Applied Cracking & Byte Patching with IDA Pro - InfoSec Resources. Binary Cracking & Byte Patching with IDA Pro. Applied Cracking & Byte Patching with IDA Pro [Binary Reversing] Binary Patching. The Brute Force of Reverse Engineering with IDA and Hopper (And a Hex Editor).
This is prob a crummy tut cuz its my first so i can use teamveiwer and show u how if u want. It is a long and complicated process, ur going to need ida pro so u can google for that u can either crack it or get the trial. Once u have that u need the app u want to hack sooo ill use deathnight as an example for this. Download the cracked version of the game u want to hack ( u will not be able to hack app downloaded form the app store cuz they are encrypted ) 2. Once u have the app open it up using winrar, and open the payload folder, in there you should see a bunch of files look for the binary file (EX. Most of the time it is the largest file in there.
Also it does not have an extension on it and most of the time its the same name as the app.) 3. Open it up in IDA pro, if you have a iphone 3g or ipod touch 2G and lower click on the arm 6 option if u have a 3GS or 3G ipod and up choose arm 7, then click on the drop down menu and select the top option. (it should say arm) and click done (just hit ok on all the other popups u get there should only be 2) 4. Let it finish decompileing it. And when its done click on the left box that says function and press ALT+T.
Here is when u figure out wut u wanna hack, i wanna hack the amount of money i get for killing someone. Sooo search for something that would make sence like money so type that in and look for a function that sounds like wut we need, so i found the fuction 'DeathKnight::AddMoney(int)' that sounds right so double click on it. Now here comes the hard part it requires u to use ur brain.
![Cracking Software With Ida Pro Cracking Software With Ida Pro](https://img.wonderhowto.com/img/80/29/63545477220299/0/binary-patching-brute-force-reverse-engineering-with-ida-and-hopper-and-hex-editor.w1456.jpg)
Once u found the function and double click on it, hit space (this is optional i think its easy to read in the flow chart.). Now u will see the whole function and wut it does. This is wut it should look like (note every function has different code).
DeathKnight::AddMoney(int) EXPORT ZN11DeathKnight8AddMoneyEi ZN11DeathKnight8AddMoneyEi LDR R2, =(ZN11DeathKnight6gcashE - 0x4B4E) ADD R2, PC; DeathKnight::gcash LDR R3, R2 ADDS R0, R0, R3 STR R0, R2 CMP R0, #0 BGE locret4B5A now u need to think wut it does and wut all the R's mean, we now that R2 is our cash becouse it tells us in the first line. I will now show u wut this function does and means (remember u need to think, u wont always be right the first time.) i know wut it means becouse i have already hacked it before. DeathKnight::AddMoney(int) EXPORT ZN11DeathKnight8AddMoneyEi ZN11DeathKnight8AddMoneyEi LDR R2, - this is loading our current money into the game ADD R2, PC-this is loading our money into a holding area so if we quit the game it we revert back to wut we had. LDR R3, R2 - R3 is the enemy so when we kill him his money loads into ours ADDS R0, R0, R3 - R0 is how much money we get, so its adding the money into the enemy STR R0, R2 - now it is storing the money we get into our current money ( this is the command we wanted hacked) CMP R0, #0 - compares money to see if it is empty, if it is then that means we got the money and the function restarts.
BGE locret4B5A now remember each regester means something different in each function. So R0 in another function wont be money it could be health, strength etc depending on the function u hack sometimes it could be a place holder and not mean anything. So now that we know what we need to change we need to know wut to change it too, since the function is storing money into our player we dont need to change the header (meaning the STR in the begining of the line) we just need to tell it to store something bigger into our money. There is a regester that is most of the times never used it is the heavenly R7 regester that regester hold the number 312,000,000 so lets use it we want to change the function STR R0, R2 to STR R7, R2 so that we get a buttlaod of money. Now u cant change the function inside of IDA for that u need to hex it useing a hex editor, so look and IDA and hilight wut we need to chage. And click the tab Hex Veiw and look at the bottom left corner for an adress.
It should look something like this '00003B50' that is were u need to go in the hex editor. Once there change the hex into the new one (for that u need a ARM to HEX converter). Save the file and there u go u got a new hack. Hope this helped u, if u want me to show u via Team Viewer message me and u can watch my computer and ill do it.