Discussion no update function

P

power2020202020

Solid & Active Platinian
Hello, I know how to do hooking with update but I have a game that in its class there is no update to connect a function maximum private field I found was this 2 similar in the same class but I did hooking and it didn't work does anyone have any tips when there is no function update in the same class?

private int _newTrophyCount; // 0x2C
public void set_newTrophyCount(int value) { } 0x1352E98


bool trophies = false;

void(*old_newTrophyCount)(void *instance);
void newTrophyCount(void *instance) {
if(instance != NULL) {
if (thophies) {
*(int *) ((uint64_t) instance + 0x2C) = 50;
}
}
old_newTrophyCount(instance);
}

MSHookFunction((void *)getAbsoluteAddress("libil2cpp.so", 0x1352E98), (void *) newTrophyCount, (void **) &old_newTrophyCount);

OBFUSCATE("10_Toggle_trophies"),

case 10:
trophies = !trophies;
break;

here this whole class yes I already used the public int mode with the same name public int get_newTrophyCount() { } and nothing in the game changed I did it with hexpatcher and with connect int mode

complete class if anyone can help me find the hidden update function

public class AC_RoundEndOk : IPacket // TypeDefIndex: 8635
{
// Fields
public static readonly uint Key; // 0x0
private MatchResult _result; // 0x8
private int _isLastRound; // 0xC
private List<int> _score; // 0x10
private int _chestSlot; // 0x14
private int _chestId; // 0x18
private long _chestTimeObtained; // 0x20
private int _newKnockoutProgress; // 0x28
private int _newTrophyCount; // 0x2C
private int _newLeagueId; // 0x30
private int _leagueChange; // 0x34

// Methods

// RVA: 0x1352CAC Offset: 0x1352CAC VA: 0x1352CAC Slot: 5
public uint GetCommand() { }

// RVA: 0x1352D20 Offset: 0x1352D20 VA: 0x1352D20
public static AC_RoundEndOk CreatePacket() { }

// RVA: 0x1352E18 Offset: 0x1352E18 VA: 0x1352E18
public MatchResult get_result() { }

// RVA: 0x1352E20 Offset: 0x1352E20 VA: 0x1352E20
public void set_result(MatchResult value) { }

// RVA: 0x1352E28 Offset: 0x1352E28 VA: 0x1352E28
public int get_isLastRound() { }

// RVA: 0x1352E30 Offset: 0x1352E30 VA: 0x1352E30
public void set_isLastRound(int value) { }

// RVA: 0x1352E38 Offset: 0x1352E38 VA: 0x1352E38
public List<int> get_score() { }

// RVA: 0x1352E40 Offset: 0x1352E40 VA: 0x1352E40
public void set_score(List<int> value) { }

// RVA: 0x1352E48 Offset: 0x1352E48 VA: 0x1352E48
public int get_chestSlot() { }

// RVA: 0x1352E50 Offset: 0x1352E50 VA: 0x1352E50
public void set_chestSlot(int value) { }

// RVA: 0x1352E58 Offset: 0x1352E58 VA: 0x1352E58
public int get_chestId() { }

// RVA: 0x1352E60 Offset: 0x1352E60 VA: 0x1352E60
public void set_chestId(int value) { }

// RVA: 0x1352E68 Offset: 0x1352E68 VA: 0x1352E68
public long get_chestTimeObtained() { }

// RVA: 0x1352E70 Offset: 0x1352E70 VA: 0x1352E70
public void set_chestTimeObtained(long value) { }

// RVA: 0x1352E80 Offset: 0x1352E80 VA: 0x1352E80
public int get_newKnockoutProgress() { }

// RVA: 0x1352E88 Offset: 0x1352E88 VA: 0x1352E88
public void set_newKnockoutProgress(int value) { }

// RVA: 0x1352E90 Offset: 0x1352E90 VA: 0x1352E90
public int get_newTrophyCount() { }

// RVA: 0x1352E98 Offset: 0x1352E98 VA: 0x1352E98
public void set_newTrophyCount(int value) { }

// RVA: 0x1352EA0 Offset: 0x1352EA0 VA: 0x1352EA0
public int get_newLeagueId() { }

// RVA: 0x1352EA8 Offset: 0x1352EA8 VA: 0x1352EA8
public void set_newLeagueId(int value) { }

// RVA: 0x1352EB0 Offset: 0x1352EB0 VA: 0x1352EB0
public int get_leagueChange() { }

// RVA: 0x1352EB8 Offset: 0x1352EB8 VA: 0x1352EB8
public void set_leagueChange(int value) { }

// RVA: 0x1352EC0 Offset: 0x1352EC0 VA: 0x1352EC0 Slot: 4
public uint GetSize() { }

// RVA: 0x1352F1C Offset: 0x1352F1C VA: 0x1352F1C Slot: 6
public bool Encode(BinaryEncoder encoder) { }

// RVA: 0x13530E4 Offset: 0x13530E4 VA: 0x13530E4 Slot: 7
public bool Decode(BinaryDecoder decoder) { }

// RVA: 0x1352D7C Offset: 0x1352D7C VA: 0x1352D7C
public void .ctor() { }

// RVA: 0x1353380 Offset: 0x1353380 VA: 0x1353380
private static void .cctor() { }
 
Sort by date Sort by votes
You Can trace thé class with frida to sée if its bee' called and you Can also in dnspy analyse thé class to sée if its been call from a other class if yes then you Can use that class update
 
Upvote 0 Downvote
# class for ammo but does not have update offset

public class Item // TypeDefIndex: 4824
{
// Fields
public string itemName; // 0x8
public int itemId; // 0xC
public string itemDescription; // 0x10
public Sprite itemIcon; // 0x14
public float range; // 0x18
public int maxAmo; // 0x1C
public int currAmo; // 0x20
public int itemValue; // 0x24
public int itemDamage; // 0x28
public Item.ItemType itemType; // 0x2C

// Methods

// RVA: 0x773808 Offset: 0x773808 VA: 0x773808
public void .ctor(int id, string name, string description, int value, int damage, int cAmo, int mAmo, Item.ItemType type, float range) { }

// RVA: 0x773964 Offset: 0x773964 VA: 0x773964
public void .ctor() { }

// RVA: 0x77396C Offset: 0x77396C VA: 0x77396C
public Item Clone() { }

// RVA: 0x773A6C Offset: 0x773A6C VA: 0x773A6C
public int GetItemTypeAsSlotId() { }
}








# I took the updated offset from this class name, because it has a connection with public class item

public class PickupSlot : MonoBehaviour // TypeDefIndex: 4891
{
// Fields
public GameObject objectItem; // 0xC
public Item item; // 0x10
public bool stack; // 0x14
private Image icon; // 0x18
private Text amount; // 0x1C
private Game gameController; // 0x20
public bool pickedUp; // 0x24
[CompilerGeneratedAttribute] // RVA: 0x1BAFC4 Offset: 0x1BAFC4 VA: 0x1BAFC4
private static UnityAction<PhotonView> <>f__am$cache0; // 0x0

// Methods

// RVA: 0x729BF0 Offset: 0x729BF0 VA: 0x729BF0
public void .ctor() { }

// RVA: 0x729BF8 Offset: 0x729BF8 VA: 0x729BF8
private void Start() { }

// RVA: 0x729F54 Offset: 0x729F54 VA: 0x729F54
private void Update() { }

// RVA: 0x72A05C Offset: 0x72A05C VA: 0x72A05C
public void OnGetItem() { }

[CompilerGeneratedAttribute] // RVA: 0x1BAFD4 Offset: 0x1BAFD4 VA: 0x1BAFD4
// RVA: 0x72A440 Offset: 0x72A440 VA: 0x72A440
private static void <OnGetItem>m__0(PhotonView component) { }
}







# the hooking code that I use

int
currentammo = false;


// 0x20 = current ammo from public class item
// 0x10 = To connect to public class item, which I took from public class pickupslot
// 0x729F54 = update offset that I took from public class pickupslot

void (*old_update)(void *instance);
void update(void *instance) {
if(instance != NULL) {
void *OtherClass = *(void**)((uint64_t)instance + 0x10);
{
if(currentammo != NULL) {
*(int *) ((uint64_t) OtherClass + 0x20) = 99999;
}
}
}
old_update(instance);
}


