Jump to content

XOR search Guide - GG 8.29.0+

NoFear

By NoFear,
in Video Tutorials

 Share

Recommended Posts

  • Moderators
  • Popular Post
NoFear Grand Master

NoFear

Posted
  • Moderators
  • Popular Post
Posted

XOR SEARCH:
This method of search is very unique and not intended for you to try as a first method. Once you've tried all memory types, all ranges,  unknown increased and unknown decreased and all fail, this method might be what you want to do last.
XOR is a simple encryption method, but without the key, you can't know the value. And games lately (not all) will have a key that changes on value change, making finding these types of values EXTREMELY difficult if not impossible... Until now. HUGE thanks to @Enyby

The search

All the games I've come across that use this method have all been dword, so I'll stick to dword. Also most games (except For Emblem Heroes and some parts in GunPie) the XOR key and XOR value are 4bytes apart. 
Let's say you have 25 gold. To search 25 with xor key 4 bytes away
25X4
If you know your value is within a range but not 100% on value, so you know you collected about 40 to 45 gold, your search can be
38~50X4
Then when you collect 10 more
48~60X4
During these searches, if you want to eliminate many results that are most likely not it, you can do a does not equal 0 and does not equal the value. 
You search 500X4
Followed by
≠0
≠500
Then you can resume the XOR method.


This search cannot be done with a group search. 
If done properly, can do unknown changed/unchanged. 


Editing
You have a couple ways you can edit values. 
Edit results and if you want to edit to 12345
Put 12345X4
If you want to edit multiple values keeping xor and doing a different value for each. If you have 3 results from searching 500X4
Edit results
100;5000;15000X4
First value week be edited to 100
2nd 5000 and 3rd to 15000.
The other option ,goto address, copy value above (xor key) using the xor calculator built into GG, calculate value and got can type values and re-encrypt with proper xor key. 

 

Increment edit

If you have 5 results and want each to be different, separate each edit with a ;. So for 5 results

5;10;15;20;25X4

Value 1 will be 5, 2 will be 10.....

Then you can figure out the correct value, revert and remove the wrong values and continue with editing that one value. 

List of known games using XOR protected values. 
Tiny Miners
Bullet Force
Gunpie
Super Mario Run
Fire Emblem Heroes (SP: 8 is xor offset. Level: 24 is xor offset) 
Touch Tank
Target Acquired
Futurama: Worlds of Tomorrow
Pokémon: Magikarp Jump 
Skychamp
HAWK: Freedom Squadron
Candy Crush

Heroes Infinite

Stickman Legend (XOR offset 8)

Zombie Pandemic Survivor

21
Link to comment
Share on other sites
  • Replies 77
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

NoFear
NoFear

XOR SEARCH: This method of search is very unique and not intended for you to try as a first method. Once you've tried all memory types, all ranges,  unknown increased and unknown decreased and all f

NoFear
NoFear

Even worse what a developer can do. Every value change just in game results in All xor key changes. Let's say you are trying to find gold. Gain 1 unknown changed. Gain 0 unknown unchanged. G

CmP
CmP

You need to use "Changed/Unchanged" if you want to find xor-encrypted value with fuzzy search. "Increased/Decreased" won't work out because of how xor-encryption works.

Posted Images

  • Moderators
NoFear Grand Master

NoFear

Posted
  • Author
  • Moderators
Posted
1 hour ago, Logic11211 said:

In pokemon magikarp jump I'm able to do increment edit...works flawlessly... I'm having problems with coins... The value still reverts even after editing... Is there a max amount of coins????

Don't edit balance.... 

Edit rewards, prices etc etc. 

1
Link to comment
Share on other sites
EichZen Explorer

EichZen

Posted
Posted

@NoFearThank you for the basics of the guide! :)

I've been trying to hack Realm Defense TD but I keep failing. I'm guessing the XOR key are really far apart?

Is it possible to use odd numbers as xor keys? so far the examples I've seen are X4 X8 X16 X24 and so on

Link to comment
Share on other sites
  • Moderators
NoFear Grand Master

NoFear

Posted
  • Author
  • Moderators
Posted
30 minutes ago, EichZen said:

@NoFearThank you for the basics of the guide! :)

I've been trying to hack Realm Defense TD but I keep failing. I'm guessing the XOR key are really far apart?

Is it possible to use odd numbers as xor keys? so far the examples I've seen are X4 X8 X16 X24 and so on

Only even in increments if 4 (essentially dword/float only)  (for now) 

3 minutes ago, Logic11211 said:

Thanks dude.. Your really good at this !!

Heh. thank you. Been doing this type of hacking for a while (few years?) and the more I help others hack 'everything' the better I get and the more I learn as developers try to protect their games. :)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept