我已经准备好代码只想修改 /为了直接更改指定地址 / 我不希望他进行搜索

DLG PUBG MOPILE

PUBGM–master

我有这个,它可以不越狱

它没有问题

我只想在地址中添加直接编辑功能

这样的代码

[OffsetPatcher patchOffset:0x100F99E58 withData:0xC0035FD6];

(我的要求就是修改此代码(直接修改)

// [alertxxxxxxxxxxxxx addButton:@“يد طويلة” actionBlock:^(SCLButton *button) {
//
// if ([self.delegate respondsToSelector:@selector(DLGMemUISearchValue:type:comparison:)]) {
// self.dlgmemvalueKind = DLGMemValueTypechaojijiashu;
// NSString *value = @“4542111535061997269”;
// if (value.length == 0) return;
// DLGMemValueType type = DLGMemValueTypeUnsignedLong;
// DLGMemComparison comparison = DLGMemComparisonEQ;
// // dispatch_async(dispatch_get_global_queue(0, 0), ^{
// [self.delegate DLGMemUISearchValue:value type:type comparison:comparison];
// // });
// }

We’d prefer English if you use Google translate for Chinese

What?

我懂你意思,他是想用偏移动态修改基址!

1 个赞

[chuchu123]
我懂你意思,他是想用偏移动态修改基址!

yaaaaah

Such code

[OffsetPatcher patchOffset:0x100F44E58 withData:0xC0035FD6];

It works without jailbreak no jailbreak ( dlg god) But I want to amend it and make it directly amend the address-

(Going to>> Offset) Then change the displacement >> patch
Offset = 0x100F44E58

patch = 0xC0035FD6

I cannot write to this forum because my membership is new. Is there a solution to my problem with the discussion?

You can modify the binary file to achieve your purpose, you can use a hex editor

I know the amendment to the file, but I don’t want that
I want to add a direct change order to the Offset only


Just like in Source Code dlg
for (int index=0; index<self.chainCount; index++)
{
search_result_t result = chainArray[index];
NSString *address = [NSString stringWithFormat:@"%llX", result->address];
if ([self.delegate respondsToSelector:@selector(DLGMemUIModifyValue:address:type:)]) {
DLGMemValueType type = DLGMemValueTypeUnsignedLong;
[self.delegate DLGMemUIModifyValue:@“5292894979034305258” address:address type:type];
}
}
}


Instead of searching

I want him to direct direct modification to Offset

#import “MemoryPatcher.h”
#include <mach-o/dyld.h>
#include <mach/mach.h>
#import <objc/runtime.h>
typedef struct{
uint64_t address;
size_t size;
uint64_t value;
}MemoryRestore;

typedef struct{
uint64_t offests;
uint64_t bytes;
MemoryRestore restore;
}Patch;

Patch Patch1;

@implementation NSObject (hook)

+(void)load{

dispatch_after(dispatch_time(DISPATCH_TIME_NOW, (int64_t)(3 * NSEC_PER_SEC)), dispatch_get_main_queue(), ^{
    //构造一个Patch
    MemoryRestore orig_value;
    orig_value.address = 0;
    orig_value.size = 0;
    orig_value.value = 0;
    
    Patch1.offests = 0x101D95DA0;
    Patch1.bytes = 0xD65F03C0;
    Patch1.restore = orig_value;
    
    //添加Switch
    UISwitch *mySwitch = [[UISwitch alloc] initWithFrame:CGRectMake(100, 100, 100, 30)];
    mySwitch.on = NO;
    mySwitch.tintColor = [UIColor redColor];
    mySwitch.onTintColor = [UIColor blackColor];
    mySwitch.thumbTintColor = [UIColor blueColor];
    [mySwitch addTarget:self action:@selector(valueChanged:) forControlEvents:(UIControlEventValueChanged)];
    [[UIApplication sharedApplication].keyWindow addSubview:mySwitch];
    MemoryPatch2_64(0x101C4E020,0xD65F03C01E37F000);
    MemoryPatch2(0x101C22738,0xD65F03C0);
    MemoryPatch2(0x101D96384,0x1E2703E1);
    MemoryPatch2(0x1021C81FC,0xD65F03C0);
    MemoryPatch2(0x101D9638C,0x1E2703E0);
    MemoryPatch2(0x103A43138,0xD503201F);
    
    
});

}

  • (void)valueChanged:(UISwitch *)swi{

    if(swi.isOn){
    //启用Patch
    PatchEnabled(Patch1.offests,Patch1.bytes,&Patch1.restore);
    }else{
    //恢复内存
    PatchDisabled(&Patch1.restore);
    }

}
void MemoryRestored(MemoryRestore *restore);
void MemoryPatch(uint64_t TargetAddr,uint32_t Bytes,MemoryRestore *orig_value);
void MemoryPatch2(uint64_t TargetAddr,uint32_t Bytes);
void MemoryPatch64(uint64_t TargetAddr,uint64_t Bytes,MemoryRestore *orig_value);
void MemoryPatch2_64(uint64_t TargetAddr,uint64_t Bytes);
void PatchEnabled(uint64_t TargetAddr,uint64_t Bytes,MemoryRestore *orig_value);
void PatchDisabled(MemoryRestore *restore);

void PatchDisabled(MemoryRestore *restore){

MemoryRestored(restore);

