Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Can RVA, Offset, and VA in the Il2Cpp be used in CE?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
etioplmld
Advanced Cheater
Reputation: 0

Joined: 09 Feb 2021
Posts: 72

PostPosted: Fri May 26, 2023 4:52 am    Post subject: Can RVA, Offset, and VA in the Il2Cpp be used in CE? Reply with quote

There are many tutorials on modifying the Android Unity engine Il2Cpp,

RVA, Offset, and VA be used as a pointer in gameguardian.
Is it converted into a pointer to ce?

Code like this,Does it have a pointer?
Code:

/ Methods

   // RVA: 0x3AB1F0 Offset: 0x3A9BF0 VA: 0x1803AB1F0 Slot: 4
   public override void OnAwake() { }

   // RVA: 0x3AB1F0 Offset: 0x3A9BF0 VA: 0x1803AB1F0 Slot: 5
   public override void OnStart() { }

   // RVA: 0x4C2260 Offset: 0x4C0C60 VA: 0x1804C2260 Slot: 6
   public override TaskStatus OnUpdate() { }

   // RVA: 0x3AB1F0 Offset: 0x3A9BF0 VA: 0x1803AB1F0 Slot: 9
   public override void OnEnd() { }

   // RVA: 0x40FF60 Offset: 0x40E960 VA: 0x18040FF60
   public void .ctor() { }



RVA(reverse virtual address)

VA = ImageBase + FileOffset + VRk = ImageBase + RVA
Back to top
View user's profile Send private message
panraven
Grandmaster Cheater
Reputation: 54

Joined: 01 Oct 2008
Posts: 941

PostPosted: Fri May 26, 2023 9:46 am    Post subject: Reply with quote

I don't know android, but in windows & with ce mono feature, the address of
Code:

   // RVA: 0x3AB1F0 Offset: 0x3A9BF0 VA: 0x1803AB1F0 Slot: 4
   public override void OnAwake() { }

is
Code:

(with the module as 'GameAssembly.dll')
GameAssembly.dll+3AB1F0

So, may try like
Code:

(with the module as 'libil2cpp.so')
libil2cpp.so+3AB1F0   or
libil2cpp+3AB1F0


ie: VA: 0x1803AB1F0 => {module}+3AB1F0

ADDED:
oops, I made so many il2cpp cheat that only now noticed that RVA is exactly the offset, ha :p

_________________
- Retarded.
Back to top
View user's profile Send private message
etioplmld
Advanced Cheater
Reputation: 0

Joined: 09 Feb 2021
Posts: 72

PostPosted: Fri May 26, 2023 9:59 am    Post subject: Reply with quote

Thank you, but it seems that in the win system, only GameAssembly.dll has no il2cpp.so.
Back to top
View user's profile Send private message
panraven
Grandmaster Cheater
Reputation: 54

Joined: 01 Oct 2008
Posts: 941

PostPosted: Fri May 26, 2023 10:26 am    Post subject: Reply with quote

The libil2cpp.so equivalent in windows is GameAssembly.dll
They are both the AOT (ahead of time) compiled module in respective system.
But in windows with ce mono feature, you can locate function entry address by Name (NameSpace.OnAwake) instead of <module>+offset, where former is not likely change on game update.

_________________
- Retarded.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites