 84(make sure you reverted all other values to avoid crash) We must go to address of the value..to inspect if your process rate value is there. We first should analyze the structure, so we know more or less the range in which we should edit. We can see values that represent the same as on the board. 84, 60 and 19. As shown on the board. Since they are all dword values properly structured it seems to resemble a some data that represents stats. The stats visible on that board. We don't see anywhere the value 100, yet in memory it shows that value. Since it is a dword value between the 60 and 19 (known values) it should not be harmful to edit that value. I edit it to zero. Then switch board and return so that effects have taken. Value changed from 0% to NaN%, We play a game, you finish it in one go.

Grand master is rare, because it takes a significant amount of time and contribution. A lot of the ranks are time gated, as cisco mentioned. Because some people want the rank and just spam non-helpful content to try and get it. Same with the Contributor group - you can't just get it by posting a lot quickly.