-
Basic memory process API (find PID, regions, write and read memory)
-
Basic offset HEX patches
-
In-memory value search (simple types, byte arrays)
-
ptrace-based ARM/ARM64 method hooking (frida-like, external)
This example patches a method replace values from true to false, example apk from Il2Cpp Exploitation POC is used.
#include <unistd.h>
#include "ZMemory.h"
using namespace ZMemory;
int main() {
pid_t pid;
long long base;
while (1) {
pid = find_pid("com.Acessor.Il2CppPOC");
if (pid) {
base = find_library_base(pid, "libil2cpp.so");
printf("libil2cpp found! Base: %llu\n", base);
bool result = patch_offset(pid, base+0x524EA4, "00 00 A0 E3 1E FF 2F E1");
if (result) {
printf("Offset patches successfully!\n");
} else {
printf("Patch failed\n");
}
return 0;
}
sleep(1);
}
}