Without this step you are pretty much totally lost in IDA/Ghidra. it will help you to understand the code almost perfectly. (5) run Python scripts "ida_with_struct_p圓.py" within IDA Pro (File -> Script file.) or "ghidra_with_struct.py" within Ghidra, to populate the disassembled code database with comprehensive meta information (class names, method names, attribute names, struct names etc.). (primary target there is always "Assembly-CSharp.dll", where most game functionality is located) "DummyDll" can be used with dnSpy for a quick look through functions, attributes etc. to briefly patch a bool return function by using its offset with "return true/false"). for a quick look you can use "dump.cs" (e.g. (4) use IL2CPP Dumper on "main.elf" + "global-metadata.dat", which will create a lot of useful additional files about the executable binary. (3) load "main.elf" with IDA Pro or Ghidra, remember that Switch uses big endian byte order, so select it in the disassembling settings (ARMB processor type) (2) use NX2ELF on "main" to get uncompressed "main.elf" then dump "global-metadata.dat" from RomFS (search in subdirectories for this file, this is by the way the easiest way to see if it's a Unity game or not) (1) use NXDump on the Unity game you want to modify, select the proper last used patch version (not the base game version!!) there and dump "main" from ExeFS. As I had to dig through a lot of information by myself, I thought that I could do a small tutorial on how to modify Unity games for cheating (and not only, e.g.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |