0

我正在为 ipad 的游戏 Kingdom Age (v2.0) 练习 mobilesubstrate 黑客攻击。

我只想在游戏中赚很多钱,但我一事无成。播放器在 CCPlayer 类中定义,有时会被服务器检查。

所以我试图深入数据的核心,在 CCGameInformation 类中。函数 -(id)activePlayer 是 callet 很多(比如每秒 30 次),所以我认为这是一个不错的起点。

CCPlayer 被定义(在包含文件中)为

@interface CCPlayer : FZPlayer <NSCoding>
{
NSString *townName;
NSString *rawLastUpdateEnergyTime;
NSString *rawLastUpdateStaminaTime;
NSString *rawExpansionTimeStarted;
NSString *rawBankUpgradeTimeStarted;
...
int gold;
int level;
int attack;
...
@end

我在 Tweaks.xm 中将其声明为:

@interface CCPlayer:NSObject
{
NSString *townName;
NSString *rawLastUpdateEnergyTime;
NSString *rawLastUpdateStaminaTime;
NSString *rawExpansionTimeStarted;
NSString *rawBankUpgradeTimeStarted;
...
int gold;
int level;
int attack;
...
@end

我实际上包括了整个事情,只是改变了基类。

CCGameInformation 定义为:

@interface CCGameInformation : _ACFacebookAppIdKey
{
CCPlayer *user_;
CCLevel *userLevel_;
....
}

我在 Tweaks.xm 中将其定义为

@interface CCGameInformation : NSObject
{
CCPlayer *user_;
}
@end

我的钩子看起来像:

%hook CCGameInformation
- (id)activePlayer 
{
    CCPlayer* player = (CCPlayer*)%orig;
    MSHookIvar<int>(player, "energy") = 10;
    NSLog(@"Energy:%d\n",MSHookIvar<int>(player, "energy"));
    return player;
}

但它根本不起作用。它确实按预期打印出“Energy:10”,但游戏中的能量并没有改变。

我是否正确使用了挂钩过程和减速,或者游戏是否比我预期的更受保护?

谢谢。

4

1 回答 1

0

The game may in fact store all of the user data on server. This is more prominent in games which feature in-app purchases. Unfortunately there is little that can be done in that case. If you'd like to test it further consider this method, for example:

%hook CCPlayer

-(int)gold
{
    return 1000;     //amount of gold.
}
%end
于 2013-10-08T12:35:24.277 回答