Question about MOV

Sbenny.com is trusted by 1,326,362 happy users since 2014.
Register

bbwi

bbwi

~CMDR~
Member for 6 years
Hello,

I've been trying to mod this game for few days but nothing seems to work. Basically what I'm trying to mod is the energy which is the "currency" used in this game.
I used an Il2Cpp dumper to dump the .SO file and found this line:

private void OnProgressionPosted(bool isOutOfEnergy)

basically what I'm trying to do is to modify the function so it always returns 0 or false. I tried using MOV R0, #0 but nothing happens in the game.

This is what it looks like in IDA:

Code: 
.text:00C08E10                 STMFD           SP!, {R4-R7,R11,LR}
.text:00C08E14                 ADD             R11, SP, #0x10
.text:00C08E18                 MOV             R4, R0
.text:00C08E1C                 LDR             R0, =(_GLOBAL_OFFSET_TABLE_ - 0xC08E30)
.text:00C08E20                 LDR             R6, =0x63C64
.text:00C08E24                 MOV             R5, R1
.text:00C08E28                 ADD             R0, PC, R0 ; _GLOBAL_OFFSET_TABLE_
.text:00C08E2C                 ADD             R0, R6, R0
.text:00C08E30                 LDRB            R0, [R0,#(byte_15A245F - 0x15A2340)]
.text:00C08E34                 CMP             R0, #0
.text:00C08E38                 BNE             loc_C08E60
.text:00C08E3C                 LDR             R0, =(_GLOBAL_OFFSET_TABLE_ - 0xC08E4C)
.text:00C08E40                 LDR             R1, =0x532C
.text:00C08E44                 ADD             R7, PC, R0 ; _GLOBAL_OFFSET_TABLE_
.text:00C08E48                 LDR             R0, [R1,R7]
.text:00C08E4C                 LDR             R0, [R0]
.text:00C08E50                 BL              sub_1079B14
.text:00C08E54                 ADD             R0, R6, R7
.text:00C08E58                 MOV             R1, #1
.text:00C08E5C                 STRB            R1, [R0,#(byte_15A245F - 0x15A2340)]

alternatively, I found another line:

public bool get_hasEnoughEnergy()

and I tried to make it return 1 or true (using MOV) but it didn't work also

in IDA:

Code: 
.text:011195C4                 STMFD           SP!, {R4-R6,R10,R11,LR}
.text:011195C8                 ADD             R11, SP, #0x10
.text:011195CC                 MOV             R4, R0
.text:011195D0                 LDR             R0, =(_GLOBAL_OFFSET_TABLE_ - 0x11195E0)
.text:011195D4                 LDR             R5, =0x799A4
.text:011195D8                 ADD             R0, PC, R0 ; _GLOBAL_OFFSET_TABLE_
.text:011195DC                 ADD             R0, R5, R0
.text:011195E0                 LDRB            R0, [R0,#(byte_15B8094 - 0x15B8080)]
.text:011195E4                 CMP             R0, #0
.text:011195E8                 BNE             loc_1119610
.text:011195EC                 LDR             R0, =(_GLOBAL_OFFSET_TABLE_ - 0x11195FC)
.text:011195F0                 LDR             R1, =0x2914
.text:011195F4                 ADD             R6, PC, R0 ; _GLOBAL_OFFSET_TABLE_
.text:011195F8                 LDR             R0, [R1,R6]
.text:011195FC                 LDR             R0, [R0]
.text:01119600                 BL              sub_1079B14
.text:01119604                 ADD             R0, R5, R6
.text:01119608                 MOV             R1, #1
.text:0111960C                 STRB            R1, [R0,#(byte_15B8094 - 0x15B8080)]
I'm still a newbie to be honest so I'm not sure if I'm using MOV correctly in this context.

Any help is appreciated.
 
Sbenny

Sbenny

A crazy scientist
Staff member
Admin
SB Mod Squad ⭐
✔ Approved Releaser
Active User
It would be nice if you could post what you modified the function into, too. There are good chances you didn't modify it correctly, altough the instructions you used seems to be the right ones. Also, did you add the BX LR after the MOV R0, x?
 
bbwi

bbwi

~CMDR~
Member for 6 years
Thanks for the reply!

I added MOV at the start of the functions and I did use BX LR. This is what it looks like in IDA:

Code: 
.text:00C08E10                 MOV             R0, #0
.text:00C08E14                 BX              LR
.text:00C08E14 ; End of function sub_C08E10
.text:00C08E14
.text:00C08E18 ; ---------------------------------------------------------------------------
.text:00C08E18                 MOV             R4, R0
.text:00C08E1C                 LDR             R0, =(_GLOBAL_OFFSET_TABLE_ - 0xC08E30)
.text:00C08E20                 LDR             R6, =0x63C64
.text:00C08E24                 MOV             R5, R1
.text:00C08E28                 ADD             R0, PC, R0 ; _GLOBAL_OFFSET_TABLE_
.text:00C08E2C                 ADD             R0, R6, R0
.text:00C08E30                 LDRB            R0, [R0,#(byte_15A245F - 0x15A2340)]
.text:00C08E34                 CMP             R0, #0
.text:00C08E38                 BNE             loc_C08E60
.text:00C08E3C                 LDR             R0, =(_GLOBAL_OFFSET_TABLE_ - 0xC08E4C)
.text:00C08E40                 LDR             R1, =0x532C
.text:00C08E44                 ADD             R7, PC, R0 ; _GLOBAL_OFFSET_TABLE_
.text:00C08E48                 LDR             R0, [R1,R7]
.text:00C08E4C                 LDR             R0, [R0]
.text:00C08E50                 BL              sub_1079B14
.text:00C08E54                 ADD             R0, R6, R7
.text:00C08E58                 MOV             R1, #1
.text:00C08E5C                 STRB            R1, [R0,#(byte_15A245F - 0x15A2340)]
and for the second one:

Code: 
.text:011195C4                 MOV             R1, R0
.text:011195C8                 BX              LR
.text:011195C8 ; End of function sub_11195C4
.text:011195C8
.text:011195CC ; ---------------------------------------------------------------------------
.text:011195CC                 MOV             R4, R0
.text:011195D0                 LDR             R0, =(_GLOBAL_OFFSET_TABLE_ - 0x11195E0)
.text:011195D4                 LDR             R5, =0x799A4
.text:011195D8                 ADD             R0, PC, R0 ; _GLOBAL_OFFSET_TABLE_
.text:011195DC                 ADD             R0, R5, R0
.text:011195E0                 LDRB            R0, [R0,#(byte_15B8094 - 0x15B8080)]
.text:011195E4                 CMP             R0, #0
.text:011195E8                 BNE             loc_1119610
.text:011195EC                 LDR             R0, =(_GLOBAL_OFFSET_TABLE_ - 0x11195FC)
.text:011195F0                 LDR             R1, =0x2914
.text:011195F4                 ADD             R6, PC, R0 ; _GLOBAL_OFFSET_TABLE_
.text:011195F8                 LDR             R0, [R1,R6]
.text:011195FC                 LDR             R0, [R0]
.text:01119600                 BL              sub_1079B14
.text:01119604                 ADD             R0, R5, R6
.text:01119608                 MOV             R1, #1
.text:0111960C                 STRB            R1, [R0,#(byte_15B8094 - 0x15B8080)]
 
Sbenny

Sbenny

A crazy scientist
Staff member
Admin
SB Mod Squad ⭐
✔ Approved Releaser
Active User
In the second one you did MOV R1, R0 and not MOV R1, #0, so it's not returning false.

The first one instead seems to have been modified correctly, hope you're using HxD to edit the lib file because modifying a lib directly from IDA is a bad habit and can lead to several bugs such including corrupt files, this is why it's always strongly recommended to use IDA only to FIND offsets, and then a hex editor like HxD to MODIFY them.

Hope it helps.
 
bbwi

bbwi

~CMDR~
Member for 6 years
Oops sorry I was just about to edit that second one lol. But yeah I use Hex workshop to edit and IDA to find the offsets.
Hmm I have no idea what's wrong then. I'll keep looking for something else that can be modified.


Thanks though!
 
Sbenny

Sbenny

A crazy scientist
Staff member
Admin
SB Mod Squad ⭐
✔ Approved Releaser
Active User
It might be that they're not the right ones to modify then, try digging a bit more :) I'm sure you can do it.
 
Top