1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IL2CPP Games

Discussion in 'Tutorials' started by Fallschirmjäger, Oct 23, 2016.

  1. Fallschirmjäger

    Fallschirmjäger New Member

    Joined:
    Oct 19, 2016
    Messages:
    4
    Likes Received:
    7
    dontrread
    As your script kiddie fellow, i enjoy to read infosec and try it out my own environment. I have planned to write a tutorial about binary patching with radare2 on android this weekend. But something big is released, CVE-2016-5195 publicly disclosed. Attacks Linux kernel 2.6.22 and higher where mostly android kernel version at. So, i got a bit distracted, then playing with it and r2 (idea: What is the Dirty COW vulnerability and how does it impact mobile...). Thus, ended up forgot about the plan :p. Anyway, i decided to write about il2cpp a bit.​

    Introduction
    >What is il2cpp?
    From An introduction to IL2CPP internals – Unity Blog
    The technology that we refer to as IL2CPP has two distinct parts.
    • An ahead-of-time (AOT) compiler
    • A runtime library to support the virtual machine
    The AOT compiler translates Intermediate Language (IL), the low-level output from .NET compilers, to C++ source code. The runtime library provides services and abstractions like a garbage collector, platform-independent access to threads and files, and implementations of internal calls (native code which modifies managed data structures directly).​
    >Any support on this thread?
    No.

    Main Content
    0. The purpose is
    1. git clone/Download the source GitHub - Jumboperson/Il2CppDumper: Better version of https://github.com/Jumboperson/PokemonGoDumper
    2. Some important note before compiling
    Code:
    line 358
    // These two pointers are the first two arguments passed to il2cpp::vm::MetadataCache::Register in the libil2cpp.so binary.
    // Updating them manually should be fairly trivial, just find where il2cpp::vm::MetadataCache::Register is called and use the first two args for code and metadata respectively.
    pCodeRegistration = (Il2CppCodeRegistration*)MapVATR(0x14860F8, pLibIl2Cpp);
    pMetadataRegistration = (Il2CppMetadataRegistration*)MapVATR(0x14A7F78, pLibIl2Cpp);
    The comment is straight forward, i dont have to explain it.
    Code:
    line 381
    LoadMetadata("C:\\Projects\\Android\\PokeGo\\0.35.0\\assets\\bin\\Data\\Managed\\Metadata\\global-metadata.dat");
    Well, its obvious that you (may) have to change this.
    3. Compile.
    4. Run it with `progname.exe > blabla.cs` since the output is directly written to stdout.​

    After words
    Thanks to Pokemon Go massive development, the modding community isnt going to dead anytime soon(probably).
    Quote
    Code:
    [0x00000000]> fo
    -- This software comes with no brain included. Please use your own.

    Credits
    • John (JumboPerson) for his awesome Il2cpp dumper
    • Fallschirmjaeger

     
Loading...
  • About Us

    Android Republic - Android Game Hacks - Offering only the most advanced and exclusive android hacks, protections like Xigncode are easily bypassed by our team.

    Exclusive Android hacks, android protections cracked, only the best available games, here you will find only the best games such as Kritika, Summoners War, Raven, Dragon Striker, Avabel, Evil Bane, 7knights and seven knights, Darkness Reborn, Soul Seeker all fully hacked and waiting for you! easy xigncode and dxshield bypass too!, way better than alpha gamers or alphagamers no need for booster or root, simple the best android cheat apk available.