Unity il2cpp reverse engineer
Find a file
2020-02-23 02:26:11 +08:00
.github/ISSUE_TEMPLATE Update issue templates 2019-05-08 21:06:41 +08:00
Il2CppDumper Fixed #231 2020-02-23 02:26:11 +08:00
.gitattributes 初始化提交 2016-12-31 02:33:34 +08:00
.gitignore 初始化提交 2016-12-31 02:33:34 +08:00
Il2CppDumper.sln 升级vs2019和.net 4.6 2020-02-07 14:45:46 +08:00
LICENSE Initial commit 2016-12-31 02:29:45 +08:00
README.md Update README.md 2020-02-13 04:40:09 +08:00
README.zh-CN.md Update README.md 2020-02-13 04:40:09 +08:00

Il2CppDumper

Build status

中文说明请戳这里

Unity il2cpp reverse engineer

Features

  • Complete DLL restore (except code), can be used to extract MonoBehaviour and MonoScript
  • Supports ELF, ELF64, Mach-O, PE and NSO format
  • Supports Unity 5.3 - 2020
  • Supports generate IDA and Ghidra scripts to help IDA and Ghidra better analyze il2cpp files
  • Supports Android memory dumped libil2cpp.so file to bypass 99% protection

Usage

Run Il2CppDumper.exe and choose the il2cpp executable file and global-metadata.dat file, then enter the information as prompted

The program will then generate all the output files in current working directory

Command-line

Il2CppDumper.exe <executable-file> <global-metadata> [unityVersion] [mode]

unityVersion Open any Unity asset file with a hex editor (Usually exists in the Data folder of the game), You can find the Unity version number at the beginning, similar to "5.6", "2017.2"

mode 1 - Manual, 2 - Auto

Outputs

DummyDll

Folder, containing all restored dll files

Use dnSpy, ILSpy or other .Net decompiler tools to view

Can be used to extract Unity MonoBehaviour and MonoScript, for UtinyRipper, UABE

ida.py

For IDA

ghidra.py

For Ghidra

stringliteral.json

Contains all stringLiteral information

Configuration

All the configuration options are located in config.json

Available options:

  • DumpMethod, DumpField, DumpProperty, DumpAttribute, DumpFieldOffset, DumpMethodOffset, DumpTypeDefIndex

    • Whether to output these information to dump.cs
  • DummyDll

    • Whether to generate dummy DLLs
  • MakeFunction

    • Whether to add the MakeFunction code in script.py
  • ForceIl2CppVersion, ForceVersion

    • If ForceIl2CppVersion is true, the program will use the version number specified in ForceVersion to choose parser for il2cpp binaries (does not affect the choice of metadata parser). This may be useful on some older il2cpp version (e.g. the program may need to use v16 parser on il2cpp v20 (Android) binaries in order to work properly)

Common errors

ERROR: Metadata file supplied is not valid metadata file.

Make sure you choose the correct file. Sometimes games may obfuscate this file for content protection purposes and so on. Deobfuscating of such files is beyond the scope of this program, so please DO NOT file an issue regarding to deobfuscating.

ERROR: Can't use auto mode to process file, try manual mode.

Make sure the executable is not protected, you can open a new issue and upload the file, I will try to solve.

ERROR: This file may be protected.

Il2CppDumper detected that the executable file has been protected, use GameGuardian to dump libil2cpp.so from the game memory, then use Il2CppDumper to load and follow the prompts, can bypass 99% protection

Credits