Bypass "ptrace: Operation not permitted" or fix small dump size problem
How to decrypt an encrypted .dll [NO-ROOT]
Have "ptrace: Operation not permitted" error when you try to debug a game using GDB? or have small gcore dump size problem after saved gcore? Follow these steps
"PID" stands for Process ID
The game is EDEN Avalon Legends (th.co.tdp.eden).
Turn off the Advanced Task Killer app, if it is running. Open the game, and press the HOME button to minimize the game.
Have "ptrace: Operation not permitted" error when you try to debug a game using GDB? or have small gcore dump size problem after saved gcore? Follow these steps
"PID" stands for Process ID
The game is EDEN Avalon Legends (th.co.tdp.eden).
Turn off the Advanced Task Killer app, if it is running. Open the game, and press the HOME button to minimize the game.
type
dumpsys meminfo
to view all
running processes.
Take note
of the number next to "pid" (PID stands for "Process ID"
and changes everytime a process starts). In my example, I'll take note of the
number "383".
Now, using the PID you just noted, type:
Now, using the PID you just noted, type:
ls -l /proc/<gamepid>/task/
example
ls -l /proc/4492/task/
This will
give a list of clones of the main PID and depending on the game, can attach to
it regardless of if ptrace is denying the main process id (PID), if that makes sense.
5. Attach to a clone of the process
gdb -pid xxxxx
Example:
gdb -pid 4546
The symbols
are loaded which means the game is debugged
6. Dump as normal with gcore
gcore /sdcard/DUMPEDFILE
Do not
worry about any warnings like these you may read in the Terminal app:
7. Extract the DLL file as normal with cracked Winhex
Proof:
This
tutorial is used to teach you new things. EDEN Avalon Legends will not run if
you replace the modded DLL file
Note: Games such as GrandChase M doesnt
work even the clones found through "ls -l" still deny ptrace it
basically depends on the securty the game has but its good info and you never
know what seems a really hard game might just work as did avalon legends which like
4 i know are trying to bypass ptrace for
Comments
Post a Comment