Many people ask me how to solve the problem of Arabic names for the player's name are reversed because they start from the right and not from the left, this is a condition to use Objective-C to distinguish and take the appropriate action if they are Arabic letters, and there are many ways to reverse the letters if the condition is achieved and I prefer the way FarsiType
Best regards @OOOQG
#import <Foundation/Foundation.h>
BOOL hasArabicLetters(NSString *str) {
NSCharacterSet *arabicCharacterSet = [NSCharacterSet characterSetWithCharactersInString:@"\u0600-\u06FF\u0750-\u077F\u08A0-\u08FF"]; // Arabic letter range
NSRange range = [str rangeOfCharacterFromSet:arabicCharacterSet options:NSLiteralSearch];
return (range.location != NSNotFound);
}
NSString *playerName = player.name;
if (hasArabicLetters(playerName)) {
// If it contains Arabic letters
// Take appropriate action
} else {
// If it does not contain Arabic letters
// Take appropriate action
}
Best regards @OOOQG
β€2π1
I wrote a report about How Pubg anti cheat work in general for all platforms.
And what advantages of using jailbreak device for cheating and what challenges for games developers
target: advance developers
Debugger Detection:
Debugger detection involves identifying whether a debugger is attached to the game process. This can be done by checking for debugger-specific flags or by using system calls to detect the presence of a debugger. For example, in C++, you can use the
Signature-Based Detection of Known Cheats:
This method involves scanning the game's memory for known cheat signatures. These signatures are specific patterns or sequences of bytes that are associated with known cheating software. This can be implemented using pattern scanning techniques in C++.
Open Game Process Handles:
Anti-cheat systems may monitor and restrict the opening of game process handles by unauthorized applications. This can be achieved by hooking system calls like
Detection of Manually Mapped Modules:
This involves detecting executable pages in memory that are not backed by an image on disk. It can be done by enumerating the loaded modules and checking for discrepancies between the modules in memory and the modules on disk.
Process Handle Creation Blocked:
The anti-cheat system can block the creation of new process handles by unauthorized applications by hooking system calls like
Overlays Detection:
Detecting overlays involves identifying third-party applications that draw over the game's window. This can be achieved by monitoring the window hierarchy and detecting unauthorized overlays.
Steam Overlay Hooks and Hacks:
This involves detecting any hooks or modifications made by the Steam overlay process to the game process. This can be done by monitoring system calls and memory modifications.
Game Files Integrity Checks:
This method involves verifying the integrity of game files by calculating checksums or hashes of the game files and comparing them against known good values.
TCP Connections to Cheat Sites:
The anti-cheat system can monitor network traffic and block connections to known cheat sites by inspecting TCP packets.
Module Name and Timestamp Blacklist:
This involves maintaining a blacklist of module names and timestamps to detect unauthorized modules loaded into the game process.
Certificate Blacklist:
The anti-cheat system can maintain a blacklist of unauthorized digital certificates to prevent unauthorized code from running.
Driver Blacklist:
This involves maintaining a blacklist of unauthorized drivers to prevent them from interacting with the game process.
Stack Walking / Ret Check:
Stack walking involves inspecting the call stack to detect unauthorized code execution. This can be done using stack walking techniques in C++.
Single Stepping to Detect Code Outside of Usermode Memory Range:
This method involves single-stepping through the game process to detect code execution outside of the user-mode memory range, which could indicate cheating behavior.
Hypervisor Detection:
Hypervisor detection involves identifying whether the game process is running within a virtualized environment. This can be done using system calls and hardware-based checks.
How Anti-Cheat Protects Itself:
Virtualization:
The anti-cheat system can use virtualization techniques to protect itself from being tampered with or bypassed by cheating software.
Streams Shellcode into Memory:
The anti-cheat system may stream its own shellcode into memory at runtime, making it difficult for cheaters to analyze or modify the code.
Integrity Checks on Modules & Shellcode:
The anti-cheat system can perform integrity checks on its own modules and shellcode to detect tampering or modifications.
Encrypted Traffic with Game Server:
The anti-cheat system can encrypt its communication with a backend server to protect sensitive data and prevent tampering.
