THIS IS MY MAIN CPP CODE
#include <list>
#include <vector>
#include <string.h>
#include <pthread.h>
#include <thread>
#include <cstring>
#include <jni.h>
#include <unistd.h>
#include <fstream>
#include <iostream>
#include <dlfcn.h>
#include "Includes/Logger.h"
#include "Includes/obfuscate.h"
#include "Includes/Utils.h"
#include "KittyMemory/MemoryPatch.h"
#include "Menu/Setup.h"
//Target lib here
#define targetLibName OBFUSCATE("libil2cpp.so")
#include "Includes/Macros.h"
bool isAmmo = false;
bool isFirerate = false;
//OFFSET AMMO
void(*old_ammoUpdate)(void *instance);
void ammoUpdateMod(void *instance) {
if (instance != NULL) {
if (isAmmo) {
*(int *) ((uint64_t) instance + 0x8C) = 9999;
}
}
return old_ammoUpdate(instance);
}
float(*old_firerateUpdate)(void *instance);
float firerateUpdateMod(void *instance) {
if (instance != NULL) {
if (isFirerate) {
*(float *) ((uint64_t) instance + 0x74) = 0.01f;
}
}
return old_firerateUpdate(instance);
}
#define targetLibName OBFUSCATE("libil2cpp.so")
void *hack_thread(void *) {
LOGI(OBFUSCATE("pthread created"));
do {
sleep(1);
} while (!isLibraryLoaded(targetLibName));
//Anti-lib rename
/*
do {
sleep(1);
} while (!isLibraryLoaded("libYOURNAME.so"));*/
LOGI(OBFUSCATE("%s has been loaded"), (const char *) targetLibName);
#if defined(__aarch64__)
A64HookFunction((void *)getAbsoluteAddress("libil2cpp.so",0x996BBC), (void *)&old_ammoUpdate, (void **)&ammoUpdateMod);
A64HookFunction((void *)getAbsoluteAddress("libil2cpp.so",0x996BBC), (void *)&old_firerateUpdate, (void **)&firerateUpdateMod);
#else
LOGI(OBFUSCATE("Done"));
#endif
//Anti-leech
/*if (!iconValid || !initValid || !settingsValid) {
//Bad function to make it crash
sleep(5);
int *p = 0;
*p = 0;
}*/
return NULL;
}
jobjectArray GetFeatureList(JNIEnv *env, jobject context) {
jobjectArray ret;
const char *features[] = {
OBFUSCATE("Category_The Category"), //Not counted
OBFUSCATE("Toggle_Unlimited Ammo"),
OBFUSCATE("Toggle_Fire Rate"),
};
//Now you dont have to manually update the number everytime;
int Total_Feature = (sizeof features / sizeof features[0]);
ret = (jobjectArray)
env->NewObjectArray(Total_Feature, env->FindClass(OBFUSCATE("java/lang/String")),
env->NewStringUTF(""));
for (int i = 0; i < Total_Feature; i++)
env->SetObjectArrayElement(ret, i, env->NewStringUTF(features));
return (ret);
}
void Changes(JNIEnv *env, jclass clazz, jobject obj,
jint featNum, jstring featName, jint value,
jboolean boolean, jstring str) {
LOGD(OBFUSCATE("Feature name: %d - %s | Value: = %d | Bool: = %d | Text: = %s"), featNum,
env->GetStringUTFChars(featName, 0), value,
boolean, str != NULL ? env->GetStringUTFChars(str, 0) : "");
//BE CAREFUL NOT TO ACCIDENTLY REMOVE break;
switch (featNum) {
case 0:
isAmmo = boolean;
break;
case 1:
isFirerate = boolean;
break;
}
}
__attribute__((constructor))
void lib_main() {
// Create a new thread so it does not block the main thread, means the game would not freeze
pthread_t ptid;
pthread_create(&ptid, NULL, hack_thread, NULL);
}
int RegisterMenu(JNIEnv *env) {
JNINativeMethod methods[] = {
{OBFUSCATE("Icon"), OBFUSCATE("()Ljava/lang/String;"), reinterpret_cast<void *>(Icon)},
{OBFUSCATE("IconWebViewData"), OBFUSCATE("()Ljava/lang/String;"), reinterpret_cast<void *>(IconWebViewData)},
{OBFUSCATE("IsGameLibLoaded"), OBFUSCATE("()Z"), reinterpret_cast<void *>(isGameLibLoaded)},
{OBFUSCATE("Init"), OBFUSCATE("(Landroid/content/Context;Landroid/widget/TextView;Landroid/widget/TextView;)V"), reinterpret_cast<void *>(Init)},
{OBFUSCATE("SettingsList"), OBFUSCATE("()[Ljava/lang/String;"), reinterpret_cast<void *>(SettingsList)},
{OBFUSCATE("GetFeatureList"), OBFUSCATE("()[Ljava/lang/String;"), reinterpret_cast<void *>(GetFeatureList)},
};
jclass clazz = env->FindClass(OBFUSCATE("com/android/support/Menu"));
if (!clazz)
return JNI_ERR;
if (env->RegisterNatives(clazz, methods, sizeof(methods) / sizeof(methods[0])) != 0)
return JNI_ERR;
return JNI_OK;
}
int RegisterPreferences(JNIEnv *env) {
JNINativeMethod methods[] = {
{OBFUSCATE("Changes"), OBFUSCATE("(Landroid/content/Context;ILjava/lang/String;IZLjava/lang/String;)V"), reinterpret_cast<void *>(Changes)},
};
jclass clazz = env->FindClass(OBFUSCATE("com/android/support/Preferences"));
if (!clazz)
return JNI_ERR;
if (env->RegisterNatives(clazz, methods, sizeof(methods) / sizeof(methods[0])) != 0)
return JNI_ERR;
return JNI_OK;
}
int RegisterMain(JNIEnv *env) {
JNINativeMethod methods[] = {
{OBFUSCATE("CheckOverlayPermission"), OBFUSCATE("(Landroid/content/Context;)V"), reinterpret_cast<void *>(CheckOverlayPermission)},
};
jclass clazz = env->FindClass(OBFUSCATE("com/android/support/Main"));
if (!clazz)
return JNI_ERR;
if (env->RegisterNatives(clazz, methods, sizeof(methods) / sizeof(methods[0])) != 0)
return JNI_ERR;
return JNI_OK;
}
extern "C"
JNIEXPORT jint JNICALL
JNI_OnLoad(JavaVM *vm, void *reserved) {
JNIEnv *env;
vm->GetEnv((void **) &env, JNI_VERSION_1_6);
if (RegisterMenu(env) !=
0)
return JNI_ERR;
if (RegisterPreferences(env) != 0)
return JNI_ERR;
if (RegisterMain(env) != 0)
return JNI_ERR;
return JNI_VERSION_1_6;
}
#include <list>
#include <vector>
#include <string.h>
#include <pthread.h>
#include <thread>
#include <cstring>
#include <jni.h>
#include <unistd.h>
#include <fstream>
#include <iostream>
#include <dlfcn.h>
#include "Includes/Logger.h"
#include "Includes/obfuscate.h"
#include "Includes/Utils.h"
#include "KittyMemory/MemoryPatch.h"
#include "Menu/Setup.h"
//Target lib here
#define targetLibName OBFUSCATE("libil2cpp.so")
#include "Includes/Macros.h"
bool isAmmo = false;
bool isFirerate = false;
//OFFSET AMMO
void(*old_ammoUpdate)(void *instance);
void ammoUpdateMod(void *instance) {
if (instance != NULL) {
if (isAmmo) {
*(int *) ((uint64_t) instance + 0x8C) = 9999;
}
}
return old_ammoUpdate(instance);
}
float(*old_firerateUpdate)(void *instance);
float firerateUpdateMod(void *instance) {
if (instance != NULL) {
if (isFirerate) {
*(float *) ((uint64_t) instance + 0x74) = 0.01f;
}
}
return old_firerateUpdate(instance);
}
#define targetLibName OBFUSCATE("libil2cpp.so")
void *hack_thread(void *) {
LOGI(OBFUSCATE("pthread created"));
do {
sleep(1);
} while (!isLibraryLoaded(targetLibName));
//Anti-lib rename
/*
do {
sleep(1);
} while (!isLibraryLoaded("libYOURNAME.so"));*/
LOGI(OBFUSCATE("%s has been loaded"), (const char *) targetLibName);
#if defined(__aarch64__)
A64HookFunction((void *)getAbsoluteAddress("libil2cpp.so",0x996BBC), (void *)&old_ammoUpdate, (void **)&ammoUpdateMod);
A64HookFunction((void *)getAbsoluteAddress("libil2cpp.so",0x996BBC), (void *)&old_firerateUpdate, (void **)&firerateUpdateMod);
#else
LOGI(OBFUSCATE("Done"));
#endif
//Anti-leech
/*if (!iconValid || !initValid || !settingsValid) {
//Bad function to make it crash
sleep(5);
int *p = 0;
*p = 0;
}*/
return NULL;
}
jobjectArray GetFeatureList(JNIEnv *env, jobject context) {
jobjectArray ret;
const char *features[] = {
OBFUSCATE("Category_The Category"), //Not counted
OBFUSCATE("Toggle_Unlimited Ammo"),
OBFUSCATE("Toggle_Fire Rate"),
};
//Now you dont have to manually update the number everytime;
int Total_Feature = (sizeof features / sizeof features[0]);
ret = (jobjectArray)
env->NewObjectArray(Total_Feature, env->FindClass(OBFUSCATE("java/lang/String")),
env->NewStringUTF(""));
for (int i = 0; i < Total_Feature; i++)
env->SetObjectArrayElement(ret, i, env->NewStringUTF(features));
return (ret);
}
void Changes(JNIEnv *env, jclass clazz, jobject obj,
jint featNum, jstring featName, jint value,
jboolean boolean, jstring str) {
LOGD(OBFUSCATE("Feature name: %d - %s | Value: = %d | Bool: = %d | Text: = %s"), featNum,
env->GetStringUTFChars(featName, 0), value,
boolean, str != NULL ? env->GetStringUTFChars(str, 0) : "");
//BE CAREFUL NOT TO ACCIDENTLY REMOVE break;
switch (featNum) {
case 0:
isAmmo = boolean;
break;
case 1:
isFirerate = boolean;
break;
}
}
__attribute__((constructor))
void lib_main() {
// Create a new thread so it does not block the main thread, means the game would not freeze
pthread_t ptid;
pthread_create(&ptid, NULL, hack_thread, NULL);
}
int RegisterMenu(JNIEnv *env) {
JNINativeMethod methods[] = {
{OBFUSCATE("Icon"), OBFUSCATE("()Ljava/lang/String;"), reinterpret_cast<void *>(Icon)},
{OBFUSCATE("IconWebViewData"), OBFUSCATE("()Ljava/lang/String;"), reinterpret_cast<void *>(IconWebViewData)},
{OBFUSCATE("IsGameLibLoaded"), OBFUSCATE("()Z"), reinterpret_cast<void *>(isGameLibLoaded)},
{OBFUSCATE("Init"), OBFUSCATE("(Landroid/content/Context;Landroid/widget/TextView;Landroid/widget/TextView;)V"), reinterpret_cast<void *>(Init)},
{OBFUSCATE("SettingsList"), OBFUSCATE("()[Ljava/lang/String;"), reinterpret_cast<void *>(SettingsList)},
{OBFUSCATE("GetFeatureList"), OBFUSCATE("()[Ljava/lang/String;"), reinterpret_cast<void *>(GetFeatureList)},
};
jclass clazz = env->FindClass(OBFUSCATE("com/android/support/Menu"));
if (!clazz)
return JNI_ERR;
if (env->RegisterNatives(clazz, methods, sizeof(methods) / sizeof(methods[0])) != 0)
return JNI_ERR;
return JNI_OK;
}
int RegisterPreferences(JNIEnv *env) {
JNINativeMethod methods[] = {
{OBFUSCATE("Changes"), OBFUSCATE("(Landroid/content/Context;ILjava/lang/String;IZLjava/lang/String;)V"), reinterpret_cast<void *>(Changes)},
};
jclass clazz = env->FindClass(OBFUSCATE("com/android/support/Preferences"));
if (!clazz)
return JNI_ERR;
if (env->RegisterNatives(clazz, methods, sizeof(methods) / sizeof(methods[0])) != 0)
return JNI_ERR;
return JNI_OK;
}
int RegisterMain(JNIEnv *env) {
JNINativeMethod methods[] = {
{OBFUSCATE("CheckOverlayPermission"), OBFUSCATE("(Landroid/content/Context;)V"), reinterpret_cast<void *>(CheckOverlayPermission)},
};
jclass clazz = env->FindClass(OBFUSCATE("com/android/support/Main"));
if (!clazz)
return JNI_ERR;
if (env->RegisterNatives(clazz, methods, sizeof(methods) / sizeof(methods[0])) != 0)
return JNI_ERR;
return JNI_OK;
}
extern "C"
JNIEXPORT jint JNICALL
JNI_OnLoad(JavaVM *vm, void *reserved) {
JNIEnv *env;
vm->GetEnv((void **) &env, JNI_VERSION_1_6);
if (RegisterMenu(env) !=
0)
return JNI_ERR;
if (RegisterPreferences(env) != 0)
return JNI_ERR;
if (RegisterMain(env) != 0)
return JNI_ERR;
return JNI_VERSION_1_6;
}