IDA Tutorial?

Androhacks_

Member
90
03/29/16
13
Thread Author
I've been looking for tutorials on modding .so files with IDA, and YES I did look at Twix's "Basic" tutorial, and it made 0 sense at all. For someone like me who's really new to IDA, the whole thread made absolutely no sense, especially without pictures.

If anyone could point me in the right direction or maybe even make a more noob-friendly tutorial on modding with IDA, I'd be very greatful.
 

NEMESIS

Advance Member
364
09/25/15
155
Thread Author
@Androhacks_, Twix said 12 03 A0 E3 is the highest value we can put in IDA
actually we can make it more higher than it by multipling it or adding it
and may be i can see why for us that tut cant be understandable or why its doesnt work for a game when we mod it. it because
12 03 A0 E3 in hex (4byte)
mov r0, #48000000 in IDA
is just like
ldc.4 [21xxxxxxxx] in Reflector
without end process / without *ret* function.
then ZEDjy come up with new tut and it explain another clue for the *ret* code. and it is
1E FF 2F E1 in hex (4byte)
70 47 in hex (2byte) <--- i know it from stelau4's comment in nullbyte's tread
=
BX LR in IDA
=
ret in Reflector

well that all already have their explanations in separate tread. i just re-write it and put in one comment :sweatsmile:
but i guess u already read them all so ifmay i know which else is u want to know?may be u want to make it more spesificcuz im still a beginner whith hack tools too
 
Last edited:

Androhacks_

Member
90
03/29/16
13
Thread Author
@Androhacks_, Twix said 12 03 A0 E3 is the highest value we can put in IDA
actually we can make it more higher than it by multipling it or adding it
and may be i can see why for us that tut cant be understandable or why its doesnt work for a game when we mod it. it because
12 03 A0 E3 in hex (4byte)
mov r0, #48000000 in IDA
is just like
ldc.4 [21xxxxxxxx] in Reflector
without end process / without *ret* function.
then ZEDjy come up with new tut and it explain another clue for the *ret* code. and it is
1E FF 2F E1 in hex (4byte)
70 47 in hex (2byte) <--- i know it from stelau4's comment in nullbyte's tread
=
BX LR in IDA
=
ret in Reflector

well that all already have their explanations in separate tread. i just re-write it and put in one comment :sweatsmile:
but i guess u already read them all so ifmay i know which else is u want to know?may be u want to make it more spesificcuz im still a beginner whith hack tools too

Well, take a game like summoner's war for example. Let's say it had assembly-csharp.dll and i was modding it in .net reflector, ok? Let's say that i found set_health and set attack, both are int32. So I'd delete all the values listed in those two, and replace them with ldc.i4 opcode, and a value of like 999999 right?

What I'm trying to achieve exactly, is when games/apps don't have the dll to modify, I can take the .so, put it into ida, find those values inside of ida, and modify them that way. The only problem is IDA seems to have weird terms, for example, minus ammo is "Triggerpull" it isn't simple as "Set_health" or set_damage.

Specifically, I want to learn how to identify the moddable parts of the .so in IDA, and how to actually modify the values with HxD.
 

icry4u

If you want an injection go to the doctor...!!!
Exclusive Modding Team
3,004
11/05/15
3,579
Thread Author
Well, take a game like summoner's war for example. Let's say it had assembly-csharp.dll and i was modding it in .net reflector, ok? Let's say that i found set_health and set attack, both are int32. So I'd delete all the values listed in those two, and replace them with ldc.i4 opcode, and a value of like 999999 right?

What I'm trying to achieve exactly, is when games/apps don't have the dll to modify, I can take the .so, put it into ida, find those values inside of ida, and modify them that way. The only problem is IDA seems to have weird terms, for example, minus ammo is "Triggerpull" it isn't simple as "Set_health" or set_damage.

Specifically, I want to learn how to identify the moddable parts of the .so in IDA, and how to actually modify the values with HxD.

can i know what game u r trying to mod? .... and learning IDA comes with practice .. try to take some games that modded and compare - re-mode .. and try again ... a bit harder than unity to understand but nothing impossible
 

Androhacks_

Member
90
03/29/16
13
Thread Author
can i know what game u r trying to mod? .... and learning IDA comes with practice .. try to take some games that modded and compare - re-mode .. and try again ... a bit harder than unity to understand but nothing impossible

Well, I was downloading games from the request section to try to practice, but that hasn't been working very well.

I was really focused on trying to mod Summoner's Legend, which is a rip off of summoner's war, but I don't think it has near as much security if any compared to Com2us games.
 

icry4u

If you want an injection go to the doctor...!!!
Exclusive Modding Team
3,004
11/05/15
3,579
Thread Author
Well as i said .. take some modded game so u be sure that it's mode-able .. compare and get the idea .. some games require more than just knowing the basics to mod them .. try to think out of the box let's say Damage ... search for anything related to it .. Power , force , Attack < ATK > , strength <STR> .. critical , Hit , damage < Dmg > this is for searching .. when it comes to actually modding it ... look for it's opcodes some are integers ...some float < Single in unity > ... some are double < ldc.r8 in unity > .. basically let's say u have an enemy damage << get_EnemyDamage ( int32 )

you would return an integer value so if it was like 2 bytes then it will be like this

mov r0 , #1 << arm instruction .. ( 0120 ) << arm instruction in hex value ( this is like ldc.i4 1 in unity )
bx lr << arm instruction .. ( 0120 ) << arm instruction in hex value ( this is like ret in unity )

these are some basics same goes to any function u want just play the game see what would be possible to mod.. HP , Mana , skill CD , skill damage , enemy movement < u would freeze them to get god mod sometimes ...

and there are boolean opcodes same as unity i.e IsEnemyCanAttack << return value of 0 which will make it false so enemies won't be able to attack = god mod

Just think out of the box .. don't hesitate to ask here i'm sure me or any of this community would love to help :)

Cheers and i hope this helps and sorry if i miss anything .. happy modding
 

icry4u

If you want an injection go to the doctor...!!!
Exclusive Modding Team
3,004
11/05/15
3,579
Thread Author
Ohh yeah there is also the Branches which is a little bit complicated not hard tho but just get the hang of these once u are confident then take the next step .. good luck
 

Androhacks_

Member
90
03/29/16
13
Thread Author
Ohh yeah there is also the Branches which is a little bit complicated not hard tho but just get the hang of these once u are confident then take the next step .. good luck

Thanks for the advice, I Appreciate it.
 

thehacker

New User
1
08/05/17
0
Thread Author
Hay guys modding in IDA is very easy but
when i am starting hacking with IDA pro it looks like very hard
so i am thinking that modding in IDA is impossible thing
but i have tried tried tried
if i mod any game in IDA after modding it is not opening
when it has not open i will be taking again a non-modded .so file
and trying to find the mistake i have done
do you know one thing i have failed 52 times in one game modding
after i have worked hard on the game again and again
i got i have done hacking my first after trying 52 times
then i have learned ARM assembly laungauge
whit that my work gone very very easy
now i can mod any .so file which have content in it

next coming to words that we have to find link
trigger,flot,get,dimonds,coin
like that and what is in you game you have so search that in some different way like
ammo=trigger
money=coin
and IDA modding is some hard
but if you want to be perfect
just try again and again
 
Top Bottom