Solved how to hook this void method with SecuredDouble value without Update()

[Sbyky]

hi guys i'm trying to hook this

    // RVA: 0x1199FCC Offset: 0x1199FCC VA: 0x1199FCC
    public void AddGold(SecuredDouble gold) { }

so far this is what i'm doing

double Gold = 1;





#else //To compile this code for armv7 lib only.

void (*old_AddGold)(void *instance, double value);
void AddGold(void *instance, double value) {
    if (instance != NULL && Gold >= 0) {
        return (void) Gold;
    }

    // Move the old_AddGold function call here
    old_AddGold(instance, +6974);
}





void *hack_thread(void *) {
    LOGI(OBFUSCATE("pthread created"));

    AddGold >= (void (*)(void *, double)) getAbsoluteAddress(targetLibName, 0x1199FCC);





jobjectArray GetFeatureList(JNIEnv *env, jobject context) {
    jobjectArray ret;

    const char *features[] = {
            OBFUSCATE("Button_Get Massive Gold"), //0 Case





    switch (featNum) {
        case 0:
            Gold =! Gold;
            break;

tell me what's wrong with it and how can i fix it, also suggest alternatives, thank you

 

[Backshift]

Game Name?

Would be far easier to check what SecuredGold is doing and how you can use it if I can check myself.

 

[Sbyky]

Game Name?

Would be far easier to check what SecuredGold is doing and how you can use it if I can check myself.

Idle Lumber Empire

 

[Backshift]

Idle Lumber Empire

Will have a look, in the mean time some comments about your code too:

double Gold = 1;

switch (featNum) {
    case 0:
        Gold =! Gold;
        break;

You are using Gold as a boolean true or false, but its defined as a double, you should define it as a proper bool: bool Gold = true;.

For the hook:
instance != NULL isnt needed since you are not actually making use of it, Gold >= 0 is a boolean so you can do Gold = true or the short form for the whole if statement if (Gold).

return (void) Gold doesnt make sense because the function is a void, it does not return anything, the function being called AddGold gives us a clue that its just setting a field in the game with a new increased value.

old_AddGold(instance, +6974); +6974 wont work here due to the parameter being of type SecuredDouble, which is a custom struct around double to make not as easy to modify, this also means the param being defined as double value is incorrect due to being a SecuredDouble not standard double

 

[Sbyky]

Will have a look, in the mean time some comments about your code too:

double Gold = 1;

switch (featNum) {
    case 0:
        Gold =! Gold;
        break;

You are using Gold as a boolean true or false, but its defined as a double, you should define it as a proper bool: bool Gold = true;.

For the hook:
instance != NULL isnt needed since you are not actually making use of it, Gold >= 0 is a boolean so you can do Gold = true or the short form for the whole if statement if (Gold).

return (void) Gold doesnt make sense because the function is a void, it does not return anything, the function being called AddGold gives us a clue that its just setting a field in the game with a new increased value.

old_AddGold(instance, +6974); +6974 wont work here due to the parameter being of type SecuredDouble, which is a custom struct around double to make not as easy to modify, this also means the param being defined as double value is incorrect due to being a SecuredDouble not standard double

i made the adjustments that you suggested as

Spoiler: Hook

bool Gold;





#else //To compile this code for armv7 lib only.

void (*old_AddGold)(void *instance, double value);
void AddGold(void *instance, double value) {
    if ((Gold) && Gold >= 0) {
    }

    // Move the old_AddGold function call here
    old_AddGold(instance, +6974);
}





void *hack_thread(void *) {
    LOGI(OBFUSCATE("pthread created"));

    Gold = (void (*)(void *, double)) getAbsoluteAddress(targetLibName, 0x1199FCC);





jobjectArray GetFeatureList(JNIEnv *env, jobject context) {
    jobjectArray ret;

    const char *features[] = {
            OBFUSCATE("Button_Get Massive Gold"), //0 Case





    switch (featNum) {
        case 0:
            Gold =! Gold;
            break;

old_AddGold(instance, +6974);

there is a higher chance that this will return a high value because i have tested double value on

public SecuredDouble get_Gold() { }

and it returned a high value but the problem was it was glitchy and i think it made the game crash

