* Add BinaryNinja 3 script
Adds a script for BinaryNinja 3, currently it only processes the ScriptMethod field from script.json
Script needs to be edited to grab script.json as I haven't
* Revert "Add BinaryNinja 3 script"
This reverts commit ab47c13249
.
* Add BinaryNinja 3 script
Script for BinaryNinja 3, currently only names functions. I'll improve on it in the future but currently it does the bare minimum
* Add the script to README's
3.8 KiB
Il2CppDumper
中文说明请戳这里
Unity il2cpp reverse engineer
Features
- Complete DLL restore (except code), can be used to extract
MonoBehaviour
andMonoScript
- Supports ELF, ELF64, Mach-O, PE, NSO and WASM format
- Supports Unity 5.3 - 2021.2
- Supports generate IDA and Ghidra scripts to help IDA and Ghidra better analyze il2cpp files
- Supports generate structures header file
- Supports Android memory dumped
libil2cpp.so
file to bypass protection - Support bypassing simple PE protection
Usage
Run Il2CppDumper.exe
and choose the il2cpp executable file and global-metadata.dat
file, then enter the information as prompted
The program will then generate all the output files in current working directory
Command-line
Il2CppDumper.exe <executable-file> <global-metadata> <output-directory>
Outputs
DummyDll
Folder, containing all restored dll files
Use dnSpy, ILSpy or other .Net decompiler tools to view
Can be used to extract Unity MonoBehaviour
and MonoScript
, for UtinyRipper, UABE
ida.py
For IDA
ida_with_struct.py
For IDA, read il2cpp.h file and apply structure information in IDA
il2cpp.h
structure information header file
ghidra.py
For Ghidra
binaryninja3_py3.py
For BinaryNinja
ghidra_wasm.py
For Ghidra, work with ghidra-wasm-plugin
script.json
For ida.py and ghidra.py
stringliteral.json
Contains all stringLiteral information
Configuration
All the configuration options are located in config.json
Available options:
-
DumpMethod
,DumpField
,DumpProperty
,DumpAttribute
,DumpFieldOffset
,DumpMethodOffset
,DumpTypeDefIndex
- Whether to output these information to dump.cs
-
GenerateDummyDll
,GenerateScript
- Whether to generate these things
-
ForceIl2CppVersion
,ForceVersion
- If
ForceIl2CppVersion
istrue
, the program will use the version number specified inForceVersion
to choose parser for il2cpp binaries (does not affect the choice of metadata parser). This may be useful on some older il2cpp version (e.g. the program may need to use v16 parser on il2cpp v20 (Android) binaries in order to work properly)
- If
Common errors
ERROR: Metadata file supplied is not valid metadata file.
Make sure you choose the correct file. Sometimes games may obfuscate this file for content protection purposes and so on. Deobfuscating of such files is beyond the scope of this program, so please DO NOT file an issue regarding to deobfuscating.
If your file is libil2cpp.so
and you have a rooted Android phone, you can try my other project Riru-Il2CppDumper, it can bypass this protection.
ERROR: Can't use auto mode to process file, try manual mode.
Please note that the executable file for the PC platform is GameAssembly.dll
or *Assembly.dll
You can open a new issue and upload the file, I will try to solve.
ERROR: This file may be protected.
Il2CppDumper detected that the executable file has been protected, use GameGuardian
to dump libil2cpp.so
from the game memory, then use Il2CppDumper to load and follow the prompts, can bypass most protections.
If you have a rooted Android phone, you can try my other project Riru-Il2CppDumper, it can bypass almost all protections.
Credits
- Jumboperson - Il2CppDumper