Jump to content

Recommended Posts

Posted
1 hour ago, NoFear said:

 

You took a byte value you were in memory editor and there was 2 pointer one was above one was below why did you took the address of above one all the time and then you were at memory editor again and most of the time you long pressed the below pointer and clicked go to pointer. Is there any reason to do that or it is just randomly?

  • Moderators
Posted
21 minutes ago, FahimZS said:

You took a byte value you were in memory editor and there was 2 pointer one was above one was below why did you took the address of above one all the time and then you were at memory editor again and most of the time you long pressed the below pointer and clicked go to pointer. Is there any reason to do that or it is just randomly?

Pointers are typically organized. 

The $5.99 is the very end, that's not going to point to anything. The value above it, typically repeats above other groups of values in that same area. 

Then when I search the hex of the address, this is values pointing to that address. Usually pointers are grouped together, and then above will be the address of what is pointing to those. The value I always copy the address location of, is a repeating value. If I kept scrolling you'll keep seeing that value.  Stay between those, if you start followings values below the next "header" or above the header you are on, you'll be following pointers for a different thing. The values I was editing to 0, seeing if that effecting the price. The last 2 values, one might determine price and 1 might determine the item (could be wrong). Might be price only and the values earlier determines the item. At this point, I would find items that cost regular currency and start finding similar pointers and start copying the inapp pointers to the ingame purchase ones. 

Posted
38 minutes ago, NoFear said:

Pointers are typically organized. 

The $5.99 is the very end, that's not going to point to anything. The value above it, typically repeats above other groups of values in that same area. 

Then when I search the hex of the address, this is values pointing to that address. Usually pointers are grouped together, and then above will be the address of what is pointing to those. The value I always copy the address location of, is a repeating value. If I kept scrolling you'll keep seeing that value.  Stay between those, if you start followings values below the next "header" or above the header you are on, you'll be following pointers for a different thing. The values I was editing to 0, seeing if that effecting the price. The last 2 values, one might determine price and 1 might determine the item (could be wrong). Might be price only and the values earlier determines the item. At this point, I would find items that cost regular currency and start finding similar pointers and start copying the inapp pointers to the ingame purchase ones. 

Thanks for everything you done. So does everyone use pointer on inapp??

  • Moderators
Posted
46 minutes ago, FahimZS said:

Thanks for everything you done. So does everyone use pointer on inapp??

I would say 99% do... If you search the price in utf16 and have no results, just do regular text. If neither work start search for the price on "micro" form. So if 49.99, search 4999000. Typically if I can't find any value in a game, I start looking to the inapp. Because really good chance you can find it. Then use that to see patterns and how values are protected. Then work from that to find others. 

Posted (edited)
6 minutes ago, NoFear said:

I would say 99% do... If you search the price in utf16 and have no results, just do regular text. If neither work start search for the price on "micro" form. So if 49.99, search 4999000. Typically if I can't find any value in a game, I start looking to the inapp. Because really good chance you can find it. Then use that to see patterns and how values are protected. Then work from that to find others. 

How am i supposed to search in regular text do you mean utf8 and if i search in micro form what will be the value type? I have to search 4999000 as text? And how to look at inapp and how to find the pattern?

Edited by FahimZS
  • Moderators
Posted
15 minutes ago, FahimZS said:

How am i supposed to search in regular text do you mean utf8 and if i search in micro form what will be the value type? I have to search 4999000 as text? And how to look at inapp and how to find the pattern?

Yea utf8. 

The 4999000 as txt, dword or float. It can vary. 

Lets say 49.99 buys you 25,000 gems. You've searched for that 25,000 every possible way and cannot find it. So, you find the inapp pointers. Nearby will either be the 25,000 encrypted or a pointer that points to an encrypted value that = 25,000. Once you figure that out, now see if the encryption for another inapp is similar. If you find a pattern, you can now start to learn the encryption method or how to find encrypted values easier.

Posted (edited)
17 minutes ago, NoFear said:

Yea utf8. 

The 4999000 as txt, dword or float. It can vary. 

Lets say 49.99 buys you 25,000 gems. You've searched for that 25,000 every possible way and cannot find it. So, you find the inapp pointers. Nearby will either be the 25,000 encrypted or a pointer that points to an encrypted value that = 25,000. Once you figure that out, now see if the encryption for another inapp is similar. If you find a pattern, you can now start to learn the encryption method or how to find encrypted values easier.

Any way to figure out what does encrypted value means? So i have to find same encrypted value for 2 inapp to understand and when I'll practice I'll get better in no time

Edited by FahimZS
  • Moderators
Posted
1 hour ago, FahimZS said:

Any way to figure out what does encrypted value means? So i have to find same encrypted value for 2 inapp to understand and when I'll practice I'll get better in no time

You figure that out, how it is encrypted, then that would be great. Not sure if there is a string we can search in utf16 that would uncover the encryption method. 

Posted
31 minutes ago, NoFear said:

You figure that out, how it is encrypted, then that would be great. Not sure if there is a string we can search in utf16 that would uncover the encryption method. 

Thanks for lot of information and for that video 

  • Moderators
Posted
Just now, FahimZS said:

@NoFear why do you make these video private?

Developers can and will report them as copyright infringement. Keeping unlisted, helps prevent that. 1strike = 6months probation. No unlisted videos allowed and another strike during that = ban.  It's more to protect my account. 

Posted
2 hours ago, NoFear said:

Developers can and will report them as copyright infringement. Keeping unlisted, helps prevent that. 1strike = 6months probation. No unlisted videos allowed and another strike during that = ban.  It's more to protect my account. 

Nice but we won't find your videos like this we have to mention you or we have to find the video ourselves.

Posted (edited)
9 hours ago, NoFear said:

 

Hello bro. Thank you so much for this awesome video and of course for choosing this game. 

I have some questions. 

Why in the minute 5.25 you search for the addres above the pointers u changed to 0 ?

You only search for the address above the utf pointers search?! .

And you find 2 values after searching for the address above the pointers in the 5.25. 

You go to pointers that nearby to this 2 values. How you know that the second value was the right one?

What I mean is for the minute 5:30 to 6:39 

 

Edited by MedoSatoor

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.