Il2CppDumper GUI Tool updated to 1.0.8

Indsendt af AndnixSH


1.0.8 (2019-03-29)
- Updated Il2CppDumper to 4.2.5-beta, with support of NSO file (Nintendo Switch)
- Can drag and drop DLL (GameAssembly.dll of PC game) and NSO file (Nintendo Switch)

Extract .NET metadata from il2cpp binaries. (types, methods, fields, etc.)

Extraction code is based on Il2CppDumper

Requirements:
- Net Framework 4
- Windows 7 and above

Features:
  • Supports il2cpp binaries in ELF(arm, x86) and Mach-O(32bit, 64bit) format
  • Supports global-metadata version 16 and 19-24
  • Extracts .NET metadata including types, fields, properties, methods and attributes
  • Supports automated IDA script generation
    • name and tag methods
    • store dynamic string literals in comments
o    makefunction to improve ida analysis
  • Generates dummy DLLs that can be viewed in .NET decompilers

GUI Features:
·         Select files
·         Rename files
·         Set output directory.
·         Set mode.
·         Set registration offsets
·         Auto fill up offset registrations after dump
·         Drag and drop support
·         Remember everything except registrations
·         Logs saves on exit. It saves on your documents if tool is located in C drive.
·         Support open APK with Il2CppDumper to start dump automation

Download:
https://usersdownload.com/users/AndnixSH/1770/Il2CppDumper%20GUI

https://app.box.com/s/30ksq8uw787iz72xzdz270dtp9ojohmy

http://www.mediafire.com/folder/x3or31t30o5t1/Il2CppDumper_GUI

https://yadi.sk/d/RkRxnr9avbPeRw

How to use:
This works as same as original Il2CppDumper but with GUI.

For Android: Simply drop APK to start dump automation or extract libil2cpp.so file from ARM or x86 folder (Android). Extract global-metadata.dat from \Data\Managed\Metadata\

For iOS: Open IPA as 7-zip or Winrar and extract binary file that does not have a file extension and open as binary file. Extract global-metadata.dat from \Data\Managed\Metadata\

For PC: Open GameAssembly.dll as binary file and open global-metadata.dat from [Game name]\il2cpp_data\Metadata

Nintendo Switch: Open NSO file as binary file i guess? sorry, I'm not familar with it.

Set your output directory

Rename the files if you want

Select your mode. If manual set, you need to imput offsets you found in the binary file.

Press START when you are ready

Extraction Modes
Manual
The parameters (CodeRegistration and MetadataRegistration) that are passed to il2cpp::vm::MetadataCache::Register()needs to be manually reverse engineered and passed to the program.

Auto
Automatically finds the il2cpp_codegen_register() function by signature matching and read out the first (CodeRegistration) and second (MetadataRegistration) parameter passed to the il2cpp::vm::MetadataCache::Register()method that will be invoked in the registration function. May not work well due to compiler optimizations.

Auto(Advanced)
Matches possible pointers in the data section. Generally works better than Auto mode.
Supports metadata version 20 and later (only CodeRegistration address can be found on metadata version 16).

Auto(Plus) - Recommended
Matches possible pointers in the data section with some guidance from global-metadata. Works better than Auto(Advanced)mode on certain binaries.
Supports metadata version 20 and later (only CodeRegistration address can be found on metadata version 16).

Auto(Symbol)
Uses symbols in the il2cpp binary to locate CodeRegistration and MetadataRegistration.
Only supports certain Android ELF files.

Output files
dump.cs
C# pseudocode. Can be viewed in text editors (syntax highlighting recommended)

script.py
Requires IDA and IDAPython. Can be loaded in IDA via File -> Script file.

DummyDll
DLLs generated by Mono.Cecil which contain the .NET metadata extracted from the binary (no code included). Can be viewed in .NET decompilers.

Configuration
All the configuration options are located in config.json Available options:
  • DumpMethod, DumpField, DumpProperty, DumpAttribute, DumpFieldOffset
    • Whether or not the program should extract these information
  • DummyDll
    • Whether or not the program should generate dummy DLLs
  • ForceIl2CppVersion, ForceVersion
    • If ForceIl2CppVersion is true, the program will use the version number specified in ForceVersion to choose parser for il2cpp binaries (does not affect the choice of metadata parser). This may be useful on some older il2cpp version (e.g. the program may need to use v16 parser on ilcpp v20 (Android) binaries in order to work properly)

Common errors
ERROR: Metadata file supplied is not valid metadata file.
The specified global-metadata.dat is invalid and the program cannot recognize it. Make sure you choose the correct file. Sometimes games may obfuscate this file for content protection purposes and so on. Deobfuscating of such files is beyond the scope of this program, so please DO NOT file an issue regarding to deobfuscating.

ERROR: Can't use this mode to process file, try another mode.
Try other extraction modes.

WARNING: Version 16 can only get CodeRegistration
Use the CodeRegistration information to get the MetadataRegistration, then use the manual mode to process the file.

If all automated extraction modes failed with this error and you are sure that the files you supplied are not corrupted/obfuscated, please file an issue with the logs and sample files.

Credits:
Perfare: https://github.com/Perfare/Il2CppDumper
AndnixSH (GUI)

Kommentarer

Tilføj en kommentar

Popular Posts

[Android] X8 Sandbox (EN/CN) - Free Android VM, Pre-rooted (VMOS alternative)

Indsendt af AndnixSH
Billede
Introduction: X8 Sandbox Android VM Play in PIP-mode Self-Root Xposed FW GameGuardian Advance mode, easy to control your root privilege. Only one button enable Xposed Framework. Lot of game plugins to use Easy Slim Stable VM No special permissions are required. Farewell to the lag. Minimal setting PIP Picture in picture Dual account No just only game Safe No privilege No risk No Root Download (English): Main - 5.1:  X8 Sandbox – x8sb, apk, virtual for Android, Virtual machine, android emulator on android, Android root, root access without root phone Other versions - 7.1:  Other versions – X8 Sandbox   Download (Chinese): Chinese version:  【 X8 大 师官网】 – X8 加速大 师 X8 大 师加速器 免 ROOT 加速 X8 加速大 师 X8 助手 X8 加速助手下 载   How to use: Very simple, just install the APK you downloaded. You may need to allow unknown source first if asked Launch the app. The VM will install automatically and boot up. You can pretty much use it just like you use your physical phone, but with root en
Read more »

VMOS Pro Global/CN Free Custom ROMs | Android 4.4.4, 5.1.1, 7.1.2 | ROOT | Gapps | Xposed | (NO VIP NEEDED)

Indsendt af AndnixSH
Billede
VMOS Pro was protected so i wasn't able to modify APK. Instead, I made a custom ROM as a zip file for VMOS Pro that includes Superuser and Xposed, all done on my rooted Android phone because zipping on Windows or Linux caused corruption on the ROM file   If you wonder why VMOS team released pro version, they got suspended from making money from ads so they can only make money from VIP service. If you support them, consider to pay VIP per month to keep them up and you can use their official ROM with switchable root option   Custom ROM will work on chinese version YOU CANNOT INSTALL ANY OTHER ROMS SUCH AS SAMSUNG, HUAWEI, ETC THAT ARE NOT MADE FOR VMOS. VMOS ROM INSTALLATION IS FOR VMOS ROM ONLY. PLEASE DO NOT BE DUMB, THANKS! Download VMOS Pro English version: VMOS Team does not update it more fequently. Just maybe once per month The APK size is very large ~870 MB https://www.vmos.com/   Chinese version: Chinese version does have english language too but 10% of words are chi
Read more »