Il2CppDumper GUI Tool updated to 1.0.8

Indsendt af AndnixSH


1.0.8 (2019-03-29)
- Updated Il2CppDumper to 4.2.5-beta, with support of NSO file (Nintendo Switch)
- Can drag and drop DLL (GameAssembly.dll of PC game) and NSO file (Nintendo Switch)

Extract .NET metadata from il2cpp binaries. (types, methods, fields, etc.)

Extraction code is based on Il2CppDumper

Requirements:
- Net Framework 4
- Windows 7 and above

Features:
  • Supports il2cpp binaries in ELF(arm, x86) and Mach-O(32bit, 64bit) format
  • Supports global-metadata version 16 and 19-24
  • Extracts .NET metadata including types, fields, properties, methods and attributes
  • Supports automated IDA script generation
    • name and tag methods
    • store dynamic string literals in comments
o    makefunction to improve ida analysis
  • Generates dummy DLLs that can be viewed in .NET decompilers

GUI Features:
·         Select files
·         Rename files
·         Set output directory.
·         Set mode.
·         Set registration offsets
·         Auto fill up offset registrations after dump
·         Drag and drop support
·         Remember everything except registrations
·         Logs saves on exit. It saves on your documents if tool is located in C drive.
·         Support open APK with Il2CppDumper to start dump automation

Download:
https://usersdownload.com/users/AndnixSH/1770/Il2CppDumper%20GUI

https://app.box.com/s/30ksq8uw787iz72xzdz270dtp9ojohmy

http://www.mediafire.com/folder/x3or31t30o5t1/Il2CppDumper_GUI

https://yadi.sk/d/RkRxnr9avbPeRw

How to use:
This works as same as original Il2CppDumper but with GUI.

For Android: Simply drop APK to start dump automation or extract libil2cpp.so file from ARM or x86 folder (Android). Extract global-metadata.dat from \Data\Managed\Metadata\

For iOS: Open IPA as 7-zip or Winrar and extract binary file that does not have a file extension and open as binary file. Extract global-metadata.dat from \Data\Managed\Metadata\

For PC: Open GameAssembly.dll as binary file and open global-metadata.dat from [Game name]\il2cpp_data\Metadata

Nintendo Switch: Open NSO file as binary file i guess? sorry, I'm not familar with it.

Set your output directory

Rename the files if you want

Select your mode. If manual set, you need to imput offsets you found in the binary file.

Press START when you are ready

Extraction Modes
Manual
The parameters (CodeRegistration and MetadataRegistration) that are passed to il2cpp::vm::MetadataCache::Register()needs to be manually reverse engineered and passed to the program.

Auto
Automatically finds the il2cpp_codegen_register() function by signature matching and read out the first (CodeRegistration) and second (MetadataRegistration) parameter passed to the il2cpp::vm::MetadataCache::Register()method that will be invoked in the registration function. May not work well due to compiler optimizations.

Auto(Advanced)
Matches possible pointers in the data section. Generally works better than Auto mode.
Supports metadata version 20 and later (only CodeRegistration address can be found on metadata version 16).

Auto(Plus) - Recommended
Matches possible pointers in the data section with some guidance from global-metadata. Works better than Auto(Advanced)mode on certain binaries.
Supports metadata version 20 and later (only CodeRegistration address can be found on metadata version 16).

Auto(Symbol)
Uses symbols in the il2cpp binary to locate CodeRegistration and MetadataRegistration.
Only supports certain Android ELF files.

Output files
dump.cs
C# pseudocode. Can be viewed in text editors (syntax highlighting recommended)

script.py
Requires IDA and IDAPython. Can be loaded in IDA via File -> Script file.

DummyDll
DLLs generated by Mono.Cecil which contain the .NET metadata extracted from the binary (no code included). Can be viewed in .NET decompilers.

Configuration
All the configuration options are located in config.json Available options:
  • DumpMethod, DumpField, DumpProperty, DumpAttribute, DumpFieldOffset
    • Whether or not the program should extract these information
  • DummyDll
    • Whether or not the program should generate dummy DLLs
  • ForceIl2CppVersion, ForceVersion
    • If ForceIl2CppVersion is true, the program will use the version number specified in ForceVersion to choose parser for il2cpp binaries (does not affect the choice of metadata parser). This may be useful on some older il2cpp version (e.g. the program may need to use v16 parser on ilcpp v20 (Android) binaries in order to work properly)

Common errors
ERROR: Metadata file supplied is not valid metadata file.
The specified global-metadata.dat is invalid and the program cannot recognize it. Make sure you choose the correct file. Sometimes games may obfuscate this file for content protection purposes and so on. Deobfuscating of such files is beyond the scope of this program, so please DO NOT file an issue regarding to deobfuscating.

ERROR: Can't use this mode to process file, try another mode.
Try other extraction modes.

WARNING: Version 16 can only get CodeRegistration
Use the CodeRegistration information to get the MetadataRegistration, then use the manual mode to process the file.

If all automated extraction modes failed with this error and you are sure that the files you supplied are not corrupted/obfuscated, please file an issue with the logs and sample files.

Credits:
Perfare: https://github.com/Perfare/Il2CppDumper
AndnixSH (GUI)

Kommentarer

Tilføj en kommentar

Popular Posts

VMOS Pro Global/CN Custom ROMs - Android 5.1.1 and 7.1.2, Root + Xposed

Indsendt af AndnixSH
Billede
VMOS Pro was protected so i wasn't able to modify APK. Instead, I made a custom ROM as a zip file for VMOS Pro that includes Superuser and Xposed, all done on my rooted Android phone because zipping on Windows or Linux caused corruption on the ROM file   If you wonder why VMOS team released pro version, they got suspended from making money from ads so they can only make money from VIP service. If you support them, consider to pay VIP per month to keep them up and you can use their official ROM with switchable root option   Custom ROM will work on chinese version YOU CANNOT INSTALL ANY OTHER ROMS SUCH AS SAMSUNG, HUAWEI, ETC THAT ARE NOT MADE FOR VMOS. VMOS ROM INSTALLATION IS FOR VMOS ROM ONLY. PLEASE DO NOT BE DUMB, THANKS! Download VMOS Pro version from this site: https://www.vmos.com/   or chinese version http://www.vmos.cn/ Links to custom ROMs and backed up APKs here: There are currently 2 versions, Android 5.1.1 and 7.1.2 https://mega.nz/folder/TJAHRAJb#1_
Read more »

VMOS 1.0.49 MOD APK | Video ads bypassed | Pre-rooted ROM

Indsendt af AndnixSH
Billede
Official website:  VMOS Virtual Machine With Root Android - Double System Name: VMOS Version:  v1.0.49 Needs Root:  No Internet required:  Yes Description: VMOS-Virtual Android on Android Virtual Android on Android | Independent System | Geeks Favorite Two Accounts Online Running two social accounts;Dealing with life and work in one device... Open virtual phone and real phone at the same time on the same screen. VMOS comes with ROOT environment Various ROOT games supportable. Mobile phone enthusiasts must. Floating window displays above other apps with free drag and free zoom. APP Background Running No influence to front desk operation,totally independent system.Never disconnect.Game/APP background running in virtualy system, never disconnect. Customizable Resolution Define your own height,width and DPI,and record the resolution you set before. *Modded features* MOD 1 1. Pre-rooted ROM with superuser app MOD 2 1. Video ads bypassed 2. Pre-rooted ROM
Read more »