Help? Love Nikki-Dress UP Queen

[Keithia]

Name of Game: Love Nikki-Dress UP Queen
Play Store Link (If it's a paid app, the apk): https://play.google.com/store/apps/details?id=com.elex.nikkigp
Version: 1.1.2
What cheat? Health, xp, gold...: unlimited coins or something like free shopping.
Have you tried cheating this game? What happened?: I tried searching the money value, found it, tried to change it; it changed but it's not working.
Comments: please help me hack this game

Edited July 23, 2017 by Keithia
Added something

[gamingneeds]

Bumping this to see if anyone can check and see if this game is able to be modified.

I downloaded it and am not having any success changing the memory values.

Thanks!

[Tabz3]

On 30/08/2017 at 4:23 AM, gamingneeds said:

Bumping this to see if anyone can check and see if this game is able to be modified.

I downloaded it and am not having any success changing the memory values.

Thanks!

It seems to be synched with the server, values are seemingly stored in Double type (so if you have 350 gold, search 350.0E), which is visual only - I am trying further to see what else I could do

Edited September 1, 2017 by Tabz3

[Keithia]

1 minute ago, Tabz3 said:

It seems to be synched with the server, values are seemingly stored in Double type (so if you have 350 gold, search 350.0E), which is visual only - I am trying further to see what else I could do

Thank you for looking into it. Maybe some type of reward hack? You get diamonds or money by completing stuff. Or another option: store hack? That when you buy stuff it doesn't decrease it only adds?

[Tabz3]

22 hours ago, Keithia said:

Thank you for looking into it. Maybe some type of reward hack? You get diamonds or money by completing stuff. Or another option: store hack? That when you buy stuff it doesn't decrease it only adds?

It seems to use a xor key but it won't sync with server

[Keithia]

2 hours ago, Tabz3 said:

It seems to use a xor key but it won't sync with server

d***.. There seems to be no way around the server. 

[gamingneeds]

@Tabz3 I appreciate you looking to into this! Wish it was better news, one of their previous games was editable, so was hoping there was a workaround for this ?

 

Thanks!

[lonejava]

I'm not sure if this merits a new thread but I'll continue here. I decided to tackle this game for learning purpose as it showed top on my feed. I tried multiple approaches to increase my in-game currency from simple exact search, xor search to fuzzy search. I observed the following

1) In one instance, each change to the coin value result in a completely different sent of values in the memory which corresponded to it. After managing to pin down 7 addresses. Each decrement of the coin value resulted in a completely random set of dwords/floats types. Example: if gold value was 20,000, the values showed in the memory addresses were 5,133,221. Completely random pic

2) After fudging in the memory tweaks, I managed to get absolute random set of values. AFAIK,  I simply set the honed down memory address to 0 which resulted in this -> look closely at the top bar.

My progress in this game was to get the gem value to be shown as --nan

Insight from the pros will be appreciated on how to further tackle this problem. I can code if that helps in Java/JavaScript. 

[Keithia]

50 minutes ago, lonejava said:

I'm not sure if this merits a new thread but I'll continue here. I decided to tackle this game for learning purpose as it showed top on my feed. I tried multiple approaches to increase my in-game currency from simple exact search, xor search to fuzzy search. I observed the following

1) In one instance, each change to the coin value result in a completely different sent of values in the memory which corresponded to it. After managing to pin down 7 addresses. Each decrement of the coin value resulted in a completely random set of dwords/floats types. Example: if gold value was 20,000, the values showed in the memory addresses were 5,133,221. Completely random pic

2) After fudging in the memory tweaks, I managed to get absolute random set of values. AFAIK,  I simply set the honed down memory address to 0 which resulted in this -> look closely at the top bar.

My progress in this game was to get the gem value to be shown as --nan

Insight from the pros will be appreciated on how to further tackle this problem. I can code if that helps in Java/JavaScript. 

You found out a lot about the game! A diamond hack would be amazing as that's the drive behind the whole game. Idk if the pro's will see this thread but maybe.

[lonejava]

2 hours ago, Keithia said:

You found out a lot about the game! A diamond hack would be amazing as that's the drive behind the whole game. Idk if the pro's will see this thread but maybe.

A member in another forum mentioned about being able to intercept the server check the application receives. For past couple of hours, I've been using Charles Proxy server to figure out what kind of check it is getting. But so far, the SSL certificate is refusing to be recognized, hence I keep on getting SSL failed handshake. All the traffic from my laptop goes through it without a problem. Frustrating indeed. 

Even though the diamond hack worked, I have a feeling it will get reverted. I have no idea if the change was cosmetic of not. I was only able to bring the value of the diamond down, not increase. Decreasing the diamond value does not necessarily bring the other values down. They keep fluctuating with each change. 

[Keithia]

1 hour ago, lonejava said:

A member in another forum mentioned about being able to intercept the server check the application receives. For past couple of hours, I've been using Charles Proxy server to figure out what kind of check it is getting. But so far, the SSL certificate is refusing to be recognized, hence I keep on getting SSL failed handshake. All the traffic from my laptop goes through it without a problem. Frustrating indeed. 

