Help! Intercepting and Modifying Lua Scripts in Unity IL2CPP Game (BLEACH: Soul Resonance) - XLua Issues

L

lola1337

Platinian
Game: BLEACH: Soul Resonance (Unity + IL2CPP + XLua)

Platform: Android (x86_64 emulator)

Tools: Frida, Il2CppDumper, ZygiskFrida/frida-server

Goal:Intercept and modify Lua scripts that control combat mechanics (attack speed, damage, abilities).

Problem:All combat logic is implemented in Lua, and C# functions are not called directly during combat.

What We Tried (Didn't Work):
  1. Hooking C# functions via IL2CPP offsets:
  • EntityLogicComp$$SetRateSpeed (RVA: 0x2660104)
  • BaseEntity$$SetRateSpeed (RVA: 0x2582408)
  • get_AtkSpeed (RVA: 0x265F464)
  • Result: Functions are not called during combat
  1. Hooking XLua wrappers:
  • XLua.CSObjectWrap.BaseEntityWrap$$_m_SetRateSpeed
  • XLua.CSObjectWrap.EntityLogicCompWrap$$_m_SetRateSpeed
  • Result: Wrappers are not called
  1. Intercepting Lua via XLua functions:
  • XLua.LuaEnv$$DoString (Address: 40901428, RVA: 0x26F0C34)
  • XLua.LuaEnv$$LoadString (Address: 40902012, RVA: 0x26F0E9C)
  • Result: Hooking DoString/LoadString causes the game to freeze on a black screen after loading
Current Approach:Using Frida Server on emulator:
  • Installed frida-server-17.5.1-android-x86_64
  • Connection via MCP server
  • Hook on DoString at address base + 0x26F0C34
  • Problem: DoString is not called during combat (hook is installed, but no calls detected)
Questions:
  1. Why is DoString not being called? Could Lua be loaded through a different mechanism?
  2. How to safely intercept Lua without freezing the game?
  3. Are there alternative ways to modify Lua in XLua (e.g., via Lua tables in memory)?
  4. Could it be that combat logic runs in already-loaded Lua functions rather than through DoString?
Technical Details:
  • Architecture: Unity 2021.x + IL2CPP + XLua
  • Process: com.bleach.apj (PID: 3928)
  • Module: libil2cpp.so (base: 0x763867709000)
  • DoString offset: 0x26F0C34 (from Il2CppDumper)
  • Frida version: 17.5.1
What We Need: Advice on intercepting/modifying Lua in XLua without freezing the game, or alternative approaches to modifying combat logic.
 
You must log in or register to reply here.
Back
Top Bottom