// arm64-v8
A64HookFunction((void *)getAbsoluteAddress("libil2cpp.so", 0x729F54), (void *) update, (void **) &old_update);

// armebia-v7a
MSHookFunction((void *)getAbsoluteAddress("libil2cpp.so", 0x729F54), (void *) update, (void **) &old_update);
 
Upvote 0 Downvote
ByteX said:
# class for ammo but does not have update offset

public class Item // TypeDefIndex: 4824
{
// Fields
public string itemName; // 0x8
public int itemId; // 0xC
public string itemDescription; // 0x10
public Sprite itemIcon; // 0x14
public float range; // 0x18
public int maxAmo; // 0x1C
public int currAmo; // 0x20
public int itemValue; // 0x24
public int itemDamage; // 0x28
public Item.ItemType itemType; // 0x2C

// Methods

// RVA: 0x773808 Offset: 0x773808 VA: 0x773808
public void .ctor(int id, string name, string description, int value, int damage, int cAmo, int mAmo, Item.ItemType type, float range) { }

// RVA: 0x773964 Offset: 0x773964 VA: 0x773964
public void .ctor() { }

// RVA: 0x77396C Offset: 0x77396C VA: 0x77396C
public Item Clone() { }

// RVA: 0x773A6C Offset: 0x773A6C VA: 0x773A6C
public int GetItemTypeAsSlotId() { }
}








# I took the updated offset from this class name, because it has a connection with public class item

public class PickupSlot : MonoBehaviour // TypeDefIndex: 4891
{
// Fields
public GameObject objectItem; // 0xC
public Item item; // 0x10
public bool stack; // 0x14
private Image icon; // 0x18
private Text amount; // 0x1C
private Game gameController; // 0x20
public bool pickedUp; // 0x24
[CompilerGeneratedAttribute] // RVA: 0x1BAFC4 Offset: 0x1BAFC4 VA: 0x1BAFC4
private static UnityAction<PhotonView> <>f__am$cache0; // 0x0

// Methods

// RVA: 0x729BF0 Offset: 0x729BF0 VA: 0x729BF0
public void .ctor() { }

// RVA: 0x729BF8 Offset: 0x729BF8 VA: 0x729BF8
private void Start() { }

// RVA: 0x729F54 Offset: 0x729F54 VA: 0x729F54
private void Update() { }

// RVA: 0x72A05C Offset: 0x72A05C VA: 0x72A05C
public void OnGetItem() { }

[CompilerGeneratedAttribute] // RVA: 0x1BAFD4 Offset: 0x1BAFD4 VA: 0x1BAFD4
// RVA: 0x72A440 Offset: 0x72A440 VA: 0x72A440
private static void <OnGetItem>m__0(PhotonView component) { }
}







# the hooking code that I use

int
currentammo = false;


// 0x20 = current ammo from public class item
// 0x10 = To connect to public class item, which I took from public class pickupslot
// 0x729F54 = update offset that I took from public class pickupslot

void (*old_update)(void *instance);
void update(void *instance) {
if(instance != NULL) {
void *OtherClass = *(void**)((uint64_t)instance + 0x10);
{
if(currentammo != NULL) {
*(int *) ((uint64_t) OtherClass + 0x20) = 99999;
}
}
}
old_update(instance);
}


// arm64-v8
A64HookFunction((void *)getAbsoluteAddress("libil2cpp.so", 0x729F54), (void *) update, (void **) &old_update);

// armebia-v7a
MSHookFunction((void *)getAbsoluteAddress("libil2cpp.so", 0x729F54), (void *) update, (void **) &old_update);
Click to expand...
You can either create an instance within a Update by a unity function FindObjectsOfType. Finding & Creating instance of any classes and Static fields, methods. - Platinmods.com - Android & iOS MODs, Mobile Games & Apps

or lowkey just hook the function itself and return it.
 
Upvote 0 Downvote
You must log in or register to reply here.
Back
Top Bottom