Jump to content

Recommended Posts

Posted (edited)

I managed to do it using frida but using GG it seem like an impossible task or a skill issue the game is using some kind of encryption. So far this is class and offset
 

public class levelSelection : MonoBehaviour
{
	public bool unlockalllevel;
}

 

image.png

Edited by MAARS
Posted
On 3/30/2024 at 5:33 AM, MAARS said:

I managed to do it using frida but using GG it seem like an impossible task or a skill issue the game is using some kind of encryption. So far this is class and offset
 

public class levelSelection : MonoBehaviour
{
	public bool unlockalllevel;
}

 

image.png

I don't see any protection though. But thanks for posting the class. It avoided me dumping the game and made it no struggle for find. I dunno why field offset finder doesn't work, perhaps a script needs to be made. Offset 0x20

Posted
On 3/31/2024 at 9:22 PM, nok1a said:

I don't see any protection though. But thanks for posting the class. It avoided me dumping the game and made it no struggle for find. I dunno why field offset finder doesn't work, perhaps a script needs to be made. Offset 0x20

I don't know if encryption is the right word but. The memory is not disposed how it should be for a il2cpp game. Address are weird. That why any field offset finder won't work. I did manual search like for 3pmon until I gave up. Note since I had also Frida I used the exact runtime address with the goto tool with gg but that did not help at all the address lead somewhere that not the field offset 

Posted
48 minutes ago, MAARS said:

I don't know if encryption is the right word but. The memory is not disposed how it should be for a il2cpp game. Address are weird. That why any field offset finder won't work. I did manual search like for 3pmon until I gave up. Note since I had also Frida I used the exact runtime address with the goto tool with gg but that did not help at all the address lead somewhere that not the field offset 

So your not just performing pointer search on the class and then search the offset of the field?

Posted
On 3/30/2024 at 12:33 AM, MAARS said:

I managed to do it using frida but using GG it seem like an impossible task or a skill issue the game is using some kind of encryption. So far this is class and offset
 

public class levelSelection : MonoBehaviour
{
	public bool unlockalllevel;
}
 

 

image.png

Unrelated, but I'm trying to learn Frida myself. I know you have posted some youtube videos on the subject; is there any description you could give me or tutorial you could link to show me just how you did this? Props!

Posted (edited)
1 hour ago, MAARS said:

I don't know if encryption is the right word but. The memory is not disposed how it should be for a il2cpp game. Address are weird. That why any field offset finder won't work. I did manual search like for 3pmon until I gave up. Note since I had also Frida I used the exact runtime address with the goto tool with gg but that did not help at all the address lead somewhere that not the field offset 

I don't understand. What does disposing memory have to do with the memory layout?
Also, I have an idea for dynamically finding out the address, though I don't quite know how to do it myself. If you know the field offset, perhaps you could find a method that references the field by using a hex search or offset calculation, then navigate to the instruction that references the field? From that point, I believe that you could extract the offset from the assembly instruction - it would be relative to something, maybe an ldr or an instruction of the like - and then determine the field's address in memory. Just a suggestion; again, I don't have the experience to know if that would work.

1 hour ago, MAARS said:

The memory is not disposed how it should be for a il2cpp game. Address are weird.

Have you tried poking around in the dump using dnspy to find anything peculiar, such as an anticheat?

Edited by HorridModz
  • 2 weeks later...
Posted
On 3/30/2024 at 10:33 AM, MAARS said:

I managed to do it using frida but using GG it seem like an impossible task or a skill issue the game is using some kind of encryption. So far this is class and offset
 

public class levelSelection : MonoBehaviour
{
	public bool unlockalllevel;
}

 

image.png

Thanks 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.