Jump to content

Search the Community

Showing results for tags 'Help'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Moopler & You
    • Feedback
    • General Discussion
    • Introductions & Farewells
    • News
  • MapleStory Global
    • Discussion
    • Questions
    • Hacks, Resources & Tutorials
    • Programming
  • Other MapleStory Regions
    • South-East Asia


  • MapleStory Global
    • Hacks
    • Resources
  • Programming
    • General Resources


  • MapleStory Global
  • MapleStory SEA

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start



Found 71 results

  1. Keitaroxxxxx

    Help Help me to make Pet Item Vac faster

    This part of the script changes: "push [ItemY] push [ItemX] lea ecx,[ebx+10] <==== exit: mov ecx,ebx <==== call 00CAF500 jmp Return" I don't know how to update this parte or where to find the correct address. on this version 196.3 the pet stays besides the character and loot sloow the items on the ground slower, take a lot of time to pick up the items. Changing the cmp [ecx+14],#44 <<<< to 0 Don't make the diference Thanks guys.
  2. hey all, i got a modify client for elisionms and im trying to update it but i dont have enough knowledge .. its suppose to be small work just to pass hashcheck of skills.wz file im willing to pay for it
  3. iwannalearn

    Help Finding updated pointers/offsets

    I am completely new at using CE or hacking maplestory. I only know some coding like a bit of C, and some Java. I have done some research but couldn't fully understand how to use CE for my purposes. I am trying to find updated pointers for a script that I am using and the pointer names (i believe) are given, as well as the older (v162) version addresses(?) or something. I can't understand what the numbers mean because I am not sure what opcodes, pointers, offsets are (have not learned any assembly) and the script states in comments that I must update values of pointers for the versions I am on (196.2). I read that I should use AoB search to find the pointers and offsets, but I am not sure where the AoB would come from. For example: I don't really know what CUserLocal is, but I am guessing that it is a pointer name? And with that, how do I get an array of bytes to find the new address on my version of maplestory? Sorry for being really inconcise, there is a lot that I am confused about... EDIT: for alll of the above, I am referring to a section titled v162 Pointers (can ctrl+f) I've included the original script as attachment. It is a script for OssyriaMS private server (v162) and I am trying to use it to work on AriesMS (v196.2) which I understand is basically GMS. So if anyone has the updated GMS pointers and could just spoonfeed them, that would be great too but I also want to learn how to get addresses/pointers/offsets using CE! Thanks aside: it seems that I am getting hacking detected when CE is opened, then the game shuts off. Any way to bypass? aries.txt
  4. msdoors

    Help postmessage key send..

    postmessage key send.. I want to get deactivation macro source code using PostMessage () using C ++. I tried a lot but I did not. I want to get source code through DLL injection.
  5. I'm attempting to make a maplestory redirector so I could setup a proxy server. I cannot hook WS2_32.dll as its detected but I attempt to use the public dinput8.dll hook and redirect WS2_32.dll connect function from inside it. My code works for before Nexon GameGuard loads then just before maplestory loads up it crashes. typedef HRESULT(WINAPI* tconnect)(_In_ SOCKET s, _In_ const struct sockaddr *name, _In_ int namelen); tconnect oconnect = reinterpret_cast<tconnect>(GetProcAddress(GetModuleHandle(L"WS2_32.dll"), "connect")); HRESULT WINAPI hkconnect(_In_ SOCKET s, _In_ const struct sockaddr *name, _In_ int namelen) { struct sockaddr_in *in = (struct sockaddr_in *)name; printf("Attempting connect %d %d.%d.%d.%d : %d\n", s, in->sin_addr.S_un.S_un_b.s_b1, in->sin_addr.S_un.S_un_b.s_b2, in->sin_addr.S_un.S_un_b.s_b3, in->sin_addr.S_un.S_un_b.s_b4, in->sin_port); return oconnect(s, name, namelen); } The DLLMain Injected thread has this code while (!(unsigned long)GetModuleHandle(L"ws2_32.dll")) Sleep(100);// Wait until loaded printf("dinput8.dll = %X\n", GetModuleHandle(L"dinput8.dll")); if (oconnect != 0) { CMemory Client; printf("Before \n"); Client.DetourFunction(TRUE, reinterpret_cast<void**>(&oconnect), hkconnect); printf("After \n"); } the DetourFunction is this BOOL CMemory::DetourFunction(__in BOOL bState, __inout PVOID* ppPointer, __in PVOID pDetour) { if (DetourTransactionBegin() == NO_ERROR) if (DetourUpdateThread(GetCurrentThread()) == NO_ERROR) if ((bState ? DetourAttach : DetourDetach)(ppPointer, pDetour) == NO_ERROR) if (DetourTransactionCommit() == NO_ERROR) return TRUE; return FALSE; } Here is a screenshot As you can see the first original hook crashes the second one doesn't crash even though it didn't do any hooking. the second one gets started by the anticheat i think. How do I fix this?
  6. Hi Moopler, i'm currently stuck on update some offset to get info, need help on: MapIdOffset (MapBasePointer: 0x02A03EF8, found offset 0x163C from old AoB but get wrong value) MobCountOffset AoB (MobBase: 0x029D8864, MobCountOffset: 0x10) Thanks Edit: also need help on Hp and Mp Offset of CUserLocal
  7. [ENABLE] alloc(Hook,128) Hook: push ebp mov ebp,esp push -01 pushad mov ebx,ecx // CRuneStoneMgrForClient: 8B 0D ? ? ? ? E8 ? ? ? ? 8B 0D ? ? ? ? E8 ? ? ? ? 8B 0D ? ? ? ? E8 ? ? ? ? 8B 0D ? ? ? ? E8 ? ? ? ? 8B ? E8 mov ecx,ebx call 0152AB30 // CRuneStoneMgrForClient::NoticeInRect: E8 ? ? ? ? A1 ? ? ? ? 89 ? ? 85 C0 0F 84 [Fifth result & start] push 25 // Left arrow mov ecx,ebx call 0152B830 // CRuneStoneMgrForClient::KeyInput: 8B 0D ? ? ? ? 53 E8 ? ? ? ? 85 C0 75 ? 8B [Follow first call] push 26 // Up arrow mov ecx,ebx call 0152B830 // CRuneStoneMgrForClient::KeyInput: 8B 0D ? ? ? ? 53 E8 ? ? ? ? 85 C0 75 ? 8B [Follow first call] push 27 // Right arrow mov ecx,ebx call 0152B830 // CRuneStoneMgrForClient::KeyInput: 8B 0D ? ? ? ? 53 E8 ? ? ? ? 85 C0 75 ? 8B [Follow first call] push 28 // Down arrow mov ecx,ebx call 0152B830 // CRuneStoneMgrForClient::KeyInput: 8B 0D ? ? ? ? 53 E8 ? ? ? ? 85 C0 75 ? 8B [Follow first call] popad jmp 0152A3C0+5 0152A3C0: jmp Hook 02071490: db C3 [DISABLE] 0152A3C0: // CRuneStoneMgrForClient::Update: E8 ? ? ? ? 8B 0D ? ? ? ? 85 ? 74 ? ? E8 ? ? ? ? 8B 0D [Before last green result] push ebp mov ebp,esp push -01 02071490: // CUserLocal::ResetRuneStoneActionAndSendFailPacket: 8B 0D ? ? ? ? 53 E8 ? ? ? ? 85 C0 75 ? 8B [Follow second call] db 55 dealloc(Hook) Do you have the latest Rune rune, 188.2 I can't update it. Thank you for the latest car Rune data. Ask for a NGS and pay the tuition! Please kindly help me. I haven't graduated from primary school for over a year.
  8. I'd like to write a script to turn on Godmode then off then on again and again to avoid d/c while botting. First, I'm trying to turn off Godmode after a period of time. That's what I wrote but it didn't work as I want //v195.2 [ENABLE] define(_GodmodeDelay,#1000) //Set time in milliseconds alloc(GodmodeTimer,4) alloc(Godmode,128) label(Godmode_Return) label(Exit) GodmodeTimer: dd 0 022B9E80: //CUserLocal::SetDamaged db C2 2C 00 //Godmode on jmp Godmode Godmode_Return: Godmode: inc [GodmodeTimer] cmp [GodmodeTimer],_GodmodeDelay jne Exit db 55 8B EC //Godmode off Exit: popad jmp Godmode_Return [DISABLE] 022B9E80: //E8 ? ? ? ? 8B CF E8 ? ? ? ? 8B ? ? 8B ? ? 85 C0 75 ? 8B CB E8 ? ? ? ? 84 C0 74 ? 85 FF [First Result Follow Call] db 55 8B EC Anyone show me how to fix it? Highly appreciate
  9. wshh

    Help GMS Bypass

    Not able to use the bypass over at gk for some reason i'm thinking its there Auth system and i'm not getting much help over there to fix it, is it possible for anyone on this forum to release a bypass without the auth system where you dont have to login into your GK acc to use the bypass. (or any site for that matter) Thank you guys in advance.
  10. tlqkf12

    Help Do you know anyone?

    Mob Fall Down Script Do you know anyone? GMS
  11. tl;dr I'm trying to hook ws2_32.dll send and recv functions, but upon injecting my DLL it just crashes. I'm not sure what I'm fucking up here, please help. It's been a hell of a long time since I've worked with C++ at all. It looks like I have too many gaps in my knowledge to jump straight in to Maplestory, so I've decided to opt for exploring a simple MMORPG with no anti cheat and no encryption that I'm aware of yet. I'm getting to grips with the freeware of IDA 7.0 and ollydbg and working through the struggles as best I can. I've gone in to IDA Pro and had a look in the imports tab to see if I can find anything useful. Sure enough there's an import for send and receive from ws2_32.dll That lists the address as .idata:00D339FC. If I look for it in ollydbg while the app is running, it lists the address of the start of the send function as 0x752B5E40. Just to confirm, if I go to that address in Cheat Engine's memory viewer, it shows that address as WS2_32.send: So I have the address of the send function in memory and I've been trying to get to grips with hooking the function. There's a lot of resources online that I've been reading through but can't seem to get it right and I'm too noob to figure it out. My project is a simple barebones C++ dll. Basic entry point. BOOL WINAPI DllMain(HINSTANCE hInst, DWORD dwReason, LPVOID reserved) { if (dwReason == DLL_PROCESS_ATTACH) { HookApiFunction("ws2_32.dll", "send", SendHook, hook); return 0; } } SendHook is super basic, all I want to do for now is to log packets to file. Once I get my head around this I'll work on making GUI for displaying the inbound/outbound packets. int WINAPI SendHook(SOCKET s, const char* buf, int len, int flags) { std::ofstream myfile; myfile.open(<PathToFile>); myfile << len << " " << buf << " " << "\n"; myfile.close(); return send(s, buf, len, flags); } In HookApiFunction, I load the library and call GetProcAddress to find the address of the function in memory. HINSTANCE library = LoadLibrary(Module); DWORD FunctionAddress = (DWORD)GetProcAddress(library, Function); DWORD MyFunctionAddress = (DWORD)MyFunction; Then attempt to redirect the send function to my SendHook function and then continue with the original function. DWORD jumpAddress = (MyFunctionAddress - FunctionAddress) - 5; memcpy(&jumpBytes[1], &jumpAddress, 4); DWORD dwProtect; VirtualProtect((LPVOID)FunctionAddress, 6, PAGE_EXECUTE_READWRITE, &dwProtect); WriteProcessMemory(GetCurrentProcess(), (LPVOID)FunctionAddress, jumpBytes, 6, 0); VirtualProtect((LPVOID)FunctionAddress, 6, dwProtect, &dwProtect); Everything compiles fine, but judging by when I crash, it happens when the send function is called. I can inject at the login screen for example, be fine for a few seconds until what I assume is some keepalive packet is sent. Thanks in advance for any help.
  12. Roopie

    Help Please Remove

    Solved. Thank you. Please Remove.
  13. Nevermind, found what I was looking for.
  14. lehoanglong

    Help Clear Rune Script

    Clear Rune v192.2 can someone please help update this
  15. Ful3NN

    Help maplestory unpack

    is there any tutorials to unpack maplestory client for old versions(before BB ) ? thanks for helpers.
  16. hackbotmaple

    Help C++ Code Cave Crashes

    Hello, I'm having trouble converting this type of script that has a undefined return label to c++. While this is the original CE script [ENABLE] alloc(Aggro,128) label(return) Aggro: mov eax,[02FE8730] // CUserLocal: 8B 3D ? ? ? ? 8B CF F3 lea eax,[eax+04] mov [ecx+4A8+08],eax // Aggro Offset: 83 BE ? ? ? ? 00 0F 85 ? ? 00 00 8B CE E8 ? ? ? ? 85 C0 74 [Offset+0x08] push ebp mov ebp,esp push -01 jmp return 02398220: // CVecCtrlMob::WorkUpdateActive jmp Aggro return: [DISABLE] 02398220: // 55 8B EC 6A FF 68 ? ? ? ? 64 A1 00 00 00 00 50 83 EC ? 56 57 A1 ? ? ? ? 33 C5 50 8D ? ? 64 A3 00 00 00 00 8B F9 89 ? ? 8B ? FF push ebp mov ebp,esp push -01 dealloc(Aggro) Here's my code DWORD mobaggroret = 0x02398225; // +5 original __declspec(naked) void __stdcall MobAggroCC(){ _asm { mov eax, [cuserlocal] lea eax, [eax + 0x04] mov[ecx + 0x4A8 + 0x08], eax push ebp mov ebp, esp push 0xFF jmp [mobaggroret] // this part is what confuses me. I tried it without brackets, jmp dword ptr [mobaggroret] , jmp dword ptr mobaggroret and all doesn't work... } } Function void mobAggro(HWND hwnd) { if(mobAggroCheck) { *(BYTE*)mobaggro = 0xE9; *(DWORD*)(mobaggro + 1) = jmp(mobaggro, MobAggroCC); } else { mobaggro = mobaggroOri; memcpy((void*)mobaggro, "\x55\x8B\xEC\x6A\xFF", 5); } } What's the proper way of converting this? Would need some help Thanks!
  17. Hello guys, I've been stuck for a few days now before I decided to post here. Not sure which part is wrong... I'm trying to get the value from the pointer address for Current HP, 02B0B7E0 with 2 offsets 1FC and 1268. I'd checked a couple of times by restarting MapleStory to see if I obtained the wrong value. So far it was able to read my HP every time. I tried tons of solutions online but none seems to work. This was the latest one that I tried but it crashed maple upon injection. While other solutions would return no value...Does it have something to do with VirtualProtect? int HP = 0; ULONG_PTR hpBase = 0x02B0B7E0; void hpHook() { for (;;) { HP = (*(ULONG_PTR*)(*(ULONG_PTR*)(*(ULONG_PTR*)hpBase) + 0x1FC) + 0x1268); } } CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)hpHook, NULL, 0, NULL); for (;;) { MessageBox::Show("The Address is : " + String::Format("{0:X}", HP)); Sleep(5000); } Please guide me, thanks!
  18. hackbotmaple

    Help C++ Converting textbox input to int

    Hello, I would like to know how to take the number input by user in the textbox and convert it into int. In this case, I'm coding an auto pot. Void textBox1_TextChanged(System::Object^ sender, System::EventArgs^ e) { defaultHP = Convert::ToInt32(textBox1->Text); } I tried to convert it in this way but my compiler would underline the textBox1 under defaultHP = Convert::ToInt32(textBox1->Text); What's the easiest way to do this? Thanks
  19. Please Release how to find Godmode value & AOE range attack in Cheat engine
  20. TooRob

    Help Updating Scripts

    say i have bunch of scripts from last patch .. what should be done to update it ,, i mean what does coders do to fetch new addresses or whatever they update using cheat engine?
  21. A Silk Mutt

    Help Web Development

    Hey guys, I'm looking for an experienced developer who's knowledgeable in the following: PHP JavaScript / jQuery MySQL It would also help, but isn't required, if you were familiar with the following: HTML CSS Prototype JS E-Commerce Platforms (Shopify, Magento, WooCommerce, OSCommerce, etc) Before explaining what exactly you'd be helping with, I must tell you that there will be no pay to start. This isn't a one-time hire for just one application or job. It's a long-term investment of sorts, and if you're knowledgeable, fun, easy-going, mature (but also immature at times) and non-argumentative (this doesn't mean I don't want to hear your honest opinions) then it means you could be a part of something that has the potential to be very profitable. As well as a part of something that could mean other profitable projects down the road. You will need to prove that you meet requirements. The project(s): An ongoing and currently live project where I'm the only developer. Lots of room for improvement, additions and suggestions. Specifics can be given after we talk. Future: MS Private Server creation - different than the rest. This project would include a couple of others who are extremely knowledgeable about MS. Centralized social media platform that revolves around games Contact: leave your Skype/Discord in a post, or private message me Side note: Also looking for a skilled GFX artist for banners, ads, icons, etc!
  22. Raymond

    Help Thread Spoof and Stat Hook

    The current thread spoof in the script database does not work: Enabling this script: My character attack once meaning the call went throught, but I disconnect shortly after. I remember back then to spoof thread id it was something like this: __writefsdword(0x24,threadidpointerhere) // current thread id later it changed to this __writefsdword(0x6B8,threadidpointerhere) // real thread id later it changed to this __writefsdword(0x6B8,DecryptData(threadidpointerhere)) // real thread id is encrypted and we had to use Tsectype SetData And now I think it should be __writefsdword(0x18,threadidpointerhere) // TEB or __writefsdword(0x18,DecryptData(threadidpointerhere)) // TEB and we had to use Tsectype SetData but how to find thread id pointer? fs:[0x00000024] and fs:[0x000006B8] isnt in maplestory anymore but fs:[0x00000018] is and stat hook: I'm only able to get current hp and mp and max hp(without equip) and max mp (without equip) how to get max hp and max mp with equips and how about exp and max exp back then it was simple with CUISTATUSBAR::SETNUMBERVALUE but that doesnt work anymore
  23. wshh

    Help Packet Inject Script

    This is v183 packet inject script can someone please help update this [ENABLE] alloc(DispatchMessageA_Hook,128) alloc(SendPacket,128) alloc(SPacket,128) alloc(Packet,64) label(InjectPacket) SPacket:// 16 bytes dd 00 // Unknown 1 dd 00 // Packet Data dd 40 // Packet Size (Take care of the packet size. If your packet is bigger than the size, it will crash.) dd 00 // Unknown 2 // Drop 10 Mesos // [B8 0F] [C5 96 14 0D] [0A 00 00 00] // [Header] [TimeStamp] [Mesos Amount] Packet: db B8 0F C5 96 14 0D 0A 00 00 00 SPacket+4: dd Packet SendPacket: mov ecx,[02AF17B4] // CClientSocketPtr: 8B 0D ? ? ? ? 85 C9 74 ? 8D ? ? 50 E8 ? ? ? ? 8D ? ? E8 push SPacket push 006AF8EC // Search for 90 C3 for fake return address jmp 00DC6B50 // CClientSocket::SendPacket: Follow call below CClientSocketPtr DispatchMessageA_Hook: push 70 // VK_F1 call GetAsyncKeyState shr ax,#15 cmp ax,1 je InjectPacket mov edi,edi push ebp mov ebp,esp jmp DispatchMessageA+5 InjectPacket: call SendPacket ret DispatchMessageA: jmp DispatchMessageA_Hook [DISABLE] DispatchMessageA: mov edi,edi push ebp mov ebp,esp dealloc(DispatchMessageA_Hook) dealloc(SendPacket) dealloc(SPacket) dealloc(Packet)
  24. Crypt707

    Help Can't decrypt packets :o

    I try mapleshark is not longer decrypting packets for me, the aes key still the same, I look on ZLZ.dll already. RIP
  25. sam0324sam

    Help TMS can't decrypt packets

    image QQ when Twms 198-199 all packets when in channel can't used..... need help....