|
|
@@ -25,16 +25,18 @@ export let HookImpl = {
|
|
|
// })
|
|
|
setTimeout(function (){
|
|
|
|
|
|
- let globalHead = module.base.add(0x9AD338).readPointer();
|
|
|
+ let globalHead = module.base.add(0x1249c88).readPointer();
|
|
|
logHHex(globalHead);
|
|
|
- let metadataReg = module.base.add(0x9AD308).readPointer();
|
|
|
- let codeReg = module.base.add(0x9AD300).readPointer();
|
|
|
- let injectso = Module.load("/data/data/com.DefaultCompany.Demo1/files/libil2cppdumper.so");
|
|
|
+ let metadataReg = module.base.add(0x1249c58).readPointer();
|
|
|
+ let codeReg = module.base.add(0x1249c50).readPointer();
|
|
|
+ let injectso = Module.load("/data/data/com.DefaultCompany.Demo/files/libil2cppdumper.so");
|
|
|
let nativePointer1 = injectso.findExportByName("_ZN12Il2CppDumper5startEPvS0_S0_S0_");
|
|
|
console.log("my so inject addr "+nativePointer1)
|
|
|
+
|
|
|
let startFun =
|
|
|
new NativeFunction(nativePointer1,"void",['pointer','pointer','pointer','pointer']);
|
|
|
let il2cpp = Process.findModuleByName(SoName);
|
|
|
+ console.log("base "+il2cpp.base)
|
|
|
startFun(il2cpp.base,globalHead,metadataReg,codeReg);
|
|
|
|
|
|
},2000);
|
