Jump to content
Sign in to follow this  
Keithia

Help? Love Nikki-Dress UP Queen

Recommended Posts

Name of Game: Love Nikki-Dress UP Queen
Play Store Link (If it's a paid app, the apk): https://play.google.com/store/apps/details?id=com.elex.nikkigp
Version: 1.1.2
What cheat? Health, xp, gold...: unlimited coins or something like free shopping.
Have you tried cheating this game? What happened?: I tried searching the money value, found it, tried to change it; it changed but it's not working.
Comments: please help me hack this game :)

Edited by Keithia
Added something

Share this post


Link to post
Share on other sites

Bumping this to see if anyone can check and see if this game is able to be modified.

I downloaded it and am not having any success changing the memory values.

Thanks!

Share this post


Link to post
Share on other sites
On 30/08/2017 at 4:23 AM, gamingneeds said:

Bumping this to see if anyone can check and see if this game is able to be modified.

I downloaded it and am not having any success changing the memory values.

Thanks!

It seems to be synched with the server, values are seemingly stored in Double type (so if you have 350 gold, search 350.0E), which is visual only - I am trying further to see what else I could do

Edited by Tabz3

Share this post


Link to post
Share on other sites
1 minute ago, Tabz3 said:

It seems to be synched with the server, values are seemingly stored in Double type (so if you have 350 gold, search 350.0E), which is visual only - I am trying further to see what else I could do

Thank you for looking into it. Maybe some type of reward hack? You get diamonds or money by completing stuff. Or another option: store hack? That when you buy stuff it doesn't decrease it only adds?

Share this post


Link to post
Share on other sites
22 hours ago, Keithia said:

Thank you for looking into it. Maybe some type of reward hack? You get diamonds or money by completing stuff. Or another option: store hack? That when you buy stuff it doesn't decrease it only adds?

It seems to use a xor key but it won't sync with server

Screenshot_20170902-000925.png

Share this post


Link to post
Share on other sites
2 hours ago, Tabz3 said:

It seems to use a xor key but it won't sync with server

Screenshot_20170902-000925.png

d***.. There seems to be no way around the server. 

Share this post


Link to post
Share on other sites

@Tabz3 I appreciate you looking to into this! Wish it was better news, one of their previous games was editable, so was hoping there was a workaround for this ?

 

Thanks!

Share this post


Link to post
Share on other sites

I'm not sure if this merits a new thread but I'll continue here. I decided to tackle this game for learning purpose as it showed top on my feed. I tried multiple approaches to increase my in-game currency from simple exact search, xor search to fuzzy search. I observed the following

1) In one instance, each change to the coin value result in a completely different sent of values in the memory which corresponded to it. After managing to pin down 7 addresses. Each decrement of the coin value resulted in a completely random set of dwords/floats types. Example: if gold value was 20,000, the values showed in the memory addresses were 5,133,221. Completely random pic

2) After fudging in the memory tweaks, I managed to get absolute random set of values. AFAIK,  I simply set the honed down memory address to 0 which resulted in this -> look closely at the top bar.

My progress in this game was to get the gem value to be shown as --nan

Insight from the pros will be appreciated on how to further tackle this problem. I can code if that helps in Java/JavaScript. 

Share this post


Link to post
Share on other sites
50 minutes ago, lonejava said:

I'm not sure if this merits a new thread but I'll continue here. I decided to tackle this game for learning purpose as it showed top on my feed. I tried multiple approaches to increase my in-game currency from simple exact search, xor search to fuzzy search. I observed the following

1) In one instance, each change to the coin value result in a completely different sent of values in the memory which corresponded to it. After managing to pin down 7 addresses. Each decrement of the coin value resulted in a completely random set of dwords/floats types. Example: if gold value was 20,000, the values showed in the memory addresses were 5,133,221. Completely random pic

2) After fudging in the memory tweaks, I managed to get absolute random set of values. AFAIK,  I simply set the honed down memory address to 0 which resulted in this -> look closely at the top bar.

My progress in this game was to get the gem value to be shown as --nan

Insight from the pros will be appreciated on how to further tackle this problem. I can code if that helps in Java/JavaScript. 

You found out a lot about the game! A diamond hack would be amazing as that's the drive behind the whole game. Idk if the pro's will see this thread but maybe.

Share this post


Link to post
Share on other sites
2 hours ago, Keithia said:

You found out a lot about the game! A diamond hack would be amazing as that's the drive behind the whole game. Idk if the pro's will see this thread but maybe.

A member in another forum mentioned about being able to intercept the server check the application receives. For past couple of hours, I've been using Charles Proxy server to figure out what kind of check it is getting. But so far, the SSL certificate is refusing to be recognized, hence I keep on getting SSL failed handshake. All the traffic from my laptop goes through it without a problem. Frustrating indeed. 

Even though the diamond hack worked, I have a feeling it will get reverted. I have no idea if the change was cosmetic of not. I was only able to bring the value of the diamond down, not increase. Decreasing the diamond value does not necessarily bring the other values down. They keep fluctuating with each change. 

Share this post


Link to post
Share on other sites
1 hour ago, lonejava said:

A member in another forum mentioned about being able to intercept the server check the application receives. For past couple of hours, I've been using Charles Proxy server to figure out what kind of check it is getting. But so far, the SSL certificate is refusing to be recognized, hence I keep on getting SSL failed handshake. All the traffic from my laptop goes through it without a problem. Frustrating indeed. 

Even though the diamond hack worked, I have a feeling it will get reverted. I have no idea if the change was cosmetic of not. I was only able to bring the value of the diamond down, not increase. Decreasing the diamond value does not necessarily bring the other values down. They keep fluctuating with each change. 

It seems the devs have implented a really good blockage with every changing numbers. It would take a lot of different parties to try and decrease values hmm..

Share this post


Link to post
Share on other sites

I pasted this on another forum to spark interest in this, because not many people are concerned with the game >>

For paste couple of days, I've been messing around with it to get proxy going. The most time consuming part has been getting a web debugger working. Long story short, it was a pain the a** and stupidly infuriating.

My initial approach was to figure out the outgoing/incoming calls to the app. After pinning those down, I decided to block them and see how the app behaved. For an odd reason, after black-listing it here it still manages to receive a response! The main calls which I found were to domain aihelp.net & cs30.net Upon visiting the domain, both of them seem to be irrelevant [they seem to concern with providing help desk support] to resuming the state of the game i.e coins spent, server time, etc.

I don't know how to proceed from here. I find it hard to believe a domain is managing to bypass the proxy server I set up. It is meant to pipe all traffic through the application Charles-proxy.

I've uploaded the log of the response call for the curious here ,     here and here

One thing I want to point out, after spending a lot of time checking through the response the application gets, I don't see anything related to pushing the account details of the user back to the application. The only check I seem to see happening is 'time-check' with the server. There wasn't anything related to sending value of your coin, gems, or in-game store purchase so far. All of it seems to be stored on client machine. But it still wants the internet connected. Any pros out there know what might be happening?

Share this post


Link to post
Share on other sites
On 12/24/2018 at 7:56 AM, lonejava said:

I'm not sure if this merits a new thread but I'll continue here. I decided to tackle this game for learning purpose as it showed top on my feed. I tried multiple approaches to increase my in-game currency from simple exact search, xor search to fuzzy search. I observed the following

1) In one instance, each change to the coin value result in a completely different sent of values in the memory which corresponded to it. After managing to pin down 7 addresses. Each decrement of the coin value resulted in a completely random set of dwords/floats types. Example: if gold value was 20,000, the values showed in the memory addresses were 5,133,221. Completely random pic

2) After fudging in the memory tweaks, I managed to get absolute random set of values. AFAIK,  I simply set the honed down memory address to 0 which resulted in this -> look closely at the top bar.

My progress in this game was to get the gem value to be shown as --nan

Insight from the pros will be appreciated on how to further tackle this problem. I can code if that helps in Java/JavaScript. 

Could you please re-upload the images ? 

I'm very interested in tackle this game , and so far I was able to change the display values only (coins/diamonds). But obviously, it got reverted back to the original amount as soon as I buy something.

I hope I could discover something new and learn from you.

Share this post


Link to post
Share on other sites

Hello my hacking friends, do any of you have any news for this particular game?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...