Tutorial How to make mod menu for il2cpp and native games

TheLGL

Solid & Active Platinian
Original poster
Skilled
Feb 19, 2020
56
726
83
19
UK
Hello, dear modders

We make a mod menu that is quite less complicated to work with and implement it in the APK file. The mod menu is based on Octowolve/Escanor and VanHoeven's template and is basically for Il2Cpp and other native Android games. It will support both KittyMemory and MSHook and support Android 4.2.x way up to Android R preview. Sound effects included. Hook and KittyMemory support both ARMv7 and ARM64

This is how it looks like:

W63wVTj.gif


This tutorial is not for newbies/noobs. You need basic knowledge of C++, Java, dalvik opcodes, and also ARM and ARM64 assembly, hex patching and hooking. If you don't have the knowledge, this tutorial will be hard for you, and I won't spoon feeding

Let's begin

----- For this tutorial you will need the following: -----
- Android Studio 3 and up: Download Android Studio and SDK tools | Android Developers

- Git (Optional) - If you want to clone a project though Android Studio: Git - Downloads

- Apktool:
--- Apktool.jar: Apktool - A tool for reverse engineering 3rd party, closed, binary Android apps.
--- Or
--- APK Easy Tool: [TOOL][Windows] APK Easy Tool 1.56 / 1.57 beta-1 (29 nov. 2019)

- Notepad:
--- Notepad++ Downloads | Notepad++
--- Or
--- Sublime Text: Sublime Text - A sophisticated text editor for code, markup and prose

- Compress png - to compress your png file: Compress PNG Images Online

- Base64 encode - to encode your file: Base64 Encode and Decode - Online

- XMedia Recode - to convert your sound files to .ogg XMedia Recode - Download

- Template project: LGLTeam/Android-Mod-Menu

----- Download/clone template project: -----
Click on the green button Clone or download then Download ZIP

AiSFR2m.png


Or clone through Android Studio itself (Requires Git to be installed on your machine and be configured in Android Studio)

Click on "Check out project from Version Control" and "Git"

aCz8zIe.png


Input the url of the git project and Clone

SXdHVDx.png


----- Install Android Studio: -----
If you have Android Studio installed, you can skip this steps

Setting up Android Studio takes just a few clicks.

See the user guide: Install Android Studio | Android Developers

----- Install NDK: -----
Open Android Studio, you will be welcomed

Cy1SQgI.png


At the bottom-right corner, click on Configure and SDK Manager

xBP1bCE.png


Select Android SDK, check NDK (Side by side) and click OK. It will download and install

FcAd2Px.png


----- Open an existing project, the mod menu template -----

Once you've downloaded all the necessary files, extract the template project to the folder without any spaces. If any folder has spaces, it will cause problem

On Android Studio on the welcome screen, choose "Open an existing Android Studio project"

Navigate to the extracted project and open it

3etm4qX.png


It will index and Gradle will sync the project fir the first time. Please wait for a while, it will take around 5 minutes depending your computer performance

After it's done, you can start working!

On the left side, you see the Project view. Default view is Android

YT71Y6B.png


If this is somewhat confusing, change the view to Project

I will explain each of the files for you

FloatingModMenuService.java:
The codes of floating mod menu. You don't need to change much unless you want to redesign it. The codes are explained in the comments (//...)

MainActivity.java:
Starts the main activity. It won't be used if you implement the menu in the game

Sounds.java:
Basically the 'GTA V' sounds, have been converted to .ogg using XMedia Recode and encoded to base64. They are automatically decoded and stored into /data/data/(package name)/cache upon startup. See StaticActivity

StaticActivity.java:
To initialize by game activity's OnCreate
Checks if device running Android 6.0 or above and if have overlay permission checked. Sounds being written to the cache directory.
Start() will be called when implementing the menu to the game. We will explain later

- writeToFile:
Decode base64 and write to file to a target directory

main.cpp
In this file, you will mostly use it to edit features, credits, icon, and implement your code for KittyMemory or MS Hooking.

- Title: Big text

- Heading: Little text

- Delay: Delaying before the menu appearing. The number is milliseconds. Example 4000 ms is 4 secs

- Icon: Compressed image that is encoded to base64

- IconSize: Mod menu icon size

- Toast: To get text from c++ in order to show toast in java

- Changes: Get changes of toggles, seekbars, spinner and buttons to do modding. Features MUST be count from 0

- getFeatureList: Here you add the mod features

Usage:
Code:
Toggle_[feature name]
SeekBar_[feature name]_[min value]_[max value]
Spinner_[feature name]_[Items e.g. item1_item2_item3]
Button_[feature name]
Button_OnOff_[feature name]
InputValue_[feature name]
Example:
Code:
Toggle_God mode
Spinner_Weapons_AK47_9mm_Knife
Button_OnOff_God mode
Do not forget to count your features from 0 and remember them

- hack_thread:
Here you add your code for hacking with KittyMemory or Hooking. I will not teach, you must have learned it already

- JNI_OnLoad:
Initialize when the library loads

Android.mk
The make file for the c++ compiler. In that file, you can change the lib name on the LOCAL_MODULE line
When you change the lib name, change also on System.loadLibrary("") under OnCreate method on FloatingModMenuService.java
Both must have same name

KittyMemory usage:
Code:
MemoryPatch::createWithHex([Lib Name], [offset], "[hex. With or without spaces]");
[Struct].get_CurrBytes().Modify();
[Struct].get_CurrBytes().Restore();

[Struct].get_TargetAddress();
[Struct].get_PatchSize();
[Struct].get_CurrBytes().c_str();
Example: MJx0/KittyMemory

Hook usage:
ARM64:
Code:
A64HookFunction((void *) getAbsoluteAddress([Lib Name], [offset]), (void *) [function], (void **) &[old function]);
ARMv7/x86:
Code:
MSHookFunction((void *) getAbsoluteAddress([Lib Name], [offset]), (void *) [function], (void **) &[old function]);
Other than that, find out yourself. It's a lot easier if you already have the knowledge
Most codes have the comments that will explain for you
Have fun!


----- Testing the mod menu -----

If you have your device with adb* enabled, connected your PC or your emulator with adb enabled. Android Studio will detect and you can click Play to run your app onto your device/emulator

ZegjeM8.png


* To use adb, you must enable USB debugging in the device system settings, under Developer options.

On Android 4.2 and higher, the Developer options screen is hidden by default. To make it visible, go to Settings > About phone and tap Build number seven times. Return to the previous screen to find Developer options at the bottom.

On some devices, the Developer options screen might be located or named differently.

----- Implementing the menu in the target game-----

After you finished the menu, you can build the project to APK file.

Build -> Build Bundle(s) / APK(s) -> Build APK(s)

If no errors occured, you did everything right and build will succed. You will be notified that it build successfully

WpSKV1L.png


Click on locate to show you the location of build.apk. It is stored at (your-project)\app\build\outputs\apk\ app-debug.apk

wBTPSLi.png


Now you will need to decompile app-debug.apk. Decompile the target game as well

Open the game's androidmanifest.xml
Add the permission besides other permissions

XML:
<uses-permission android:name="android.permission.SYSTEM_ALERT_WINDOW"/>
XOxLU91.png


And add the service below the application tag (change the package name if you had changed it)

XML:
<service
           android:name="uk.lgl.modmenu.FloatingModMenuService"
            android:enabled="true"
            android:exported="false"/>
vHADRPI.png


Save the AndroidManifest.xml file

Now we are looking for main activity, it is ususally written under application tag. The activity name may be different. If you spotted android:name="android.intent.action.MAIN" you will immediately know this is main activity

Be sure to enable Word wrap so it is easier to read

7DzU8d0.png


Or open the apk in APK Easy Tool and look for main activity

ohp0zk1.png


In this case, the path to main activity was com.funcube.loa.MainActivity. I would navigate to (decompiled game)/smali/com/funcube/loa/ and you will see MainActivity.smali. If the game have multi dex, find out which smali folder has the main activity, it should be in one of these folders.

Open the main acitivity's smali file, search for OnCreate method and paste this code inside (change the package name if you had changed it)

Code:
    invoke-static {p0}, Luk/lgl/modmenu/StaticActivity;->Start(Landroid/content/Context;)V
7CxTCl8.png


Save the file

Copy your mod menu from decompiled app-debug.apk smali to the game's smali folder. Example mine is uk.lgl.modmenu, I copy the "uk" folder from app-debug (app-debug\smali\uk) to the game's decompiled directory (game name)\smali

aO6eEab.png


Very important for multi dex games. Let's say if main activity is located in smali_classes2, I would put my mod menu in smali_classes2

Copy the library file (.so) from app-debug.apk to the target game. Make sure to copy .so to the correct architecture
armeabi-v7a is armeabi-v7a, arm64-v8a is arm64-v8a, and so on.
Putting the .so on a wrong architecture will result a crash

oZq1Wq7.png


Now compile and sign the apk

If compile fail, read the log and look up at Google

If the mod menu appears and the hack are working, congratz!

If you face any problem, be sure to check the logcat, and if it was native related, write the log such as LOGD("whatever"); in your cpp codes, recompile and capture the logcat. See what part of your code faced the problem. Logcat will also tell you if hooking fails (lib crash)

Thanks for reading the tutorial, if you need any help, feel free to ask. Note I may only help for experience modders only =D

Do not forget to check my template again. I may change it anytime =D

----- Credits/Acknowledgements -----
Thanks to the following individuals whose code helped me develop this mod menu
* Octowolve/Escanor - Mod menu: z3r0Sec/Substrate-Template-With-Mod-Menu
and Hooking: z3r0Sec/Substrate-Hooking-Example
* VanHoevenTR - Mod menu - LGLTeam/VanHoevenTR_Android_Mod_Menu
* MrIkso - Mod menu - MrIkso/FloatingModMenu
* MJx0 A.K.A Ruit - KittyMemory MJx0/KittyMemory
* Rprop - ARM64InlineHook - Rprop/And64InlineHook
* Google - Android UI sounds
* Material.io - https://material.io/design/sound/sound-resources.html#

The following websites were also very helpful
* Stackoverflow - Stack Overflow - Where Developers Learn, Share, & Build Careers
* Guided hacking - Android Game Hacking
 

Attachments

Last edited:

あざらし

Platinian
Nov 19, 2019
45
5
8
21
Log
ううんちwwwwwぶりぶりぶりwwwwwwwwwwwwwwwwwwwwwwwwwwwww
 

AndnixSH

Security Detective
Staff member
Modding-Team
Jun 27, 2017
910
54,018
1,193
Modding World
Wow another il2cpp template. i'm gonna try it out
Really impressive of your work and you even added my sound effects XD
 
  • Love
Reactions: TheLGL

mamoas

Platinian
Nov 27, 2019
9
11
3
52
None
i am forever thankful to you for this, it works perfectly at first go, no errors, no nothing simply amazing.
 
  • Love
Reactions: TheLGL

mamoas

Platinian
Nov 27, 2019
9
11
3
52
None
one question, if i add god mode or one hit, and run the game. By default the mod is always on. i have toggle the MOD on and then off to turn it off. What am i doing wrong ? why is the mod always on sometimes even though the switch is off
 
  • Like
Reactions: JokerArt

TheLGL

Solid & Active Platinian
Original poster
Skilled
Feb 19, 2020
56
726
83
19
UK
one question, if i add god mode or one hit, and run the game. By default the mod is always on. i have toggle the MOD on and then off to turn it off. What am i doing wrong ? why is the mod always on sometimes even though the switch is off
That shouldn't happen. Do you mind sending me your code in private message?
 

Pradeep6868

Platinian
Jan 9, 2019
16
10
3
17
in your mom house
Hey bro I'm new to this and I'm getting this error don't know why and I would really appericiate if you helped me fix it!
ERROR: executing external native build for ndkBuild C:\Users\Owner\Documents\Android Hacking\Android-Mod-Menu-master\app\src\main\jni\Android.mk
Affected Modules: app
 

GrrcrXteam

Rookie
Mar 30, 2020
3
0
1
32
op
hello could someone help me create a mod menu for freefire I don't have MEGA Tools Injection to make the Mod menu available for native games
 

TheLGL

Solid & Active Platinian
Original poster
Skilled
Feb 19, 2020
56
726
83
19
UK
how to fix that?
Screenshot
You are using other menu. I no longer use it, so I don't know how to fix. You should look up Google for solution

hello could someone help me create a mod menu for freefire I don't have MEGA Tools Injection to make the Mod menu available for native games
This is not the request section, and Free fire have signature check. Mod other games instead
 
