Modified version of Il2CppDumper allows you to dump methods of UserAssembly.dll of the game Genshin Impact
NOTICE: The global-metadata.dat of the game Genshin Impact has been encrypted, you need to dump decrypted file from memory before use this tool.
中文说明请戳这里
Unity il2cpp reverse engineer
- Complete DLL restore (except code), can be used to extract
MonoBehaviourandMonoScript - Supports ELF, ELF64, Mach-O, PE, NSO and WASM format
- Supports Unity 5.3 - 2020
- Supports generate IDA and Ghidra scripts to help IDA and Ghidra better analyze il2cpp files
- Supports generate structures header file
- Supports Android memory dumped
libil2cpp.sofile to bypass protection - Support bypassing simple PE protection
Run Il2CppDumper.exe and choose the il2cpp executable file and global-metadata.dat file, then enter the information as prompted
The program will then generate all the output files in current working directory
Il2CppDumper.exe <executable-file> <global-metadata> <output-directory>
Folder, containing all restored dll files
Use dnSpy, ILSpy or other .Net decompiler tools to view
Can be used to extract Unity MonoBehaviour and MonoScript, for UtinyRipper, UABE
For IDA
For IDA, read il2cpp.h file and apply structure information in IDA
structure information header file
For Ghidra
For ida.py and ghidra.py
Contains all stringLiteral information
All the configuration options are located in config.json
Available options:
-
DumpMethod,DumpField,DumpProperty,DumpAttribute,DumpFieldOffset,DumpMethodOffset,DumpTypeDefIndex- Whether to output these information to dump.cs
-
GenerateDummyDll,GenerateScript- Whether to generate these things
-
ForceIl2CppVersion,ForceVersion- If
ForceIl2CppVersionistrue, the program will use the version number specified inForceVersionto choose parser for il2cpp binaries (does not affect the choice of metadata parser). This may be useful on some older il2cpp version (e.g. the program may need to use v16 parser on il2cpp v20 (Android) binaries in order to work properly)
- If
Make sure you choose the correct file. Sometimes games may obfuscate this file for content protection purposes and so on. Deobfuscating of such files is beyond the scope of this program, so please DO NOT file an issue regarding to deobfuscating.
If your file is libil2cpp.so and you have a rooted Android phone, you can try my other project Riru-Il2CppDumper, it can bypass this protection.
Please note that the executable file for the PC platform is GameAssembly.dll or *Assembly.dll
You can open a new issue and upload the file, I will try to solve.
Il2CppDumper detected that the executable file has been protected, use GameGuardian to dump libil2cpp.so from the game memory, then use Il2CppDumper to load and follow the prompts, can bypass most protections.
If you have a rooted Android phone, you can try my other project Riru-Il2CppDumper, it can bypass almost all protections.
- Jumboperson - Il2CppDumper
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent