📖 Tutorial How to hack Unity Android Games when there's no Assembly-Csharp.dll (libil2cpp.so method)

Sbenny.com is trusted by 1,312,971 happy users since 2014.
Register

Legacy

⭐???? ?? ??????⭐
Verified 18+ user
Member for 4 years
Yesterday I find out that the range is not limited on 1-2000 but you can also return more high value as long as you have 2 bytes hex. Like you can return 4000 , 16000 , 32000 , 64000 , 128000 , 512000 and so on. Also possible to return like 4128 , 4256 , 4512 , 4640 and so on.
Yep heres the full list of:

Code:
1 = 0000803F
2 = 00000040
4 = 00008040
8 = 00000041
16 = 00008041
32 = 00000042
64 = 00008042
128 = 00000043
256 = 00008043
512 = 00000044
1024 = 00008044
2048 = 00000045
4096 = 00008045
8192 = 00000046
16384 = 00008046
32768 = 00000047
65536 = 00008047
131072 = 00000048
262144 = 00008048
524288 = 00000049
1048576 = 00008049
2097152 = 0000004A
4194304 = 0000804A
8388608 = 0000004B
16777216 = 0000804B
33554432 = 0000004C
67108864 = 0000804C
134217728 = 0000004D
268435456 = 0000804D
536870912 = 0000004E
1073741824 = 0000804E
-2147483648 = 000000CF
 

Gourov

Dimitri Petrenko
✌️ Community Team
Member for 5 years
Yep heres the full list of:

Code:
1 = 0000803F
2 = 00000040
4 = 00008040
8 = 00000041
16 = 00008041
32 = 00000042
64 = 00008042
128 = 00000043
256 = 00008043
512 = 00000044
1024 = 00008044
2048 = 00000045
4096 = 00008045
8192 = 00000046
16384 = 00008046
32768 = 00000047
65536 = 00008047
131072 = 00000048
262144 = 00008048
524288 = 00000049
1048576 = 00008049
2097152 = 0000004A
4194304 = 0000804A
8388608 = 0000004B
16777216 = 0000804B
33554432 = 0000004C
67108864 = 0000804C
134217728 = 0000004D
268435456 = 0000804D
536870912 = 0000004E
1073741824 = 0000804E
-2147483648 = 000000CF
Thanks a lot man it will help me a lot 😍
 

Akee1224

Lurker Lv0️⃣
Member for 3 years
Hello,
I'm trying to figure out how to mod a game that has the global metadata files but no lib folder or libil2cpp. The version is 2018.3.11
I'm wondering is there another way, another poster mentioned mono (dll) files and was wondering if you could do a tutorial on this?
Thank you for your help!!
 

Sbenny

A crazy scientist
Staff member
Admin
SB Mod Squad ⭐
✔ Approved Releaser
Active User
If you're talking about split apk game files (.apks extension), the lib is usually in another .apk file inside that archive, holding all the libraries of the game.
 

Gourov

Dimitri Petrenko
✌️ Community Team
Member for 5 years
Hello,
I'm trying to figure out how to mod a game that has the global metadata files but no lib folder or libil2cpp. The version is 2018.3.11
I'm wondering is there another way, another poster mentioned mono (dll) files and was wondering if you could do a tutorial on this?
Thank you for your help!!
Try backing up the game with sai or LP and check whether it's apk or apks. If apks then as @Sbenny said,
If you're talking about split apk game files (.apks extension), the lib is usually in another .apk file inside that archive, holding all the libraries of the game.
Although I wander if the game last updated on 2018.3.11 then how come it's a apks tho. If I read that correctly apks was introduced on August 19.
 

Akee1224

Lurker Lv0️⃣
Member for 3 years
I'll check with LP but the game was updated a few days ago, it's ''Obey me'' but I used the way to check the unity version and this was shown?
1591606137549.png
 

Gourov

Dimitri Petrenko
✌️ Community Team
Member for 5 years
I'll check with LP but the game was updated a few days ago, it's ''Obey me'' but I used the way to check the unity version and this was shown?
View attachment 58397
My bad... I thought it was updated on 2018. Well then it's for sure apks. :)
 

bestkings

Lurker Lv0️⃣
Member for 3 years
I have another question.
Is possible store value from this adress then use at other adress? Or at this adress make load value from other adress
Example in C#
C#:
public int AAA()
{
   set {AAA= 1;}
}

public int BBB()
{
   set {BBB = AAA;}
}
I need that because want show some hidden values to screen
Thanks
 
Last edited:

teterpeter

Lurker Lv0️⃣
Member for 3 years
thanks for the detailed tutorial.
Il2cppdumper seems to work fine, but i can not see any function content, also not in dump.cs. what is the reason for that?
 

Legacy

⭐???? ?? ??????⭐
Verified 18+ user
Member for 4 years
thanks for the detailed tutorial.
Il2cppdumper seems to work fine, but i can not see any function content, also not in dump.cs. what is the reason for that?
It can be a possibility that the lib is encrypted. You have to manually memory dump it, use game guardian to do so.
 

czoesq

Lurker Lv0️⃣
Member for 3 years
This may not be the right place to ask, but I'm trying to mod My Singing Monsters: Dawn of Fire 2.3.1. It seems to use ARM64v8 instructions.

I tried to replace the getCoins() with example code (and then updated ARM64 code), however, it's a custom class I think (I don't know that much about unity code), so it kept freezing. It's in dump.cs as "public EntityStatic getCoins() { }" so I think it's looking for an EntityStatic return type, not int or long. Not sure how to structure that.

I was able to use IDA PRO to get to the offset of "public void SetCoins(long value) { } " and looked through the instructions. I learned that x0-x7 are often for arguments to the function, so I found a "MOV x20, x1" and replaced it with "Mov x20, #0xFFFF" and was able to get that many coins, success!

The game's better currency is Diamonds. Here's what IDA PRO says is in "public void SetDiamonds(long value) { }" though:

Code:
; __unwind {
.text:00000000008B5228 qword_8B5228    DCQ 0xE12FFF1EE3E004FF, 0xA9034FF4A90257F6, 0x910103FDA9047BFD
.text:00000000008B5228                                         ; CODE XREF: sub_8B50E8+D4↑p
.text:00000000008B5228                                         ; sub_8B76AC+20↓p ...
.text:00000000008B5228                 DCQ 0x394DCEA8F000E4F5, 0xAA0003F3AA0103F4, 0xF000DA08370000E8
.text:00000000008B5228                 DCQ 0xB9400100F9420D08, 0x320003E8944709F2, 0xF9414268390DCEA8
.text:00000000008B5228                 DCQ 0xAA1F03E0B50000C8, 0x2A1F03E2AA1F03E1, 0x9442F8E8AA1F03E3
.text:00000000008B5228                 DCQ 0xF941B508D000DB88, 0x39442808F9400100, 0xB940BC0836000088
.text:00000000008B5228                 DCQ 0x9447610735000048, 0xBD471D0090009A08, 0x90009A089E220281
.text:00000000008B5228                 DCQ 0x1E201820AA1F03E0, 0xAA1F03E1BD471501, 0x9434D9921E2E1002
.text:00000000008B5228                 DCQ 0xF000DA099000DA48, 0xF9452129F947D508, 0xF94001164EA01C08
.text:00000000008B5228                 DCQ 0x9447F404F9400120, 0xF9435908F000DB28, 0xAA1603E2AA1303E1
.text:00000000008B5228                 DCQ 0xF9400103AA0003F5, 0xF000DAA8942B33A5, 0xF9449D089000DB69
.text:00000000008B5228                 DCQ 0xF9400117F9422129, 0x9447F3F6F9400120, 0xF945B108D000DBA8
.text:00000000008B5228                 DCQ 0xAA1703E2AA1303E1, 0xF9400103AA0003F6, 0xB000DAE8942B3C8F
.text:00000000008B5228                 DCQ 0xF9400100F940A908, 0x3600008839442808, 0x35000048B940BC08
.text:00000000008B5228                 DCQ 0xAA1F03E0944760D8, 0xAA1503E1AA1F03E4, 0xAA1403E3AA1603E2
.text:00000000008B5228                 DCQ 0x942B9F3D4EA81D00, 0xF9476108D000DA88, 0x1E2021001E2A1000
.text:00000000008B5228                 DCQ 0xF9400103320003E9, 0xAA0003E1321F07E8, 0xAA1F03E01A884122
.text:00000000008B5228                 DCQ 0xAA0003F4940EB764, 0x9447BD89B5000053, 0xA9447BFDF9014274
.text:00000000008B5228                 DCQ 0xA94257F6A9434FF4, 0x6CC523E9A9415FF8
.text:00000000008B53D0 ; ---------------------------------------------------------------------------
.text:00000000008B53D0                 RET
.text:00000000008B53D0 ; } // starts at 8B5228
And I'm kind of stuck from here. "public EntityStatic getDiamonds() { }" looks like this:

Code:
sub_DA9BB8                              ; CODE XREF: sub_8B5B80+AC↑p
.text:0000000000DA9BB8                                         ; sub_8BFB08+148↑p ...
.text:0000000000DA9BB8
.text:0000000000DA9BB8 var_10          = -0x10
.text:0000000000DA9BB8 var_s0          =  0
.text:0000000000DA9BB8
.text:0000000000DA9BB8 ; __unwind {
.text:0000000000DA9BB8                 STP             X20, X19, [SP,#-0x10+var_10]!
.text:0000000000DA9BBC                 STP             X29, X30, [SP,#0x10+var_s0]
.text:0000000000DA9BC0                 ADD             X29, SP, #0x10
.text:0000000000DA9BC4                 ADRP            X20, #byte_2556E0B@PAGE
.text:0000000000DA9BC8                 LDRB            W8, [X20,#byte_2556E0B@PAGEOFF]
.text:0000000000DA9BCC                 MOV             X19, X0
.text:0000000000DA9BD0                 TBNZ            W8, #0, loc_DA9BEC
.text:0000000000DA9BD4                 ADRP            X8, #off_242F450@PAGE
.text:0000000000DA9BD8                 LDR             X8, [X8,#off_242F450@PAGEOFF]
.text:0000000000DA9BDC                 LDR             W0, [X8]
.text:0000000000DA9BE0                 BL              sub_1A77A28
.text:0000000000DA9BE4                 MOV             W8, #1
.text:0000000000DA9BE8                 STRB            W8, [X20,#byte_2556E0B@PAGEOFF]
.text:0000000000DA9BEC
.text:0000000000DA9BEC loc_DA9BEC                              ; CODE XREF: sub_DA9BB8+18↑j
.text:0000000000DA9BEC                 LDR             X19, [X19,#0x180]
.text:0000000000DA9BF0                 CBNZ            X19, loc_DA9BF8
.text:0000000000DA9BF4                 BL              sub_1AA49D8
.text:0000000000DA9BF8 ; ---------------------------------------------------------------------------
.text:0000000000DA9BF8
.text:0000000000DA9BF8 loc_DA9BF8                              ; CODE XREF: sub_DA9BB8+38↑j
.text:0000000000DA9BF8                 ADRP            X8, #off_23E8F20@PAGE
.text:0000000000DA9BFC                 LDR             X8, [X8,#off_23E8F20@PAGEOFF]
.text:0000000000DA9C00                 MOV             X0, X19
.text:0000000000DA9C04                 LDR             X1, [X8]
.text:0000000000DA9C08                 LDP             X29, X30, [SP,#0x10+var_s0]
.text:0000000000DA9C0C                 LDP             X20, X19, [SP+0x10+var_10],#0x20
.text:0000000000DA9C10                 B               sub_11F3A6C
.text:0000000000DA9C10 ; } // starts at DA9BB8
.text:0000000000DA9C10 ; End of function sub_DA9BB8
I haven't found out what to hijack here to max out diamonds. Anyone have any guidance?
 

Legacy

⭐???? ?? ??????⭐
Verified 18+ user
Member for 4 years
How about you search for a function that effectively decreases the value of coins instead of directly modifying the getdiamonds function? You could change the decrease function to an increase one.
Post automatically merged:

This may not be the right place to ask, but I'm trying to mod My Singing Monsters: Dawn of Fire 2.3.1. It seems to use ARM64v8 instructions.

I tried to replace the getCoins() with example code (and then updated ARM64 code), however, it's a custom class I think (I don't know that much about unity code), so it kept freezing. It's in dump.cs as "public EntityStatic getCoins() { }" so I think it's looking for an EntityStatic return type, not int or long. Not sure how to structure that.

I was able to use IDA PRO to get to the offset of "public void SetCoins(long value) { } " and looked through the instructions. I learned that x0-x7 are often for arguments to the function, so I found a "MOV x20, x1" and replaced it with "Mov x20, #0xFFFF" and was able to get that many coins, success!

The game's better currency is Diamonds. Here's what IDA PRO says is in "public void SetDiamonds(long value) { }" though:

Code:
; __unwind {
.text:00000000008B5228 qword_8B5228    DCQ 0xE12FFF1EE3E004FF, 0xA9034FF4A90257F6, 0x910103FDA9047BFD
.text:00000000008B5228                                         ; CODE XREF: sub_8B50E8+D4↑p
.text:00000000008B5228                                         ; sub_8B76AC+20↓p ...
.text:00000000008B5228                 DCQ 0x394DCEA8F000E4F5, 0xAA0003F3AA0103F4, 0xF000DA08370000E8
.text:00000000008B5228                 DCQ 0xB9400100F9420D08, 0x320003E8944709F2, 0xF9414268390DCEA8
.text:00000000008B5228                 DCQ 0xAA1F03E0B50000C8, 0x2A1F03E2AA1F03E1, 0x9442F8E8AA1F03E3
.text:00000000008B5228                 DCQ 0xF941B508D000DB88, 0x39442808F9400100, 0xB940BC0836000088
.text:00000000008B5228                 DCQ 0x9447610735000048, 0xBD471D0090009A08, 0x90009A089E220281
.text:00000000008B5228                 DCQ 0x1E201820AA1F03E0, 0xAA1F03E1BD471501, 0x9434D9921E2E1002
.text:00000000008B5228                 DCQ 0xF000DA099000DA48, 0xF9452129F947D508, 0xF94001164EA01C08
.text:00000000008B5228                 DCQ 0x9447F404F9400120, 0xF9435908F000DB28, 0xAA1603E2AA1303E1
.text:00000000008B5228                 DCQ 0xF9400103AA0003F5, 0xF000DAA8942B33A5, 0xF9449D089000DB69
.text:00000000008B5228                 DCQ 0xF9400117F9422129, 0x9447F3F6F9400120, 0xF945B108D000DBA8
.text:00000000008B5228                 DCQ 0xAA1703E2AA1303E1, 0xF9400103AA0003F6, 0xB000DAE8942B3C8F
.text:00000000008B5228                 DCQ 0xF9400100F940A908, 0x3600008839442808, 0x35000048B940BC08
.text:00000000008B5228                 DCQ 0xAA1F03E0944760D8, 0xAA1503E1AA1F03E4, 0xAA1403E3AA1603E2
.text:00000000008B5228                 DCQ 0x942B9F3D4EA81D00, 0xF9476108D000DA88, 0x1E2021001E2A1000
.text:00000000008B5228                 DCQ 0xF9400103320003E9, 0xAA0003E1321F07E8, 0xAA1F03E01A884122
.text:00000000008B5228                 DCQ 0xAA0003F4940EB764, 0x9447BD89B5000053, 0xA9447BFDF9014274
.text:00000000008B5228                 DCQ 0xA94257F6A9434FF4, 0x6CC523E9A9415FF8
.text:00000000008B53D0 ; ---------------------------------------------------------------------------
.text:00000000008B53D0                 RET
.text:00000000008B53D0 ; } // starts at 8B5228
And I'm kind of stuck from here. "public EntityStatic getDiamonds() { }" looks like this:

Code:
sub_DA9BB8                              ; CODE XREF: sub_8B5B80+AC↑p
.text:0000000000DA9BB8                                         ; sub_8BFB08+148↑p ...
.text:0000000000DA9BB8
.text:0000000000DA9BB8 var_10          = -0x10
.text:0000000000DA9BB8 var_s0          =  0
.text:0000000000DA9BB8
.text:0000000000DA9BB8 ; __unwind {
.text:0000000000DA9BB8                 STP             X20, X19, [SP,#-0x10+var_10]!
.text:0000000000DA9BBC                 STP             X29, X30, [SP,#0x10+var_s0]
.text:0000000000DA9BC0                 ADD             X29, SP, #0x10
.text:0000000000DA9BC4                 ADRP            X20, #byte_2556E0B@PAGE
.text:0000000000DA9BC8                 LDRB            W8, [X20,#byte_2556E0B@PAGEOFF]
.text:0000000000DA9BCC                 MOV             X19, X0
.text:0000000000DA9BD0                 TBNZ            W8, #0, loc_DA9BEC
.text:0000000000DA9BD4                 ADRP            X8, #off_242F450@PAGE
.text:0000000000DA9BD8                 LDR             X8, [X8,#off_242F450@PAGEOFF]
.text:0000000000DA9BDC                 LDR             W0, [X8]
.text:0000000000DA9BE0                 BL              sub_1A77A28
.text:0000000000DA9BE4                 MOV             W8, #1
.text:0000000000DA9BE8                 STRB            W8, [X20,#byte_2556E0B@PAGEOFF]
.text:0000000000DA9BEC
.text:0000000000DA9BEC loc_DA9BEC                              ; CODE XREF: sub_DA9BB8+18↑j
.text:0000000000DA9BEC                 LDR             X19, [X19,#0x180]
.text:0000000000DA9BF0                 CBNZ            X19, loc_DA9BF8
.text:0000000000DA9BF4                 BL              sub_1AA49D8
.text:0000000000DA9BF8 ; ---------------------------------------------------------------------------
.text:0000000000DA9BF8
.text:0000000000DA9BF8 loc_DA9BF8                              ; CODE XREF: sub_DA9BB8+38↑j
.text:0000000000DA9BF8                 ADRP            X8, #off_23E8F20@PAGE
.text:0000000000DA9BFC                 LDR             X8, [X8,#off_23E8F20@PAGEOFF]
.text:0000000000DA9C00                 MOV             X0, X19
.text:0000000000DA9C04                 LDR             X1, [X8]
.text:0000000000DA9C08                 LDP             X29, X30, [SP,#0x10+var_s0]
.text:0000000000DA9C0C                 LDP             X20, X19, [SP+0x10+var_10],#0x20
.text:0000000000DA9C10                 B               sub_11F3A6C
.text:0000000000DA9C10 ; } // starts at DA9BB8
.text:0000000000DA9C10 ; End of function sub_DA9BB8
I haven't found out what to hijack here to max out diamonds. Anyone have any guidance?
Also execute the script.json generated by il2cppdumper in IDA so IDA loads all appropiate function names. That way you can see local variables better and also see which functions are being called inside the function you are looking for.
 

badreddine7

Lurker Lv0️⃣
Member for 3 years
i've done everything . and the game is moded now in my emulator (Memu) . But when i try to install it in my android device it says "App not installed".
Can you help me please, i searched a solution but i couldn't succed.
 

Gourov

Dimitri Petrenko
✌️ Community Team
Member for 5 years
i've done everything . and the game is moded now in my emulator (Memu) . But when i try to install it in my android device it says "App not installed".
Can you help me please, i searched a solution but i couldn't succed.
You signed the app ?
 

Legacy

⭐???? ?? ??????⭐
Verified 18+ user
Member for 4 years
i've done everything . and the game is moded now in my emulator (Memu) . But when i try to install it in my android device it says "App not installed".
Can you help me please, i searched a solution but i couldn't succed.
As Gourov has already mentioned, check wether you have signed the APK or not. If not, you can sign it using the same software you used to decompile the APK. Additionally, you can also install a signer app on your phone and sign the apk from the app.

Or

If you have setup adb on your computer then try installing the app on your mobile using adb. Make sure you have enabled usb debugging enabled under developer settings on your phone.

Installing with adb will help you troubleshoot problem better as faliure in installation would result in the error reason being shown which will help you find out the problem.
Post automatically merged:

Its also worth mentioning that the reason why your APK successfully installed on your emulator (Memu in this case) is because Memu has the ability to install unsigned APKs, something which can also be achieved on a rooted phone.
 
Last edited:

Eamnthes

Lurker Lv0️⃣
Member for 3 years
Hello,
i am trying to mod the game "Among us" since i only play it with freinds and we would like to change some minor settings like beeing able to have only one impostor at 7 players or other minor number tweaks.
There is no "Managed" folder which is why i am here. The global metadata files are there but no lib folder or libil2cpp. So as you said this is probabdly an apks.

If you're talking about split apk game files (.apks extension), the lib is usually in another .apk file inside that archive, holding all the libraries of the game.
I dont quiet get what you mean with "that archive".
I got some dlls and the game data folder.
in the game data folder are the assets, resources etc as usall und the folders: il2cpp_data, plugins, and resources.

Plugins and resources are realtively useless for us and the il2cpp_data has the folder "etc." (which contains some weird type of mono subfolders and data), metadata and resources
metadata obviusly contains the global metadata and resources contains the mscorlib.dll-resources.dat

So i guess this is the library you are talking about mscorlib.dll-resources.dat since there are no other files that come at least close to the lib folder or libil2cpp. Ther also is no apk file at all.
For context: I am trying to mod the unity based game from steam. This game also is a mobile game but i am working on the pc version.
The unity version is 4.0 (or 1.0 according to the config.xml in the mono mconfig folder) i believe and the game version 2019.3.15

But this is where i get stuck. As you can probably tell i am completley new to modding so i excuse in advance if i just missed a simple point.

Edit: I realised that i dont have an apk because i have an exe since i am on pc... but my question still remains.
I also found in my research that the game was written in somethung like c++ or c (but this is only an asumption)
 
Last edited:

AndroiDragon

Lurker Lv0️⃣
Member for 4 years
hei guys,

I was looking for someone who could help me out with returning a FLOAT Value, high and low / nothing
for INT I use 12 07 80 E3 1E FF 2F E1 and 00 or 01 00 A0 E3 1E FF 2F E1
I am basic noob, i dont have coding knowledge or assembly/ARM experience.

I saw post number 59,60 and 61.
Do I have to convert that values/string now with the converter you guys posted/ linkd ? I've never used them before
would really appreciate it if someone could help me out to understand it or lead me a bit.

thanks,
 

Gourov

Dimitri Petrenko
✌️ Community Team
Member for 5 years
hei guys,

I was looking for someone who could help me out with returning a FLOAT Value, high and low / nothing
for INT I use 12 07 80 E3 1E FF 2F E1 and 00 or 01 00 A0 E3 1E FF 2F E1
I am basic noob, i dont have coding knowledge or assembly/ARM experience.

I saw post number 59,60 and 61.
Do I have to convert that values/string now with the converter you guys posted/ linkd ? I've never used them before
would really appreciate it if someone could help me out to understand it or lead me a bit.

thanks,
I basically use this site for Armv7 ... IEEE-754 Floating-Point Conversion from Floating-Point to Hexadecimal .

Here on Decimal float point box put your desire float value (1 -2000 , You can use way much bigger number than 2000 but it needs a little advance knowledge) and hit rounded/non-rounded. Now you will see the Hex value of it (Must be like abcd0000).
Screenshot_23.png

You only need first 4 byte of it. In that case Hex is 44FA0000 , what we need is 44FA.
Now use MOVT Instruction .
Like ....
Code:
Movt r0 ,#0x44FA
if you need S register you can use like ....
Code:
Movt r0 ,#0x44FA
Vmov s0, r0
or Can use ....
Code:
Vmov.f32 s0, #28.0  (Max 31)
 

Legacy

⭐???? ?? ??????⭐
Verified 18+ user
Member for 4 years
Hello,
i am trying to mod the game "Among us" since i only play it with freinds and we would like to change some minor settings like beeing able to have only one impostor at 7 players or other minor number tweaks.
There is no "Managed" folder which is why i am here. The global metadata files are there but no lib folder or libil2cpp. So as you said this is probabdly an apks.



I dont quiet get what you mean with "that archive".
I got some dlls and the game data folder.
in the game data folder are the assets, resources etc as usall und the folders: il2cpp_data, plugins, and resources.

Plugins and resources are realtively useless for us and the il2cpp_data has the folder "etc." (which contains some weird type of mono subfolders and data), metadata and resources
metadata obviusly contains the global metadata and resources contains the mscorlib.dll-resources.dat

So i guess this is the library you are talking about mscorlib.dll-resources.dat since there are no other files that come at least close to the lib folder or libil2cpp. Ther also is no apk file at all.
For context: I am trying to mod the unity based game from steam. This game also is a mobile game but i am working on the pc version.
The unity version is 4.0 (or 1.0 according to the config.xml in the mono mconfig folder) i believe and the game version 2019.3.15

But this is where i get stuck. As you can probably tell i am completley new to modding so i excuse in advance if i just missed a simple point.

Edit: I realised that i dont have an apk because i have an exe since i am on pc... but my question still remains.
I also found in my research that the game was written in somethung like c++ or c (but this is only an asumption)
@Eamnthes The game can be modded using IDA Pro, are you familiar with IDA Environment?
 

AndroiDragon

Lurker Lv0️⃣
Member for 4 years
Thank You very much :giggle:
yea I saw somewhere that I need the S register.

just give me few mins, I need to test something before I ask another stupid question :p

[EDiT]
so this is the original one fro mthe game,
00 10 A0 E3 8C 7C F5 EA

so what I want would be this ? :unsure:
10 0A 00 EE 8C 7C F5 EA
 
Last edited:
Top