Even though the diamond hack worked, I have a feeling it will get reverted. I have no idea if the change was cosmetic of not. I was only able to bring the value of the diamond down, not increase. Decreasing the diamond value does not necessarily bring the other values down. They keep fluctuating with each change. 

It seems the devs have implented a really good blockage with every changing numbers. It would take a lot of different parties to try and decrease values hmm..

[lonejava]

I pasted this on another forum to spark interest in this, because not many people are concerned with the game >>

For paste couple of days, I've been messing around with it to get proxy going. The most time consuming part has been getting a web debugger working. Long story short, it was a pain the a** and stupidly infuriating.

My initial approach was to figure out the outgoing/incoming calls to the app. After pinning those down, I decided to block them and see how the app behaved. For an odd reason, after black-listing it here it still manages to receive a response! The main calls which I found were to domain aihelp.net & cs30.net Upon visiting the domain, both of them seem to be irrelevant [they seem to concern with providing help desk support] to resuming the state of the game i.e coins spent, server time, etc.

I don't know how to proceed from here. I find it hard to believe a domain is managing to bypass the proxy server I set up. It is meant to pipe all traffic through the application Charles-proxy.

I've uploaded the log of the response call for the curious here ,     here and here

One thing I want to point out, after spending a lot of time checking through the response the application gets, I don't see anything related to pushing the account details of the user back to the application. The only check I seem to see happening is 'time-check' with the server. There wasn't anything related to sending value of your coin, gems, or in-game store purchase so far. All of it seems to be stored on client machine. But it still wants the internet connected. Any pros out there know what might be happening?

[McAsh]

On 12/24/2018 at 7:56 AM, lonejava said:

I'm not sure if this merits a new thread but I'll continue here. I decided to tackle this game for learning purpose as it showed top on my feed. I tried multiple approaches to increase my in-game currency from simple exact search, xor search to fuzzy search. I observed the following

1) In one instance, each change to the coin value result in a completely different sent of values in the memory which corresponded to it. After managing to pin down 7 addresses. Each decrement of the coin value resulted in a completely random set of dwords/floats types. Example: if gold value was 20,000, the values showed in the memory addresses were 5,133,221. Completely random pic

2) After fudging in the memory tweaks, I managed to get absolute random set of values. AFAIK,  I simply set the honed down memory address to 0 which resulted in this -> look closely at the top bar.

My progress in this game was to get the gem value to be shown as --nan

Insight from the pros will be appreciated on how to further tackle this problem. I can code if that helps in Java/JavaScript. 

Could you please re-upload the images ? 

I'm very interested in tackle this game , and so far I was able to change the display values only (coins/diamonds). But obviously, it got reverted back to the original amount as soon as I buy something.

I hope I could discover something new and learn from you.

[Amphata]

Hello my hacking friends, do any of you have any news for this particular game?

[Letima]

On 15/8/2019 at 7:27, Amphata said:

Hola mis amigos piratas, ¿alguno de ustedes tiene alguna noticia para este juego en particula

On 25/12/2018 at 16:59, lonejava said:

Pegué esto en otro foro para despertar interés en esto, porque no muchas personas están preocupadas por el juego >>

Durante un par de días, he estado jugando con él para poner en marcha el proxy. La parte que consume más tiempo ha sido hacer funcionar un depurador web. En pocas palabras, fue un dolor el ** y estúpidamente irritante.

Mi enfoque inicial fue averiguar las llamadas salientes / entrantes a la aplicación. Después de fijarlos, decidí bloquearlos y ver cómo se comportaba la aplicación. ¡Por alguna extraña razón, después de incluirlo en la lista negra  aquí , aún se las arregla para recibir una respuesta! Las principales llamadas que encontré fueron al dominio aihelp.net y cs30.net. Al visitar el dominio, ambos parecen ser irrelevantes [parecen preocuparse por proporcionar soporte de mesa de ayuda] para reanudar el estado del juego, es decir, las monedas gastadas, hora del servidor, etc.

No sé cómo proceder desde aquí. Me resulta difícil creer que un dominio esté logrando eludir el servidor proxy que configuré. Está destinado a canalizar todo el tráfico a través de la aplicación Charles-proxy.

He subido el registro de la llamada de respuesta para los curiosos aquí ,     aquí y aquí.

Una cosa que quiero señalar es que, después de pasar mucho tiempo revisando la respuesta que obtiene la aplicación, no veo nada relacionado con enviar los detalles de la cuenta del usuario a la aplicación. La única comprobación que parece que ocurre es "comprobación de tiempo" con el servidor. Hasta el momento no había nada relacionado con el valor de envío de su moneda, gemas o compra en la tienda del juego. Todo parece estar almacenado en la máquina del cliente. Pero todavía quiere que internet esté conectado. ¿Algún profesional por ahí sabe lo que podría estar pasando?

Hiii, months or years later, does anyone have news? I searched a lot and nobody talks about this. Is it really impossible to change the values of the game?