}

void MemoryRestored(MemoryRestore *restore){

int result = vm_protect(mach_task_self(),(vm_address_t)restore->address,restore->size,0,19);
NSLog(@"------restore.address is %0llX\nrestore value is %llX",restore->address,restore->value);
memcpy((void *)restore->address,&restore->value,restore->size);
result = vm_protect(mach_task_self(),(vm_address_t)restore->address,restore->size,0,VM_PROT_READ | VM_PROT_EXECUTE);
NSLog(@"-----Restored Successfully");

}

void PatchEnabled(uint64_t TargetAddr,uint64_t Bytes,MemoryRestore *orig_value){
if(Bytes <= 0xFFFFFFFF){

MemoryPatch(TargetAddr,(uint32_t)Bytes,orig_value);

}else{

MemoryPatch64(TargetAddr,Bytes,orig_value);

}

}

void MemoryPatch(uint64_t TargetAddr,uint32_t Bytes,MemoryRestore *orig_value){

uint64_t ASLR = _dyld_get_image_vmaddr_slide(0);
uint64_t real_address = TargetAddr + ASLR;
orig_value->size = sizeof(uint32_t);
int result = vm_protect(mach_task_self(),(vm_address_t)real_address,orig_value->size,0,19);
orig_value->address = real_address;
orig_value->value = *((uint32_t *)real_address);
NSLog(@"--------orig_value is %llX",orig_value->value);
*((uint32_t *)real_address) = Bytes;
NSLog(@"--------modfied into %08X",*((uint32_t *)real_address));
result = vm_protect(mach_task_self(),(vm_address_t)real_address,orig_value->size,0,VM_PROT_READ | VM_PROT_EXECUTE);

}
void MemoryPatch64(uint64_t TargetAddr,uint64_t Bytes,MemoryRestore *orig_value){

uint64_t ASLR = _dyld_get_image_vmaddr_slide(0);
uint64_t real_address = TargetAddr + ASLR;
orig_value->size = sizeof(uint64_t);
int result = vm_protect(mach_task_self(),(vm_address_t)real_address,orig_value->size,0,19);
orig_value->address = real_address;
orig_value->value = *((uint64_t *)real_address);
NSLog(@"--------orig_value is %0llX",orig_value->value);
*((uint64_t *)real_address) = Bytes;
NSLog(@"--------modfied into %0llX",*((uint64_t *)real_address));
result = vm_protect(mach_task_self(),(vm_address_t)real_address,orig_value->size,0,VM_PROT_READ | VM_PROT_EXECUTE);

}

void MemoryPatch2_64(uint64_t TargetAddr,uint64_t Bytes){

uint64_t ASLR = _dyld_get_image_vmaddr_slide(0);
uint64_t real_address = TargetAddr + ASLR;
int result = vm_protect(mach_task_self(),(vm_address_t)real_address,sizeof(uint64_t),0,19);
NSLog(@"--------orig_value is %llX",*((uint64_t *)real_address));
*((uint64_t *)real_address) = Bytes;
NSLog(@"--------modfied into %0llX",*((uint64_t *)real_address));
result = vm_protect(mach_task_self(),(vm_address_t)real_address,sizeof(uint64_t),0,VM_PROT_READ | VM_PROT_EXECUTE);

}

void MemoryPatch2(uint64_t TargetAddr,uint32_t Bytes){

uint64_t ASLR = _dyld_get_image_vmaddr_slide(0);
uint64_t real_address = TargetAddr + ASLR;
int result = vm_protect(mach_task_self(),(vm_address_t)real_address,sizeof(uint32_t),0,19);
NSLog(@"--------orig_value is %08X",*((uint32_t *)real_address));
*((uint32_t *)real_address) = Bytes;
NSLog(@"--------modfied into %08X",*((uint32_t *)real_address));
result = vm_protect(mach_task_self(),(vm_address_t)real_address,sizeof(uint32_t),0,VM_PROT_READ | VM_PROT_EXECUTE);

}

@end

are you ok?

1 个赞

You are a nice person and I love you

Does this work without JAILBREAK no jb ??

Let me tell you, if you use it to avoid jailbreak, but the game will detect that you are an unofficial application.

You must be an expert in circumventing corporate protection to know this well


what you have sent work like dlg source

Without jailbreak no jailbreak ?

My project works closely with jailbreak without any problems
DLG and KittyMemory


But my whole problem is that I could not modify the code to be without jailbreak (direct displacement change)

In the DLG-DeviLeo project

So I rented a DLG project

It works fine for me DLGMemor - DeviLeo without jailbreak

However, I just needed to modify the DLGMemor project itself to make a direct change to the title

Without any research

  1. There is no problem in jailbreaking your project, kittymemory can only be used for jailbreaking, and the address of the patch command is currently free of jailbreaking!
  2. Why avoid jailbreak? Do you want to avoid the 10-minute ban?

yaaah Pro

I don’t care about the jailbreak
I would love to work on without a jailbreak
I just want to fix this, which is the direct change of address in the dlg project without jailbreak

Can you add me to the telegram?

没问题。。

Send me a special

ma telegram name chuchu123123