This "tutorial" will require you to know how to load a binary into IDA & basic ARM modding.
When hacking currency, I like to search for the keywords "spend, consume, award, reward" before "gold, coins, gem etc", since those have less hits & xrefs if they exist.
So when I searched for "consume", I got this interesting string:
This is a log the devs probably added while testing, or this gets send to the server.
Anyways, if we double click it, we get to this screen:
What you now wanna do is, click on aThePlayerHasSL & hit X on your keyboard (so it shows all the xrefs):
Only one hit, which saves us time for checking each XRef :p.
Click "OK" or double click the sub_x. You'll end up here:
What's interesting is the following:
The string is writting in a loc_, loc_s are only getting used whether a specific condition is true.
In this case possibly: if players currency is less than price, go to this.
So what we wanna do is, xref the loc_ & see where it's getting called:
What's interesting is this: the BMI instructions mean: branch if mi (negative).
Above the branch, you see a SUBS.W (substract). If the substracion is negative, then branch to the loc_x
Example:
Player Currency: 900
Cost: 1000
900 - 1000 = negative, meaning it will go to the loc_x with the string we found instead of continuing.
If we change the SUBS.W to a ADD, it won't ever get negative, so it won't go to the loc_x.
The results:
If you spend, it gets added instead of subtracted.
That's it, resources are hacked :)
If you have any questions, feel free to ask.
When hacking currency, I like to search for the keywords "spend, consume, award, reward" before "gold, coins, gem etc", since those have less hits & xrefs if they exist.
So when I searched for "consume", I got this interesting string:
This is a log the devs probably added while testing, or this gets send to the server.
Anyways, if we double click it, we get to this screen:
What you now wanna do is, click on aThePlayerHasSL & hit X on your keyboard (so it shows all the xrefs):
Only one hit, which saves us time for checking each XRef :p.
Click "OK" or double click the sub_x. You'll end up here:
What's interesting is the following:
The string is writting in a loc_, loc_s are only getting used whether a specific condition is true.
In this case possibly: if players currency is less than price, go to this.
So what we wanna do is, xref the loc_ & see where it's getting called:
What's interesting is this: the BMI instructions mean: branch if mi (negative).
Above the branch, you see a SUBS.W (substract). If the substracion is negative, then branch to the loc_x
Example:
Player Currency: 900
Cost: 1000
900 - 1000 = negative, meaning it will go to the loc_x with the string we found instead of continuing.
If we change the SUBS.W to a ADD, it won't ever get negative, so it won't go to the loc_x.
The results:
If you spend, it gets added instead of subtracted.
That's it, resources are hacked :)
If you have any questions, feel free to ask.