Jump to content

Search the Community

Showing results for tags 'Help'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Moopler & You
    • Feedback
    • General Discussion
    • Introductions & Farewells
    • News
  • MapleStory Global
    • Discussion
    • Questions
    • Hacks, Resources & Tutorials
  • Programming
    • General Programming
    • MapleStory Programming


  • MapleStory Global
    • Hacks
    • Resources
  • Programming
    • General Resources

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start



Found 65 results

  1. wshh

    Help GMS Bypass

    Not able to use the bypass over at gk for some reason i'm thinking its there Auth system and i'm not getting much help over there to fix it, is it possible for anyone on this forum to release a bypass without the auth system where you dont have to login into your GK acc to use the bypass. (or any site for that matter) Thank you guys in advance.
  2. hey all, i got a modify client for elisionms and im trying to update it but i dont have enough knowledge .. its suppose to be small work just to pass hashcheck of skills.wz file im willing to pay for it
  3. tlqkf12

    Help Do you know anyone?

    Mob Fall Down Script Do you know anyone? GMS
  4. tl;dr I'm trying to hook ws2_32.dll send and recv functions, but upon injecting my DLL it just crashes. I'm not sure what I'm fucking up here, please help. It's been a hell of a long time since I've worked with C++ at all. It looks like I have too many gaps in my knowledge to jump straight in to Maplestory, so I've decided to opt for exploring a simple MMORPG with no anti cheat and no encryption that I'm aware of yet. I'm getting to grips with the freeware of IDA 7.0 and ollydbg and working through the struggles as best I can. I've gone in to IDA Pro and had a look in the imports tab to see if I can find anything useful. Sure enough there's an import for send and receive from ws2_32.dll That lists the address as .idata:00D339FC. If I look for it in ollydbg while the app is running, it lists the address of the start of the send function as 0x752B5E40. Just to confirm, if I go to that address in Cheat Engine's memory viewer, it shows that address as WS2_32.send: So I have the address of the send function in memory and I've been trying to get to grips with hooking the function. There's a lot of resources online that I've been reading through but can't seem to get it right and I'm too noob to figure it out. My project is a simple barebones C++ dll. Basic entry point. BOOL WINAPI DllMain(HINSTANCE hInst, DWORD dwReason, LPVOID reserved) { if (dwReason == DLL_PROCESS_ATTACH) { HookApiFunction("ws2_32.dll", "send", SendHook, hook); return 0; } } SendHook is super basic, all I want to do for now is to log packets to file. Once I get my head around this I'll work on making GUI for displaying the inbound/outbound packets. int WINAPI SendHook(SOCKET s, const char* buf, int len, int flags) { std::ofstream myfile; myfile.open(<PathToFile>); myfile << len << " " << buf << " " << "\n"; myfile.close(); return send(s, buf, len, flags); } In HookApiFunction, I load the library and call GetProcAddress to find the address of the function in memory. HINSTANCE library = LoadLibrary(Module); DWORD FunctionAddress = (DWORD)GetProcAddress(library, Function); DWORD MyFunctionAddress = (DWORD)MyFunction; Then attempt to redirect the send function to my SendHook function and then continue with the original function. DWORD jumpAddress = (MyFunctionAddress - FunctionAddress) - 5; memcpy(&jumpBytes[1], &jumpAddress, 4); DWORD dwProtect; VirtualProtect((LPVOID)FunctionAddress, 6, PAGE_EXECUTE_READWRITE, &dwProtect); WriteProcessMemory(GetCurrentProcess(), (LPVOID)FunctionAddress, jumpBytes, 6, 0); VirtualProtect((LPVOID)FunctionAddress, 6, dwProtect, &dwProtect); Everything compiles fine, but judging by when I crash, it happens when the send function is called. I can inject at the login screen for example, be fine for a few seconds until what I assume is some keepalive packet is sent. Thanks in advance for any help.
  5. Roopie

    Help Please Remove

    Solved. Thank you. Please Remove.
  6. Nevermind, found what I was looking for.
  7. lehoanglong

    Help Clear Rune Script

    Clear Rune v192.2 can someone please help update this
  8. is there any tutorials to unpack maplestory client for old versions(before BB ) ? thanks for helpers.
  9. hackbotmaple

    Help C++ Code Cave Crashes

    Hello, I'm having trouble converting this type of script that has a undefined return label to c++. While this is the original CE script [ENABLE] alloc(Aggro,128) label(return) Aggro: mov eax,[02FE8730] // CUserLocal: 8B 3D ? ? ? ? 8B CF F3 lea eax,[eax+04] mov [ecx+4A8+08],eax // Aggro Offset: 83 BE ? ? ? ? 00 0F 85 ? ? 00 00 8B CE E8 ? ? ? ? 85 C0 74 [Offset+0x08] push ebp mov ebp,esp push -01 jmp return 02398220: // CVecCtrlMob::WorkUpdateActive jmp Aggro return: [DISABLE] 02398220: // 55 8B EC 6A FF 68 ? ? ? ? 64 A1 00 00 00 00 50 83 EC ? 56 57 A1 ? ? ? ? 33 C5 50 8D ? ? 64 A3 00 00 00 00 8B F9 89 ? ? 8B ? FF push ebp mov ebp,esp push -01 dealloc(Aggro) Here's my code DWORD mobaggroret = 0x02398225; // +5 original __declspec(naked) void __stdcall MobAggroCC(){ _asm { mov eax, [cuserlocal] lea eax, [eax + 0x04] mov[ecx + 0x4A8 + 0x08], eax push ebp mov ebp, esp push 0xFF jmp [mobaggroret] // this part is what confuses me. I tried it without brackets, jmp dword ptr [mobaggroret] , jmp dword ptr mobaggroret and all doesn't work... } } Function void mobAggro(HWND hwnd) { if(mobAggroCheck) { *(BYTE*)mobaggro = 0xE9; *(DWORD*)(mobaggro + 1) = jmp(mobaggro, MobAggroCC); } else { mobaggro = mobaggroOri; memcpy((void*)mobaggro, "\x55\x8B\xEC\x6A\xFF", 5); } } What's the proper way of converting this? Would need some help Thanks!
  10. Hello guys, I've been stuck for a few days now before I decided to post here. Not sure which part is wrong... I'm trying to get the value from the pointer address for Current HP, 02B0B7E0 with 2 offsets 1FC and 1268. I'd checked a couple of times by restarting MapleStory to see if I obtained the wrong value. So far it was able to read my HP every time. I tried tons of solutions online but none seems to work. This was the latest one that I tried but it crashed maple upon injection. While other solutions would return no value...Does it have something to do with VirtualProtect? int HP = 0; ULONG_PTR hpBase = 0x02B0B7E0; void hpHook() { for (;;) { HP = (*(ULONG_PTR*)(*(ULONG_PTR*)(*(ULONG_PTR*)hpBase) + 0x1FC) + 0x1268); } } CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)hpHook, NULL, 0, NULL); for (;;) { MessageBox::Show("The Address is : " + String::Format("{0:X}", HP)); Sleep(5000); } Please guide me, thanks!
  11. Hello, I would like to know how to take the number input by user in the textbox and convert it into int. In this case, I'm coding an auto pot. Void textBox1_TextChanged(System::Object^ sender, System::EventArgs^ e) { defaultHP = Convert::ToInt32(textBox1->Text); } I tried to convert it in this way but my compiler would underline the textBox1 under defaultHP = Convert::ToInt32(textBox1->Text); What's the easiest way to do this? Thanks
  12. Please Release how to find Godmode value & AOE range attack in Cheat engine
  13. say i have bunch of scripts from last patch .. what should be done to update it ,, i mean what does coders do to fetch new addresses or whatever they update using cheat engine?
  14. A Silk Mutt

    Help Web Development

    Hey guys, I'm looking for an experienced developer who's knowledgeable in the following: PHP JavaScript / jQuery MySQL It would also help, but isn't required, if you were familiar with the following: HTML CSS Prototype JS E-Commerce Platforms (Shopify, Magento, WooCommerce, OSCommerce, etc) Before explaining what exactly you'd be helping with, I must tell you that there will be no pay to start. This isn't a one-time hire for just one application or job. It's a long-term investment of sorts, and if you're knowledgeable, fun, easy-going, mature (but also immature at times) and non-argumentative (this doesn't mean I don't want to hear your honest opinions) then it means you could be a part of something that has the potential to be very profitable. As well as a part of something that could mean other profitable projects down the road. You will need to prove that you meet requirements. The project(s): An ongoing and currently live project where I'm the only developer. Lots of room for improvement, additions and suggestions. Specifics can be given after we talk. Future: MS Private Server creation - different than the rest. This project would include a couple of others who are extremely knowledgeable about MS. Centralized social media platform that revolves around games Contact: leave your Skype/Discord in a post, or private message me Side note: Also looking for a skilled GFX artist for banners, ads, icons, etc!
  15. Raymond

    Help Thread Spoof and Stat Hook

    The current thread spoof in the script database does not work: Enabling this script: My character attack once meaning the call went throught, but I disconnect shortly after. I remember back then to spoof thread id it was something like this: __writefsdword(0x24,threadidpointerhere) // current thread id later it changed to this __writefsdword(0x6B8,threadidpointerhere) // real thread id later it changed to this __writefsdword(0x6B8,DecryptData(threadidpointerhere)) // real thread id is encrypted and we had to use Tsectype SetData And now I think it should be __writefsdword(0x18,threadidpointerhere) // TEB or __writefsdword(0x18,DecryptData(threadidpointerhere)) // TEB and we had to use Tsectype SetData but how to find thread id pointer? fs:[0x00000024] and fs:[0x000006B8] isnt in maplestory anymore but fs:[0x00000018] is and stat hook: I'm only able to get current hp and mp and max hp(without equip) and max mp (without equip) how to get max hp and max mp with equips and how about exp and max exp back then it was simple with CUISTATUSBAR::SETNUMBERVALUE but that doesnt work anymore
  16. wshh

    Help Packet Inject Script

    This is v183 packet inject script can someone please help update this [ENABLE] alloc(DispatchMessageA_Hook,128) alloc(SendPacket,128) alloc(SPacket,128) alloc(Packet,64) label(InjectPacket) SPacket:// 16 bytes dd 00 // Unknown 1 dd 00 // Packet Data dd 40 // Packet Size (Take care of the packet size. If your packet is bigger than the size, it will crash.) dd 00 // Unknown 2 // Drop 10 Mesos // [B8 0F] [C5 96 14 0D] [0A 00 00 00] // [Header] [TimeStamp] [Mesos Amount] Packet: db B8 0F C5 96 14 0D 0A 00 00 00 SPacket+4: dd Packet SendPacket: mov ecx,[02AF17B4] // CClientSocketPtr: 8B 0D ? ? ? ? 85 C9 74 ? 8D ? ? 50 E8 ? ? ? ? 8D ? ? E8 push SPacket push 006AF8EC // Search for 90 C3 for fake return address jmp 00DC6B50 // CClientSocket::SendPacket: Follow call below CClientSocketPtr DispatchMessageA_Hook: push 70 // VK_F1 call GetAsyncKeyState shr ax,#15 cmp ax,1 je InjectPacket mov edi,edi push ebp mov ebp,esp jmp DispatchMessageA+5 InjectPacket: call SendPacket ret DispatchMessageA: jmp DispatchMessageA_Hook [DISABLE] DispatchMessageA: mov edi,edi push ebp mov ebp,esp dealloc(DispatchMessageA_Hook) dealloc(SendPacket) dealloc(SPacket) dealloc(Packet)
  17. I try mapleshark is not longer decrypting packets for me, the aes key still the same, I look on ZLZ.dll already. RIP
  18. image QQ when Twms 198-199 all packets when in channel can't used..... need help....
  19. Hey again~. I'm still new to lua, and I have no idea how to writeString to width and height in this case where it uses 'dd #' (same applies to Auto cc). What I currently have: ResolutionChanger checkbox with the function ResolutionChanger onChange, and two Editboxes with the ChangeRCWidth and ChangeRCHeight onChange functions respectively. When I enable resolution changer, it doesn't do anything. I've tried using define(width, #%s), which, of course, didn't work. What is wrong here? function ResolutionChanger(RES_CHANGE) --v186.3 if RES_CHANGE.checked then autoAssemble(string.format([[ alloc(ResolutionChanger, 128) label(AlreadyChanged) alloc(height,4) alloc(width,4) registersymbol(height) registersymbol(width) alloc(IntersectRectAddy,4) alloc(ResolutionChangerAddy,4) IntersectRectAddy: dd USER32.IntersectRect ResolutionChangerAddy: dd ResolutionChanger width: dd #%s height: dd #%s ResolutionChanger: pushad mov edi,[02C19938]//follow first call from the function below mov eax, [edi+7CF0] //follow first call from the function below cmp eax, [width] je AlreadyChanged mov eax,[edi+7CF0+4] cmp eax,[height] je AlreadyChanged mov ecx, [height] mov edx, [width] push 00 push ecx push edx mov ecx,edi call 02199B10 //55 8b ec 51 53 57 89 ? ? E8 ? ? ? ? 8B ? 08 //68 58 02 00 00 68 20 03 00 00 8B 0D ? ? ? ? E8 [FOLLOW CALL BELOW] AlreadyChanged: popad jmp dword ptr [IntersectRectAddy] 021086D1: call dword ptr [ResolutionChangerAddy] ]],tostring(UDF1.CEEdit12.Text),tostring(UDF1.CEEdit13.Text))) UDF1.CEEdit12.Enabled = false UDF1.CEEdit13.Enabled = false else autoAssemble([[ dealloc(ResolutionChanger) dealloc(heigh) dealloc(width) dealloc(IntersectRectAddy) dealloc(ResolutionChangerAddy) unregistersymbol(height) unregistersymbol(width) 021086D1: //[3RD RESULT] FF 15 ? ? ? ? 85 C0 0F 84 ? ? 00 00 51 8B ? call dword ptr [02C3A808] ]]) UDF1.CEEdit12.Enabled = true UDF1.CEEdit13.Enabled = true end end function ChangeRCWidth(C_RCW) local value = tostring(UDF1.CEEdit12.Text) if C_RCW.Checked then writeString("width", value) end end function ChangeRCHeight(C_RCH) local value = tostring(UDF1.CEEdit13.Text) if C_RCH.Checked then writeString("height", value) end end
  20. Ra'sAlGhul

    Help Keypress MapleStory C#

    Hello guys i'm making a trainer for ms, but can't send keystrokes without the ms windows focused. I tried with the class, name of the windows, pid, and nothing... I used PostMessage and MapVirtualKey to send key and FindWindow to find the maplestory windows. [DllImport("user32.dll", EntryPoint = "PostMessageW")] private static extern bool PostMessage(int hwnd, int wMsg, int wParam, int lParam); [DllImport("user32.dll", EntryPoint = "FindWindow")] private static extern int FindWindow(string lpClassName, string lpWindowName); [DllImport("user32.dll")] private static extern int MapVirtualKey(uint uCode, uint uMapType); and use pid to get to correct maplestory windows if use multiclient, like int hwnd = FindWindow(null, Process.GetProcessById(Int32.Parse(pid, NumberStyles.HexNumber)).MainWindowTitle); then send the key int lParam = (MapVirtualKey(key, 0) << 16) + 1; PostMessage(hwnd, WM_KEYDOWN, key, lParam); PostMessage(hwnd, WM_KEYUP, key, lParam); But, don't work if maplestory windows not are focused. Greetings and thanks!
  21. I wanted to try to make a packet based kami ( i also 1 hit all mobs ) so that the server sees me near the mobs when they die. i got the mob X/Y stored in this: the movement packet is something like so my question is: the first time i call the function that sends that packet, will it use ONLY 1 Mob X/Y from the vector? or will it use X in position first 2 positions and Y in the first 2 positions? EDIT: when erasing MobX/MobY vector it crashes
  22. hello guys I started again with learning some coding by remaking my old trainer. Now i really struggly with asm language and finding pointers and stuff lol, i keep ending up at static pointers. but i tried to put the hp/mp stathook into my trainer. can you guys have a look at it? did i missed something? cuz when i activate my stathook my game freezes.
  23. koreanrice

    Help Need Help With C++ Trainer

    Need help injecting code caves into c++ need some explanation specifically this one SKILL INJECTION: [ENABLE] alloc(skill_id_hook,128) label(skill_id_return) label(normal) define(skill_id,#12120011) alloc(delay,4) delay: dw 00 01F133F5: //0F 84 ?? ?? ?? ?? 2B 9E ?? ?? ?? ?? 0F 88 ?? ?? ?? ?? 8B db 90 90 90 90 90 90 01F13401: //JS Below db 90 90 90 90 90 90 01F133EE: //cmp dword ptr ABOVE jmp skill_id_hook nop nop skill_id_return: skill_id_hook: inc [delay] cmp [delay],#5 jne normal mov [delay],00 mov [esi+00012758],skill_id jmp skill_id_return normal: cmp dword ptr [esi+00012758],00 jmp skill_id_return 01F1347A: //0F 84 ? ? 00 00 8B 06 8B CE FF 50 ? 3D 10 27 00 00 74 ? 3D [SECOND RESULT] db 90 E9 01F135F3: //0F 87 ?? ?? ?? ?? 0F B6 ?? ?? ?? ?? ?? FF 24 ?? ?? ?? ?? ?? 84 DB 74 ?? 8B 8E ?? ?? ?? ?? 85 C9 db 90 90 90 90 90 90 01F13600: //Addres below or above aob jmp 01F13633 //81 BE ? ? ? ? E2 FE 7E 01 dw 9090 [Disable] 01F133F5: //0F 84 ?? ?? ?? ?? 2B 9E ?? ?? ?? ?? 0F 88 ?? ?? ?? ?? 8B db 0F 84 21 03 00 00 01F13401: //JS Below db 0F 88 15 03 00 00 01F133EE: //cmp dword ptr above cmp dword ptr [esi+00012758],00 01F1347A: //0F 84 ? ? 00 00 8B 06 8B CE FF 50 ? 3D 10 27 00 00 74 ? 3D [SECOND RESULT] db 0F 84 F8 00 00 00 01F135F3: //0F 87 ?? ?? ?? ?? 0F B6 ?? ?? ?? ?? ?? FF 24 ?? ?? ?? ?? ?? 84 DB 74 ?? 8B 8E ?? ?? ?? ?? 85 C9 db 0F 87 19 01 00 00 01F13600: //Addres Below Above jmp dword ptr [ecx*4+01F13724] dealloc(skill_id_hook)
  24. I think we don't have one on our script Data base? Anyone could spare me this script please.
  25. Hello moopler, as title suggests, what are the current addies for this version? I am trying to find the new addresses for this version but not sure how to find the correct addresses since most of the aobs have broken for this version. Also, it appears that nexon added some other encryption to sending/logging packets and im not sure how the packet structure will look like now. Here are the addresses for v182.2 and my v183 attempt, the addies don't appear to be correct. V182.2 Addies: namespace GMSAddys { const uint32_t MSLockAddy = 0x40EC80; // 53 56 8B 74 24 0C 8B D9 8B CE const uint32_t MSUnlockAddy = 0x403D40; // 8B 01 83 40 04 FF 75 06 const uint32_t innoHashAddy = 0x1F838A0; // 51 8B 44 24 10 C7 04 24 const uint32_t FlushSocketAddy = 0xA41A50; // 6A FF 68 ? ? ? ? 64 A1 ? ? ? ? 50 83 EC 44 A1 ? ? ? ? 33 ? 50 8D 45 ? 64 A3 ? ? ? ? 89 4D ? 8B 4D ? 83 ? ? E8 ? ? ? ? const uint32_t MakeBufferListAddy = 0x11401F0; // 6A FF 68 ? ? ? ? 64 A1 ? ? ? ? 50 83 EC 14 53 55 56 57 A1 ? ? ? ? 33 C4 50 8D 44 24 28 64 A3 ? ? ? ? 8B D9 89 5C 24 1C const uint32_t CClientSocketPtr = 0x29E61CC; // 8B 0D ? ? ? ? 85 C9 74 0A 8D 44 const uint32_t GameVersion = 182; v183 attempt: @XShade @Dami @NewSprux2.0? @Waty @Fameguy @Crypt707 @CJ. @MaTriiXzZ @DAVHEED Really appreciate your help guys, Thanks!