i dont think he created any hacks for CC, with the .48 mod, after patching with lucky patcher, it says by dwan46, if it was hacker.trio, it would have his signature on it. Plus after the .49 update he claim he was going to release it last month after he come back on vacation, i guess he is on vacation again and claiming he'll release another mod hack for .52. I think he's just stealing peoples mod and releasing it for free, but i guess you cant compliant much since its free to start with.Quote:
Lol ... Be patient or create your own hack ...
This hack is free, so, respect the creator and there vacation --'
Castle Clash - Dungeon Hack (Hbm )
08/25/2014 02:17
faker6969#331
08/25/2014 06:51
jajarem64#332
If you don't see a "List" button then you need to either upgrade to 3.1, or you need to downgrade to 2.6 if you're on Bluestacks or any other emulator because the guy who is keeping up with the SBGH project has messed up some things in the code with the past few releases. Supposedly 3.2 will resolve these issues and allow you to write again in x86 arch (emulators). I use GenyMotion, as it doesn't give BSoD, you need ARM Translator 1.1 (only supports arm translation up to 4.3 on x86 emulators) and signed Gapps flash for 4.3.Quote:
I found the address and save it, reset the sb and after that when I searched for 1074737971, sb found around 153 result and ask to change the 1074737971 and search again!
would you please explain step 4 and after that?
[Only registered and activated users can see links. Click Here To Register...]
Enjoy, put some effort into it. This shows you how you can use the mod provided here to create your own hotfix (proper term) for v52. If you don't understand what I'm talking about after you've decompiled the libs in IDA then don't bother to proceed any further, from that though, it's an easy task as long as you use AppUse for direct assembly modification via GEdit. Thanks, have a good day.
Also, Hacker.Trio might have compiled his own hotfix for v48 lib. But he didn't compile the Lucky Patcher mod, Dwan46 (LoveCC) did. Don't read that wrong either, ChelpuS coded Lucky Patcher. Why is everyone taking his words out of context? Go back to English class.
08/25/2014 12:22
LordVanDooM#333
i dont really understand something like this, but trying to follow you.Quote:
[Only registered and activated users can see links. Click Here To Register...]
Enjoy, put some effort into it. This shows you how you can use the mod provided here to create your own hotfix (proper term) for v52. If you don't understand what I'm talking about after you've decompiled the libs in IDA then don't bother to proceed any further, from that though, it's an easy task as long as you use AppUse for direct assembly modification via GEdit. Thanks, have a good day.
Also, Hacker.Trio might have compiled his own hotfix for v48 lib. But he didn't compile the Lucky Patcher mod, Dwan46 (LoveCC) did. Don't read that wrong either, ChelpuS coded Lucky Patcher. Why is everyone taking his words out of context? Go back to English class.
using v48 lib and copy to v52 lib right.?
dont know what to mod, where to start LoL
so can u make lib that can farm dungeon and expedition.?
sorry if i cant follow u to far, im still newbie with this mod thing ^^
and my english not really good
anyway what code still working now.?
please share ^^
thanks alot
08/25/2014 12:52
jajarem64#334
The modified functions within the assembly code of the modified libs from version 1.2.48 Hacker.Trio has made available are still the same assembly code modifications required to achieve the results of HBM and HT hack on version 1.2.52. All you need to do is locate the modified functions, which I have explained how to do so, overwrite the version 1.2.52 functions that you have found from 1.2.48 with the functions that allowed you to hack in HBM and HT. I have provided most of them already in a text file on my post, but I would expect you to check it (compare libgamc.so against libgamd.so and libgamb.so) yourself using IDA with the plugin titled, "PatchDiff2" available online from the open-source Google Code Repository. That way you can ensure you have found all of the unmatched functions, a few out of thousands of those functions (which I listed 3 already one of which has been patched and I said how to patch the CheckHack() function in my post as well) will be the ones used to achieve the HBM and HT hack. Apply those functions from libgamc.so to libgame.so (original version 1.2.52 lib) after you've done that I recommend for you to still use Lucky Patcher to fix your dalvik-cache on Castle Wars for the libgamc.so in your system/lib folder. Take your patched/modded/hotfixed version 1.2.52 lib and place it in the system/lib folder, just as you would have with the old mod. I have already shared, everything is there for you. It's all there. It's there for everyone.Quote:
using v48 lib and copy to v52 lib right.?
dont know what to mod, where to start LoL
so can u make lib that can farm dungeon and expedition.?
sorry if i cant follow u to far, im still newbie with this mod thing ^^
and my english not really good
anyway what code still working now.?
please share ^^
thanks alot
08/25/2014 18:13
mzee9#335
dont use same hero as hbm wave always switch your heros also never use legendary with hack you cant complete ht.Quote:
08/25/2014 20:08
fairylovehn127#336
[Only registered and activated users can see links. Click Here To Register...]
lib version 52
easy to make :D
lib version 52
easy to make :D
08/25/2014 20:14
Marius™#337
This helps many newbis, nice Therad.Quote:
08/26/2014 06:23
matt085#338
wats this suppose to be ? :)Quote:
lib version 52
easy to make :D
08/26/2014 06:25
jajarem64#339
Thanks, I enjoy keeping the flow of information free as it has always been meant to be in order to progress humankind as a whole and not a singular, across any subject I can. I try to encourage people to be more independent and take the time to educate themselves, especially when it comes to matters of reverse engineering, because anyone could just reallocate some memory and add some malicious shell code to a modified lib, sure it may give you HBM and HT hack but at the same time you could (high probability due to the chances of someone knowing how to mod and selling them, shows the need for more money, in that sense you could assume they'd be willing to give it a try) have someone with the capabilities of privilege escalation gaining root access to your device remotely. Now a days you have plenty of tools that will do it for you with the click of a button, without having to do it manually and they're all readily available on the public domain. With that being said, you could consider it as more of an increasing threat on a day by day basis due to the free flow of information but when we face a threat we adapt and if that means reverse engineering for our own needs, then so be it.Quote:
I'm disassembling it now to see. It appears to be 2 copies of the original 52 lib. Running code comparison and checksums.Quote:
Code:
.plt:0020518C ; Input MD5 : 3CA3DE375C666E22CFB7B8400E690D52 .plt:0020518C ; Input CRC32 : CF779282 .plt:0020518C .plt:0020518C ; --------------------------------------------------------------------------- .plt:0020518C ; File Name : C:\*\libgamhbmn52\libgam2.so .plt:0020518C ; Format : ELF for ARM (Shared object) .plt:0020518C ; Needed Library 'libGLESv2.so' .plt:0020518C ; Needed Library 'liblog.so' .plt:0020518C ; Needed Library 'libz.so' .plt:0020518C ; Needed Library 'libstdc++.so' .plt:0020518C ; Needed Library 'libm.so' .plt:0020518C ; Needed Library 'libc.so' .plt:0020518C ; Needed Library 'libdl.so' .plt:0020518C ; Shared Name 'libgame.so' .plt:0020518C ; .plt:0020518C ; EABI version: 5
Code:
.plt:0020518C ; Input MD5 : 3CA3DE375C666E22CFB7B8400E690D52 .plt:0020518C ; Input CRC32 : CF779282 .plt:0020518C .plt:0020518C ; --------------------------------------------------------------------------- .plt:0020518C ; File Name : C:\*\libgamhbmn52\libgam5.so .plt:0020518C ; Format : ELF for ARM (Shared object) .plt:0020518C ; Needed Library 'libGLESv2.so' .plt:0020518C ; Needed Library 'liblog.so' .plt:0020518C ; Needed Library 'libz.so' .plt:0020518C ; Needed Library 'libstdc++.so' .plt:0020518C ; Needed Library 'libm.so' .plt:0020518C ; Needed Library 'libc.so' .plt:0020518C ; Needed Library 'libdl.so' .plt:0020518C ; Shared Name 'libgame.so' .plt:0020518C ; .plt:0020518C ; EABI version: 5
Code:
File Function name Function address Sig Hash CRC ---- ------------- ---------------- --- ---- --- 2 SceneBattleOperation::BearAttackDamage(CBaseObject *,CBaseObject *) 30EB88 00000105 F8DFBEFB 776AD718 2 Hero::GetTalentSkillId(void) 24AE48 00000007 00080043 9E1E5401
08/26/2014 06:44
fairylovehn127#340
zzzzzzzzzzzzzzzz
i dont know which script you use
i just put 2 file libgam2 and libgam5.so to this folder
2 files are the same
open folder luckypatcher
open file HBM and see 04 67 61 6d ?? 00
if ?? = 32 this means you can use libgam2.so
if ?? = 35 you can use libgam5.so
.......
i suggest you edit some function bearattackdamage attackerrun ....... to mod
I'm fairy from gameguardian, AGH and androidrepublic
Confirmed, both identical copies of the v52 Original Lib. If you guys don't know how to obtain a v52 Original Lib they will help you, though you can get it from the APK which you can download online and extracting it, or from data/app-lib/com.igg.castleclash-1/"libgame.soel free to use his copies if you're feeling lazy lol.
you are so stupid =))
i can teach you some function to mod
Use IDA decompile it
function bearattackdamage return it 70 47 -> 1 hit to die all
can use hex workshop to edit
function getobjectrange you look this line add .... see the hex change 18 to 1b it means max range lol
.................
i dont know which script you use
i just put 2 file libgam2 and libgam5.so to this folder
2 files are the same
open folder luckypatcher
open file HBM and see 04 67 61 6d ?? 00
if ?? = 32 this means you can use libgam2.so
if ?? = 35 you can use libgam5.so
.......
i suggest you edit some function bearattackdamage attackerrun ....... to mod
I'm fairy from gameguardian, AGH and androidrepublic
Confirmed, both identical copies of the v52 Original Lib. If you guys don't know how to obtain a v52 Original Lib they will help you, though you can get it from the APK which you can download online and extracting it, or from data/app-lib/com.igg.castleclash-1/"libgame.soel free to use his copies if you're feeling lazy lol.
you are so stupid =))
i can teach you some function to mod
Use IDA decompile it
function bearattackdamage return it 70 47 -> 1 hit to die all
can use hex workshop to edit
function getobjectrange you look this line add .... see the hex change 18 to 1b it means max range lol
.................
08/26/2014 06:53
jajarem64#341
Thanks for the input, Fairy. It's good to have your eyes here. I use PatchDiff2 for IDA for function analysis, it's available from the Google Open-Source Project Repository i.e. code.google. I'm also well aware of Hex to ASCII conversion. I've also got the latest version of IDA Professional, I prefer hex modification through IDA over Hex Workshop or Hex Edit. You can also use AppUse and write to the assembly directly in ASCII format. This is to help everyone, insulting members of the forum isn't called for, especially over a misinterpretation. You're still welcome to contribute to the thread though, so feel free to do so. :)Quote:
i dont know which script you use
i just put 2 file libgam2 and libgam5.so to this folder
2 files are the same
open folder luckypatcher
open file HBM and see 04 67 61 6d ?? 00
if ?? = 32 this means you can use libgam2.so
if ?? = 35 you can use libgam5.so
.......
i suggest you edit some function bearattackdamage attackerrun ....... to mod
I'm fairy from gameguardian, AGH and androidrepublic
The CheckHack(void) has to be modified as well
Code:
; CheckHack(void)
.text:0020D76C EXPORT _Z9CheckHackv
.text:0020D76C _Z9CheckHackv ; CODE XREF: StaticDB::CheckBuildLvlInfo(T_BuildLvlInfo *)+5AEp
.text:0020D76C ; StaticDB::CheckBuildingBindHeroLevelInfo(T_BuildingBindHeroLevelInfo *)+184p ...
.text:0020D76C PUSH {R3,LR}
.text:0020D76E LDR R3, =(g_IsHack_ptr - 0x20D774)
.text:0020D770 ADD R3, PC ; g_IsHack_ptr
.text:0020D772 LDR R3, [R3] ; g_IsHack
.text:0020D774 LDRB R3, [R3]
.text:0020D776 CMP R3, #0
.text:0020D778 BEQ locret_20D782
.text:0020D77A BL _ZN9GameLogic8InstanceEv ; GameLogic::Instance(void)
.text:0020D77E BL _ZN9GameLogic4ExitEv ; GameLogic::Exit(void)
.text:0020D782
.text:0020D782 locret_20D782 ; CODE XREF: CheckHack(void)+Cj
.text:0020D782 POP {R3,PC}
.text:0020D782 ; End of function CheckHack(void)
.text:0020D782
.text:0020D782 ; ---------------------------------------------------------------------------
.text:0020D784 off_20D784 DCD g_IsHack_ptr - 0x20D774 ; DATA XREF: CheckHack(void)+2r
Code:
; CheckHack(void) .text:001A17D8 EXPORT _Z9CheckHackv .text:001A17D8 _Z9CheckHackv ; CODE XREF: StaticDB::CheckBuildLvlInfo(T_BuildLvlInfo *)+5B6p .text:001A17D8 ; StaticDB::CheckBuildingBindHeroLevelInfo(T_BuildingBindHeroLevelInfo *)+184p ... .text:001A17D8 BX LR .text:001A17D8 ; End of function CheckHack(void) .text:001A17D8 .text:001A17D8 ; --------------------------------------------------------------------------- .text:001A17DA ALIGN 4
08/26/2014 07:29
fairylovehn127#342
edit function checkhack for what
08/26/2014 07:39
renzjake231#343
How? I dont know how to..pls teach me
08/26/2014 07:42
EGYPT_2010#344
mea too plzzzzzzzzzzzzzzzzzzzzz man Video
08/26/2014 09:40
jajarem64#345
For bypass. Did you finish the mod for Android Republic or was it UB?Quote: