How To MOD IOS Games (Beginner's Tutorial)

How To MOD IOS Games (Beginner’s Tutorial)

I wrote this tutorial to help you mod IOS games, after many requests I decided to write this one, my English is not perfect nor is my explanation so if you have any questions or are stuck anywhere then feel free to contact me at the email address that I have provided at the bottom of this post.

This is a very basic tutorial of modding Unity games on an IOS device, and it is the same for modding other games as well, you just need to load the binary file in IDA for other games.

Requirements

1) A Jailbroken iPhone

2) Windows PC

3) Internet Connection

4) Some tools which I will provide the link to download below.

Even though I said this is a beginner’s tutorial, Make sure you have the basic knowledge of jailbreaking iPhones, installing Cydia Tweaks, Packages, Software on PC, etc.

Tools You will need

1) WinSCP – Download by clicking

2) IL2CPP Dumper (I recommend you use the latest version)

3) You will need CrackerXI+ from Cydia, you can install it from iphonecake repo – https://cydia.iphonecake.com

4) You will need OpenSSH , install it from Cydia, repo – apt.binger.com

5) You will need DNSPY for viewing the dumped DLL files – Download from here

6) HEX Editor for modifying the HEX values. Download from here

7) You will need Appsync Unified from Cydia, you can get it from – hackyouriphonerepo , many other repos have it too.

8) Filza File Manager from Cydia, you can get it from this repo – https://tigisoftware/cydia/

9) WinRaR or any zip file viewer – Download winrar from here

Steps

1) First of all make sure you have everything installed and ready whatever I have listed above.

2) Now download the game you wish to modify from Appstore, in my case, we will be modding Journeys: Interactive Series, link to the game – click here

3) In this game, you have free choices and premium choices, the premium choices cost you diamonds, but we will make them for free so we can choose premium choices without needing any diamonds.

4) Open up CrackerXI+ that you installed from Cydia, there should be an icon on your homescreen, and that will list all the apps that are installed on your iPhone.

5) Find the game Journeys and click on it, then it will have two options, make sure you choose “FULL IPA” you decrypt the full IPA file.

6) It will take few seconds and then it will it popup the location where it has been decrypt the file, it is usually inside /var/mobile/Documents/CrackerXI

7) Now since you already installed openSSH and Winscp , Launch WinSCP on your windows machine and enter login details to connect your iPhone via SSH in order to transfer files from your iPhone to PC

Make sure you are on the same Wifi Network, then go to your wifi settings on iPhone and click the “i” icon in circle and note down your IP Address, it should be like 192.168.43.12

on WinSCP Host Name Enter your IP Address, leave port 22 as default don’t change that, your iPhone default username and password is username: root & password: alpine

8) You will now be connected to your device via SSH, now navigate to /var/mobile/Documents/CrackerXI to find the IPA that you just decrypted, and then drag it out to your PC

9) Now all IPA files are packed Zip files, you will need a Winrar to view the files, make sure you right-click and open with then choose winrar.

10) When you open the IPA, first folder will be Payload, navigate to Payload/Journeys/ – then you will have a  bunch of files.

11) Now read carefully – Sometimes in some unity games, you will require the UnityFramework file to dump the file and modify that instead of the main Binary file, so if you notice the game binary file is around 70KB or so then you need to get the UnityFramework file which is located inside the Frameworks/UnityFramework.framework/UnityFramework

12) Drag the UnityFramework file out, then navigate to Data/Managed/Metadata then drag out the global Metadata file

13) Double click the il2cpp dumper you downloaded and first choose the UnityFramework file and then the global Metadata file and it will dump the files for you.

14) Load the UnityFramework inside the HEX editor, and the dummy DLL files inside DNSPY

15) Search for a method called hasboughpremium and copy the offset of it, go to HEX editor press ctrl + G to jump to that address, and overwrite the hex code by pressing ctrl + shift + v – the method is a boolean and is basically checking whether the user has already bought a premium choice or not, and you have to return a true, the hex code is – “20 00 80 D2 C0 03 5F D6”

16) Now press ctrl + s to save your edits and drag the UnityFramework file back to the IPA and drag the IPA back to your iPhone via WinSCP same way, and it will be located where you put the file, i recommend just leave the same location from where it decrypts the file – /var/mobile/Documents/CrackerXI

17) Navigate to the directory where you just put your modified IPA using FILZA on your iPhone, click on the IPA and then click install on the top right corner you see and it will install, your mod IPA is done.

Thank you, if you have any questions please contact me at [email protected]

A programmer, gamer, and love researching new technology and games, reverse engineering applications. In my spare time, I usually play basketball or watch movies.

Leave a Reply