Hackers House Last seen recently
Hello, How can we help you?
It is a lua based program which runs on the application game guardian. Where game guardian is an memory (RAM) data scanner and editor for mobile phone. This tool helps you in finding the location of variable/fields of a game in the memory (RAM). You have to give it the Class Name and offset (field offset) of the variable/field of a class that you want to search. It works for unity il2cpp based games only.
Field offset finder has many options and features, but we are going to start with the most simplest usage. Before we continue you will need to get dump of the game you are working with. You have to generate dump.cs file with the help of il2cpp dumper tool. The dump.cs will have the information about the class and fields/variables that we will be searching in the tool. The dump.cs file will have code similar to what is shown below.
// Namespace:
public class CharacterHandler
: MonoBehaviour
{
// Fields
public int experience; // 0x0A
public float bulletPower; // 0x0E
public float grenadePower; // 0x12
public float critChance; // 0x16
public float critMultiplier; // 0x1A
public float projectileSpeed; // 0x1E
public float attackDistance; // 0x22
public float decelerationRate; // 0x26
public float dodgeRate; // 0x2A
public float healthBonusRate; // 0x2E
public float maxStunTime; // 0x14A
public float skillCooldown; // 0x14E
public int bulletCount; // 0x152
public int maxBulletCount; // 0x156
public float vitality; // 0x15A
}
Lets say from this list you wanna find the number of bullet currently stored in your memory. Run field offset finder inside game guardian. And sx icon wil appear. Click of the sx icon and this this kind of menu will open. You have to type your class name and offset in the script like this.
After you have inputed the value click on the "Ok" option. Then it will ask you the type of value. Select the type of our value. We were searching bulletCount and its type was "int". So select int option from the menu. This can be different for different values. For example health BonusRate is float type so you have to select float for that.
After selcting the type, the tool will search for the value in the RAM then will show you the results. Now you can edit the value and start testing. You will often get multiple search results. It is because the class might have multiple instance. For example the class "CharacterHandler" might be used by both player and enemy, and if there is only 1 enemy then you will get 2 results , 1 result is your bullet count and another is enemy bullet count. But it is not compulsory that same class is used by everyone. So sometimes class is used for only 1 party and sometimes by many. It depends on each case.
Congratulations, you have completed the most basic usage of field offset finder. Lets move to more sections and discover new fun things.
If you have played with script and dump.cs then you probably have noticed, there is a similar value and structure like the class i showed in the class example, but insted of class it is an struct. And when you search struct name and offset using field offset finder it doesnt find anything.
internal struct Treasure
// TypeDefIndex: 3236
{
// Fields
public long Gold; // 0x0
public long Diamonds; // 0x8
public long Coins; // 0x10
}
This code is an example of struct you wil find in the class. In such case you have to find an class that is using this struct. Use any text editor and search the name of struct. Then you will find the struct as a field of an class like this.
public class LevelEnd :
MonoBehaviour // TypeDefIndex: 3235
{
// Fields
public GameObject endLevelUI; // 0xC
private Treasure treasure; // 0x10
public string test; // 0x28
private int PropertyCheck; // 0x2C
}
Copy the class name, then the offset of struct field, and then the offset of value inside the struct. Read again, you will need 3 things, 1 class name (not struct name), second class field offset, then struct field offset. Then goto the script. The script has an option for change the mode. Click that and then click of struct search mode. And welcome you are in struct search mode.
After you enter the name and offset it will ask the third offset. After that select the type as we did in basic class search mode. And done. Now the script will find the struct value. You can change it or do whater you want.
In any place the fields of a class are classes themselves. And you will not find the name when you are selecting the type of search. And i also mentioned that you might find many resluts when you search for a field in basic search mode. So if you want class as field search or decrease the number of search result based on the parent class. In such case you can use Child Class search mode.
// Namespace:
public class GameController :
MonoBehaviour // TypeDefIndex: 4086
{
// Fields
public NPCController npcController;
// 0x50
public int countCombo; // 0x78
public int totalDropCoin; // 0x7C
public int countStar; // 0x80
public bool win; // 0x84
}
In this code you can see, NPC controller is a field of GameController. In such case you will need 3 thing. The parent class name, the field offset of parent class field that has object of child class, then the field offset value inside the child class. Selecting child class search mode is same same struct select. You will find a child class search mode. All other steps are also similar to struct mode. So you will get the value from the child class in this way.
Obiously, you can directly search NPC controller and you will find the same value, but when you use this mode only the objects inside game controller inside that specific field will only be loaded and not all the instances of NPC controller. It makes the search more specific and less chances of editing wrong items.
Until now we are searching one value at a time. But sometimes you need to search all the fields of a class. And if you could get the results with names, then it would be super duper easy to test the values/fields. So for that we use Custom Search Mode. There are 2 ways you can use custom search mode.
The first mode is direct top level custom mode search. This mode is only avilable for the default class search mode (not for struct or child class search mode). In this mode you have to give just the name of the class. Then goto dump.cs file and copy from the line which has class name to the line where methods start. Meaning the class name line and all fields line sould be copied from the dump.cs file. In the option select custom load and selct give names so the script stores the name then showing search results. You dont need the offset for this search. The script wil now find the class and load all the fields at one time. Now you can test it one by one.
Another is custom mode as a type. It is avilable for all modes (basic, struct, and child class). Every step is same as before. But in this mode you have to scroll the type select menu that is asked after typing class and offset name, then at the bottom there is a cutom mode, copy from the class/struct name and all field like we did above and paste the code. Now The script will search the custom value as a type not as top level search.
Here is the script. It is free and open source. Please try to give me credit by giving link to this page or my youtube video if you can. You can say thanks and add link in your script, description, video, posts or anywhere. This tool is free and new updates will also be free. You are free to modify and use this script anyway you want. So giving me some shoutout is just a way to show me some support. Thank you...