Hi there,
maybe kinda weird to ask such a question here in the Cheat Engine forums
but i have seen some very good posts of people using the tools mentioned below
... i just can't get a good PE header for the newer Unity games... ( GameAssembly.dll ( Last Epoch, Among US ) instead of Assembly-CSharp.dll ) using the latest version of ILSpy / DNS Spy... ( with updated Unity libs )
Cheat Engine however has no trouble at all to dissect the mono.
Am i doing something wrong? is there a solution except for waiting for program updates?
Could an updated PE be shared by others?
thanks a lot in advance ( so much to learn ) !
How do you disassemble the 'newer' unity games?
Re: How do you disassemble the 'newer' unity games?
Unity has 2 scripting backends:
Mono
Il2CPP
Mono = Assembly-CSharp.dll with C# Code (Just In Time Compilation)
Il2CPP = GameAssembly.dll with pre-compiled code
on Il2CPP a function/method will have a fixed offset like any other native game.
The PE format is a data structure that encapsulates the information necessary for the Windows OS loader to manage the wrapped executable code, so Assembly-CSharp and GameAssembly.dll are both PE Files.
In a .NET/Mono executable, the PE code section contains a stub that invokes the CLR virtual machine startup entry.
//
so in short:
you can't find/edit C# code coz there is no C# code in the GameAssembly.dll, if you want to know what a function/method is doing you need to analyse the ASM code.
To change something you need to patch(or codecave) bytes.
but you can generate a Assembly-CSharp that will show you offsets(same like cheat engine mono dissect does)
[Link]
but again : if you want to know exactly what a function/method is doing you need to look at the ASM code, coz Cheat Engine/Il2CppDumper will only dump names + offsets.
Mono
Il2CPP
Mono = Assembly-CSharp.dll with C# Code (Just In Time Compilation)
Il2CPP = GameAssembly.dll with pre-compiled code
on Il2CPP a function/method will have a fixed offset like any other native game.
PE = Portable Executable:i just can't get a good PE header for the newer Unity games
The PE format is a data structure that encapsulates the information necessary for the Windows OS loader to manage the wrapped executable code, so Assembly-CSharp and GameAssembly.dll are both PE Files.
In a .NET/Mono executable, the PE code section contains a stub that invokes the CLR virtual machine startup entry.
sure, use X64DBG or IDA Pro to patch the GameAssembly.dll.Could an updated PE be shared by others?
//
so in short:
you can't find/edit C# code coz there is no C# code in the GameAssembly.dll, if you want to know what a function/method is doing you need to analyse the ASM code.
To change something you need to patch(or codecave) bytes.
but you can generate a Assembly-CSharp that will show you offsets(same like cheat engine mono dissect does)
[Link]
but again : if you want to know exactly what a function/method is doing you need to look at the ASM code, coz Cheat Engine/Il2CppDumper will only dump names + offsets.
Re: How do you disassemble the 'newer' unity games?
Thanks this is very useful and explained very well, really informative.
Bookmarked this answer, so i won't be lazy (hopefully) again
ps. not my fault that my thumbs up made your rep #666 lol
Yeah i know /blush
Bookmarked this answer, so i won't be lazy (hopefully) again
ps. not my fault that my thumbs up made your rep #666 lol
Who is online
Users browsing this forum: No registered users