![]() ![]() ![]() Assembly-CSharp.dll and its dependencies, as if it was shipped without IL2CPP) and running them through the IL2CPP transpiler, and is therefore the main target for reverse engineering since it contains the actual application code.īesides the application code itself, the binary also contains a vast sea of binary-specific metadata such as a pointer list to every C#-equivalent function, data about every type referenced by method code and so on. The application binary (which I’ll just call “the binary” from hereon) is the output created by taking the regular Mono DLLs for the application (eg. Other platforms use different layouts, but all of the binaries can be analyzed in the same way, so the target platform doesn’t matter too much. On Android, the application binary is libil2cpp.so, and on iOS everything is generally wrapped up into a single executable. For an IL2CPP game, this will select Unity’s IL2CPP initialization path and load the main application binary this is usually called GameAssembly.dll in the application’s root path but it can be placed elsewhere and renamed. ![]() On Windows, the main executable of an IL2CPP application is essentially just a stub that loads UnityPlayer.dll and calls UnityMain. First, there is the application code itself. IL2CPP applications are forged from two key components. Different versions vary slightly although the overall principles are the same. Note: I chose Unity 2019.3.1 more or less at random for this walkthrough. Basic knowledge of what IL2CPP is – I recommend that you read part 1 first if you’re new to IL2CPP.Basic knowledge of disassembly (the article uses IDA but Ghidra works equally well).Basic knowledge of high-level programming.how to interpret C++ function calls in assembly language.beginner-level disassembly navigation and tidying in IDA.how to find the application binary’s metadata by hand in a disassembler (圆4 and ARM).how an IL2CPP application loads the metadata we are interested in.an overview of the key files in an IL2CPP application from a reverse-engineering perspective.In part 1 of this series we learned what IL2CPP is, how to setup a build environment, and compared the C#, IL, C++ and disassembly of a simple function. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |