NX Item Exploit

[thgurda]

Thank you to Blitz, I just became active on this forums although I joined awhile ago. I'm learning packet editing and your tutorials have a lot of good information. (:




I was wondering if you or someone else could help me edit this specific packet?
I have recorded an example of packets to show what I am trying to do.

My goal is to take a packet I got from buying a NX item, and change the item ID so that I can buy other items in the servers database

For example: on v83, the packet to purchase a construction hat is E5 00 03 00 01 00 00 00 C3 2E 31 01 00 00 00 00

Upon purchasing other items, I concluded that the item's ID is found in (E5 00 03 00 01 00 00 00 C3 2E 31 01 00 00 00 00)

So I figured I would take the ID of an item and convert it into hex, then replace those bytes with the new item ID bytes.
(Sky Blue Goggled Beanie- ID is 1002235; When you convert that to hex it comes out to be: 0B 00 31 30 30 32 32 33 35 20 20 20 20)

I obviously can see that there is a big difference between the two sets used for the Construction Hat ID and the 13 sets used for the Sky blue goggled beanie. I tried it anyways, and it of course did nothing.
So my question is, How can I convert this item ID and put it in the packet in place of the first item's ID?

I also realize this was a bit to read so thank you for taking the time to read it. It's easy for me to get carried away when trying to explain something. If you can help me in anyway I'd be greatly appreciative.

[Blitz]

Alright, there's a few things that I'll go ahead and clear up. First of all, this DOES work. It's been public since v55.

The ID you find in the NX packets isn't actually the item ID. Certain NX items have a serial number, which can be used to purchase it from the cash shop. You can find these serial numbers with a .wz editor, by opening up Etc.wz and looking in Commodity.img. However, this by itself is very hard to navigate. I've gone ahead and exported it to an .xml which I've uploaded as an attachment to this post. You'll need an advanced text editor such as Notepad++ to view it properly. From there, just hit CTRL+F and it'll open up a "search" window, where you can type in the item ID and search for it.

Sample of something from the .xml:
<imgdir name="0">
<int name="SN" value="10000000"/>
<int name="ItemId" value="1002000"/>
<int name="Count" value="1"/>
<int name="Price" value="300"/>
<int name="Period" value="14"/>
<int name="Priority" value="8"/>
<int name="Gender" value="2"/>
<int name="OnSale" value="0"/>
</imgdir>

The "SN" is the ID that you want, and the "ItemId" is the ID for the item that you're going to be searching for.

Once you find the SN for the item that you want (note that not all items have serial numbers, these cannot be obtained) you'll want to take the ID and put it in the following tool: Tryst's Maple Hex Converter.

With the example above, the ID was "10000000". 10000000, when translated from decimal to hexadecimal, is 989680. However, the tool will translate it to 809698. That's because in packets MapleStory reverses the hex for numbers and stuff.

In E5 00 03 00 01 00 00 00 C3 2E 31 01 00 00 00 00, the serial number is C3 2E 31 01. So, if we want 10000000, we'll convert it to hexadecimal (989680), reverse it -- which is already done for you by Tryst's Hex Converter (809698), add spaces (80 96 98), add an extra 00 to the end (80 96 98 00 -- considering all numbers are backwards, this doesn't actually change the number itself -- it's just like adding a zero to the beggining of the number. However, you never change the byte size of a packet unless the packet specifies something about the byte size, I could explain how that works later via skype or something if you want).

Our new packet is E5 00 03 00 01 00 00 00 80 96 98 00 00 00 00 00. Note that you will need the amount of NX that the item costs to purchase it, you can find how much it costs in the .xml below too.

I did a really poor job at explaining this, feel free to add me on Skype and I can help you out more. My Skype name is "Castimsm".

[thgurda]

This was exactly what I was looking for!
Your wrong though you did a great job of explaining!
You've also helped me with a seperate problem I've had!
I was wondering how to find SN of a given item a week ago when I was working on a edit. This works perfectly in both situations!
I really appreciate you taking the time to write that up and help me out! I'll add you on skype and talk to you in the future. (:

[Youtro]

it still works?? omg O_O

[Jacket]

Tested on SexyMS. Working perfectly.
Nice job. /blitz
What of item ID's that are not included in the attachment,e.g. custom stuff?

[Blitz]

Tested on SexyMS. Working perfectly.
Nice job. /blitz
What of item ID's that are not included in the attachment,e.g. custom stuff?

Sorry for the late response. They most likely don't have a serial number stored in the servers files, which means they can't be bought from the cash shop. Anyway I supposed this is "solved" so, thread closed.