Tutorial Megathread: Modding Features

nowhere_222

nowhere_222

Approved Modder
Approved Modder
Hey it's me again your good boy nowhere :pepe019:
Today i will share some tutorial (not really completed as of now) :pepe019:
But as done some for y'all if you want to learn some :)) (Pretty much beginner features) :pepe018:

I will try to cover all soon so my good people who wants to start modding can have something to start with :pepe017:

Here is a few example of features you can make easily on games: :face12:

FREEZE CURRENCY:

1701433581472.png

1 HIT KILL:

1701433755358.png

GODMOD:

1701433908080.png

Forgot to mention but void Attack needs to be found on Enemy / Monster class.

1 HIT KILL PARAMETER:
1701437143692.png

FREEZE TIMER:

1701490396944.png

FREE AD BUFF:

1701490477953.png

FREE ENHANCE:

1701499049086.png

HOOK PARAMETER VALUE WITH HEX PATCHING:

1701856282254.png
 
Last edited:
Always great to see others sharing knowledge!

Couple tips for you
C#: 
//Freeze Timer
public void StartTimer(float duration, Action onTimedOut)

This function has the return type void, meaning it does not return anything, you dont need to use nop if you only want to exit the function, can simply use 1E FF 2F E1 on its own, having nop there makes no difference since the processor will see nop and skip it due to it being no operation and bx lr anyway.

A few of your other examples say to return values to the parameters, they are just data sent to the function that the function needs to do its work, you cant "return to a parameter" you can edit the values in the parameter in the current function but not "return to it" in the context you say in your post.

Your freeze currency hex is 02 00 a0 e1 1e ff 2f e1 which in arm is:

mov r0, r2
bx lr

and would translate in code to something like this:
C#: 
public void SpendCurrency(string currencyType, long amount)
{
    return amount;
}

SpendCurrency is a void function though, so it doesnt actually work like you expect it to since it cant return anything.

Hope that helps, Happy Modding!
 
Backshift said:
Always great to see others sharing knowledge!

Couple tips for you
C#: 
//Freeze Timer
public void StartTimer(float duration, Action onTimedOut)

This function has the return type void, meaning it does not return anything, you dont need to use nop if you only want to exit the function, can simply use 1E FF 2F E1 on its own, having nop there makes no difference since the processor will see nop and skip it due to it being no operation and bx lr anyway.

A few of your other examples say to return values to the parameters, they are just data sent to the function that the function needs to do its work, you cant "return to a parameter" you can edit the values in the parameter in the current function but not "return to it" in the context you say in your post.

Your freeze currency hex is 02 00 a0 e1 1e ff 2f e1 which in arm is:

mov r0, r2
bx lr

and would translate in code to something like this:
C#: 
public void SpendCurrency(string currencyType, long amount)
{
    return amount;
}

SpendCurrency is a void function though, so it doesnt actually work like you expect it to since it cant return anything.

Hope that helps, Happy Modding!
Click to expand...
I could always learn from this guy even though what you did is simple corrections but it's fundamentally necessary, would love to see more of your info, i think there is a hidden gem there lol
 
Backshift said:
Always great to see others sharing knowledge!

Couple tips for you
C#: 
//Freeze Timer
public void StartTimer(float duration, Action onTimedOut)

This function has the return type void, meaning it does not return anything, you dont need to use nop if you only want to exit the function, can simply use 1E FF 2F E1 on its own, having nop there makes no difference since the processor will see nop and skip it due to it being no operation and bx lr anyway.

A few of your other examples say to return values to the parameters, they are just data sent to the function that the function needs to do its work, you cant "return to a parameter" you can edit the values in the parameter in the current function but not "return to it" in the context you say in your post.

Your freeze currency hex is 02 00 a0 e1 1e ff 2f e1 which in arm is:

mov r0, r2
bx lr

and would translate in code to something like this:
C#: 
public void SpendCurrency(string currencyType, long amount)
{
    return amount;
}

SpendCurrency is a void function though, so it doesnt actually work like you expect it to since it cant return anything.

Hope that helps, Happy Modding!
Click to expand...


I try to do it hook the parameters, it's work for me
 
juneitor said:
I try to do it hook the parameters, it's work for me
Click to expand...
Well yeah, if you are function hooking with a hook library, that takes care of allocating new memory with however much space you need and patching the original function to jump there to run your custom logic before jumping back to the original function after the jump. Which you can still do directly in arm in the binary, but you are limited to the size of the original function, if you do it directly in the binary you would have to find some free space, such as an unused function like a debug function or some junk the game doesn't use, then you could jump to that unused function write you logic there and jump back manually yourself. These days everyone on android is hooking since there are frameworks already and templates/ready to use code available.

I was talking in the context of nowhere's hex patches, one proper way to edit the value in the parameters without hooking would be to xref (cross reference) in IDA/Ghidra etc back to where your target function is called from and then edit the value being put into the register being used just before the function is called, that way when the function is called it will already have your custom value in the parameter.
 
You must log in or register to reply here.
Back
Top Bottom