Hex

[brubbribo]

How do I know how many lines of hex to select?? I know I have the right offset but I just don't know how many hex I need to search

[kiynox]

7 hours ago, brubbribo said:

How do I know how many lines of hex to select?? I know I have the right offset but I just don't know how many hex I need to search

[ @brubbribo ]
---
I do think you doesn't need "Hex" here since you already have the Offset, unless you're doing patterned search using Hex String. Simply put your target lib and add the address with your offset:

bases = gg.getRangesList(your_lib)[1].start
final = bases + your_offset
print(final)

---
If you're trying to patch the target Offset but didn't know how much length of hex to patch, then, you need to adjust it according to your applied patches. I recommend using: arm-converter. For example:

Quote

Assembly:
NOP
BX LR

Hex:
00F020E3
1EFF2FE1

Hex Length: 8
00 F0 20 E3 1E FF 2F E1

Notice that 1 Hex is considered 2 bytes.
---

Quote

I just don't know how many hex I need to search

I'm still left confused on why you're trying to do this, but I will give you that. Since you have the Offset, obviously you need to visit the Offset first, you can do this through Game Guardian:

• 1). Goto Game Guardian memory editor
• 2). Click on Right Arrow icon (->)
• 3). There will be a prompt, just use the Dropdown (v)
• 4). Then find your corresponding Lib ranges. In this case, you can shorten the scroll from the prompt menu and select the memory region the lib exist. For example my lib can be found on (Xa) so click on the (Xa) button.
• 5). After choosing the right library, proceed to use (goto) function on the down right corner
• 6). Long click on the Address and you will led to yet another menu.
• 7). Choose "Offset Calculator" and put your offset in there. (without *0x)
• 8). Change the Value Formatting on the top right corner (under (=))
• 9). Tick the "h: Hex (little-endian) notation"
• 10). You can now see the hexes, just simply copy whatever hex you want to copy.

[brubbribo]

Thanks this does help, and when I was talking about how many hex to search I meant how many lines of hex do I need to get from the hex editor

[kiynox]

[ @brubbribo ]
---

Quote

I meant how many lines of hex do I need to get from the hex editor

Depends. Try to get at least 8 hex length first and search it on GG. Make sure that it doesn't have multiple result (make it unique). Once it's done, just correspondingly replace the hex with the edited one (Must also have the same length).
---