Encrypted Named Pipe Communication:
And what advantages of using jailbreak device for cheating and what challenges for games developers
target: advance developers
Debugger Detection:
Debugger detection involves identifying whether a debugger is attached to the game process. This can be done by checking for debugger-specific flags or by using system calls to detect the presence of a debugger. For example, in C++, you can use the
IsDebuggerPresent function to check for the presence of a debugger.Signature-Based Detection of Known Cheats:
This method involves scanning the game's memory for known cheat signatures. These signatures are specific patterns or sequences of bytes that are associated with known cheating software. This can be implemented using pattern scanning techniques in C++.
Open Game Process Handles:
Anti-cheat systems may monitor and restrict the opening of game process handles by unauthorized applications. This can be achieved by hooking system calls like
OpenProcess and checking for unauthorized access.Detection of Manually Mapped Modules:
This involves detecting executable pages in memory that are not backed by an image on disk. It can be done by enumerating the loaded modules and checking for discrepancies between the modules in memory and the modules on disk.
Process Handle Creation Blocked:
The anti-cheat system can block the creation of new process handles by unauthorized applications by hooking system calls like
CreateProcess.Overlays Detection:
Detecting overlays involves identifying third-party applications that draw over the game's window. This can be achieved by monitoring the window hierarchy and detecting unauthorized overlays.
Steam Overlay Hooks and Hacks:
This involves detecting any hooks or modifications made by the Steam overlay process to the game process. This can be done by monitoring system calls and memory modifications.
Game Files Integrity Checks:
This method involves verifying the integrity of game files by calculating checksums or hashes of the game files and comparing them against known good values.
TCP Connections to Cheat Sites:
The anti-cheat system can monitor network traffic and block connections to known cheat sites by inspecting TCP packets.
Module Name and Timestamp Blacklist:
This involves maintaining a blacklist of module names and timestamps to detect unauthorized modules loaded into the game process.
Certificate Blacklist:
The anti-cheat system can maintain a blacklist of unauthorized digital certificates to prevent unauthorized code from running.
Driver Blacklist:
This involves maintaining a blacklist of unauthorized drivers to prevent them from interacting with the game process.
Stack Walking / Ret Check:
Stack walking involves inspecting the call stack to detect unauthorized code execution. This can be done using stack walking techniques in C++.
Single Stepping to Detect Code Outside of Usermode Memory Range:
This method involves single-stepping through the game process to detect code execution outside of the user-mode memory range, which could indicate cheating behavior.
Hypervisor Detection:
Hypervisor detection involves identifying whether the game process is running within a virtualized environment. This can be done using system calls and hardware-based checks.
How Anti-Cheat Protects Itself:
Virtualization:
The anti-cheat system can use virtualization techniques to protect itself from being tampered with or bypassed by cheating software.
Streams Shellcode into Memory:
The anti-cheat system may stream its own shellcode into memory at runtime, making it difficult for cheaters to analyze or modify the code.
Integrity Checks on Modules & Shellcode:
The anti-cheat system can perform integrity checks on its own modules and shellcode to detect tampering or modifications.
Encrypted Traffic with Game Server:
The anti-cheat system can encrypt its communication with a backend server to protect sensitive data and prevent tampering.
Encrypted Named Pipe Communication:
β€1π1
Named pipe communication between anti-cheat components can be encrypted to prevent eavesdropping or tampering.
βοΈβοΈβοΈβοΈβοΈβοΈβοΈ
Regarding iOS Limitations for Game Anti-Cheat Developers and cheaters advantages :
In iOS, jailbroken devices pose a challenge for game anti-cheat developers. Jailbroken devices allow users to gain root access and bypass certain security measures, potentially giving them an advantage in cheating. Anti-cheat developers face limitations in detecting and preventing cheating on jailbroken devices due to the increased control users have over the device's operating system and processes.
Developers may encounter challenges such as:
1. Limited access to low-level system functions: Jailbroken devices may allow users to access low-level system functions that are typically restricted on non-jailbroken devices, making it difficult for anti-cheat systems to enforce security measures effectively.
2. Bypassing security restrictions: Jailbroken devices may allow users to bypass security restrictions imposed by the iOS operating system, making it challenging for anti-cheat systems to prevent cheating behavior effectively.
3. Tampering with game files and memory: Users on jailbroken devices may have increased capabilities to tamper with game files and manipulate memory, making it more difficult for anti-cheat systems to detect and prevent cheating.
4. Evasion of detection techniques: Jailbroken devices may enable users to evade detection techniques used by anti-cheat systems, such as debugger detection, process monitoring, and integrity checks.
5. Limited control over device environment: Anti-cheat developers may have limited control over the device environment on jailbroken devices, which can impact their ability to enforce security measures effectively.
In conclusion, while anti-cheat developers strive to implement robust security measures, jailbroken iOS devices present challenges in detecting and preventing cheating behavior. Developers need to consider these limitations and explore alternative methods to protect fair gameplay on both jailbroken and non-jailbroken devices.
However, Here are some additional details on specific techniques and challenges related to anti-cheat development for iOS games:
1. Code Obfuscation:
Anti-cheat developers can use code obfuscation techniques to make it more difficult for cheaters to reverse-engineer and tamper with the anti-cheat system. This involves transforming the code into a more complex and convoluted form, making it challenging for cheaters to understand and modify.
2. Root Detection:
Detecting whether a device is jailbroken (rooted) is an essential part of anti-cheat measures on iOS. Anti-cheat systems can employ various methods to check for signs of a jailbroken device, such as inspecting system files, checking for the presence of known jailbreak tools, or examining system configurations that are typically modified on jailbroken devices.
3. Memory Integrity Checks:
Implementing memory integrity checks within the game's code can help detect unauthorized modifications to the game's memory, such as altering player stats or manipulating game mechanics. These checks can be challenging to implement effectively on jailbroken devices due to the increased access to memory and system processes.
4. Kernel-Level Protection:
To counteract the elevated privileges granted by jailbreaking, anti-cheat developers may explore techniques to protect their systems at the kernel level. This involves implementing security measures that operate at a lower level of the operating system to prevent unauthorized access and tampering.
5. Dynamic Code Generation Detection:
Some cheating techniques involve dynamically generating code at runtime to manipulate the game's behavior. Anti-cheat systems can employ mechanisms to detect and prevent such dynamic code generation, but this becomes more challenging on jailbroken devices where users have greater freedom to execute custom code.
6. Behavioral Analysis:
βοΈβοΈβοΈβοΈβοΈβοΈβοΈ
Regarding iOS Limitations for Game Anti-Cheat Developers and cheaters advantages :
In iOS, jailbroken devices pose a challenge for game anti-cheat developers. Jailbroken devices allow users to gain root access and bypass certain security measures, potentially giving them an advantage in cheating. Anti-cheat developers face limitations in detecting and preventing cheating on jailbroken devices due to the increased control users have over the device's operating system and processes.
Developers may encounter challenges such as:
1. Limited access to low-level system functions: Jailbroken devices may allow users to access low-level system functions that are typically restricted on non-jailbroken devices, making it difficult for anti-cheat systems to enforce security measures effectively.
2. Bypassing security restrictions: Jailbroken devices may allow users to bypass security restrictions imposed by the iOS operating system, making it challenging for anti-cheat systems to prevent cheating behavior effectively.
3. Tampering with game files and memory: Users on jailbroken devices may have increased capabilities to tamper with game files and manipulate memory, making it more difficult for anti-cheat systems to detect and prevent cheating.
4. Evasion of detection techniques: Jailbroken devices may enable users to evade detection techniques used by anti-cheat systems, such as debugger detection, process monitoring, and integrity checks.
5. Limited control over device environment: Anti-cheat developers may have limited control over the device environment on jailbroken devices, which can impact their ability to enforce security measures effectively.
In conclusion, while anti-cheat developers strive to implement robust security measures, jailbroken iOS devices present challenges in detecting and preventing cheating behavior. Developers need to consider these limitations and explore alternative methods to protect fair gameplay on both jailbroken and non-jailbroken devices.
However, Here are some additional details on specific techniques and challenges related to anti-cheat development for iOS games:
1. Code Obfuscation:
Anti-cheat developers can use code obfuscation techniques to make it more difficult for cheaters to reverse-engineer and tamper with the anti-cheat system. This involves transforming the code into a more complex and convoluted form, making it challenging for cheaters to understand and modify.
2. Root Detection:
Detecting whether a device is jailbroken (rooted) is an essential part of anti-cheat measures on iOS. Anti-cheat systems can employ various methods to check for signs of a jailbroken device, such as inspecting system files, checking for the presence of known jailbreak tools, or examining system configurations that are typically modified on jailbroken devices.
3. Memory Integrity Checks:
Implementing memory integrity checks within the game's code can help detect unauthorized modifications to the game's memory, such as altering player stats or manipulating game mechanics. These checks can be challenging to implement effectively on jailbroken devices due to the increased access to memory and system processes.
4. Kernel-Level Protection:
To counteract the elevated privileges granted by jailbreaking, anti-cheat developers may explore techniques to protect their systems at the kernel level. This involves implementing security measures that operate at a lower level of the operating system to prevent unauthorized access and tampering.
5. Dynamic Code Generation Detection:
Some cheating techniques involve dynamically generating code at runtime to manipulate the game's behavior. Anti-cheat systems can employ mechanisms to detect and prevent such dynamic code generation, but this becomes more challenging on jailbroken devices where users have greater freedom to execute custom code.
6. Behavioral Analysis:
β€2
Analyzing player behavior and in-game interactions can be an effective method for identifying suspicious activities that may indicate cheating. However, implementing robust behavioral analysis on iOS games, especially on jailbroken devices, requires careful consideration of the limitations imposed by the operating system and user privileges.
7. Collaboration with Apple:
Anti-cheat developers may benefit from collaborating with Apple to leverage platform-specific security features and gain insights into upcoming security enhancements. Engaging with Apple's developer community and security teams can provide valuable guidance on best practices for securing games against cheating on iOS.
Challenges in Jailbreak Detection:
Detecting jailbroken devices presents challenges due to the ever-evolving nature of jailbreak methods and the cat-and-mouse game between jailbreak developers and security measures. Anti-cheat developers must continuously adapt their detection techniques to keep up with new jailbreak releases and evasion tactics employed by users.
In summary, developing effective anti-cheat measures for iOS games, particularly in the context of jailbroken devices, requires a multi-faceted approach that encompasses code protection, system integrity checks, and collaboration with platform providers. By understanding the specific challenges posed by jailbroken environments and leveraging a combination of detection and prevention techniques, anti-cheat developers can work towards maintaining fair gameplay experiences for all players.
writer:
@saudgl
@pubg_dev
https://t.me/pubg_dev
7. Collaboration with Apple:
Anti-cheat developers may benefit from collaborating with Apple to leverage platform-specific security features and gain insights into upcoming security enhancements. Engaging with Apple's developer community and security teams can provide valuable guidance on best practices for securing games against cheating on iOS.
Challenges in Jailbreak Detection:
Detecting jailbroken devices presents challenges due to the ever-evolving nature of jailbreak methods and the cat-and-mouse game between jailbreak developers and security measures. Anti-cheat developers must continuously adapt their detection techniques to keep up with new jailbreak releases and evasion tactics employed by users.
In summary, developing effective anti-cheat measures for iOS games, particularly in the context of jailbroken devices, requires a multi-faceted approach that encompasses code protection, system integrity checks, and collaboration with platform providers. By understanding the specific challenges posed by jailbroken environments and leveraging a combination of detection and prevention techniques, anti-cheat developers can work towards maintaining fair gameplay experiences for all players.
