Jump to content
Search In
  • More options...
Find results that contain...
Find results in...


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by maskman007

  1. Nice. Try this for the shorter version : wa s e -- 0xaddress
  2. try the full thing. Also pls send a screenshot if possible watchpoint set expression -- 0xaddress
  3. I can do that for the write. What's the error with watchpoints?
  4. Download link for the script: UPDATES**** [hide] https://www.dropbox.com/s/6xlvaasyw3xbztm/custom.py?dl=0 [/hide] Steps: Make a file .lldbinit in your home directory (.lldbinit is the first thing that lldb reads when it loads) do cd ~ to go to your home directory if you run as root then home dir = /var/root if you run without root home dir = /var/mobile Add the following to the file settings set target.load-cwd-lldbinit true command script import custom.py Place custom.py in /var/mobile (working directory) start lldb Commands: ASLR : get aslr slide set-bp -f 0xaddress : force breakpoint ***NEW set-bp 0xaddress : set breakpoint (ASLR added) write 0xaddress 0xvalue : write to memory, same as => memory write -s 4 0xaddress 0xvalue (address frorm lldb) write -f 0xaddress 0xvalue : write directly to IDA offset ***NEW convert -f 0xhexvalue : convert hex to 32 bit float value ***NEW convert -h floatValue : convert float to hex value ***NEW list-add -a 0xaddress functionName : save the address for future reference ***NEW list-add -r 0xaddress : remove address from the list ***NEW list-add -s : show all the saved addresses ***NEWe usage : for help! ***NEW get-adr 0xaddress : [get address - aslr], to find the IDA Address If there are any errors or problems then contact me asap. Also, comment down features you would like in to be added in the script
  5. Yes, you can, I haven't tried tho. However, u will 100% get banned cause cops put a ton of checks on most data classes
  6. you can just use IDA. IDA shows all the instance variables. But then u cant get an object of another class and modify it with IDA
  7. This is my Tweak.xm for criticalops. This is just for learning purposes. Don't compile this file into a hack, as you will 100% get banned. It is not injected with anti-cheat. If you want me to make a youtube video, let me know in the comments. [hide] #import <substrate.h> #import <mach-o/dyld.h> #import <string> #import <Foundation/Foundation.h> #import "writeData.h" #import <UIKit/UIKit.h> using namespace std; uint64_t getRealOffset(uint64_t offset){ return _dyld_get_image_vmaddr_slide(0)+offset; } void (*CharacterData_update)(void * update, float time, void * weaponDefData); void _CharacterData_update(void * update, float time, void * weaponDefData) { if(update && weaponDefData) { *(int *)((uint64_t)weaponDefData + 0x30) = 0; //buyprice 0x30 *(float *)((uint64_t)weaponDefData + 0x48) += 5.0f; //fireRate 0x48 (increase fireRate by 5.0) *(float *)((uint64_t)weaponDefData + 0x64) = 0.0f; //reloadTime 0x64 *(float *)((uint64_t)weaponDefData + 0xc4) = 0.0f; //recoilPerShot 0xc4 void * inaccuracy = *(void **)((uint64_t)weaponDefData + 0x80); //object to WeaponFactors class 0x80 if(inaccuracy) { //do something } } CharacterData_update(update, time, weaponDefData); } %hook UnityAppController - (void)applicationDidBecomeActive:(id)arg0 { MSHookFunction(((void*)getRealOffset(0x1001BE9E4)),(void *)_CharacterData_update, (void**)&CharacterData_update); %orig; }%end [/hide] Credits: @@maskman007
  8. This tutorial is for advance users who already has some knowledge about IDA hacking. Use this tutorial to hack games when u cant use il2cpp dumper to dump unity games. In the tutorial I hacked pubg and showed how to hack recoil and spread. If you have any questions pls comment down or dm me. [hide] https://www.youtube.com/watch?v=NzsWKoCVzR8[/hide] Credits: me
  9. You can use this code to add password protection to non jb iOS games/ipa hacks :talking: :talking: . Theos jailed installation guide : https://github.com/kabiroberai/theos-jailed/wiki/Installation [hide] #import <UIKit/UIKit.h> #import <substrate.h> #import <Foundation/Foundation.h> NSString * randomStringWithLength(int len); NSString * decoder(NSString* string); void callme(); UIAlertView *alert; NSUserDefaults *prefs; %hook UnityAppController NSString * n; NSString * str; - (BOOL)application:(id)fp8 didFinishLaunchingWithOptions:(id)fp12 { prefs = [NSUserDefaults standardUserDefaults]; NSString *isStringSet = [prefs stringForKey:@"isStringSet"]; if(![isStringSet isEqualToString:@"1"]) { n = randomStringWithLength(10); //string with size 10. You can keep it 15 or 20 }else { n = [prefs stringForKey:@"string"]; } NSString *myString = [prefs stringForKey:@"auth"]; if(![myString isEqualToString:@"legit"]) { alert = [[UIAlertView alloc] initWithTitle:@"Forward Assault by MaskMan" message:n delegate:self cancelButtonTitle:@"Thanks" otherButtonTitles:@"Visit Us", @"Follow MaskMan",nil]; alert.alertViewStyle = UIAlertViewStylePlainTextInput; [alert show]; } return %orig(); } %new -(void)alertView:(UIAlertView *)alertView clickedButtonAtIndex:(NSInteger)buttonIndex { prefs = [NSUserDefaults standardUserDefaults]; str = decoder(n); if(buttonIndex == 0) { if([[alertView textFieldAtIndex:0].text isEqual: str]) { [prefs setObject:@"legit" forKey:@"auth"]; }else { // Game will crash if Password is incorrect [NSTimer scheduledTimerWithTimeInterval:1.0 target:self selector:@selector(callme) userInfo:nil repeats:YES]; [prefs synchronize]; } }else if(buttonIndex == 1) { [[UIApplication sharedApplication] openURL:[NSURL URLWithString:@"https://www.iosmods.com/"]]; [NSTimer scheduledTimerWithTimeInterval:1.0 target:self selector:@selector(callme) userInfo:nil repeats:YES]; }else if(buttonIndex == 2) { [[UIApplication sharedApplication] openURL:[NSURL URLWithString:@"https://twitter.com/M4skM4n007"]]; [NSTimer scheduledTimerWithTimeInterval:1.0 target:self selector:@selector(callme) userInfo:nil repeats:YES]; } } void callme() { [alert show]; } NSString * randomStringWithLength(int len) { NSString *letters = @"abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ0123456789"; NSMutableString *randomString = [NSMutableString stringWithCapacity:len]; for (int i = 0; i < len; i++) { [randomString appendFormat:@"%C", [letters characterAtIndex:arc4random() % [letters length]]]; } prefs = [NSUserDefaults standardUserDefaults]; [prefs setObject:@"1" forKey:@"isStringSet"]; [prefs setObject:randomString forKey:@"string"]; [prefs synchronize]; return randomString; } NSString * decoder(NSString* string) { NSUInteger len = [string length]; NSString * nString = @"'"; for( int i = 0; i<len; i++) { /* I removed this code since people can use it to decode the String you can make your own String decoder here/add the logic. There are a couple of decoder codes on Google. */ } nString = [nString stringByAppendingString:@"'"]; return nString; } %end [/hide]
  • Create New...