Thread starter Similar threads Forum Replies Date
AndnixSH Tutorial How to make external mod menu in AndLua+ (Intermediate) TUTORIALS 2
richardson Tutorial How to Make a Mod for Hero Wars - swf Game TUTORIALS 16
P Tutorial PLATINMODS [HOW TO MAKE MOD MENU] MENU MAKER FOR UNITY GAMES V1.0 PUBLIC-VERSION TUTORIALS 142
Mika Cybertron Tutorial How to make Unsigned and Signed for Mod Games TUTORIALS 15
I Tutorial How to make iOS Apps Duplicated TUTORIALS 9
AndnixSH Tutorial How to make a fake license for app/game using Lucky Patcher TUTORIALS 0
AndnixSH Tutorial How to fix apktool compiling errors TUTORIALS 2
DieHax Tutorial How to hack skill awakening No CD Dragon Nest M - SEA TUTORIALS 6
san 1111 OA [Shared] How It All Began [18+] v0.08 MOD APK Age Restricted Games 4
san 1111 OA [Shared] How We Met (18+) v10.0 MOD APK Age Restricted Games 2
ZPictYT Tutorial [Tutorial] How To Dumping Il2cpp Protected File TUTORIALS 12
TheArmKing Tutorial How to perform the Data Trick for Non-Root/Signed Mods TUTORIALS 7
TryRoom FREE MOD How to play a puzzle game v0.1.3 [Mod] [Sap] ANDROID MODS BY APPROVED MODDERS 9
Chewy Tutorial [iOS] How to Hack Simple Unity Games TUTORIALS 37
AndnixSH Tutorial How to install modded Google Play Store (Lucky Patcher) (Root only / VMOS app) TUTORIALS 21
AndnixSH Tutorial How to enable root on VMOS TUTORIALS 3
Tiuu Tutorial How to get and use float in armv7-il2cpp TUTORIALS 8
Anti-Ban Tutorial (For iOs Jb device) How to unban COD Global & Garena ? TUTORIALS 82
GG78 Tutorial How to get Tweaked Apps for iOS (no JB) in 2020 TUTORIALS 2
AndnixSH Tutorial How to hide GameGuardian to avoid detection (Root only) TUTORIALS 10
AndnixSH Tutorial How to install signed apk on top of original apk (Workaround) (Rooted device/VMOS) TUTORIALS 2
AndnixSH Tutorial How to disable signature verification to install unsigned APK (Xposed/EdXposed method) (Lucky Patcher) TUTORIALS 8
AndnixSH Tutorial How to modify VMOS stock ROM TUTORIALS 0
AndnixSH Tutorial How to install unsigned APK on non-root devices using VMOS app TUTORIALS 75
AndnixSH Tutorial How to spoof Pokemon Go using VMOS TUTORIALS 21
Thanh971612 Tutorial How to get free gem, gold in Evil Lands with game guardian TUTORIALS 7
Tiuu Tutorial How to update a new version of Modded APK, Disable Signature Verification, install google service using Virtual Xposed! TUTORIALS 2
Francois284Modz Tutorial How to enable draw over app permission TUTORIALS 9
P Tutorial **HOW TO FIX IL2CPP DUMPER ERROR** TUTORIALS 18
Zenitsu⚡ Tutorial HOW TO ADD A COLORED TOAST MESSAGE IN GAME STARTUP | FOR APPROVED/ADVANCED MODDER TUTORIALS 25
P Tutorial How to Decompile, Compile, and Sign APKs without APK Easy Tool TUTORIALS 7
IZeuz Tutorial How To Backup, Restore, and Change Your Android ID With Titanium Backup (UnBan) TUTORIALS 3
AndnixSH Tutorial How To Bypass Google Drive Download Limit Error TUTORIALS 7
G-Bo ッ Tutorial How to turn a split APK into a normal non-split APK TUTORIALS 24
Francois284Modz Tutorial How to bypass Code Stage Anti Cheat TUTORIALS 7
nik2143 Tutorial How to bypass Cash Knights Ban TUTORIALS 22
AndnixSH Tutorial How to mod split APKs (App bundles) TUTORIALS 3
G Shared [Tested] How to Die v1.0.1 MOD APK Tested Shared Android MODs 5
G OA [Shared] A Kiss For The Petals: Remembering How We Met [18+] v2.3 MOD APK Age Restricted Games 31
AndnixSH Tutorial How to backup/export split APK (App bundles) (NO root & root) TUTORIALS 10
AndnixSH Tutorial How to install/sideload split APKs/zipped .APKS file (NO root) TUTORIALS 2
AndnixSH Tutorial How to check your CPU Architecture on Android device TUTORIALS 0
AndnixSH Tutorial How to download single APK with lib folder (For App Bundles/Splitted APK) TUTORIALS 10
AndnixSH Tutorial How to block ads in all Android apps and games (No root & root) TUTORIALS 12
TryRoom AOS APP [Tested] How To Draw Cartoon v1.0.15 [Mod] Tested Android Apps 9
Arsenal Shared [Tested] How to Become a Progamer (Gold) v1.008 MOD APK Tested Shared Android MODs 15
AndnixSH Tutorial How to get unity version from any asset file TUTORIALS 6
AndnixSH Tutorial How to install unsigned APK on non-rooted devices (VirtualXposed app) (Google Play Games NOT working yet) TUTORIALS 26
DaRealPanDa Tutorial How to configure Fiddler for an Emulator and remove annoying lock screen TUTORIALS 3
AndnixSH Tutorial How to create unsigned APK file for rooted devices + signature check disabled (fix Google & FB login) TUTORIALS 11
Similar threads


















































About us

  • Welcome to platinmods.com! We are proud to present you the place which let's dreams come true! Focusing on quality and trust we have spend much time to build a gaming community fitting to your wishes and needs. Actually we offer you the finest MODs and Games of the Android section and we slowly expand to the iOS section as well. But games, Android MODs & iOS MODs are not the only things we can offer you. We have tutorials, tools, a very friendly, active and solid community which will help you with any problem you have =) Your happiness is our goal. We hope you enjoy!

Forum statistics

Threads
27,589
Messages
461,295
Members
1,031,344
Latest member
Emredcan