Can a group search be done for encrypted value or any other way to speed up the process?

[Sami1982]

Hello,

The value I need is encrypted.  So I perform a search on the exact value and I check the "value is encrypted" option. Then I do the usual decrease, refine....etc until I find the correct value. I know it's encrypted because if I don't use the "value is encrypted" option I can't find it.  My question is, how can I speed up or automate the process? Normally for a non-encrypted value I would perform a group search and then create a script and done. But unfortunately in this case the value is encrypted and once I type in my group search the "value is encrypted option" disappears. And no matter what I use for a group search does not find the value. So when I close and reopen the game I am forced to repeat the whole search then decrease then refine process every time which is time consuming. Any trick to speed up or automate this situation?  Thank you very much

Edited December 27, 2023 by Sami1982

[nok1a]

Does this only work on that dead trigger 2 version? If i used fuzzy search and decrease i get a float value. But im using last version because old version asked me to update.

And i still die even after freezing the value.

[Sami1982]

1 hour ago, nok1a said:

Does this only work on that dead trigger 2 version? If i used fuzzy search and decrease i get a float value. But im using last version because old version asked me to update.

And i still die even after freezing the value.

Thanks for trying I really appreciate the time and effort you are putting into this. I didn't try it on the latest version or using my good account because I didn't want to risk a ban. So I don't know to be honest if it only works on the version I am trying it on. The version I am trying it on is 1.5.1 and it's offline and it doesn't ask me to update. I can even turn off my internet completely and use it totally offline. If you'd like to try that version here is the link:

http://www.mediafire.com/file/nt83tt2wvjom7om/dead_trigger_2_hack.rar/file

All you have to do after installing it is set a new user name (it can be anything, e.g. "dead1234" for both the username and password) and allow storage permissions in the game's app settings. Thanks again

Edited January 2 by Sami1982

[nok1a]

2 hours ago, Sami1982 said:

Thanks for trying I really appreciate the time and effort you are putting into this. I didn't try it on the latest version or using my good account because I didn't want to risk a ban. So I don't know to be honest if it only works on the version I am trying it on. The version I am trying it on is 1.5.1 and it's offline and it doesn't ask me to update. I can even turn off my internet completely and use it totally offline. If you'd like to try that version here is the link:

http://www.mediafire.com/file/nt83tt2wvjom7om/dead_trigger_2_hack.rar/file

All you have to do after installing it is set a new user name (it can be anything, e.g. "dead1234" for both the username and password) and allow storage permissions in the game's app settings. Thanks again

Oke just asking but you said the value is encrypted but can you send me a screenshot of the health value you found, preferable in float data type.

[Sami1982]

1 hour ago, nok1a said:

Oke just asking but you said the value is encrypted but can you send me a screenshot of the health value you found, preferable in float data type.

Okay but the value is never the same after I restart the game. The screenshots are attached. I can also share a quick video of me finding the encrypted health value and demonstrating that it works if this helps. I just need a telegram or some other means of sharing as I tried posting a youtube link to an unlisted video here but it wouldn't allow me to do it.

Edited January 2 by Sami1982

[Sami1982]

6 hours ago, nok1a said:

The video would be helpful. In fact, when you find your health value can you run @Lover1500 his script:

Class name and Field offset searcher (#4udgq21d)

And send a screenshot of the prompt.

Okay the screenshot is attached.  I sent you a youtube link to an unlisted video in a private message because when I tried to post the link here it wouldn't allow me to do it. 

Thanks

Edited January 3 by Sami1982

[Sami1982]

13 minutes ago, nok1a said:

It's not on unlisted. It's on private. Ok thanks for providing the screenshot.

Oops. Sorry about that. I changed it to unlisted.  No thank YOU for trying to help me. 

[Sami1982]

23 minutes ago, nok1a said:

Weird. Installed the mod APK which was behaving really weird. I still could not find the value as you did using encrypted search. Do i have to search the value when i am in increasing my health with a medkit instead of when my health goes down? I found a health value using unknown search, it's possible the same as yours but if i edit it as you did "-9,999,999.0" the health value changes to 1. Do you always get a high health when you edit to 9999999 ?

Can you check if you go the address of the health value it looks like this? Are the pointers at the same distance from where the health value is located as the in the screenshots?

 

No, you don't need to increase your health with a medkit. You can decrease your health too if you want and it works as long as you don't die before you reach 10 or less values. But obviously if you're about to die and you still have a ton of results then you would naturally need to increase your health to be able to continue filtering for the correct value. By the way when taking damage, the value sometimes increases even though it should logically decrease and the opposite is true.  As such I only execute a "changed" scan.  Sometimes it gets glitchy and the only way I can find it is with an unknown search as you did.  You don't need to use -9,999,999.0.  You can simply freeze it.  No, I don't always get a high health when editing to -9,999,999.0.  Sometimes it randomly changes to 1 for me too as it did with you, in which case I simply just change it to -0.5 and that gives a high health.  And yes the pointers are at the same distance from the health value for me too.

8 minutes ago, nok1a said:

When changing last byte of the health value to -127 i get high health value.

 

 

"Personally i don't think it looks that simple to automate the process". Group search perhaps won't work.

Yeah unfortunately I had a feeling this would be the case. After my original post, the more I explored and the deeper I dug, the more evident it became to me that this wasn't going to be easily done through GG, if even at all possible.  I truly do appreciate your efforts and the time you have put into this to try to help me. Thanks a lot.

[Sami1982]

23 minutes ago, nok1a said:

I was thinking about pointer search. But not sure. Can you search the health value and select the 3 bytes and send a screenshot of the xor result. Like this.

 

 

Gladly!  I've attached them.  I was confused because you said "xor" but your screenshot was offset (or at least I felt that it was lol), so I took a screenshot of both just to be safe.

Edited January 3 by Sami1982

[Lenn1]

Have you tried doing a search in xor format? example the number of projectiles, health, stamina followed by "X12, X16...

150X12...

usually the encryption is found close to the key this way.

[nok1a]

2 hours ago, Sami1982 said:

Gladly!  I've attached them.  I was confused because you said "xor" but your screenshot was offset (or at least I felt that it was lol), so I took a screenshot of both just to be safe.

Ok, i can't work with that. Also i am experiencing problems with the modded APK. Like while i am searching values gameguardian can't find the process anymore.

Aside from that i installed the latest APK and finding health value was way more easy and more making it in a script should not be an issue. I just tested it and it works fine, even if it is encrypted because it has a metadata and libil2cpp.so.
The version 1.5.1 doesn't has a libil2cpp and still uses libmono and that's why it will be a struggle finding the right pointers. The pointers point to their own address instead of a metadata.

Does the modded APK gives you any type of benefits that the latest version does not give you?

Edited January 3 by nok1a

[nok1a]

2 hours ago, Lenn1 said:

Have you tried doing a search in xor format? example the number of projectiles, health, stamina followed by "X12, X16...

150X12...

usually the encryption is found close to the key this way.

In the new version there is a class named "CipherProvider".

I am using this class as pointer reference for the script.

The health value it self is part of the class Float:

I am not sure but i think in order to find out how the value works in the old version you have to investigate that class CipherProvider. To be honest madfinger games isn't really known to change anything to their encryption and normally they don't care.

Edited January 3 by nok1a
added more info and corrected screenshots

[Sami1982]

27 minutes ago, nok1a said:

Ok, i can't work with that. Also i am experiencing problems with the modded APK. Like while i am searching values gameguardian can't find the process anymore.

Aside from that i installed the latest APK and finding health value was way more easy and more making it in a script should not be an issue. I just tested it and it works fine, even if it is encrypted because it has a metadata and libil2cpp.so.
The version 1.5.1 doesn't has a libil2cpp and still uses libmono and that's why it will be a struggle finding the right pointers. The pointers point to their own address instead of a metadata.

Does the modded APK gives you any type of benefits that the latest version does not give you?

Wow, that's really awesome to hear!   

Being offline, the modded APK has the possibility to hack the gold so that I can instantly unlock any weapon without risking a ban.  With the latest version, it takes a long time to collect gold to unlock weapons.  I've already gradually unlocked all these weapons over the years legitimately using my good account and I don't want to risk a ban if I use GG.

[Sami1982]

3 hours ago, nok1a said:

In the new version there is a class named "CipherProvider".
 

I am using this class as pointer reference for the script.

The health value it self is part of the class Float:
 

I am not sure but i think in order to find out how the value works in the old version you have to investigate that class CipherProvider. To be honest madfinger games isn't really known to change anything to their encryption and normally they don't care.

Okay those screenshots look like a foreign language to me LOL. Is this DNS spy or something?  

 

Edited January 3 by Sami1982

[Sami1982]

4 hours ago, Lenn1 said:

Have you tried doing a search in xor format? example the number of projectiles, health, stamina followed by "X12, X16...

150X12...

usually the encryption is found close to the key this way.

              

Thanks for replying. I just tried this but did not succeed, unfortunately

[nok1a]

10 hours ago, Sami1982 said:

Okay those screenshots look like a foreign language to me LOL. Is this DNS spy or something?  

 

                "Have you tried doing a search in xor format? example the number of projectiles, health, stamina followed by "X12, X16...

                   150X12..."

                   usually the encryption is found close to the key this way."

I tried this but did not succeed, unfortunately

Just connecting dods that perhaps is useful for others.

Btw can you try as shown in the video?:

And on top of that also try this group search, its in region A, Ca or Cb...ranges changes at restart...could also be ranges Other actually: 327,684D;22D;28D;0D;33,554,931D::65

Edited January 4 by nok1a
Added the right ranges