search

vfsfitvnm / frida-il2cpp-bridge

A Frida module to dump, trace or hijack any Il2Cpp application at runtime, without needing the global-metadata.dat file.
https://github.com/vfsfitvnm/frida-il2cpp-bridge/wiki
MIT License
974 stars 199 forks source link

Breakpoint triggered when calling a method #526

Closed namtacs closed 2 weeks ago

namtacs commented 1 month ago

I'm trying to call these two methods from an object and it gives a strange error "breakpoint triggered". Method signature (other parts left out):

class LinkedSquad.PlayerControls.FP_Health : UnityEngine.MonoBehaviour
{
    System.Boolean isDied; // 0x29
    System.Void Died(); // 0x00e36aa4
    System.Void DeadScreenInvoke(); // 0x00e36c60
}
Il2Cpp.perform(() => {
    const csharp = Il2Cpp.domain.assembly("Assembly-CSharp").image;

    //Scan
    const snapshot = Il2Cpp.MemorySnapshot.capture();
    snapshot.objects.forEach((instance) => {
        if (instance.class.type.name == "LinkedSquad.PlayerControls.FP_Health") {
            let health = instance;
        };
    });
    snapshot.free();
    health.method("Died").invoke();
    health.method("DeadScreenInvoke").invoke();
});

I also tested it with tracer enabled, and it's very strange: the first method just isn't called. the second method gets invoked as normal, but the result is unexpected because of the 1st method.

I also have the cpp2il+ilspy decompiled versions of them, but there's nothing wrong about them. Am i misunderstanding something?

vfsfitvnm commented 2 weeks ago

Hmm that doesn't look like a proper TypeScript snippet: here you are assigning instance to a local variable health

            let health = instance;

but then you are trying to access health from an outer scope, which would result in a health is not defined error.

vfsfitvnm commented 2 weeks ago

A thing that comes to my mind is you are trying to invoke those methods within the Frida thread, but possibly they should be invoked within the main thread. You could try the following:

Il2Cpp.perform(() => {
    // code here
}, "main");

Details here: https://github.com/vfsfitvnm/frida-il2cpp-bridge/wiki/Changelog#v082

namtacs commented 2 weeks ago

Thanks, that worked. I thought i had tested attaching with the main thread, but maybe i didn't understand something.

you are trying to access health from an outer scope, which would result in a health is not defined error.

This code is very simplified, but the stuff i left out isn't related or being used.

Do you know why it errors with this message?