Tutorial Manually dump il2cpp unity 2019.x.x on Android games

AndnixSH

AndnixSH

PMT Elite Modder
Staff member
Modding-Team
This is for Unity 2019.x.x on Android games

Input correct unity version you have found in any asset files... Just put 2019.1

When the error occur, do NOT close cmd. Remember the offset of MetadataRegistration

166759


In the GUI version of dumper, it will also write the MetadataRegistration offset for you

166763


Disassemble libil2cpp.so file with IDA Pro and let it finish loading for a while

Press G and jump to address of MetadataRegistration

166760


Press X to view xrefs as follows.

166761


Double-click on the blue selection in the figure to jump.

armeabi-v7a:
The CodeRegistration offset is right below MetadataRegistration

166762


arm64-v8a:
Press space to switch to graph mode and look way above

166775


Can't press space due to red instructions?
Click on the loc_xxxxx and press X to view xrefs as follows.

TDJR8to.png


Double-click on the blue selection in the figure to jump.

Click on the loc_xxxxx and press X to view xrefs again

283LIW9.png


And double-click on the blue selection in the figure to jump.

You will be jumped to sub_xxxxx where you can see the CodeRegistration offset highlighted

8j6XC7M.png


x86:
The CodeRegistration offset is right below MetadataRegistration

166776


Relaunch il2cppdumper and dump manually with the offsets you have found

166764
 
Last edited:
komik said:
i have test it, still same
Click to expand...
It's Encrypted, filled with 0 bytes
For now do some research, dump it from memory and recover it. I will make public tutorial if many games encrypt il2cpp but my method is useless in some games since encrypted bottom blocks can't be recovered by dump

167715
 
Last edited:
Being new to modding I probably shouldn't be here. Regardless, with my game I didn't get blue text stating 'CodeRegistration' but I did follow the guide and this is for armeabi-v7a. Assuming my code registration is after R0, PC, R0 like yours is mine looks like D1CBB0 (not starting with a number) and my 'MetadataRegistration' looks like d533f0 (again, doesn't start with a number and idk if that would matter just seems weird to me).

Picture of the IDA location along with a picture of Il2CppDumper dumping out the registration code and of course I almost forgot the picture of the error when I enter the two.
 

Attachments

  • idaq64_x98CINN9c2.png
    idaq64_x98CINN9c2.png
    8.8 KB · Views: 458
  • Il2CppDumper_CjEPlTajiG.png
    Il2CppDumper_CjEPlTajiG.png
    19.6 KB · Views: 439
  • Il2CppDumper_AC75vV6xlb.png
    Il2CppDumper_AC75vV6xlb.png
    19.7 KB · Views: 435
@opzon Blue text are just my comments. You are doing right, this error just game compatibility issues. Can you tell me what game it is?
 
opzon said:
Game is path of idling idle rpg
apkpure.com

Path of Idling APK for Android Download

Path of Idling 0.55 APK download for Android. Action RPG Idle Incremental with offline progression!
apkpure.com apkpure.com
Click to expand...
@AndnixSH seems I can't edit my post but for whatever reason it seems after redownloading the IL2CPPDumper I was able to get this done succesfully using the info provided. (my old dumper was the same file size as the new one too) Thanks for your tutorial!
 
You must log in or register to reply here.
Back
Top Bottom