 

[Sbyky]

that didn't work i have updated the code but this

HOOK_LIB_NO_ORIG("libil2cpp.so", "0x1199FCC", Gold);

keeps on giving this error

i'm using Android Studio Hedgehog | 2023.1.1 Patch 2 because Android Studio Iguana requires Windows 8+ and i'm using Windows 7

 

[Sbyky]

got that sorted but that didn't work, after a lot of trial and errors, thanks to NepMods' void hooking tutorial video this is what i'm doing now

Spoiler: Hook

//Target lib here
#define targetLibName OBFUSCATE("libil2cpp.so")

struct {
    bool AddGold;
} Sbyky;





void (*AddGoldPtr)(void* _this, double value);
void (*_AddGoldUpd)(void *Gold);
void AddGoldUpd(void *Gold) {
    if(Gold != NULL) {
        if(Sbyky.AddGold) {
            AddGoldPtr(Gold, 7999);
        }
    }
    _AddGoldUpd(Gold);
}




#if defined(__aarch64__) //To compile this code for arm64 lib only.

#else //To compile this code for armv7 lib only.

    AddGoldPtr = (void (*) (void *, double))getAbsoluteAddress("libil2cpp.so", 0x1199FCC);
    HOOK_LIB("libil2cpp.so", "0x119A2FC", AddGoldUpd, _AddGoldUpd);




jobjectArray GetFeatureList(JNIEnv *env, jobject context) {
    jobjectArray ret;

    const char *features[] = {
            OBFUSCATE("Toggle_Get Massive Gold"), //0 Case




    //BE CAREFUL NOT TO ACCIDENTLY REMOVE break;

    switch (featNum) {
        case 0:
            Sbyky.AddGold = boolean;
            break;
    }

there was no Update() method so i used

    // RVA: 0x1199FCC Offset: 0x1199FCC VA: 0x1199FCC
    public void AddGold(SecuredDouble gold) { }

as pointer and

    // RVA: 0x119A2FC Offset: 0x119A2FC VA: 0x119A2FC
    public void AddCurrency(Currency c, SecuredDouble value) { }

as function but still that didn't work, the method does get called every time gold is added, i think the function offset needs to be changed, there are Wakeup(), Load(), Begin(), BeforeRedata(), RedataReset(), AfterRedata(), Activate(), Deactivate() methods in the same class, based on your experiences which one should work

 

[Sbyky]

okay so i did manage to hook it successfully with this

Spoiler: Hook

//Target lib here
#define targetLibName OBFUSCATE("libil2cpp.so")

struct {
    bool AddGold;
} Sbyky;





void (*AddGoldPtr)(void* _this, double value);
void (*_AddGoldUpd)(void *Gold);
void AddGoldUpd(void *Gold) {
    if(Gold != NULL) {
        if(Sbyky.AddGold) {
            AddGoldPtr(Gold, 1.79769313486231570e+308);
        }
    }
    _AddGoldUpd(Gold);
}




#if defined(__aarch64__) //To compile this code for arm64 lib only.

#else //To compile this code for armv7 lib only.

    AddGoldPtr = (void (*) (void *, double))getAbsoluteAddress("libil2cpp.so", 0x11974F8);
    HOOK_LIB("libil2cpp.so", "0x1199FCC", AddGold, _AddGold);




jobjectArray GetFeatureList(JNIEnv *env, jobject context) {
    jobjectArray ret;

    const char *features[] = {
            OBFUSCATE("Toggle_Get Massive Gold"), //0 Case




    //BE CAREFUL NOT TO ACCIDENTLY REMOVE break;

    switch (featNum) {
        case 0:
            Sbyky.AddGold = boolean;
            break;
    }

by using the

    // RVA: 0x11974F8 Offset: 0x11974F8 VA: 0x11974F8
    private void set_Gold(SecuredDouble value) { }

as pointer and

    // RVA: 0x1199FCC Offset: 0x1199FCC VA: 0x1199FCC
    public void AddGold(SecuredDouble gold) { }

as function instead of Update() in this game's this method's case

it does work but the thing is since the method's value is SecuredDouble, the value acts strangely sometimes it gives a negative value