Tutorial date: December 4, 2015
Have "ptrace: Operation not permitted" error when you try to debug a game using GDB? Follow these steps
"PID" stands for Process ID
The game is EDEN Avalon Legends (th.co.tdp.eden).
Turn off the Advanced Task Killer app, if it is running.
Open the game, and press the HOME button to minimize the game.
Type
to view all running processes.
Take note of the number next to "pid" (PID stands for "Process ID" and changes everytime a process starts). In my example, I'll take note of the number "383".
Now, using the PID you just noted, type:
Example:
This will give a list of clones of the main PID and depending on the game, can attach to it regardless of if ptrace is denying the main process id (PID), if that makes sense.
Attach to a clone of the process
Example:
The symbols are loaded which means the game is debugged
Dump as normal with gcore
Do not worry about any warnings like these you may read in the Terminal app:
Extract the DLL file as normal with cracked Winhex
Proof:
But EDEN Avalon Legends will not run if you replace the modded DLL file, due to crc32 check.
Note: Games such as GrandChase M doesnt work. Even the clones found through "ls -l" still deny ptrace it basically depends on the securty the game has but its good info and you never know what seems a really hard game might just work as did avalon legends which like 4 i know are trying to bypass ptrace for
Credits:
@Antiklor (For helping me with ptrace bypass)
@AndnixSH (Making this tutorial)
Have "ptrace: Operation not permitted" error when you try to debug a game using GDB? Follow these steps
"PID" stands for Process ID
The game is EDEN Avalon Legends (th.co.tdp.eden).
Turn off the Advanced Task Killer app, if it is running.
Open the game, and press the HOME button to minimize the game.
Type
Code:
dumpsys meminfoTake note of the number next to "pid" (PID stands for "Process ID" and changes everytime a process starts). In my example, I'll take note of the number "383".
Now, using the PID you just noted, type:
Code:
ls -l /proc/<gamepid>/task/
Code:
ls -l /proc/4492/task/Attach to a clone of the process
Code:
gdb -pid xxxxx
Code:
gdb -pid 4546The symbols are loaded which means the game is debugged
Dump as normal with gcore
Code:
gcore /sdcard/DUMPEDFILEExtract the DLL file as normal with cracked Winhex
Proof:
But EDEN Avalon Legends will not run if you replace the modded DLL file, due to crc32 check.
Note: Games such as GrandChase M doesnt work. Even the clones found through "ls -l" still deny ptrace it basically depends on the securty the game has but its good info and you never know what seems a really hard game might just work as did avalon legends which like 4 i know are trying to bypass ptrace for
Credits:
@Antiklor (For helping me with ptrace bypass)
@AndnixSH (Making this tutorial)
Last edited: