Jump to content
Moopler
OuterHaven

Release EMS/GMS v178.4 Scripts

Recommended Posts

Rules

  • Only post scripts in here
  • Don't ask questions in this topic

Godmode

Spoiler

//v178.4
[enable]
01CC8F4E:
db 0F 84

[disable]
01CC8F4E: // 74 ? 8D ? ? ? ? ? E8 ? ? ? ? 85 C0 0F 85 ? ? ? ? 8D ? ? ? ? ? E8 [jne below]
db 0F 85

 

Guard Godmode

Spoiler

//Credits to CJ
//v178.4
[ENABLE]
alloc(CUserLocal__SetDamaged_Hook,128)
label(CUserLocal__SetDamaged_Normal)
label(return)

CUserLocal__SetDamaged_Hook:
push 00
push 00
push 00
push 00
push 00
push 00
push 00
push 00
push 00
push 00
push 00
xor edx,edx
call CUserLocal__SetDamaged_Normal
ret 002C

CUserLocal__SetDamaged_Normal:
push -01
push 022E5BE5
jmp return

01CC8F00: // CUserLocal::SetDamaged
jmp CUserLocal__SetDamaged_Hook
db 90 90
return:

[DISABLE]
01CC8F00: // 6A FF 68 ? ? ? ? 64 A1 00 00 00 00 50 81 ? ? ? ? ? 53 55 56 57 A1 ? ? ? ? 33 C4 50 8D ? ? ? ? ? ? 64 A3 00 00 00 00 8B E9 83 ? ? ? ? ? ? ? C7
db 6A FF 68

 

Special Boss Godmode

Spoiler

//Credits to OuterHaven
//Blocks Damien Sword Attack,Lotus Laser,Magnus Balls etc
//Call above is CField::IsUsernotSpecialDamaged
//E8 ? ? ? ? 85 C0 74 ? 5F B8 01 00 00 00 5E C3 [below] [test eax,eax] [CField::IsUserSpecialNotDamaged]
[enable]
01B6A48F:
nop
nop

[disable]
01B6A48F:
test eax,eax

 

Auto HP/MP

Spoiler


//Breakpoint CWvsContext__OnKey Address if you want more. Define the key and value in EAX
define(CTRL,001D0000)
define(SHIFT,002A0000)
define(INSERT,01520000)
define(DEL,01530000)
define(HOME,01470000)
define(END,014F0000)
define(PAGEUP,01490000)
define(PAGEDOWN,01510000)
define(ALT,00380000)


define(CWvsContext__OnKey,01E2D7B0) //A1 ?? ?? ?? ?? 85 C0 74 ?? 8D 48 ?? 8B 01 8B 00
define(TSingleton_CWndMan___ms_pInstance,029D89A4) //8B ? ? ? ? ? C6 ? ? ? E8 ? ? ? ? 8B ? BA ? ? ? ? C6 [POINTER]


//Change HP and MP Values to your preferred settings
define(HP_VALUE,#10000)
define(MP_VALUE,#10000)

[enable]
alloc(hp_hook,128)
alloc(mp_hook,128)
alloc(key_press,128)
label(hp_return)
label(mp_return)

019DF40C:
jmp hp_hook
nop
hp_return:

hp_hook:
mov [edi+000001B4],esi //Original Opcode
cmp esi,HP_VALUE
jnl hp_return
pushad
mov eax,PAGEUP //Change to HP potion key
call key_press
popad
jmp hp_return


019DF7AC:
jmp mp_hook
nop
mp_return:

mp_hook:
mov [esi+000001B4],ebp //Original Opcode
cmp ebp,MP_VALUE
jnl mp_return
pushad
mov eax,PAGEDOWN //Change to MP potion key
call key_press
popad
jmp mp_return

key_press:
mov esi,[TSingleton_CWndMan___ms_pInstance] // 8B 15 ? ? ? ? 85 D2 74 23
mov ecx,[esi+A8]
push eax
push 00
call CWvsContext__OnKey
ret

[disable]
019DF40C: // 89 B7 ? ? 00 00 8B 95 ? ? 00 00 52
mov [edi+000001B4],esi

019DF7AC:
mov [esi+000001B4],ebp //89 AE ? ? 00 00 E8 ? ? ? ? 8B ? ? ? C7

 

StatHook

Spoiler

//v178.4 Credits to FameGuy
[Enable]
Alloc(Hook, 124)
Alloc(HP, 4)
Alloc(MP, 4)
Label(Return)
RegisterSymbol(HP)
RegisterSymbol(MP)

000B26CA0: //CField::Update
jmp Hook
db 90 90
Return:

Hook:
////// HP /////
mov eax,[029D415C] // CWvsContext
mov eax,[eax+223C] // ZRef<CharacterData>
push esi
mov esi,[eax+58] // _ZtlSecureTear_nHP[1]
rol esi,05
xor esi,[eax+54] // _ZtlSecureTear_nHP[0]
mov [HP], esi
////// MP /////
mov esi,[eax+70] // _ZtlSecureTear_nMP[1]
rol esi, 05
xor esi,[eax+6C] // _ZtlSecureTear_nMP[0]
mov [MP], esi
pop esi
push -01
push 020E6420
jmp Return

[Disable]
DeAlloc(Hook)
DeAlloc(HP)
DeAlloc(MP)
UnRegisterSymbol(HP)
UnRegisterSymbol(MP)

000B26CA0:
push -01
push 020E6420

 

Jr Boogie Unlimited MP

Spoiler

//Needs Jr Boogie to be spawned to restore MP at set value
//Useful for skills that ND skills that use mana but tradeoff is you don't have spider familiar on.
define(MP_VALUE,#500)
[enable]
alloc(hook,128)
alloc(mpvalue_hook,128)
label(mp_return)
label(do_not_restore)
label(return)
label(restore)

registersymbol(restore_mp)
alloc(restore_mp,4)
restore_mp:
dd 0

019DF7AC:
jmp mpvalue_hook
nop
mp_return:

mpvalue_hook:
mov [esi+000001B4],ebp //Original Opcode
cmp ebp,MP_VALUE
jnl do_not_restore
inc [restore_mp]
jmp mp_return

do_not_restore:
mov [restore_mp],00
jmp mp_return

00BAABB6:
jmp hook
nop
return:

hook:
cmp dword ptr [restore_mp] #1
jae restore
cmp [esi+00000108],eax
jmp return

restore:
mov [restore_mp],00
mov [esi+00000108],eax
jmp return


[disable]
dealloc(hook)
dealloc(mp_hook)

019DF7AC:
mov [esi+000001B4],ebp

00BAABB6:
cmp [esi+00000108],eax

 

Auto Attack

Spoiler

//Auto Attack v178.4
//Ripped functions from Francesco/AIRRIDE Kami
[enable]
define(KEY_NORMAL,0)
define(KEY_EXTENDED,1)
define(VK_CONTROL,11)
define(_HoldAttack,0)
define(_AttackKey,VK_CONTROL)
define(_AttackKeyType,KEY_EXTENDED)

alloc(AutoAttack,512)
alloc(PressKey,128)
alloc(HoldAttack,1)
label(Exit)

HoldAttack:
db _HoldAttack

define(KEY_PRESS,0)
define(KEY_UP,1)
define(MAPVK_VK_TO_VSC,0)

PressKey:
push ebx
push edx
push esi
push ecx
mov edx, [esp+10+4]
mov esi, [esp+10+8]
mov ebx, [esp+10+C]
mov ecx, edx
push MAPVK_VK_TO_VSC
push ecx
call MapVirtualKeyA
shl eax,#16
shl esi,#24
shl ebx,#31
or eax, esi
or eax, ebx
mov ecx,eax
push ecx
push edx
call 01E2D7B0 //A1 ?? ?? ?? ?? 85 C0 74 ?? 8D 48 ?? 8B 01 8B 00
pop ecx
pop esi
pop edx
pop ebx
ret 000C

AutoAttack:
cmp dword ptr [esp], 01C1B17A //8B C8 B8 ?? ?? ?? ?? F7 E9 C1 FA ?? 8B C2 C1 E8 ?? 03 C2 83 F8 ?? 74 ?? 81 F9 ?? ?? ?? ?? 75 ?? 80 BE ?? ?? ?? ?? ?? 74 ?? 8B 56 ?? 8B 42 ?? 8D 4E ?? FF D0
pushad
jne Exit
test eax,eax
je Exit
test eax,eax
push KEY_PRESS
push _AttackKeyType
push _AttackKey
call PressKey
cmp byte ptr [HoldAttack], 0
je Exit
push KEY_UP
push _AttackKeyType
push _AttackKey
call PressKey
jmp Exit

Exit:
popad
jmp 01C37D40

02677708:
dd AutoAttack

[disable]
02677708: // 4 Byte Scan
dd 01C37D40 //6A ?? 68 ?? ?? ?? ?? 64 A1 ?? ?? ?? ?? 50 83 EC ?? 56 A1 ?? ?? ?? ?? 33 C4 50 8D 44 24 ?? 64 A3 ?? ?? ?? ?? 8B 0D ?? ?? ?? ?? 85 C9 74 ?? 8D 44 24 ?? 50 E8 ?? ?? ?? ?? 8B 44 24 ??

dealloc(AutoAttack)
dealloc(PressKey)
dealloc(HoldAttack)

 

No Breath

Spoiler

[ENABLE]
00957B46:
db 78

[DISABLE]
00957B46: //79 ? 89 9E ? ? ? ? E8 ? ? FE FF 83
db 79

 

Tubi 

Spoiler

//v178.4
[ENABLE]
alloc(CWvsContext__SetExclRequestSent_Hook,128)
label(Normal)
label(Return)

CWvsContext__SetExclRequestSent_Hook:
push 00
call Normal
ret 0004

Normal:
mov eax,[esp+04]
push esi
jmp Return

01E7A190: // CWvsContext::SetExclRequestSent
jmp CWvsContext__SetExclRequestSent_Hook
Return:

008AE399: // Remove pick-up animation
db 81 FE 00 00 00 00

00B5ACB4: // Remove drop animation
db DC 25

[DISABLE]
01E7A190: // 8D 8E ? ? 00 00 E8 ? ? ? ? E8 ? ? ? ? 50 [Start]
mov eax,[esp+04]
push esi

008AE399: // 81 ? ? ? 00 00 0F 8D ? ? 00 00 85 ? 0F 84 [First Result]
db 81 FE BC 02 00 00

00B5ACB4: // DC 0D ? ? ? ? 83 C4 ? E9 ? ? ? ? DD 05
db DC 0D

dealloc(CWvsContext__SetExclRequestSent_Hook)

 

Auto Turn

Spoiler

//V178.4
[ENABLE]
alloc(Turner,130)
label(decval)
label(incval)
label(esn)
label(TurnerRet)

Turner:
pushad
mov eax,[029D3FD0] // CUserLocal: 8B 3D ? ? ? ? 8B 40
mov eax,[eax+0000A328] // Character Vector Control Offset: 8B 86 ? ? 00 00 6A D8
lea ebx,[eax+00000180] // Character Animation Offset: 8B 96 ? ? 00 00 8B 8E ? ? 00 00 8B 01 8B ? ? 56 [Substract 0x10]
mov ecx,[ebx]
cmp ecx,0a
je incval
cmp ecx,08
je incval
cmp ecx,06
je incval
cmp ecx,04
je incval
cmp ecx,02
je incval
cmp ecx,0b
je decval
cmp ecx,09
je decval
cmp ecx,07
je decval
cmp ecx,05
je decval
cmp ecx,03
je decval
esn:
popad
push esi // Original opcodes
mov esi,[esp+08] // Original opcodes
jmp TurnerRet

decval:
dec [ebx]
jmp esn
incval:
inc [ebx]
jmp esn

00B4D336: // CAntiRepeat::TryRepeat
jmp Turner
TurnerRet:

[DISABLE]
00B4D336: // 56 8B 74 24 ? 2B C6 83 F8 FA 7E ? 83 F8 06 7D ? 8B 41
db 56 8B 74 24 08

 

Logo Skip

Spoiler


[enable]
00F6D9B9: //74 ? 2B F8 81 FF DC 05 00 00 0F 86 ?? ?? 00 00 5F 88 5E ?? C6 46 ?? 00 5E 5B C3
db EB

[disable]
00F6D9B9:
db 74

 

Auto Aggro

Spoiler

/*
  Auto Aggro
  GMSv178.4
  Creator Sprux
*/

[enable]
alloc(Aggro,128)
label(return)

Aggro:
mov eax,[029D3FD0] // CUserLocal: 8B 3D ? ? ? ? 8B 40
lea eax,[eax+04]
mov [ecx+438+08],eax // Aggro Offset: 83 ? ? ? ? ? ? 0F 85 ? ? ? ? 8B ? ? 8B ? ? 8D ? ? FF D0 [Offset+0x08]

push ebp
mov ebp,esp
and esp,-40
jmp return

01E008B0: // CVecCtrlMob::WorkUpdateActive
jmp Aggro
nop
return:

[disable]
01E008B0: // 55 8B EC 83 E4 ? 6A ? 68 ? ? ? ? 64 A1 ? ? ? ? 50 83 EC ? 53 56 57 A1 ? ? ? ? 33 C4 50 8D 44 24 ? 64 A3 ? ? ? ? 8B F1 8B 4D ? 8B 06
push ebp
mov ebp,esp
and esp,-40

dealloc(Aggro)

 

Mob Disarm

Spoiler

//v178.4
[enable]
0105A310: //75 ? 8B CE E8 ? ? ? ? 8B CE E8 ? ? ? ? 8B CE E8 ? ? ? ? 8B CE E8
jmp 0105A8EA //8B 86 ? ? ? ? 85 C0 0F 84 ? ? ? ? 2B 45 ? 0F 89 ? ? ? ? ? ? ? ? ? ? ? 8D
db 90 90 90 90

[disable]
0105A310:
db 75 15 8B CE
call 01048F70

 

Mob Confusion

Spoiler

/*
Credits to ClanTag
GMSv178.4
*/

[enable]
01DFED49: //Mob Confuse
db 0F 8B


[disable]
01DFED49: //0F 8A ?? ?? ?? ?? D9 ? DC ?? ?? ?? DF ? DD ? ?? ?? ?? ?? F6 C4 05 7A [first]
db 0F 8A

 

Gollux Disarm (1 HITKO)

Spoiler

//v178.4
//Creator OuterHaven
define(GolluxDisarm,00D6B441)//74 ? 8D 54 24 ? 52 E8 ? ? ? ? 8D 4C 24 ? C6 ? ? ? 01 E8 ? ? ? ? 8B 44 24 ? C6 ? ? ? 00 3B
[enable]
GolluxDisarm: //Mobs dont trigger counter for 1HIT KO
db EB

[disable]
GolluxDisarm: //74 ? 8D 54 24 ? 52 E8 ? ? ? ? 8D 4C 24 ? C6 ? ? ? 01 E8 ? ? ? ? 8B 44 24 ? C6 ? ? ? 00 3B
db 74

 

Mob Speed up

Spoiler

/*
  MobSpeedup
  Creator AIRRIDE
  GMSv178.4
*/

define(SpeedUp,010BDCEB) //83 7C 24 ?? 00 89 87 ?? ?? ?? ?? 75 ?? 33 DB

[enable]
Alloc(MobSpeedUp, 128)
Label(Return)

MobSpeedUp:
mov dword ptr [esp+50],00
cmp dword ptr [esp+50],00
jmp Return

SpeedUp:
jmp MobSpeedUp
Return:

[Disable]
SpeedUp:
cmp dword ptr [esp+50],00

DeAlloc(MobSpeedUp)

 

Mach GND

Spoiler

//Credits to Mach of CCPLZ
//GMSv178.4

define(MachGND,01C8F4EB) //75 ? 83 BD ? ? FF FF 00 75 ? 8B

[enable]
MachGND://Mach GND (Melee/Basic attacks)
db EB

[disable]
MachGND:
db 75

 

Unlimited Attack

Spoiler

//v178.4
[enable]
00B4D340:
DB EB

[disable]
00B4D340: //7E ? 83 ? ? 7D ? 8B ? ? 2B ? 3D
db 7E

 

Hide Name Tags

Spoiler

//Hides nametags on your cilent only.
//For SS and Videos
//v178.4
[enable]
01BB5BC0: //CUser:DrawNameTags
ret

[disable]
01BB5BC0:
db 6A FF 68

//C7 44 24 ? FF FF FF FF 85 C0 74 ? 83 B8 [FUNCTION START]
//FF D2 85 C0 0F 85 ? ? 00 0 8B 3D ? ?  ? ? 85 FF [FUNCTION START]

 

Ignore Cooldowns

Spoiler

/*
Credits OuterHaven
No Skill Cooldowns
(Only works for certain skills like Blazing Extinction,Evan Fusion Skills,etc)
v178.4
*/

define(IgnoreSkillCooldowns,01C37390)  //83 FE 01 7c ? 57 8b 3D ? ? ? ? 85 FF 74 49 [je below]

[enable]
IgnoreSkillCooldowns: //Ignore Skill Cooldown (Some Skills)
db 75

[disable]
IgnoreSkillCooldowns:
db 74

 

Perfect Stance

Spoiler

/*
  Perfect Stance
  Created by AIRRIDE
  v178.4
*/

[enable]
01CCB294: //85 F6 75 ? 39 ? 24 ? ? ? ? 74
xor esi,esi
nop
nop

01CCB29F: //address of JE below
db EB

[disable]
01CCB294:
db 85 F6 75 09

01CCB29F:
db 74

 

Clear Field UI

Spoiler

/*
Credits to DAVHEED for function
Uses end of the function CStage::FadeIn
v178.4
*/

[enable]
alloc(ClearFieldUI,128)
label(return)

012BFABC:
jmp ClearFieldUI
return:

ClearFieldUI:
mov ecx,[029D415C] //Above or Below the AOB below
call 01EC5930 //E8 ? ? ? ? A1 ? ? ? ? C7 80 ? ? ? ? 00 00 00 00 8B ? ? 8B ? ?
db 59 5F 5E 5D 5B
jmp return


[disable]
dealloc(ClearFieldUI)
//0F 84 ? ? ? ? A1 ? ? ? ? 33 ED 3B [FOLLOW JE, POP ECX ADDRESS BELOW]
012BFABC:
db 59 5F 5E 5D 5B

 

No Fade Stages

Spoiler

//v178.4
[enable]
012BFB02: // CStage::FadeOut
db 0F 85

012BF54E: // CStage::FadeIn
db 0F 85

[disable]
012BFB02: //0F 84 ? ? ? ? 8B 0D ? ? ? ? 3B C8 74 ? 8B
db 0F 84

012BF54E: //0F 84 ? ? ? ? A1 ? ? ? ? 33 ED 3B
db 0F 84

 

No Background

Spoiler

//v178.4
[enable]
00F9D8F7: // 8B ?? ?? 3B ?? 74 ?? 39 ?? 74 ?? 8B ?? 3B ?? 74 ?? 8B ?? ?? D1 ?? 3B ?? 75
db 90 90 90 90 90

[disable]
00F9D8F7:
db 8B 75 BC 3B F7

 

No Mob Reaction

Spoiler

//v178.4
[ENABLE]
0104E560: // No mob reaction, hitmarks or damage
ret 0074


[DISABLE]
0104E560: //74 ? 8B 86 ? ? ? ? 3B ? ? ? 75 ? FF 15 [FUNCTION START]
db 6A FF 68

 

Slide and Attack

Spoiler

//v178.4
[enable]
01E0B0A2:
db 75

[disable]
01E0B0A2: //3D 33 B9 C4 04 0F 84 ? ? 00 00 [second je down]
db 74

 

Pet Loot

Spoiler

/*
Pet Item Teleport
Creator Sprux
Auto Updating
*/
[enable]
label(pet_teleport_restore)
registersymbol(pet_teleport_restore)

alloc(pet_teleport_hook,128)
label(pet_teleport_return)

label(return_normal)

aobscan(pet_teleport_aob,8B 50 04 8B 00 ? ? 8D 4D)
aobscan(vecctrl_set_position_aob,8B ? 24 ? 8B 41 ? 8B 40 ? 56 8D 71 ? 8B 4C 24 10)

alloc(delay,4)
delay:
dw 0

pet_teleport_aob:
pet_teleport_restore:
jmp pet_teleport_hook
pet_teleport_return:

pet_teleport_hook:
inc [delay]
cmp dword ptr [delay], #70
jne return_normal
mov [delay], 0

push esi
mov esi,eax
mov edx,[eax+04]
mov eax,[eax]
pushad

mov edi,[ebp+08]

lea ecx,[edi+04]
mov ebx,[edi+04]
mov ebx,[ebx+20]
call ebx

push [esi+04]
push [esi]
push 00
mov ecx,eax
call vecctrl_set_position_aob

popad
pop esi
jmp pet_teleport_return

return_normal:
mov edx,[eax+04]
mov eax,[eax]
jmp pet_teleport_return

[disable]
pet_teleport_restore:
mov edx,[eax+04]
mov eax,[eax]

unregistersymbol(pet_teleport_restore)
dealloc(pet_teleport_hook)

 

Remove Mob Spawn Animation

Spoiler

define(noSpawnAni,01039425) //0F 8E ?? ?? 00 00 8B D5 33 C9 E8

[enable]
noSpawnAni:  //0F 8E ?? ?? 00 00 8B D5 33 C9 E8
db 90 90 90 90 90 90


[disable]
noSpawnAni:
db 0F 8E 9D 01 00 00

 

Remove Mob Death Animations

Spoiler

//v178.4
define(CMob_OnDie,01046150)//3D 33 BC 86 00 -static MOB ID [FUNCTION START]
[enable]
CMob_OnDie:
ret

[disable]
CMob_OnDie:
db 6A FF

 

Item Filter

Spoiler

//v178.3
[ENABLE]
alloc(ItemFilter,256)
alloc(ItemList,2048)
alloc(Mesos,4)
alloc(Mode,4)
label(Return)
label(End)
label(FilterMesos)
label(RejectOrAccept)
label(AcceptFilter)
label(RejectFilter)
label(Ignore)

Mesos:
dd #10 // Minimum meso

Mode:
dd #0 // 0 = Accept, 1 = reject

ItemList:
//Add filter like below
//dd #itemID
dd 00 // End of list

ItemFilter:
push edx
mov edx,[Mesos]
cmp eax,edx
jle FilterMesos
mov edx,ItemList
jmp RejectOrAccept

FilterMesos:
mov [esi+44],0
jmp End

RejectOrAccept:
cmp byte ptr [Mode],0
je AcceptFilter
cmp byte ptr [Mode],1
je RejectFilter

AcceptFilter:
cmp eax,[edx]
je End
cmp dword ptr [edx],0
je Ignore
add edx,4
jmp AcceptFilter

RejectFilter:
cmp eax,[edx]
je Ignore
cmp dword ptr [edx],0
je End
add edx,4
jmp RejectFilter

Ignore:
cmp eax,#50000 // Added this code otherwise mesos is dropped but not shown in accept mode
jle End
mov eax,0

End:
pop edx
mov ecx,ebx // Original Opcode
mov [esi+48],eax // Original Opcode
jmp Return

00B65CB9:
jmp ItemFilter
Return:

[DISABLE]
00B65CB9: // 8B ? 89 ? ? E8 ? ? ? ? 8B ? 89 ? ? E8 ? ? ? ? 0F ? ? 89 ? ? 8B ? E8 ? ? ? ? 0F [Second Result]
mov ecx,ebx
mov [esi+48],eax

dealloc(ItemFilter)
dealloc(ItemList)
dealloc(Mesos)
dealloc(Mode)

 

Infinite Blaster Bullets

Spoiler

//v178.4
//Created by OuterHaven
//MooplerMasterRace

[enable]
01F257B1: //Infinite Bullets
db 0F 85

[disable]
01F257B1: //0F 84 ? ? 00 00 8D 4C 24 ? E8 ? ? ? ? 84 C0 0F 84 ? ? 00 00 68 ? ? ? ? 8D
db 0f 84

 

Enable Disabled Buttons

Spoiler

//v178.4
//CREDITS ????


define(EnableDisabledButtons,0093D270) //8B 41 ? C3 CC CC CC CC CC CC CC CC CC CC CC CC 8B 41 ? C3 CC CC CC CC CC CC CC CC CC CC CC CC 33 C0 [1st result]
[enable]
EnableDisabledButtons:
db 8B 41 34

[disable]
EnableDisabledButtons:
db 8B 41 30

 

Auto Pet Feed

Spoiler

// Auto Pet Feed GMS v178.3
define(KEY_NORMAL,0)
define(KEY_EXTENDED,1)
define(VK_HOME,24)
define(FeedFullness,#60)
define(FoodKey,VK_HOME)
define(FoodKeyType,KEY_NORMAL)

// ?? ?? ?? ?? 00 00 ?? ?? ?? ?? ?? ?? ?? ?? E8 ?? ?? ?? ?? ?? ?? C8 ?? ?? ?? ?? ?? ?? ?? 00 00 ?? ?? E8 ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? E8
define(PetFullnessAddy,0115ED39)

// 8B 15 ?? ?? ?? ?? 85 D2 74 23
define(TSingleton_CWndMan___ms_pInstance,029D89A4)

// ?? ?? ?? ?? ?? 85 ?? 74 ?? 8D ?? ?? 8B ?? 8B ?? FF ?? C2 08 00 -- Second Result
define(CWndMan__OnKey,01E2D7B0)

[Enable]
alloc(PetFullnessHook,64)
alloc(PressKey,128)
label(DontFeed)
define(KEY_PRESS,0)
define(KEY_UP,1)
define(MAPVK_VK_TO_VSC,0)

PetFullnessAddy:
jmp PetFullnessHook
nop

PetFullnessHook:
mov [esi+000000DC],edx
cmp edx,FeedFullness
jg DontFeed

push KEY_PRESS
push FoodKeyType
push FoodKey // virtual_key
call PressKey

DontFeed:
jmp PetFullnessAddy+6

PressKey:
push ebx
push edx
push esi
push ecx

mov edx, [esp+10+4]
mov esi, [esp+10+8]
mov ebx, [esp+10+C]
mov ecx, edx

push MAPVK_VK_TO_VSC
push ecx
call MapVirtualKeyA
shl eax,#16
shl esi,#24
shl ebx,#31
or eax, esi
or eax, ebx
mov ecx,eax

push ecx
push edx
mov ecx,[TSingleton_CWndMan___ms_pInstance]
call CWndMan__OnKey

pop ecx
pop esi
pop edx
pop ebx
ret 000C

[Disable]
PetFullnessAddy:
mov [esi+000000DC],edx

dealloc(PetFullnessHook)
dealloc(PressKey)

 

Instant Teleport

Spoiler

/*
Instant Teleport to X/Y
Created by AIRRIDE?
Posted by CJ
GMS v178.4
*/

[ENABLE]
alloc(Teleport,128)
CreateThread(Teleport)

Teleport:
mov esi,[029D3FD0] // CUserLocal: 8B 3D ? ? ? ? 8B 40
push #-9999 // Y
push #9999 // X
push [esi+A328] // Character PID: 8B 86 ? ? 00 00 6A D8
call 01DF1410 // E8 ? ? ? ? 8D ? ? ? ? ? ? ? 89 ? ? ? ? ? E8 ? ? ? ? DB [FUNCTION START] (push esi)
ret

[DISABLE]
dealloc(Teleport)

 

Full Map Attack

Spoiler

//Credit to Chubbzz v178.3
[enable]
0105ECFE: // MsInterSectRect
db EB

01F0E821: // Removes Level Up Damage
db EB

[disable]
0105ECFE: // E8 ? ? ? ? 83 C4 ? 85 C0 75 ? 81 BC 24 ? ? ? ? ? ? ? ? 0F 85 ? ? ? ? 83 [jne below]
db 75

01F0E821: //89 9E ? ? ? ? 8B 0D ? ? ? ? 3B CB 74 ? ? ? ? ? ? 53 JE BELOW
//[OR SEARCH push 04C4BAEA] Address is JE abovE
db 74

 

Orbital Flame Full Map Attack

Spoiler

//v178.4
[ENABLE]
alloc(find_hit_mob_in_rect_hook,128)

find_hit_mob_in_rect_hook:
mov eax,[029D8870] // CWvsPhysicalSpace2D: //8B 0D ? ? ? ? E8 ? ? ? ? 8B 08 83
lea eax,[eax+0C] // Left Wall Offset
mov [esp+04],eax
jmp 0105E870 // Original call (CMobPool::FindHitMobInRect)

00D8CB7B: // Function:CForceAtom_NonTargetAttack::UpdateAttackCollision
call find_hit_mob_in_rect_hook

[DISABLE]
dealloc(find_hit_mob_in_rect_hook)
00D8CB7B: // E8 ? ? ? ? 8B ? 89 ? ? ? 85 ? 0F 8E [First Result]
call 0105E870

 

Orbital Flame Attack Count Increase

Spoiler


[ENABLE]
alloc(IncreaseOrbitalFlameAttackCount,128)
label(return)

IncreaseOrbitalFlameAttackCount:
mov eax,0F
mov [ebp-000000FC],eax
jmp return

01CE3CEA:
jmp IncreaseOrbitalFlameAttackCount
db 90
return:

[DISABLE]
01CE3CEA: // 89 85 ? ? ? ? 6A 0F 8B 8D ? ? ? ? 51 E8 [Second Result]
mov [ebp-000000FC],eax
push 0F

dealloc(IncreaseOrbitalFlameAttackCount)

 

Unlimited Blazing Extinction Timer

Spoiler

//Unlimited Blazing Extinction Time (Blaze Wizard Skill) GMSv178.4
[enable]
alloc(SkillTimer,128)
label(AppearUnlimited)

00DD6AD0:
jmp SkillTimer
db 90
AppearUnlimited:

SkillTimer:
mov [esi+000000FC],7FFFFFFF
jmp AppearUnlimited

[disable]
00DD6AD0: //89 ? ? ? ? ? 89 ? ? ? ? ? 89 ? ? ? ? ? E8 ? ? ? ? 83 ? ? 85 C0 [FIRST]
mov [esi+000000FC],eax

 

No Delay Blazing Extinction

Spoiler

//v178.4
define(NDBE,00DD8244) // 0F 84 ? ? ? ? D9 EE 8B ? ? ? DC 9E ? ? ? ? 8B
[enable]

NDBE:
db 0F 85

[disable]
NDBE:
db 0F 84

 

Blazing Extinction Full Map

Spoiler

//v178.4
[enable]
alloc(find_hit_mob_in_rect_hook,128)
find_hit_mob_in_rect_hook:

mov eax,[029D8870] //CWvsPhysicalSpace2D  //8B 0D ? ? ? ? E8 ? ? ? ? 8B 08 83
lea eax,[eax+0C] // Left Wall Offset
mov [esp+04],eax
jmp 0105E870 // Original call (CMobPool::FindHitMobInRect)

//Function CUser::TryDoingFlameBallAttack
01CD90CD:
call find_hit_mob_in_rect_hook

//Function //Function CGrendade::Update
00DD81DA: //FlameBallObject X/Y Check, allows continous attack
nop
nop

[disable]
01CD90CD: //E8 ? ? ? ? 89 85 ? ? ? ? 8B ? ? ? ? ? 89 ? ? ? ? ? 83 BD ? ? ? ? 00 75 ? C7 [LAST]
call 0105E870

00DD81DA: //85 C0 0F 8E ? ?  ? ? 8B ? ? 81 C1
test eax,eax

 

Blazing Extinction Effect Removal

Spoiler

//Credits to OuterHaven
//v178.4

[enable]
//CFlameBallAttack::UpdateFlameBallAttack
00D85B80:

[disable]
00D85B80: //E8 ? ? ? ? 3B C3 75 ? 39 5E
db 6A FF 68

 

Psychic Lock Full Map

Spoiler

//v178.4
[enable]
alloc(find_hit_mob_in_rect_hook,128)

find_hit_mob_in_rect_hook:
mov eax,[029D8870] // CWvsPhysicalSpace2D: //8B 0D ? ? ? ? E8 ? ? ? ? 8B 08 83
lea eax,[eax+0C] // Left Wall Offset
mov [esp+04],eax
jmp 0105E870 // Original call (CMobPool::FindHitMobInRect)

01D13F21:
call find_hit_mob_in_rect_hook

[disable]
dealloc(find_hit_mob_in_rect_hook)

01D13F21: // E8 ? ? ? ? 89 44 24 ? 8B ? ? ? 8B ? ? 8B 0D ? ? ? ?
call 0105E870

 

Instant Final Smash

Spoiler

/*
Instant Final Psychic Smash
MooplerMasterRace
Created by OuterHaven
GMS V178.4
*/

[enable]
//Changes the attack loop by swapping the regular Psychic Grab attack with the strongest part of the skill Final Psychic Smash attack (5th hit)
01B8B727:
db 75

//CKinesis_PsychicLock::DecUsableCount
//No loopback to regular attack after the 5th attack, also denies reset of the skill loop allowing you to constantly attack.
00EBDAB0: // Infinite Psychic Smash Usage.
ret

01D265E6: //No Grab
db 74

[disable]
01B8B727: //74 ?? 8D A4 24 ?? ?? ?? ?? 8B 46 ?? 50 8D 4C 24 ?? 51
db 74

00EBDAB0: //8B 81 ?? ?? ?? ?? 48 33 D2 85 C0 0F 9E C2
mov eax,[ecx+00000090]
dec eax

01D265E6: //75 ? 80 ? ? ? 00 8B ? ? ? 8D ? ? ? 8D ? ? ? 74 ?
db 75

 

Dragon Dive Full Map Attack

Spoiler

/*
Credits to Sprux for FindHitInMobRect FMA Method
GMSv178.4
Use with No Skill Cooldowns to Spam
*/

[enable]
alloc(find_hit_mob_in_rect_hook,128)

find_hit_mob_in_rect_hook:
mov eax,[029D8870]// CWvsPhysicalSpace2D: //8B 0D ? ? ? ? E8 ? ? ? ? 8B 08 83 ? ? 89 8E
lea eax,[eax+0C] // Left Wall Offset
mov [esp+04],eax
jmp 0105E870 // Original call (CMobPool::FindHitMobInRect)

00B54DAC: //CDragon::TryDoingMagicAttack
call find_hit_mob_in_rect_hook

[disable]
dealloc(find_hit_mob_in_rect_hook)

00B54DAC: //E8 ? ? ? ? 8B 3D ? ? ? ? 8B F0 8B ? ? ? 8B ? ? 51
call 0105E870

 

Air Hit Mob Vac

Spoiler

//CMob::GenerateMovePath
//Credits to Kevintjuh93
//v178.3
[ENABLE]
alloc(hook,128)
label(return)

hook:
push eax
mov [esp+C+04],#9//nAction
mov [esp+C+14],#16//nMoveType (You can use #23 also)
mov [esp+C+38],#1//bAirHit

//Vac to Char X
mov eax,[029D3FD0] //CUserLocal: 8B 3D ? ? ? ? 8B 40
mov eax,[eax+13A94] //Character X Location Offset: 89 8E ? ? ? ? 8B 50 ? 8B 06 89 96 ? ? ? ? 8B 50
add eax,#0 //Adjust X
mov [esp+C+18],eax //nMoveEndingX

//Vac to Char Y
mov edi,[029D3FD0] //CUserLocal: 8B 3D ? ? ? ? 8B 40
mov edi,[eax+13A94+4] //Character X Location Offset+4: 89 8E ? ? ? ? 8B 50 ? 8B 06 89 96 ? ? ? ? 8B 50
add edi,#0 //Adjust Y
mov [esp+C+1C],edi //nMoveEndingY

pop eax
jmp return

01051B97:
jmp hook
db 90
return:

[DISABLE]
dealloc(hook)
01051B97: //83 C4 08 83 F8 03 0F 94 C1 33 [FUNCTION START]
mov eax,fs:[00000000]

 

Vellum Freeze

Spoiler

/*
Disarms mobs/bosses
Freezes some mobs
Freezes vellum
v178.4
*/

[enable]
alloc(CMob__GenerateMovePath_Hook,128)
label(ret)

CMob__GenerateMovePath_Hook:

push eax
mov [esp+C+04],9 // nAction
pop eax
jmp ret

01051B97: // CMob::GenerateMovePath
jmp CMob__GenerateMovePath_Hook
db 90
ret:

[disable]
01051B97: // 6A FF 68 ? ? ? ? 64 A1 00 00 00 00 50 81 EC ? ? 00 00 A1 ? ? ? ? 33 C4 89 84 24 ? ? 00 00 53 55 56 57 A1 ? ? ? ? 33 C4 50 8D 84 24 ? ? 00 00 64 A3 00 00 00 00 8B 84 24 ? ? 00 00 8B D9
db 64 A1 00 00 00 00

dealloc(CMob__GenerateMovePath_Hook)

 

Kanna 4th Job Monkey Spirit No Delay

Spoiler

[enable]
//Created by DBLmao
//v178.4
alloc(Hook,100)
label(Return)
label(Original)

Hook:
push eax
mov eax,[029D8864] //8B 0D ? ? ? ? 50 E8 ? ? ? ? 3B ? 0F 84 ? ? 00 00 8B ? E8
cmp [eax+10],01
pop eax
jle Original
mov [esi+0001433C],#42120003
mov [esi+0001433C+4],#55

Original:
cmp dword ptr [esi+0001433C],00
jmp Return

01D1AFBB: //83 BE ? ? ? ? 00 0F 84 ? ? 00 00 2B 86 ? ? ? ? 0F 88 ? ? 00 00 8B
jmp Hook
db 90 90
Return:

01D10786: //0F 8C ? ? FF FF 8D 8E ? ? ? ? E8 [LAST]
db 90 90 90 90 90 90

[disable]
01D1AFBB:
cmp dword ptr [esi+0001433C],00

01D10786:
db 0F 8C F7 FE FF FF

dealloc(Hook)

 

Rush Teleport

Spoiler

//Credit Fameguy
//v178.4
[enable]
alloc(Hook,100)
label(Return)
label(Original)

Hook:
cmp [esp],01BB95B3 // below second call 3rd result 8B ?? ?? ?? 8B ?? ?? ?? 52 51 8B ?? C7 ?? ?? ?? ?? ?? ?? ?? ??
jne Original
mov [esp+4],#1235 // X
mov [esp+8],#185 // Y

Original:
mov edx,[esp+04]
push esi
jmp Return

0085BA80: // //second call below 3rd result 8B ?? ?? ?? 8B ?? ?? ?? 52 51 8B ?? C7 ?? ?? ?? ?? ?? ?? ?? ?? CVecCtrl::SetMoveNext
jmp Hook
Return:

[disable]
0085BA80:
mov edx,[esp+04]
push esi

dealloc(Hook)

 

Reactor Morph

Spoiler
Spoiler


// Reactor Morph GMS 178.3
// Credits YeeShin
// It will Morph every reactor into a green plant and force it to break when you hit it

[Enable]
alloc(Reactor_Morph,123)
alloc(Reactor_Force_V2,123)
label(Reactor_Morph_Return)
label(rett)


Reactor_Morph:
//mov eax, #0002000
mov eax, #1012000 // Green Plant Reactor ID

mov [esi+04],eax
mov ecx,edi
jmp Reactor_Morph_Return

011C0A5F: // 89 46 ?? 8B CF C7 46 ?? ?? ?? ?? ?? E8 ?? ?? ?? ?? 0F B6 C0
jmp Reactor_Morph
Reactor_Morph_Return:

Reactor_Force_V2:
add [esp],2
mov [esi+28],eax
lea ecx,[esp+6C]
jmp rett

011BAC3B: // 89 ? ? 8d 4c ? ? c7 ? ? FE FF FF FF
jmp Reactor_Force_V2
db 90 90
rett:

[disable]
dealloc(Reactor_Morph,123)
dealloc(Reactor_Force_V2,123)

011BAC3B:
mov [esi+28],eax
lea ecx,[esp+6C]

011C0A5F:
mov [esi+04],eax
mov ecx,edi

 

 

Delayed Gateway Selection

Spoiler

//Created by DBLmao
[enable]
define(Gateway,#2000)//2000 = NA, 2001 = EU
define(Delay,#5000)//delay in milliseconds
alloc(Hook,200)
alloc(ReturnAddr,4)
alloc(DelayTimer,4)
label(Return)
label(ReturnHook)
label(Reset)
label(ReturnEx)

DelayTimer:
dd 0

Hook:
mov eax,[esp]
mov [ReturnAddr],eax
mov [esp],ReturnHook
push -1
push 0212CB06
jmp Return

ReturnHook:
cmp [DelayTimer],0
je Reset
call timeGetTime
cmp eax,[DelayTimer]
jl ReturnEx
mov ecx,edi
mov edx,[ecx]
mov edx,[edx+1C]
push 1
push #100//action
push Gateway
call edx
mov [DelayTimer],0
jmp ReturnEx

Reset:
call timeGetTime
mov [DelayTimer],eax
add [DelayTimer],Delay

ReturnEx:
jmp dword ptr [ReturnAddr]

00DAC3F0://CGateWay::Update
jmp Hook
db 90 90
Return:

[disable]
00DAC3F0://[start] 83 ? FF 85 C0 75 ? 8B 0D ? ? ? ? ? 8D ? ? ? ? E8 ? ? ? ? 6A 01
push -1
push 0212CB06

dealloc(Hook)
dealloc(ReturnAddr)
dealloc(DelayTimer)

 

Gateway Selection

Spoiler

//Created by DBLmao
[enable]
define(Gateway,#2000)//2000 = NA, 2001 = EU
alloc(Hook,100)
alloc(ReturnAddr,4)
label(Return)
label(ReturnHook)

Hook:
mov eax,[esp]
mov [ReturnAddr],eax
mov [esp],ReturnHook
push -1
push 0212CB06
jmp Return

ReturnHook:
mov ecx,edi
mov edx,[ecx]
mov edx,[edx+1C]
push 1
push #100//action
push Gateway
call edx
jmp dword ptr [ReturnAddr]

00DAC3F0://CGateWay::Update
jmp Hook
db 90 90
Return:

[disable]
00DAC3F0://[start] 83 ? FF 85 C0 75 ? 8B 0D ? ? ? ? ? 8D ? ? ? ? E8 ? ? ? ? 6A 01
push -1
push 0212CB06

dealloc(Hook)
dealloc(ReturnAddr)

 

Pet Auto Feed (Packet)

Spoiler

//Credits to DAVHEED 

[enable]
01C702C5:
nop //don't push the extra shit (pet index)
mov ecx,[029D415C] //CWvsContext, original
call 01E84900 //first: 6a ff 68 ? ? ? ? 64 a1 00 00 00 00 50 83 ec 18 53 56 57 a1 ? ? ? ? 33 c4 50 8d 44 ? ? 64 a3 00 00 00 00 8b f9 6a 00

//patch out clientsided checks for pet feed skill
//or: 2B ? ? ? ? ? 3D ? ? ? ? 0F 82

01C7021F:
db 90 90 90 90 90 90

//below under test dx,ax
01C702AD:
db 90 90

[disable]
01C702C5: //51 8B 0D ? ? ? ? E8 ? ? ? ? 8B ? ? ? 64 89 0D 00 00 00 00 59 5F 5E 5D 5B 8B
push ecx
mov ecx,[029D415C]
call 01A2E050

01C7021F:
db 0F 82 fC 01 00 00 00

01C702AD:
db 74 0c

 

Auto Offline

Spoiler

/*
Sends Offline Request upon entering game
Ending of CwvsContext:: onEnterGame
Credits to DAVHEED
*/

define(onEnterGame,01EACEDF) //8B CE E8 ? ? ? ? 8B CE E8 ? ? ? ? E8 ? ? ? ? BF 01 00 00 00 LOOK FOR ENDING
define(sendOfflineRequest,01EF0530) //6A FF 68 ? ? ? ?  64 A1 00 00 00 00 50 83 EC 14 A1 ? ? ? ? 33 C4 50 8D ? ? ? 64 A3 00 00 00 00 83 B9 ? ? ? ? 01 74 ? 68 [OR LOG THE PACKET TO GET FUNCTION]

[enable]
alloc(hook,64)
label(return)

onEnterGame:
jmp hook
return:

hook:
call sendOfflineRequest // CWvsContext::SendOfflineRequest
db 59 5F 5E 5D 5B
jmp return


[disable]
dealloc(hook)

onEnterGame:
db 59 5F 5E 5D 5B

 

Semi Item Vac

Spoiler

[enable]
alloc(hook,128)
label(return)

009AC194:
jmp hook
return:

hook:
mov ecx,[029D3FD0] //CUserLocal: 8B 3D ? ? ? ? 8B 40
mov edi,[ecx+13A94] //Character X Location Offset //89 8E ? ? ? ? 8B 50 ? 8B 06 89 96 ? ? ? ? 8B 50
mov eax,[ecx+13A94+4] //Character X Location Offset +4 //89 8E ? ? ? ? 8B 50 ? 8B 06 89 96 ? ? ? ? 8B 50
jmp return

[disable]
009AC194: //E8 ? ? ? ? 8B C8 8B 44 24 ? 89 38 5F 89 48 ? 5E C2 04 00 CC CC CC CC CC CC CC 56 [Second]
call 0088F930

 

No Blue Boxes

Spoiler

//No Blue Boxes credits to hi2you/Cam1596
//v178.4
[enable]
01DA6D70: //6A ?? 68 ?? ?? ?? ?? 64 A1 ?? ?? ?? ?? 50 83 EC ?? 53 55 56 57 A1 ?? ?? ?? ?? 33 C4 50 8D 44 24 ?? 64 A3 ?? ?? ?? ?? 83 7C 24 ?? ?? C7 44 24 ?? ?? ?? ?? ?? 75 ?? A1 ?? ?? ?? ?? 83 B8 ?? ?? ?? ?? ?? 75 ?? 80 B8 ?? ?? ?? ?? ?? 75 ?? 80 B8 ?? ?? ?? ?? ?? 75 ?? 83 B8 ?? ?? ?? ?? ?? 75 ?? 8B 44 24 ?? C7 44 24 ?? ?? ?? ?? ?? 85 C0
//CUtilDlg::Notice
ret
nop

[disable]
01DA6D70:
db 6A FF

 

Familiar Disarm

Spoiler

//Familiar Disarm credits to kevintjuh93
//v178.3
[enable]
00BAA0F0: //85 ?? 75 ?? F7 ?? F7 ?? 89 54 ?? ?? 89 7C [function start]
//Familiar_TryDoingAttack
db C3 90 90

[disable]
00BAA0F0:
sub esp,68

 

Hyper Rock CRC

Spoiler

//Hyper Rock CRC gMS v178.4
//Credits to Yeeshin
//Enable the script and add Map_ID as an address and change the value to the Map ID you want to teleport to
//Then Open World Map and teleport to anywhere you want.
[Enable]
alloc(Hyper_Rock_CRC_BYPASS,123)
label(HyperRock_Return)
alloc(Map_ID,4)
registersymbol(Map_ID)

Map_ID:
dd #310040000 //Change ID here

Hyper_Rock_CRC_BYPASS:
mov ebx,[esp+40]
mov edx,[Map_ID]
mov [ebx+8C44],edx
jmp HyperRock_Return

01ECDA4F:
jmp Hyper_Rock_CRC_BYPASS
nop
nop
nop
nop
nop
HyperRock_Return:

[disable]
dealloc(Hyper_Rock_CRC_BYPASS,123)
dealloc(Map_ID,4)
unregistersymbol(Map_ID)

01ECDA4F: //8B ? ? ? 8B ? ? ? ? ? 52 8D ? ? ? E8 ? ? ? ? 8B 0D ? ? ? ? E8 ? ? ? ? 8B 0D ? ? ? ? 8B ? ? ? ? ? 8B ? ? ? ? ? 8B
mov ebx,[esp+40]
mov edx,[ebx+8C44]

 

Ingame Rusher

Spoiler

/*
Credits to FameGuy

Instructions:
1.Open up your world map (W for deafult i believe)
2.Click on a location (Make sure you are in that region)
3.Press "Enable Navigation" (Top Left Corner)
*/

[Enable]
Alloc(InGameRush, 128)
Alloc(TeleportToPortal, 128)

Label(Return)
Label(End)

01B88ED3://89 86 ?? ?? ?? ?? 81 BE ?? ?? ?? ?? ?? ?? ?? ?? 75 ?? 83 BE
jmp InGameRush
db 90
Return:

InGameRush:
push eax
call TeleportToPortal
mov [esi+11C38],eax
jmp Return

TeleportToPortal:
push ebp
mov ebp, esp
push esi
mov esi,[ebp+08]
test esi, esi
js End
mov ecx, [029DA894] // PortalBase 8B 3D ?? ?? ?? ?? 8B 47 ?? 85 C0
mov eax, 011737B0 //CPortalList::GetPortal() E8 ?? ?? ?? ?? 5F 85 C0 75 ?? 8B 44 24 ?? 33 C9 33 D2
push esi
xor edx, edx
call eax
test eax, eax
je End
push [eax+4]
mov ecx, [029D3FD0] // CUserLocal A1 ?? ?? ?? ?? 85 C0 75 ?? 5F C3 8D 48
mov eax, 00C3F9C0 //CUserLocal::MoveToPortal() 3rd result follow call E8 ?? ?? ?? ?? E9 ?? ?? ?? ?? 8D 4D ?? 51 8D 55 ?? 68 ?? ?? ?? ?? 52
xor edx, edx
call eax
mov ecx, [029D3FD0] // CUserLocal
mov [ecx+13B74], 1 // AutoPortal 

End:
mov eax, esi
pop esi
pop ebp
ret 0004

01E09E4B: // 6A ?? E8 ?? ?? ?? ?? 8B ?? E8 ?? ?? ?? ?? C7 ?? ?? ?? ?? ?? ?? 8D ?? ??
db 90 90 90
db 90 90 90
db 90 90 90 90
db 90 90 90 90

01E09A14: //  1st result 75 ?? E8 ?? ?? ?? ?? 85 ?? 74 ?? 6A ?? 68 ?? ?? ?? ??
db 90 90

[Disable]
DeAlloc(InGameRush)
DeAlloc(TeleportToPortal)

01B88ED3:
mov [esi+11C38],eax

01E09E4B:
push 00
call 0081E360
mov ecx,eax
call 01C1B3C0

01E09A14:
db 75 2C

 

Auto Offline

Spoiler

/*
Sends Offline Request upon entering game
Ending of CwvsContext:: onEnterGame
Credits to DAVHEED
*/

define(onEnterGame,01EACEDF) //8B CE E8 ? ? ? ? 8B CE E8 ? ? ? ? E8 ? ? ? ? BF 01 00 00 00 LOOK FOR ENDING
define(sendOfflineRequest,01EF0530) //6A FF 68 ? ? ? ?  64 A1 00 00 00 00 50 83 EC 14 A1 ? ? ? ? 33 C4 50 8D ? ? ? 64 A3 00 00 00 00 83 B9 ? ? ? ? 01 74 ? 68 [OR LOG THE PACKET TO GET FUNCTION]

[enable]
alloc(hook,64)
label(return)

onEnterGame:
jmp hook
return:

hook:
call sendOfflineRequest // CWvsContext::SendOfflineRequest
db 59 5F 5E 5D 5B
jmp return


[disable]
dealloc(hook)

onEnterGame:
db 59 5F 5E 5D 5B

 

Remove Screen Clutter

Spoiler

/*
  Remove Screen Clutter
  Created by Razz
  GMS v178.4
  Moopler Masterrace
*/
//CAnimationDisplayer::Effect_HP
define(NoDamageShown,009A4310) //55 8d 6c ? ? 83 ec ? 6a ff 68 ? ? ? ? 64 a1 00 00 00 00 50 81 ec ? 00 00 00 a1 ? ? ? ? 33 c5 89 45 ? 53 56 57 50 8d 45 ? 64 a3 00 00 00 00 89 4d ? 33 ff
//CMob::ShowCombo
define(NoComboShown,01C86706) //6A FF 68 ? ? ? ? 64  A1 00 00 00 00 50 81 EC ? ? ? ? 53 55 56 57 A1 ? ? ? ? 33 C4 50 8D 84 ? ? ? ? ? 64 A3 00 00 00 00 89 4C 24 ? 33 DB 39 99 ? ? ? ?
//`anonymous namespace'::_DisplayMultiKill
define(NoMultiKill,01F044B0) //8B 0D ? ? ? ? 83 C4 14 53 6A 02 [FUNCTION START]
[enable]
NoDamageShown:
retn 0038

NoComboShown:
ret

NoMultiKill:
ret

[disable]
NoDamageShown:
db 55 8D 6C

NoComboShown:
db 6A FF

NoMultiKill:
db 6A FF

 

Resolution Changer

Spoiler

[enable]
alloc(ResolutionChanger, 128)
label(AlreadyChanged)
alloc(height, 4)
alloc(width, 4)
registersymbol(height)
registersymbol(width)

alloc(IntersectRectAddy, 4)
alloc(ResolutionChangerAddy, 4)

IntersectRectAddy:
dd USER32.IntersectRect

ResolutionChangerAddy:
dd ResolutionChanger

width:
dd #1800

height:
dd #700

ResolutionChanger:
pushad
mov edi,[029D415C]//follow first call from aob below
mov eax, [edi+7E90] //follow first call from aob below
cmp eax, [width]
je AlreadyChanged

mov eax, [edi+7E90]
cmp eax, [height]
je AlreadyChanged

mov ecx, [height]
mov edx, [width]
push 00
push ecx
push edx
mov ecx,edi
call 01E6BD50 //53 55 57 8B D9 E8 ? ? ? ? 8B ? ? ? 8B ? ? ? 3B F8 75 ? E8 ? ? ? ?

AlreadyChanged:
popad
jmp dword ptr [IntersectRectAddy]

01E2E9D5:
call dword ptr [ResolutionChangerAddy]

[disable]
dealloc(ResolutionChanger)
dealloc(heigh)
dealloc(width)
dealloc(IntersectRectAddy)
dealloc(ResolutionChangerAddy)
unregistersymbol(height)
unregistersymbol(width)


01E2E9D5: //FF 15 ? ? ? ? 85 C0 0F 84 ? ? 00 00 51 8B ? 89
call dword ptr [029F15C8]

 

The other thread got messy with the influx of questions from the same people.

I will be pretty ruthless to those who fail to acknowledge this rule after being warned once already. 

If you wish to have a question answers please use the "Maplestory Questions" section in the future.

https://www.moopler.net/forum/12-questions/

 

  • Like 3

Share this post


Link to post
1 hour ago, roilevi79366 said:

infinite boggie mp wrong script.

can anyone update it?

Addresses was right but

cmp dword ptr [restore_mp] #1
jne normal

This is too strict of a jump because using something like ND will make it go way above 1.

I rewrote it 

Jr Boogie Unlimited Mana

Spoiler

//Needs Jr Boogie to be spawned to restore MP at set value
//Useful for skills that ND skills that use mana but tradeoff is you don't have spider familiar on.
define(MP_VALUE,#500)
[enable]
alloc(hook,128)
alloc(mpvalue_hook,128)
label(mp_return)
label(do_not_restore)
label(return)
label(restore)

registersymbol(restore_mp)
alloc(restore_mp,4)
restore_mp:
dd 0

019DF7AC:
jmp mpvalue_hook
nop
mp_return:

mpvalue_hook:
mov [esi+000001B4],ebp //Original Opcode
cmp ebp,MP_VALUE
jnl do_not_restore
inc [restore_mp]
jmp mp_return

do_not_restore:
mov [restore_mp],00
jmp mp_return

00BAABB6:
jmp hook
nop
return:

hook:
cmp dword ptr [restore_mp] #1
jae restore
cmp [esi+00000108],eax
jmp return

restore:
mov [restore_mp],00 //Guess this is needed 
mov [esi+00000108],eax
jmp return


[disable]
dealloc(hook)
dealloc(mp_hook)

019DF7AC:
mov [esi+000001B4],ebp

00BAABB6:
cmp [esi+00000108],eax

 

d0353a47597d1d3c23782bcc6e5b7f99.gif

  • Like 3

Share this post


Link to post
8 hours ago, Pischiello said:

Hyper Rock CRC cause dc?

I updated it from like v176.3. Guess this version required more nops and some opcode changes

Hyper Rock CRC Bypass

Spoiler

//Hyper Rock CRC gMS v178.4
//Credits to Yeeshin
//Enable the script and add Map_ID as an address and change the value to the Map ID you want to teleport to
//Then Open World Map and teleport to anywhere you want.
[Enable]
alloc(Hyper_Rock_CRC_BYPASS,123)
label(HyperRock_Return)
alloc(Map_ID,4)
registersymbol(Map_ID)

Map_ID:
dd #310040000 //Change ID here

Hyper_Rock_CRC_BYPASS:
mov ebx,[esp+40]
mov edx,[Map_ID]
mov [ebx+8C44],edx
jmp HyperRock_Return

01ECDA4F:
jmp Hyper_Rock_CRC_BYPASS
nop
nop
nop
nop
nop
HyperRock_Return:

[disable]
dealloc(Hyper_Rock_CRC_BYPASS,123)
dealloc(Map_ID,4)
unregistersymbol(Map_ID)

01ECDA4F: //8B ? ? ? 8B ? ? ? ? ? 52 8D ? ? ? E8 ? ? ? ? 8B 0D ? ? ? ? E8 ? ? ? ? 8B 0D ? ? ? ? 8B ? ? ? ? ? 8B ? ? ? ? ? 8B
mov ebx,[esp+40]
mov edx,[ebx+8C44]

 

 

  • Like 2

Share this post


Link to post

Full CPU Hack + Fake_Foreground_Window (Bypass Foreground check to send keystroke to maple when inactive window)

Foreground WindowBypasss

Spoiler

//v178.4

[ENABLE]
01E31BF7: //win32u.NtUserGetForegroundWindow first jne from function
ret
nop

[DISABLE]
01E31BF7:
db 75 01

Full CPU Hack

 

CPU Hack

Spoiler

//GMS v178.4
//Full CPU Hack
//update by Su+ngnam87
define(H1,00FAC46E) //(zoomOutField)
define(OC1,004BAD60)//Call of H1
define(H2,00FAC481) //Address of second call below
define(OC2,004D9FC0)//Call of H2
define(H3,00FAC48B) //Address of third call below
define(OC3,008146B0)//Call of H3
define(H4,00FAC4CF) //Address of fourth call below
define(OC4,00F94E30)//Call of H4
define(H5,00FAC4D6) //Address of fifth call below
define(OC5,00F8F1A0)//Call of H5
define(H6,00FAC4DF) //Address of sixth call below
define(OC6,00FAB890)//Call of H6
define(H7,00FAC4ED) //Address of seventh call below
define(NoComboShown,01C86700) //6A FF 68 ? ? ? ? 64  A1 00 00 00 00 50 81 EC ? ? ? ? 53 55 56 57 A1 ? ? ? ? 33 C4 50 8D 84 ? ? ? ? ? 64 A3 00 00 00 00 89 4C 24 ? 33 DB 39 99 (function start)
define(NoMultiKill,01F044B0) //"Effect/BasicEff.img/MultiKill/N" function below
define(NoMobReaction,0104E560) //Function start push -01: 83 C4 08 81 C2 ? ? ? ? 8B CE E8 (1st result)
//backup: 74 ? 99 F7 7C ? ? 8B ? 0F AF ? 03 54 (delayShowDamage, function start push -01)
[Enable]
H1:
db 90 90 90 90 90

H2:
db 90 90 90 90 90

H3:
db 90 90 90 90 90

H4:
db 90 90 90 90 90

H6:
db 90 90 90 90 90

H7:
db 90 90

NoComboShown:
ret

NoMultiKill:
ret

NoMobReaction:
ret 0074

[Disable]
H1:
call OC1

H2:
call OC2

H3:
call OC3

H4:
call OC4

H6:
call OC6

H7:
db FF D2

NoComboShown:
db 55

NoMultiKill:
db 6A

NoMobReaction:
push -01
push 02179E78

 

  • Like 4

Share this post


Link to post
1 hour ago, ngnam87 said:

Full CPU Hack + Fake_Foreground_Window (Bypass Foreground check to send keystroke to maple when inactive window)

  Hide contents


//v178.4

[ENABLE]
01E31BF7: //win32u.NtUserGetForegroundWindow first jne from function
ret
nop

[DISABLE]
01E31BF7:
db 75 01

Full CPU Hack

  Reveal hidden contents


//GMS v178.4
//Full CPU Hack
//update by Su+ngnam87
define(H1,00FAC46E) //(zoomOutField)
define(OC1,004BAD60)//Call of H1
define(H2,00FAC481) //Address of second call below
define(OC2,004D9FC0)//Call of H2
define(H3,00FAC48B) //Address of third call below
define(OC3,008146B0)//Call of H3
define(H4,00FAC4CF) //Address of fourth call below
define(OC4,00F94E30)//Call of H4
define(H5,00FAC4D6) //Address of fifth call below
define(OC5,00F8F1A0)//Call of H5
define(H6,00FAC4DF) //Address of sixth call below
define(OC6,00FAB890)//Call of H6
define(H7,00FAC4ED) //Address of seventh call below
define(NoComboShown,01C86700) //6A FF 68 ? ? ? ? 64  A1 00 00 00 00 50 81 EC ? ? ? ? 53 55 56 57 A1 ? ? ? ? 33 C4 50 8D 84 ? ? ? ? ? 64 A3 00 00 00 00 89 4C 24 ? 33 DB 39 99 (function start)
define(NoMultiKill,01F044B0) //"Effect/BasicEff.img/MultiKill/N" function below
define(NoMobReaction,0104E560) //Function start push -01: 83 C4 08 81 C2 ? ? ? ? 8B CE E8 (1st result)
//backup: 74 ? 99 F7 7C ? ? 8B ? 0F AF ? 03 54 (delayShowDamage, function start push -01)
[Enable]
H1:
db 90 90 90 90 90

H2:
db 90 90 90 90 90

H3:
db 90 90 90 90 90

H4:
db 90 90 90 90 90

H6:
db 90 90 90 90 90

H7:
db 90 90

NoComboShown:
ret

NoMultiKill:
ret

NoMobReaction:
ret 0074

[Disable]
H1:
call OC1

H2:
call OC2

H3:
call OC3

H4:
call OC4

H6:
call OC6

H7:
db FF D2

NoComboShown:
db 55

NoMultiKill:
db 6A

NoMobReaction:
push -01
push 02179E78

Haha in the loot packet nexon sends whether you are on the foreground or not... if I were you I would patch that too ;)

  • Like 3

Share this post


Link to post
17 hours ago, ngnam87 said:

Full CPU Hack + Fake_Foreground_Window (Bypass Foreground check to send keystroke to maple when inactive window)

Foreground WindowBypasss

  Reveal hidden contents


//v178.4

[ENABLE]
01E31BF7: //win32u.NtUserGetForegroundWindow first jne from function
ret
nop

[DISABLE]
01E31BF7:
db 75 01

Full CPU Hack

 

CPU Hack

  Reveal hidden contents


//GMS v178.4
//Full CPU Hack
//update by Su+ngnam87
define(H1,00FAC46E) //(zoomOutField)
define(OC1,004BAD60)//Call of H1
define(H2,00FAC481) //Address of second call below
define(OC2,004D9FC0)//Call of H2
define(H3,00FAC48B) //Address of third call below
define(OC3,008146B0)//Call of H3
define(H4,00FAC4CF) //Address of fourth call below
define(OC4,00F94E30)//Call of H4
define(H5,00FAC4D6) //Address of fifth call below
define(OC5,00F8F1A0)//Call of H5
define(H6,00FAC4DF) //Address of sixth call below
define(OC6,00FAB890)//Call of H6
define(H7,00FAC4ED) //Address of seventh call below
define(NoComboShown,01C86700) //6A FF 68 ? ? ? ? 64  A1 00 00 00 00 50 81 EC ? ? ? ? 53 55 56 57 A1 ? ? ? ? 33 C4 50 8D 84 ? ? ? ? ? 64 A3 00 00 00 00 89 4C 24 ? 33 DB 39 99 (function start)
define(NoMultiKill,01F044B0) //"Effect/BasicEff.img/MultiKill/N" function below
define(NoMobReaction,0104E560) //Function start push -01: 83 C4 08 81 C2 ? ? ? ? 8B CE E8 (1st result)
//backup: 74 ? 99 F7 7C ? ? 8B ? 0F AF ? 03 54 (delayShowDamage, function start push -01)
[Enable]
H1:
db 90 90 90 90 90

H2:
db 90 90 90 90 90

H3:
db 90 90 90 90 90

H4:
db 90 90 90 90 90

H6:
db 90 90 90 90 90

H7:
db 90 90

NoComboShown:
ret

NoMultiKill:
ret

NoMobReaction:
ret 0074

[Disable]
H1:
call OC1

H2:
call OC2

H3:
call OC3

H4:
call OC4

H6:
call OC6

H7:
db FF D2

NoComboShown:
db 55

NoMultiKill:
db 6A

NoMobReaction:
push -01
push 02179E78

 

These would be the official names for some of the functions in the CPU hack script

no clue at all if aobs work

/*
CPU Hack
v116.2 updated/edited by DAVHEED
*/

// 8B 80 ? ? ? ? 3B ? ? ? 75
define(MobReaction, 00B948A0)

// 8B ?? ?? 3B ?? 74 ?? 39 ?? 74 ?? 8B ?? 3B ?? 74 ?? 8B ?? ?? D1 ?? 3B ?? 75
define(NoBackGround, 00AFA177)

// start: 6a ff 68 ? ? ? ? 64 a1 ? ? ? ? 50 83 ec ? 53 55 56 57 a1 ? ? ? ? 33 c4 50 8d ? ? ? 64 a3 ? ? ? ? 8b d9 89 ? ? ? a1 ? ? ? ? 33
define(CUIScreenMsg__ScrMsgAdd, 01346AB0)

//Remove "Option list", more quality of life than CPU reducing
//8b 54 ? ? 8b 44 ? ? 56 52 8b
define(option_list, 015B68A0)

//Removes combo kill + multi kill shit
//second: 53 56 8b 74 ? ? 8b d9 57 8b ce e8 ? ? ? ? 0f
define(CWvsContext__OnStylishKillMessage, 018EFD60)

//CUser::OnEffect() - patch out the ANNOYING floating equip thing - probably only useful when you bot with auto sell EQ on
//jne below: 8d 4d ? 57 51 e8 ? ? ? ? 83 c4 ? 8b 4d ? c7
define(no_bonus_potential_equip_loot_box, 01633AAE)

//68 ff ff ff 7f 6a 00 6a 06 6a 01 51 8b cd
define(CUser__ShowSkillEffect, 01627670)

[Enable]
MobReaction:
ret 0060

NoBackGround:
db 90 90 90 90 90

CUIScreenMsg__ScrMsgAdd:
ret 0010

option_list:
ret 001c
nop

CWvsContext__OnStylishKillMessage:
ret 0004
nop
nop
nop

no_bonus_potential_equip_loot_box:
db 90 90

CUser__ShowSkillEffect:
ret 0034

 

Edited by DAVHEED
  • Like 2

Share this post


Link to post
20 hours ago, Buu said:

Auto attack and auto pet feed can't be compiled, fix please.

You have to be attached to MapleStory to call the function for those scripts.

Attach -> Load script -> Save (for easy re-use)

Share this post


Link to post

Skill Inject + ND

Spoiler

//v178.4
//Updated by tiger

[Enable]
label(GN_D)
label(h_1)
label(h_2)
label(h_3)
label(h_4)//Update disable
label(h_5)
label(h_6)//Update disable
registersymbol(GN_D)
registersymbol(h_1)
registersymbol(h_2)
registersymbol(h_3)
registersymbol(h_4)
registersymbol(h_5)
registersymbol(h_6)
aobscan(GND,75 ?? 83 BD ?? ?? FF FF 00 75 ?? 8B)
aobscan(h1,0F 84 ?? ?? ?? ?? 2B 9E ?? ?? ?? ?? 0F 88 ?? ?? ?? ?? A1 ?? ?? ?? ?? 85 C0)
aobscan(h2,0F 88 ?? ?? ?? ?? A1 ?? ?? ?? ?? 85 C0 74 ?? 8B 50 ?? 8D 48 ??)
aobscan(h3,0F 84 ?? ?? ?? ?? 8B 16 8B 42 ?? 8B CE FF D0 3D ?? ?? ?? ?? 74 ?? 3D ?? ?? ?? ?? 74 ?? 3D ?? ?? ?? ?? 74 ?? 3D ?? ?? ?? ?? 74 ?? 3D ?? ?? ?? ?? 75 ?? 8D 4C 24 ?? 51)
aobscan(h4,8B ?? ?? ?? ?? ?? 8B 44 24 ?? 6A ?? 6A ?? 6A ?? 6A ?? 8D 4C 24 ?? 51)
aobscan(h5,0F 87 ?? ?? ?? ?? 0F B6 ?? ?? ?? ?? ?? FF 24 ?? ?? ?? ?? ?? 84 DB 74 ?? 8B 8E ?? ?? ?? ?? 85 C9)
aobscan(h6,FF ? ? ? ? ? ? 84 ? 74 ? 8B ? ? ? ? ? 85 ? 0f 84 ? ? ? ? 8B ? ? ? 57 52)
aobscan(h7,81 BE ?? ?? ?? ?? ?? ?? ?? ?? 8B CE 75 ?? 8B 44 24 ?? 6A ??)

alloc(skill_id_hook,128)
label(skill_id_return)
alloc(delay,4)
define(skill_id, #12120011) //Skill ID goes here


/*
12120011 (Blazing Extinction 4th job) Blaze Wizard Skill
12100029 (Ignition) Blaze Wizard
12121002 (Towering Inferno) Blaze Wizard
25100010 (Fox Spirits 2nd job) Shade Skill
61101100 (Impact Wave 2nd job) Kaiser
25100002 (Ground Pound (shockwave) 2nd job) Shade Skill
25110003 (Shockwave Punch (shockwave) 3rd job) Shade Skill
35121052 (Distortion Bomb, mechanic) turn down delay
142120030 (kinesis Mental Tempest Hyper Skill)
4321006 (Flying Assaulter - jump to activate) Dual Blade
4331000 (Bloody Storm) Dual Blade
4331006 (Chains of Hell) Dual Blade
24111006 (Rapier Wit Dash & Damage) phantom
36110005 (Triangulation, works with FMA) Xenon
112001006 (Majestic Trumpet, works with FMA) Beast Tamer
31201010 (Demon Strike, auto-exceed)
101000101 (Air Riot) Zero: Beta
101000201 (Shadow Strike) Zero: Alpha
101001100 (Shadow Strike) Zero - both
#37110006
#37120022
#12121055 dragon blaze
*/

delay:
dw 0
h1:
h_1:
db 90 90 90 90 90 90
h2:
h_2:
db 90 90 90 90 90 90
h3:
h_3:
db 90 E9
h4:
h_4:
jmp skill_id_hook
nop
skill_id_return:
skill_id_hook:
inc [delay]
cmp dword ptr [delay], #1 // Set your delay (optional till you don't d/c)
jne skill_id_return
mov [delay], 0
mov edx,skill_id
jmp skill_id_return
h5:
h_5:
db 90 90 90 90 90 90
h6: //address at jmp dword ptr following the address above
h_6:
jmp h7
dw 9090

GND://Mach GND //75 ?? 83 BD ?? ?? FF FF 00 75 ?? 8B
GN_D:
db EB

[Disable]
GN_D:
db 75
h_1:
db 0F 84 86 03 00 00
h_2:
db 0F 88 7A 03 00 00
h_3:
db 0F 84 CC 00 00 00
h_4:
mov edx,[esi+0001231C]
h_5:
db 0F 87 7F 01 00 00
h_6:
jmp dword ptr [ecx*4+01D1F0FC]
dealloc(skill_id_hook)


/*define(GND,0184F677)//8B ? ? ? ? ? 89 ? ? 8B ? ? ? ? ? 50 E8 ? ? ? ? 83 ? ? 85 ? 0F 85 ? ? ? ? 83 ? ? ? 0F 85 ? ? ? ? 8B ? ? ? ? ? E8 ? ? ? ? 85 ? 75 ? 83 ? ? ? ? ? ? 74 ?
define(h1,018D8378)//0F 84 ?? ?? ?? ?? 2B 9E ?? ?? ?? ?? 0F 88 ?? ?? ?? ?? A1 ?? ?? ?? ?? 85 C0
define(h2,018D8384)//0F 88 ?? ?? ?? ?? A1 ?? ?? ?? ?? 85 C0 74 ?? 8B 50 ?? 8D 48 ??
define(h3,018D83E3)//0F 84 ?? ?? ?? ?? 8B 16 8B 42 ?? 8B CE FF D0 3D ?? ?? ?? ?? 74 ?? 3D ?? ?? ?? ?? 74 ?? 3D ?? ?? ?? ?? 74 ?? 3D ?? ?? ?? ?? 74 ?? 3D ?? ?? ?? ?? 75 ?? 8D 4C 24 ?? 51
define(h4,018D8503)//8B ?? ?? ?? ?? ?? 8B 44 24 ?? 6A ?? 6A ?? 6A ?? 6A ?? 8D 4C 24 ?? 51 (update disable)
define(h5,018D85A4)//0F 87 ?? ?? ?? ?? 0F B6 ?? ?? ?? ?? ?? FF 24 ?? ?? ?? ?? ?? 84 DB 74 ?? 8B 8E ?? ?? ?? ?? 85 C9
define(h6,018D85B1)//FF ? ? ? ? ? ? 84 ? 74 ? 8B ? ? ? ? ? 85 ? 0f 84 ? ? ? ? 8B ? ? ? 57 52 (jmp dword ptr below h5)
define(h7,018D85E7)//81 BE ?? ?? ?? ?? ?? ?? ?? ?? 8B CE 75 ?? 8B 44 24 ?? 6A ??
177.2
*/

 

 

Edited by tiger

Share this post


Link to post
Guest
This topic is now closed to further replies.
×