writer:
@saudgl
@pubg_dev
https://t.me/pubg_dev
π2π1
jailbreak detection on ShadowTracker 2.9 global
1- cydia detection yUuAfYntKrDvfFif::LqGalzuUztanpVWC: 0x1011191f4
2- set data is Jalbroken: 0x105be7c64 ( encrypted string)
3- CSDevice::isJailBreak bool : 0x1001626c4
4- CSDevice::isJailbroken bool : 0x100162638 (MobileSubstrate)
----
jailbrek detecion on flutter.qapm framework
1- bool JailbreakDetection::isJailbroken : 0x0000800c
2- FlutterQAPMPlugin::isJailBroken:result :0x00007da4
----
jailbreak alert - Anogs framework : 0x0001cf7c
by @saudgl
1- cydia detection yUuAfYntKrDvfFif::LqGalzuUztanpVWC: 0x1011191f4
2- set data is Jalbroken: 0x105be7c64 ( encrypted string)
3- CSDevice::isJailBreak bool : 0x1001626c4
4- CSDevice::isJailbroken bool : 0x100162638 (MobileSubstrate)
----
jailbrek detecion on flutter.qapm framework
1- bool JailbreakDetection::isJailbroken : 0x0000800c
2- FlutterQAPMPlugin::isJailBroken:result :0x00007da4
----
jailbreak alert - Anogs framework : 0x0001cf7c
by @saudgl
β€1
Bubg VNG 3.0
GWorldFun : 0x10273B9FC
GWorldData: 0x1091A67B8
GNameFun: 0x104252D04
GNameData: 0x108DF6A30
LineOfSightTo: 0x1052C0228
//credit to @RSDMODS
FullDump.hpp
12.5 MB
β€1
Bubg VNG 3.0 IOS
GWorldFun : 0x10273B9FC
GWorldData: 0x1091A67B8
GNameFun: 0x104252D04
GNameData: 0x108DF6A30
LineOfSightTo: 0x1052C0228
Pubg KR 3.0 IOS
GWorldFun : 0x102953B7C
GWorldData: 0x109456EB8
GNameFun: 0x10446AE84
GNameData: 0x1090A6EE0
LineOfSightTo: 0x1054D8374
PUBG TW 3.0 IOS
GWorldFun : 0x10296F9BC
GWorldData: 0x10948C638
GNameFun: 0x104486CC4
GNameData: 0x1090DC630
LineOfSightTo: 0x1054F41B4
CREDIT - @RSDMODS
GWorldFun : 0x10273B9FC
GWorldData: 0x1091A67B8
GNameFun: 0x104252D04
GNameData: 0x108DF6A30
LineOfSightTo: 0x1052C0228
Pubg KR 3.0 IOS
GWorldFun : 0x102953B7C
GWorldData: 0x109456EB8
GNameFun: 0x10446AE84
GNameData: 0x1090A6EE0
LineOfSightTo: 0x1054D8374
PUBG TW 3.0 IOS
GWorldFun : 0x10296F9BC
GWorldData: 0x10948C638
GNameFun: 0x104486CC4
GNameData: 0x1090DC630
LineOfSightTo: 0x1054F41B4
CREDIT - @RSDMODS
π3π1
A new threat to the security of your device (TrollStore).
β
The other day, the EntySec developer presented SeaShell Framework with open source. Internet users have already called the project βMalwareβ for TrollStore.
SeaShell Framework is an iOS post-operation platform that allows you to remotely access, manage and retrieve sensitive information.
All an attacker needs to do is generate an IPA file and start a TCP listener.
The capabilities of SeaShell are very large:
β’ Camera on
β’ Launching applications
β’ Access to contacts and sms
β’ Access to all files in the system
β’ etc.
Conclusion: This development and the ease of its installation jeopardize millions of devices from iOS 14.0 to 17.0 (inclusive), especially TrollStore users.
β
How to protect yourself from attack?
1. Unzip the IPA file(s) you are going to install.
2. Check the application(s) for suspicious executable files (H: SeaShell Framework adds an executable file called musssel to its application package).
3. Open Info.plist and find suspicious records (H: SeaShell adds CFBundleBase64Hash to your Info.plist, it contains a pair of hosts <host>:<port> encoded with base64).
4. Check the hash sum of the file(s) to confirm its integrity.
Source: EntySec | GitHub
by @jailbreaked
β
The other day, the EntySec developer presented SeaShell Framework with open source. Internet users have already called the project βMalwareβ for TrollStore.
SeaShell Framework is an iOS post-operation platform that allows you to remotely access, manage and retrieve sensitive information.
All an attacker needs to do is generate an IPA file and start a TCP listener.
The capabilities of SeaShell are very large:
β’ Camera on
β’ Launching applications
β’ Access to contacts and sms
β’ Access to all files in the system
β’ etc.
Conclusion: This development and the ease of its installation jeopardize millions of devices from iOS 14.0 to 17.0 (inclusive), especially TrollStore users.
β
How to protect yourself from attack?
1. Unzip the IPA file(s) you are going to install.
2. Check the application(s) for suspicious executable files (H: SeaShell Framework adds an executable file called musssel to its application package).
3. Open Info.plist and find suspicious records (H: SeaShell adds CFBundleBase64Hash to your Info.plist, it contains a pair of hosts <host>:<port> encoded with base64).
4. Check the hash sum of the file(s) to confirm its integrity.
Source: EntySec | GitHub
by @jailbreaked
GitHub
GitHub - EntySec/SeaShell: SeaShell Framework is an iOS post-exploitation framework that enables you to access the device remotelyβ¦
SeaShell Framework is an iOS post-exploitation framework that enables you to access the device remotely, control it and extract sensitive information. - EntySec/SeaShell
β€6
for who don't know UE
to update your esp
long time ago I developed header I think already comes with most of projects. I set all offsets in one .h file
in front on each offset there are text coped from sdk
all you need copy the text and search for it the sdk file and take its offset
in case there many results I set the structure name beside the text
structure name *if not set that mean its same as previous one or is unique search results
for example:
If you would to do it your self read
UE4.27
https://docs.unrealengine.com/4.27/en-US/
to update your esp
long time ago I developed header I think already comes with most of projects. I set all offsets in one .h file
in front on each offset there are text coped from sdk
all you need copy the text and search for it the sdk file and take its offset
in case there many results I set the structure name beside the text
structure name *if not set that mean its same as previous one or is unique search results
for example:
long mesh = 0x458;//*struct ACharacter : APawn {
//struct USkeletalMeshComponent* Mesh; // Offset: 0x458 // Size: 0x08
the offset located under :
ACharacter : APawn
in line:
USkeletalMeshComponent* Mesh; // Offset: 0x458 // Size: 0x08
so its 0x458
If you would to do it your self read
UE4.27
https://docs.unrealengine.com/4.27/en-US/
β€2
Bubg 3.0 KILL MSGGL - 0X1072D6900
KR - 0X107493E60
VNG - 0X107211420
TW - 0X1074BC630
CREDIT - @RSDMODS
π5β€2
Function Caller :
Sometimes you need to know who the caller of function when hooking
In Objective-C, you can use the
This will print the address of the calling function. If you want to print the name of the calling function, you can use the
In C++, you can use similar techniques to print the caller's address or name:
Keep in mind that getting the name of the calling function is not always straightforward, and it may not be possible in all cases.
for more examples:
*this not ARM
https://hdevstudy.tistory.com/m/150
Sometimes you need to know who the caller of function when hooking
In Objective-C, you can use the
NSLog function to print the caller's address or name. Here's an example of how to do this:- (void)someMethod {
NSLog(@"Caller address: %p", __builtin_return_address(0));
}
This will print the address of the calling function. If you want to print the name of the calling function, you can use the
__PRETTY_FUNCTION__ macro:- (void)someMethod {
NSLog(@"Caller name: %s", __PRETTY_FUNCTION__);
}
In C++, you can use similar techniques to print the caller's address or name:
void someFunction() {
std::cout << "Caller address: " << __builtin_return_address(0) << std::endl;
}
void someFunction() {
std::cout << "Caller name: " <<PRETTY_FUNCTION
<< std::endl;
}
Keep in mind that getting the name of the calling function is not always straightforward, and it may not be possible in all cases.
for more examples:
*this not ARM
https://hdevstudy.tistory.com/m/150
κΉμΈμ°μ κ°λ° 곡λΆ
[C] Get return address of functions (__builtin_return_address)
Let's get the return address of a function with __builtin_return_address. Syntax void* __builtin_return_address(unsigned int level); level 0 : Return the address of the current function 1 : Return the address of the caller of the current function 2 ~ 63 :β¦
β€3π1
vTables for Game Hacking , If you don't understand, watch it again more than once .
https://www.youtube.com/watch?v=HfrBdf-hM28&ab_channel=GuidedHacking
https://www.youtube.com/watch?v=HfrBdf-hM28&ab_channel=GuidedHacking
YouTube
vTables for Game Hacking & VMT Hooking
π₯ Learn How vTables are used in Game Hacking & VMT Hooking
π¨βπ» Buy Our Courses: https://guidedhacking.com/register/
π° Donate on Patreon: https://patreon.com/guidedhacking
β€οΈ Follow us on Social Media: https://linktr.ee/guidedhacking
π Article Link: httpβ¦
π¨βπ» Buy Our Courses: https://guidedhacking.com/register/
π° Donate on Patreon: https://patreon.com/guidedhacking
β€οΈ Follow us on Social Media: https://linktr.ee/guidedhacking
π Article Link: httpβ¦
β€3