As this section has been dead for a while, I decided to release some things here to hopefully liven up the section.
NGS Bypass - Initiate first at MapleStory Whitescreen
Code:
[ENABLE]
alloc(newmem1,2048)
label(returnhere1)
label(originalcode1)
newmem1:
push ffffffff
call sleep
originalcode1:
pushfd
push edi
push esp
pop edi
add edi,00000004
jmp returnhere1
"BlackCipher.aes"+26885DE:
jmp newmem1
nop 5
returnhere1:
alloc(newmem2,2048)
label(returnhere2)
label(originalcode2)
newmem2:
push ffffffff
call sleep
originalcode2:
pushfd
sub esp,00000004
jmp returnhere2
"BlackCipher.aes"+201769C:
jmp newmem2
nop 2
returnhere2:
alloc(newmem3,2048)
label(returnhere3)
label(originalcode3)
newmem3:
push ffffffff
call sleep
originalcode3:
pushfd
sub esp,04
mov [esp],edi
jmp returnhere3
02AC1CCA:
jmp newmem3
nop 2
returnhere3:
[DISABLE]
CRC Bypass - Attach to MapleStory.exe at Character Select
Code:
[Enable]
GlobalAlloc(CopyMemory,79691776)
CopyMemory:
readmem($00401000,79691776)
Define(RegionStart,00401000)
Define(RegionEnd,05000000)
Alloc(CRC1_Hook,1024)
Label(CRC1_Original)
Label(CRC1_Return)
04681AD1:
jmp CRC1_Hook
CRC1_Return:
CRC1_Hook: // sub crc
cmp edx,RegionStart
jb CRC1_Original
cmp edx,RegionEnd
ja CRC1_Original
sub edx,RegionStart
add edx,CopyMemory
CRC1_Original:
db 8b 12 01 10 9c
jmp CRC1_Return
Alloc(CRC2_Hook,1024)
Label(CRC2_Original)
Label(CRC2_Return)
0490C837: // main crc
jmp CRC2_Hook
nop
CRC2_Return:
CRC2_Hook:
cmp ecx,RegionStart
jb CRC2_Original
cmp ecx,RegionEnd
ja CRC2_Original
sub ecx,RegionStart
add ecx,CopyMemory
CRC2_Original:
db 02 01 59 53 b7 3d
jmp CRC2_Return
/*
Alloc(CRC3_Hook,1024)
Label(CRC3_Original)
Label(CRC3_Return)
047A4682: //0040000 / ngclient
jmp CRC3_Hook
nop
CRC3_Return:
CRC3_Hook:
cmp ecx,RegionStart
jb CRC3_Original
cmp ecx,RegionEnd
ja CRC3_Original
sub ecx,RegionStart
add ecx,CopyMemory
CRC3_Original:
db 66 8b 09 0f b7 c1
jmp CRC3_Return
Alloc(CRC4_Hook,1024)
Label(CRC4_Original)
Label(CRC4_Return)
0476A79B: //blackcall
jmp CRC4_Hook
nop 4
CRC4_Return:
CRC4_Hook:
cmp edx,RegionStart
jb CRC4_Original
cmp edx,RegionEnd
ja CRC4_Original
sub edx,RegionStart
add edx,CopyMemory
CRC4_Original:
db 66 8b 12 81 cf 00 00 00 80
jmp CRC4_Return
*/
/*
Alloc(CRC5_Hook,1024)
Label(CRC5_Original)
Label(CRC5_Return)
048C57A0: //00401000 crc 2
jmp CRC5_Hook
nop 5
CRC5_Return:
CRC5_Hook:
cmp eax,RegionStart
jb CRC5_Original
cmp eax,RegionEnd
ja CRC5_Original
sub eax,RegionStart
add eax,CopyMemory
CRC5_Original:
db 8a 00 31 d9 81 f6 00 08 00 00
jmp CRC5_Return
Alloc(CRC6_Hook,1024)
Label(CRC6_Original)
Label(CRC6_Return)
0487A91B: //00401000 crc 3
jmp CRC6_Hook
nop
CRC6_Return:
CRC6_Hook:
cmp eax,RegionStart
jb CRC6_Original
cmp eax,RegionEnd
ja CRC6_Original
sub eax,RegionStart
add eax,CopyMemory
CRC6_Original:
db 8a 00 88 06 89 e9
jmp CRC6_Return
*/
KERNEL32.ReadProcessMemory+5:
ret 0014
nop
nop
nop
nop
[Disable]
-----------------
v229.2 GMS - Working Scripts
Unlimited Attack
Code:
[Enable]
02F18367://7E ? 83 ? ? 7D ? 8B ? ? 2B ? 3D 6A FF FF FF 7E ? 3D 96 00 00 00 7D
db EB
[Disable]
02F18367:
db 7E
Zoom In/Out, using + and - keys.
Code:
[Enable]
Alloc(Hook,123)
Label(Function)
Label(Return)
Label(Increase)
Label(Decrease)
Label(Reset)
Label(Exit)
Alloc(value,4)
value:
dd #1000 //Default value
Hook:
pushad
cmp ebx,004E0000 //Numpad +
je Increase
cmp ebx,004A0000 //Numpad -
je Decrease
cmp ebx,00370000 //Numpad *
je Reset
Exit:
popad
call 02158560 //Orignial
jmp Return
Increase:
add [value],#20
jmp Function
Decrease:
sub [value],#20
jmp Function
Reset:
mov [value],#1000
Function: // 3D 89 13 00 00 75 ? A1
mov eax,[04419358]
test eax,eax
je Exit
mov ecx,[eax]
push [value]
push eax
call dword ptr [ecx+000000c4]
jmp Exit
031D44A3:
jmp Hook
//db 90
Return:
[Disable]
031D44A3: //e8 ? ? ? ? 83 78 04 00 74 12 e8 ? ? ? ? 8b 48 04 8b 41 04 83 c1 04 5d ff 60 04 5d c2
call 02158560//Original
dealloc(hook)
Auto MP when MP is below 10%. Place MP pots on Page UP.
Code:
define(CUIStatusBar_MP,02A8DB03)//3b ? 7d ? 39 9f ? ? ? ? 7e ? 68 ? ? ? ? 8d 45 e8
define(MP_Jnl,02A8DB57)
define(CWvsContext_OnKey,031D44A0)
//55 8B EC 8B 0D ? ? ? ? 85 C9 74 ? 83 C1 04 8B 01 5D FF 20 5D C2 08 00 CC
define(asdf,043F7C70) //TSingleton_CWndMan_ms_pInstance
//8B 0D ? ? ? ? 2D ? ? ? ? 89 45 E0 8D 45 E4 6A 01 50
//8b ? ? ? ? ? 8d ? ? 6a ? ? e8 ? ? ? ? 8b ? b8 ? ? ? ? c6 ? ? ? 66 ? ? ? 89 ? ? 85 ? 74 ? 8b ? ? ff ? ? 8b ? ? c6 ? ? ? 8b ? ? 85 ? 75 ? 68 ? ? ? ? e8 ? ? ? ? 0f ? ? ? 8b ? 83 ? ? 8b ? ? 0f
//8B 0D ? ? ? ? 89 45 ? 8D 45 ? 6A 00 50 E8 ? ? ? ? 8B 08 B8 0D 00 00 00
[enable]
Globalalloc(hook_hp,128)
Globalalloc(hook_mp,128)
alloc(key_press,128)
label(return_mp)
label(return_normal_mp)
define(CTRL,001D0000)
define(SHIFT,002A0000)
define(INSERT,01520000)
define(DELETE,01530000)
define(HOME,01470000)
define(END,014F0000)
define(PAGEUP,01490000)
define(PAGEDOWN,01510000)
define(ALT,00380000)
key_press:
mov esi,[asdf] //TSingleton_CWndMan_ms_pInstance
mov ecx,[esi+A8]
push eax
push 00
call CWvsContext_OnKey
ret
hook_mp:
cmp eax,#10 //% To mp on
jnl return_normal_mp
pushad
mov eax,PAGEUP
call key_press
popad
return_normal_mp:
cmp eax,ecx
jnl MP_Jnl
cmp [edi+00000274],ebx
jnl MP_Jnl
jmp return_mp
CUIStatusBar_MP:
jmp hook_mp
db 90 90 90 90 90
return_mp:
[disable]
CUIStatusBar_MP:
cmp eax,ecx
jnl MP_Jnl
cmp [edi+00000274],ebx
jnl MP_Jnl
Mob Disarm
Code:
[enable]
01DA987B://75 ? 8D ? ? 8B ? E8 ? ? ? ? 8B ? E8
jmp 01DA9F45//8B ? ? ? ? ? 85 C0 0F 84 ? ? 00 00 2B ? 0F 89 ? ? ? ? C7 ? ? 00 00 00 00 8D
[disable]
01DA987B:
db 75 0A 8D 50 FA
mov ecx,ebx
call 01E288A0
Skip quest scenes
Code:
[Enable]
01BD300A://78 ? 8B 46 08 6A 00
db 90 90
[Disable]
01BD300A:
db 78 71
No Stage Fading
Code:
define(removeFadeIn,02156E3F) // 0F 84 ? ? ? ? 8B 35 ? ? ? ? 85 F6 74 ? 8B CE E8 ? ? ? ? 84
define(removeFadeOut,0215754F) // 0F 84 ? ? 00 00 8B 1D ? ? ? ? 89 ? ? 85 DB 74
[ENABLE]
removeFadeIn: // CStage::FadeIn
db 90 E9
removeFadeOut: // CStage::FadeOut
db 90 E9
[DISABLE]
removeFadeIn:
db 0F 84 BB 06 00 00
removeFadeOut:
db 0F 84 A5 0F 00 00
Adele + Ark + Blaster + Kain + more FMA
Code:
[ENABLE]
Alloc(Hook,128)
Label(Return)
01E348C0:
jmp Hook
Hook:
mov eax,[043F891C] // 0F BF 47 ?? 8B 0D ?? ?? ?? ?? 50 E8 ?? ?? ?? ?? 8B D8 85 DB 74 D6
lea eax,[eax+0C]
mov [esp+04],eax
Return:
push ebp
mov ebp,esp
push -01
jmp 01E348C0+5
03355096:
db eb 59
[DISABLE]
01E348C0: // 55 8B EC 6A FF 68 ?? ?? ?? ?? 64 A1 00 00 00 00 50 81 EC 00 02 00 00 A1 ?? ?? ?? ?? 33 C5 89 45 F0 53 56 57 50 8D 45 F4 64 A3 00 00 00 00 89 8D 6C FE FF FF C7 45 80 00 00 00 00 8B 45 44 89 85 6C FF FF FF C7 85 44 FF FF FF 00 00 00 00
push ebp
mov ebp,esp
push -01
03355096:
db 74 59
Adele + Ark + Blaster + Kain FMA (Version II, Magic Attacks From Mobs Wont Hurt You)
Code:
[Enable]
Alloc(Hook,128)
Label(Exit)
Hook:
cmp [ebp+04],01E359FF //83 c4 0c 85 c0 74 40 c6 45 87 01
je Exit
jmp 0098C1B3 //pop edi
Exit: //xor eax,eax
jmp 0098C1A9 // z
0098C1A1:
jmp Hook
db 90
[Disable]
0098C1A1: //3b c6 7d 0e 3b df 7d 0a
db 3B C6 7D 0E 3B DF
Hoyoung FMA
Code:
[ENABLE]
01E38D34://75 1B 83 C6 10 3B F7 75 DA 5F 32 C0 5E 8B 4D FC 33 CD E8
//55 8B EC 83 EC 34 A1 ? ? ? ? 33 C5 89 45 FC 56 8B 75 08 57 8B F9 8B 4E 04
db 74
[DISABLE]
01E38D34:
db 75
Kinesis Psychic Clutch FMA (Shootobj FMA, you'll have to figure out skills yourself)
Code:
[ENABLE]
Alloc(FullMapAttack_ICS,128)
Alloc(FullMapAttackSW,4)
RegisterSymbol(FullMapAttackSW)
Label(FullMapAttack)
FullMapAttackSW:
DD 1
FullMapAttack_ICS:
cmp [esp],01DAAF63 //8d 85 ? ? ? ? 68 ? ? ? ? 50 e8 ? ? ? ? 83 c4 08 85 c0 79 06 50 e8 ? ? ? ? 8b b3 ? ? ? ? c7 45 fc ? ? ? ? 85 f6 1st
jne VariantInit
cmp [FullMapAttackSW],1
jne VariantInit
mov [esp],FullMapAttack
jmp VariantInit
FullMapAttack: //04210284
mov ecx,[043C5374] //CUserLocal 8b 0d ? ? ? ? 85 c9 0f 84 ? ? ? ? e8 ? ? ? ? 84 c0 0f 84 ? ? ? ? 8b 0d
add ecx,04
lea eax,[ebp-000000b0] //blow A8
push eax
call 02CDF2C0 //55 8b ec 56 57 8d b9 ? ? ? ? 8d 4f 0c e8 ? ? ? ? 8b 75 08 8b cf 89 06 e8 ? ? ? ? 89 46 04 8b c6 5f 5e 5d c2 0400 cc cc cc cc cc cc 8b 01
push eax
lea ecx,[ebx+00000600] //above //5EC
call 00E92D00 //e8 ? ? ? ? 8b cb e8 ? ? ? ? 2d ? ? ? ?
jmp 01DAAF63 //og address
03A8C454: //above call dword ptr [ ]
DD FullMapAttack_ICS
[DISABLE]
03A8C454:
DD VariantInit
Mob Aggro (USE ONLY MOB AGGRO OR DUMB MOBS/SLIGHT FREEZE AT ONE TIME. DO NOT USE BOTH AT THE SAME TIME)
Code:
enable]
01DA923B://74 ? 8d 8b ? ? ? ? e8 ? ? ? ? 85 c0 75 ? 8b ? ? ? ? ?
jne 01DA9274
[disable]
01DA923B:
je 01DA9274
Dumb Mobs/Slight Freeze
Code:
[ENABLE]
alloc(hook2,128)
hook2:
mov [esp+4],#9
push ebp
mov ebp,esp
push -01
jmp 01DDF320+5
01DDF320://55 8B EC 6A FF 68 ? ? ? 02 64 A1 00 00 00 00 50 81 EC ? ? 00 00 A1 ? ? ? 03 33 C5 89 45 F0 53 56 57 50 8D 45 F4 64 A3 00 00 00 00 8B D9 89 ? ? FF FF FF 8B B3 ? ? 00 00 8B 45 08
//81 ? EB 20 42 01 74 ? 81 ? 02 1D 42 01 74 [1ST FUNCTION START]
jmp hook2
[DISABLE]
01DDF320:
push ebp
mov ebp,esp
push -01
Remove Kinesis Attack Animation
Code:
[ENABLE]
02C92534://89 9f ? ? ? ? ff 50 5c 8d 8f ? ? ? ?
db 90 90 90 90 90 90
[DISABLE]
02C92534:
mov [edi+00000A68],ebx
No Delay - Mechanic Homing
Code:
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
02F4BE44://0f 85 ? ? ? ? 81 fb ? ? ? ? 0f 84 ? ? ? ? 81 fb ? ? ? ? 74 ? 81 fb ? ? ? ? 74 ? 81 fb ? ? ? ? 74 2st
je 02F4BED2
[DISABLE]
02F4BE44:
jne 02F4BED2
Player Detection - Terminate Game
Code:
[enable]
//auto kill maple when user enters field
//threshold of people count is set on enable
alloc(hook, 128)
Label(skip)
02FB59A0:
jmp hook
hook:
cmp ebx,eax
jne skip
pushad
push 0
push ffffffff
call TerminateProcess
test eax,eax
popad
jnz skip
xor eax,eax
div eax
skip:
jmp 02FB5A11 //first je/jmp in CUserPool::OnUserEnterField
[disable]
02FB59A0: //CUserPool::OnUserEnterField C6 ? ? 01 85 ? 74 ? ? 8B ? E8 ? ? ? ? EB [Second Result Line 1]
push ebp
mov ebp,esp
push -01
//cmp ebx,eax
//jne ??????? //first je/jmp in above function
DeAlloc(hook)
{
// ORIGINAL CODE - INJECTION POINT: 02E6FBAD
02E6FB87: 33 FF - xor edi,edi
02E6FB89: 89 7D D4 - mov [ebp-2C],edi
02E6FB8C: 85 FF - test edi,edi
02E6FB8E: 74 04 - je 02E6FB94
02E6FB90: F0 FF 47 04 - lock inc [edi+04]
02E6FB94: 68 E8 3D 01 00 - push 00013DE8
02E6FB99: B9 20 CE 25 04 - mov ecx,0425CE20
02E6FB9E: C7 45 FC 00 00 00 00 - mov [ebp-04],00000000
02E6FBA5: E8 C6 93 6C FD - call 00538F70
02E6FBAA: 89 45 E4 - mov [ebp-1C],eax
// ---------- INJECTING HERE ----------
02E6FBAD: C6 45 FC 01 - mov byte ptr [ebp-04],01 -------LINE 1 ADRRESS-----
// ---------- DONE INJECTING ----------
02E6FBB1: 85 C0 - test eax,eax
02E6FBB3: 74 0A - je 02E6FBBF ----------------------- LINE 30 OPCODE-----------
02E6FBB5: 53 - push ebx
02E6FBB6: 8B C8 - mov ecx,eax
02E6FBB8: E8 93 B1 00 00 - call 02E7AD50
02E6FBBD: EB 02 - jmp 02E6FBC1
02E6FBBF: 33 C0 - xor eax,eax
02E6FBC1: 8D 77 10 - lea esi,[edi+10]
02E6FBC4: C6 45 FC 00 - mov byte ptr [ebp-04],00
02E6FBC8: 50 - push eax
}
God Mode (Do Not Use This For Prolonged Periods)
Code:
[ENABLE]
01913826:
mov eax,1
[DISABLE]
01913826: // E8 ? ? ? ? 83 C4 ? C3 CC E8 ? ? FF FF 50 E8 ? ? ? FF 83 C4 ? C3 CC E8 ? ? FF FF 50 [FIRST]
call 00A4A0C0// update
Map Rusher
Code:
[Enable]
Alloc(InGameRush,128)
Alloc(TeleportToPortal,128)
Label(Return)
Label(End)
02D68016://89 87 ? ? ? ? 81 ? ? ? ? ? ? ? ? ? 75 ? 83 ? ? ? ? ? 01 74
jmp InGameRush
db 90
Return:
InGameRush:
push eax
call TeleportToPortal
mov [edi+000137F4],eax
jmp Return
TeleportToPortal:
push ebp
mov ebp, esp
push edi
mov edi,[ebp+08]
test edi, edi
js End
mov ecx,[043FA77C] // PortalBase 8b ? ? ? ? ? 8b ? ? 85 ? 75 ? 33 ? eb ? 8b ? ? e8
mov eax,01FC37B0// 55 8b ec 8b 45 08 85 c0 78 32 [cdq down call] //018BB500
push edi
xor edx, edx
call eax
test eax, eax
je End
push [eax+4]
mov ecx,[043C5374] // CUserLocal
mov eax,02E75950//CUserLocal::MoveToPortal() //025992C0
//55 8b ec 6a 00 6a 01 6a 00 6a 01 ff 75 08
xor edx, edx
call eax
End:
mov eax, edi
pop edi
pop ebp
ret 0004
[Disable]
DeAlloc(InGameRush)
DeAlloc(TeleportToPortal)
02D68016:
mov [edi+000137F4],eax
No Knockback (Only Use If Not Using God Mode)
Code:
[Enable]
00D7DE78:
db B3 01 90
[Disable]
00D7DE78: //0f 9c ? 85 db 1ST
db 0F 9C C3
Remove Player Name (Client Sided)
Code:
[enable]
02CDB440: //CUser:DrawNameTags
ret
[disable]
02CDB440: //6A 00 6A 00 68 F3 03 [FUNCTION START]
push ebp
Remove Skill/Damage Animations
Code:
[ENABLE]
01DA2E20://74 ? 8b cb e8 ? ? ? ? 3b 45 08 75 0c ff 15 fun start
ret 007c
0178808E://83 C1 14 85 C9 79 04 33 C9
DB 83 C1 90
[DISABLE]
01DA2E20:
db 55 8b ec 6a ff
0178808E:
DB 83 C1 14
Show Hidden Skills
Code:
[ENABLE]
00C95519:
db eb 0c
//75 0c 39 83 ? ? ? ? 0f 85 ? ? ? ? 83 bb ? ? ? ? ?
[DISABLE]
00C95519:
db 75 0c
Skill Injection
Code:
define(SkillInjection_1,03355434)//68 ? ? ? ? ff b7 ? ? ? ? e8 ? ? ? ? 83 c4 ? 84 c0 0f 84 ? ? ? ? 85 f6 b8 ? ? ? ? 0f 44 f0
define(SkillInjection_2,033554B6)
define(SkillInjection_3,03355466)
[ENABLE]
alloc(NDFA,256)
label(stop)
SkillInjection_1:
push 00000100 //injection speed, all 0's can DC some skills
SkillInjection_2:
push # //put your skill ID after the #
//Ruin 400011105
//Cleave 151121000
//Homing 35101002
//Strike Arrow II (Does More Damage Then III) 63101003
SkillInjection_3:
jmp NDFA
db 90 90 90 90 90 90 90
NDFA:
push esi
mov esi,[043C56A4]//8B 0D ? ? ? 03 FF 73 14 E8 ? ? ? 01 8B F8 85 FF 74 ? 8B 57 04 8D 4F 04 8D 45 F8 50 FF 52 18 80 7E 10 00 75 ? 8D
//55 8B EC 83 EC 08 53 8B 5D 08 56 57 8B F1 8B 0D ? ? ? ? FF ? ? E8
cmp [esi+B4],#0
jne stop
pop esi
mov [edi+0000378c],00000000
jmp SkillInjection_3+C
stop:
pop esi
jmp 033554C1
[DISABLE]
SkillInjection_1:
push 000007D0
SkillInjection_2:
push 04C4BAEA
SkillInjection_3:
je 033554C1
mov [edi+0000378c],00000000
Pet Vac (this has a chance of Autoban. You can fix it to stop autobanning if you know what you are doing really easy lol)
Code:
[enable]
alloc(Hook,128)
label(Return)
label(Exit)
alloc(timer,4)
timer:
dd 00
0185FB53://2B 81 ? ? 00 00 3D B8 0B 00 00 0F 8C Call below
jmp Hook
Return:
Hook:
call 0187AD90
push esi
mov esi,eax
pushad
call 02FFE3E0//74 ? E8 ? ? ? ? 50 FF ? ? E8 ? ? ? ? 83 C4 08 84 C0 74 Call below
mov edx,eax
sub edx,[timer]
cmp edx,#50
jl Exit
mov [timer],eax
mov edi,[ebp+08]
lea ecx,[edi+04]
mov ebx,[edi+04]
mov ebx,[ebx+28]
call ebx
push [esi+04]
push [esi]
mov ecx,eax
call 030A5070 //1B C9 23 C8 E8 ? ? ? FE 5F C7 83 ? ? 00 00 down fun start
popad
pop esi
jmp Return
Exit:
popad
pop esi
jmp Return
[disable]
0185FB53:
call 0187AD90
---------------------------------------
This is the full Cheat Table with everything in it:
Code:
<?xml version="1.0" encoding="utf-8"?>
<CheatTable CheatEngineTableVersion="38">
<Forms>
<UDF1 Class="TCEForm" Encoding="Ascii85">b7Ej%2nldAU:MM2b.}cxWeIh0Gi32eO*Ft$Wn{Y6%{mcIVLrjY9Fkwal+AgInNpGg/gz.[7L.V;:dpp6GcW*E</UDF1>
</Forms>
<CheatEntries>
<CheatEntry>
<ID>0</ID>
<Description>"NGS BYPASS (ATTACH TO BLACKCIPHER.AES PROCESS THEN ENABLE BELOW)"</Description>
<LastState Value="" RealAddress="00000000"/>
<Color>0000FF</Color>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>1</ID>
<Description>"NGS BYPASS - enable on whitescreen"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
alloc(newmem1,2048)
label(returnhere1)
label(originalcode1)
newmem1:
push ffffffff
call sleep
originalcode1:
pushfd
push edi
push esp
pop edi
add edi,00000004
jmp returnhere1
"BlackCipher.aes"+26885DE:
jmp newmem1
nop 5
returnhere1:
alloc(newmem2,2048)
label(returnhere2)
label(originalcode2)
newmem2:
push ffffffff
call sleep
originalcode2:
pushfd
sub esp,00000004
jmp returnhere2
"BlackCipher.aes"+201769C:
jmp newmem2
nop 2
returnhere2:
alloc(newmem3,2048)
label(returnhere3)
label(originalcode3)
newmem3:
push ffffffff
call sleep
originalcode3:
pushfd
sub esp,04
mov [esp],edi
jmp returnhere3
02AC1CCA:
jmp newmem3
nop 2
returnhere3:
[DISABLE]
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>2</ID>
<Description>"MAPLESTORY BYPASS (ATTACH BACK TO MAPLESTORY.EXE PROCESS)"</Description>
<LastState Value="" RealAddress="00000000"/>
<Color>0000FF</Color>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>3</ID>
<Description>"MAPLESTORY BYPASS - enable in char selection"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[Enable]
GlobalAlloc(CopyMemory,79691776)
CopyMemory:
readmem($00401000,79691776)
Define(RegionStart,00401000)
Define(RegionEnd,05000000)
Alloc(CRC1_Hook,1024)
Label(CRC1_Original)
Label(CRC1_Return)
04681AD1:
jmp CRC1_Hook
CRC1_Return:
CRC1_Hook: // sub crc
cmp edx,RegionStart
jb CRC1_Original
cmp edx,RegionEnd
ja CRC1_Original
sub edx,RegionStart
add edx,CopyMemory
CRC1_Original:
db 8b 12 01 10 9c
jmp CRC1_Return
Alloc(CRC2_Hook,1024)
Label(CRC2_Original)
Label(CRC2_Return)
0490C837: // main crc
jmp CRC2_Hook
nop
CRC2_Return:
CRC2_Hook:
cmp ecx,RegionStart
jb CRC2_Original
cmp ecx,RegionEnd
ja CRC2_Original
sub ecx,RegionStart
add ecx,CopyMemory
CRC2_Original:
db 02 01 59 53 b7 3d
jmp CRC2_Return
/*
Alloc(CRC3_Hook,1024)
Label(CRC3_Original)
Label(CRC3_Return)
047A4682: //0040000 / ngclient
jmp CRC3_Hook
nop
CRC3_Return:
CRC3_Hook:
cmp ecx,RegionStart
jb CRC3_Original
cmp ecx,RegionEnd
ja CRC3_Original
sub ecx,RegionStart
add ecx,CopyMemory
CRC3_Original:
db 66 8b 09 0f b7 c1
jmp CRC3_Return
Alloc(CRC4_Hook,1024)
Label(CRC4_Original)
Label(CRC4_Return)
0476A79B: //blackcall
jmp CRC4_Hook
nop 4
CRC4_Return:
CRC4_Hook:
cmp edx,RegionStart
jb CRC4_Original
cmp edx,RegionEnd
ja CRC4_Original
sub edx,RegionStart
add edx,CopyMemory
CRC4_Original:
db 66 8b 12 81 cf 00 00 00 80
jmp CRC4_Return
*/
/*
Alloc(CRC5_Hook,1024)
Label(CRC5_Original)
Label(CRC5_Return)
048C57A0: //00401000 crc 2
jmp CRC5_Hook
nop 5
CRC5_Return:
CRC5_Hook:
cmp eax,RegionStart
jb CRC5_Original
cmp eax,RegionEnd
ja CRC5_Original
sub eax,RegionStart
add eax,CopyMemory
CRC5_Original:
db 8a 00 31 d9 81 f6 00 08 00 00
jmp CRC5_Return
Alloc(CRC6_Hook,1024)
Label(CRC6_Original)
Label(CRC6_Return)
0487A91B: //00401000 crc 3
jmp CRC6_Hook
nop
CRC6_Return:
CRC6_Hook:
cmp eax,RegionStart
jb CRC6_Original
cmp eax,RegionEnd
ja CRC6_Original
sub eax,RegionStart
add eax,CopyMemory
CRC6_Original:
db 8a 00 88 06 89 e9
jmp CRC6_Return
*/
KERNEL32.ReadProcessMemory+5:
ret 0014
nop
nop
nop
nop
[Disable]
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>4</ID>
<Description>"GENERAL"</Description>
<LastState Value="" RealAddress="00000000"/>
<Color>0000FF</Color>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>6</ID>
<Description>"Unlimited Attack"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[Enable]
02F18367://7E ? 83 ? ? 7D ? 8B ? ? 2B ? 3D 6A FF FF FF 7E ? 3D 96 00 00 00 7D
db EB
[Disable]
02F18367:
db 7E
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>11</ID>
<Description>"Zoom In/Out (Use + and - Keys)"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[Enable]
Alloc(Hook,123)
Label(Function)
Label(Return)
Label(Increase)
Label(Decrease)
Label(Reset)
Label(Exit)
Alloc(value,4)
value:
dd #1000 //Default value
Hook:
pushad
cmp ebx,004E0000 //Numpad +
je Increase
cmp ebx,004A0000 //Numpad -
je Decrease
cmp ebx,00370000 //Numpad *
je Reset
Exit:
popad
call 02158560 //Orignial
jmp Return
Increase:
add [value],#20
jmp Function
Decrease:
sub [value],#20
jmp Function
Reset:
mov [value],#1000
Function: // 3D 89 13 00 00 75 ? A1
mov eax,[04419358]
test eax,eax
je Exit
mov ecx,[eax]
push [value]
push eax
call dword ptr [ecx+000000c4]
jmp Exit
031D44A3:
jmp Hook
//db 90
Return:
[Disable]
031D44A3: //e8 ? ? ? ? 83 78 04 00 74 12 e8 ? ? ? ? 8b 48 04 8b 41 04 83 c1 04 5d ff 60 04 5d c2
call 02158560//Original
dealloc(hook)
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>7</ID>
<Description>"Auto MP @ 10% (Page UP) "</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>define(CUIStatusBar_MP,02A8DB03)//3b ? 7d ? 39 9f ? ? ? ? 7e ? 68 ? ? ? ? 8d 45 e8
define(MP_Jnl,02A8DB57)
define(CWvsContext_OnKey,031D44A0)
//55 8B EC 8B 0D ? ? ? ? 85 C9 74 ? 83 C1 04 8B 01 5D FF 20 5D C2 08 00 CC
define(asdf,043F7C70) //TSingleton_CWndMan_ms_pInstance
//8B 0D ? ? ? ? 2D ? ? ? ? 89 45 E0 8D 45 E4 6A 01 50
//8b ? ? ? ? ? 8d ? ? 6a ? ? e8 ? ? ? ? 8b ? b8 ? ? ? ? c6 ? ? ? 66 ? ? ? 89 ? ? 85 ? 74 ? 8b ? ? ff ? ? 8b ? ? c6 ? ? ? 8b ? ? 85 ? 75 ? 68 ? ? ? ? e8 ? ? ? ? 0f ? ? ? 8b ? 83 ? ? 8b ? ? 0f
//8B 0D ? ? ? ? 89 45 ? 8D 45 ? 6A 00 50 E8 ? ? ? ? 8B 08 B8 0D 00 00 00
[enable]
Globalalloc(hook_hp,128)
Globalalloc(hook_mp,128)
alloc(key_press,128)
label(return_mp)
label(return_normal_mp)
define(CTRL,001D0000)
define(SHIFT,002A0000)
define(INSERT,01520000)
define(DELETE,01530000)
define(HOME,01470000)
define(END,014F0000)
define(PAGEUP,01490000)
define(PAGEDOWN,01510000)
define(ALT,00380000)
key_press:
mov esi,[asdf] //TSingleton_CWndMan_ms_pInstance
mov ecx,[esi+A8]
push eax
push 00
call CWvsContext_OnKey
ret
hook_mp:
cmp eax,#10 //% To mp on
jnl return_normal_mp
pushad
mov eax,PAGEUP
call key_press
popad
return_normal_mp:
cmp eax,ecx
jnl MP_Jnl
cmp [edi+00000274],ebx
jnl MP_Jnl
jmp return_mp
CUIStatusBar_MP:
jmp hook_mp
db 90 90 90 90 90
return_mp:
[disable]
CUIStatusBar_MP:
cmp eax,ecx
jnl MP_Jnl
cmp [edi+00000274],ebx
jnl MP_Jnl
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>8</ID>
<Description>"Mob Disarm"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[enable]
01DA987B://75 ? 8D ? ? 8B ? E8 ? ? ? ? 8B ? E8
jmp 01DA9F45//8B ? ? ? ? ? 85 C0 0F 84 ? ? 00 00 2B ? 0F 89 ? ? ? ? C7 ? ? 00 00 00 00 8D
[disable]
01DA987B:
db 75 0A 8D 50 FA
mov ecx,ebx
call 01E288A0
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>10</ID>
<Description>"Skip quest scene"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[Enable]
01BD300A://78 ? 8B 46 08 6A 00
db 90 90
[Disable]
01BD300A:
db 78 71
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>39941</ID>
<Description>"No Stage Fading"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>define(removeFadeIn,02156E3F) // 0F 84 ? ? ? ? 8B 35 ? ? ? ? 85 F6 74 ? 8B CE E8 ? ? ? ? 84
define(removeFadeOut,0215754F) // 0F 84 ? ? 00 00 8B 1D ? ? ? ? 89 ? ? 85 DB 74
[ENABLE]
removeFadeIn: // CStage::FadeIn
db 90 E9
removeFadeOut: // CStage::FadeOut
db 90 E9
[DISABLE]
removeFadeIn:
db 0F 84 BB 06 00 00
removeFadeOut:
db 0F 84 A5 0F 00 00
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>13</ID>
<Description>"FMA"</Description>
<LastState Value="" RealAddress="00000000"/>
<Color>0000FF</Color>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>14</ID>
<Description>"Adele + Ark + Blaster + Kain + more FMA"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
Alloc(Hook,128)
Label(Return)
01E348C0:
jmp Hook
Hook:
mov eax,[043F891C] // 0F BF 47 ?? 8B 0D ?? ?? ?? ?? 50 E8 ?? ?? ?? ?? 8B D8 85 DB 74 D6
lea eax,[eax+0C]
mov [esp+04],eax
Return:
push ebp
mov ebp,esp
push -01
jmp 01E348C0+5
03355096:
db eb 59
[DISABLE]
01E348C0: // 55 8B EC 6A FF 68 ?? ?? ?? ?? 64 A1 00 00 00 00 50 81 EC 00 02 00 00 A1 ?? ?? ?? ?? 33 C5 89 45 F0 53 56 57 50 8D 45 F4 64 A3 00 00 00 00 89 8D 6C FE FF FF C7 45 80 00 00 00 00 8B 45 44 89 85 6C FF FF FF C7 85 44 FF FF FF 00 00 00 00
push ebp
mov ebp,esp
push -01
03355096:
db 74 59
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>39948</ID>
<Description>"Adele + Ark + Blaster + Kain FMA (Version II, Magic Attacks From Mobs Wont Hurt You)"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[Enable]
Alloc(Hook,128)
Label(Exit)
Hook:
cmp [ebp+04],01E359FF //83 c4 0c 85 c0 74 40 c6 45 87 01
je Exit
jmp 0098C1B3 //pop edi
Exit: //xor eax,eax
jmp 0098C1A9 // z
0098C1A1:
jmp Hook
db 90
[Disable]
0098C1A1: //3b c6 7d 0e 3b df 7d 0a
db 3B C6 7D 0E 3B DF
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>15</ID>
<Description>"Hoyoung FMA"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
01E38D34://75 1B 83 C6 10 3B F7 75 DA 5F 32 C0 5E 8B 4D FC 33 CD E8
//55 8B EC 83 EC 34 A1 ? ? ? ? 33 C5 89 45 FC 56 8B 75 08 57 8B F9 8B 4E 04
db 74
[DISABLE]
01E38D34:
db 75
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>16</ID>
<Description>"Kinesis Psychic Clutch FMA (Look At ******* For Shootobj Skills)"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
Alloc(FullMapAttack_ICS,128)
Alloc(FullMapAttackSW,4)
RegisterSymbol(FullMapAttackSW)
Label(FullMapAttack)
FullMapAttackSW:
DD 1
FullMapAttack_ICS:
cmp [esp],01DAAF63 //8d 85 ? ? ? ? 68 ? ? ? ? 50 e8 ? ? ? ? 83 c4 08 85 c0 79 06 50 e8 ? ? ? ? 8b b3 ? ? ? ? c7 45 fc ? ? ? ? 85 f6 1st
jne VariantInit
cmp [FullMapAttackSW],1
jne VariantInit
mov [esp],FullMapAttack
jmp VariantInit
FullMapAttack: //04210284
mov ecx,[043C5374] //CUserLocal 8b 0d ? ? ? ? 85 c9 0f 84 ? ? ? ? e8 ? ? ? ? 84 c0 0f 84 ? ? ? ? 8b 0d
add ecx,04
lea eax,[ebp-000000b0] //blow A8
push eax
call 02CDF2C0 //55 8b ec 56 57 8d b9 ? ? ? ? 8d 4f 0c e8 ? ? ? ? 8b 75 08 8b cf 89 06 e8 ? ? ? ? 89 46 04 8b c6 5f 5e 5d c2 0400 cc cc cc cc cc cc 8b 01
push eax
lea ecx,[ebx+00000600] //above //5EC
call 00E92D00 //e8 ? ? ? ? 8b cb e8 ? ? ? ? 2d ? ? ? ?
jmp 01DAAF63 //og address
03A8C454: //above call dword ptr [ ]
DD FullMapAttack_ICS
[DISABLE]
03A8C454:
DD VariantInit
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>17</ID>
<Description>"PICK ONE OPTION"</Description>
<LastState Value="" RealAddress="00000000"/>
<Color>0000FF</Color>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>18</ID>
<Description>"Mob Aggro"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[enable]
01DA923B://74 ? 8d 8b ? ? ? ? e8 ? ? ? ? 85 c0 75 ? 8b ? ? ? ? ?
jne 01DA9274
[disable]
01DA923B:
je 01DA9274
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>19</ID>
<Description>"Dumb Mobs/Slight Freeze "</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
alloc(hook2,128)
hook2:
mov [esp+4],#9
push ebp
mov ebp,esp
push -01
jmp 01DDF320+5
01DDF320://55 8B EC 6A FF 68 ? ? ? 02 64 A1 00 00 00 00 50 81 EC ? ? 00 00 A1 ? ? ? 03 33 C5 89 45 F0 53 56 57 50 8D 45 F4 64 A3 00 00 00 00 8B D9 89 ? ? FF FF FF 8B B3 ? ? 00 00 8B 45 08
//81 ? EB 20 42 01 74 ? 81 ? 02 1D 42 01 74 [1ST FUNCTION START]
jmp hook2
[DISABLE]
01DDF320:
push ebp
mov ebp,esp
push -01
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>20</ID>
<Description>"KINESIS"</Description>
<LastState Value="" RealAddress="00000000"/>
<Color>0000FF</Color>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>21</ID>
<Description>"Remove Attack Animation"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
02C92534://89 9f ? ? ? ? ff 50 5c 8d 8f ? ? ? ?
db 90 90 90 90 90 90
[DISABLE]
02C92534:
mov [edi+00000A68],ebx
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>22</ID>
<Description>"NO DELAY"</Description>
<LastState Value="" RealAddress="00000000"/>
<Color>0000FF</Color>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>23</ID>
<Description>"Mechanic Homing ND (Works Well With Skill Injection)"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
02F4BE44://0f 85 ? ? ? ? 81 fb ? ? ? ? 0f 84 ? ? ? ? 81 fb ? ? ? ? 74 ? 81 fb ? ? ? ? 74 ? 81 fb ? ? ? ? 74 2st
je 02F4BED2
[DISABLE]
02F4BE44:
jne 02F4BED2
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>24</ID>
<Description>"SITUATIONAL"</Description>
<LastState Value="" RealAddress="00000000"/>
<Color>0000FF</Color>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>39938</ID>
<Description>"Player Detection - Terminate Game"</Description>
<LastState/>
<Color>008000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[enable]
//auto kill maple when user enters field
//threshold of people count is set on enable
alloc(hook, 128)
Label(skip)
02FB59A0:
jmp hook
hook:
cmp ebx,eax
jne skip
pushad
push 0
push ffffffff
call TerminateProcess
test eax,eax
popad
jnz skip
xor eax,eax
div eax
skip:
jmp 02FB5A11 //first je/jmp in CUserPool::OnUserEnterField
[disable]
02FB59A0: //CUserPool::OnUserEnterField C6 ? ? 01 85 ? 74 ? ? 8B ? E8 ? ? ? ? EB [Second Result Line 1]
push ebp
mov ebp,esp
push -01
//cmp ebx,eax
//jne ??????? //first je/jmp in above function
DeAlloc(hook)
{
// ORIGINAL CODE - INJECTION POINT: 02E6FBAD
02E6FB87: 33 FF - xor edi,edi
02E6FB89: 89 7D D4 - mov [ebp-2C],edi
02E6FB8C: 85 FF - test edi,edi
02E6FB8E: 74 04 - je 02E6FB94
02E6FB90: F0 FF 47 04 - lock inc [edi+04]
02E6FB94: 68 E8 3D 01 00 - push 00013DE8
02E6FB99: B9 20 CE 25 04 - mov ecx,0425CE20
02E6FB9E: C7 45 FC 00 00 00 00 - mov [ebp-04],00000000
02E6FBA5: E8 C6 93 6C FD - call 00538F70
02E6FBAA: 89 45 E4 - mov [ebp-1C],eax
// ---------- INJECTING HERE ----------
02E6FBAD: C6 45 FC 01 - mov byte ptr [ebp-04],01 -------LINE 1 ADRRESS-----
// ---------- DONE INJECTING ----------
02E6FBB1: 85 C0 - test eax,eax
02E6FBB3: 74 0A - je 02E6FBBF ----------------------- LINE 30 OPCODE-----------
02E6FBB5: 53 - push ebx
02E6FBB6: 8B C8 - mov ecx,eax
02E6FBB8: E8 93 B1 00 00 - call 02E7AD50
02E6FBBD: EB 02 - jmp 02E6FBC1
02E6FBBF: 33 C0 - xor eax,eax
02E6FBC1: 8D 77 10 - lea esi,[edi+10]
02E6FBC4: C6 45 FC 00 - mov byte ptr [ebp-04],00
02E6FBC8: 50 - push eax
}
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>5</ID>
<Description>"God Mode (Do Not Use This For Prolonged Periods)"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
01913826:
mov eax,1
[DISABLE]
01913826: // E8 ? ? ? ? 83 C4 ? C3 CC E8 ? ? FF FF 50 E8 ? ? ? FF 83 C4 ? C3 CC E8 ? ? FF FF 50 [FIRST]
call 00A4A0C0// update
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>26</ID>
<Description>"Map Rusher"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[Enable]
Alloc(InGameRush,128)
Alloc(TeleportToPortal,128)
Label(Return)
Label(End)
02D68016://89 87 ? ? ? ? 81 ? ? ? ? ? ? ? ? ? 75 ? 83 ? ? ? ? ? 01 74
jmp InGameRush
db 90
Return:
InGameRush:
push eax
call TeleportToPortal
mov [edi+000137F4],eax
jmp Return
TeleportToPortal:
push ebp
mov ebp, esp
push edi
mov edi,[ebp+08]
test edi, edi
js End
mov ecx,[043FA77C] // PortalBase 8b ? ? ? ? ? 8b ? ? 85 ? 75 ? 33 ? eb ? 8b ? ? e8
mov eax,01FC37B0// 55 8b ec 8b 45 08 85 c0 78 32 [cdq down call] //018BB500
push edi
xor edx, edx
call eax
test eax, eax
je End
push [eax+4]
mov ecx,[043C5374] // CUserLocal
mov eax,02E75950//CUserLocal::MoveToPortal() //025992C0
//55 8b ec 6a 00 6a 01 6a 00 6a 01 ff 75 08
xor edx, edx
call eax
End:
mov eax, edi
pop edi
pop ebp
ret 0004
[Disable]
DeAlloc(InGameRush)
DeAlloc(TeleportToPortal)
02D68016:
mov [edi+000137F4],eax
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>30</ID>
<Description>"No Knockback (Only Use If Not Using God Mode)"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[Enable]
00D7DE78:
db B3 01 90
[Disable]
00D7DE78: //0f 9c ? 85 db 1ST
db 0F 9C C3
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>29</ID>
<Description>"Remove Player Name (Client Sided)"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[enable]
02CDB440: //CUser:DrawNameTags
ret
[disable]
02CDB440: //6A 00 6A 00 68 F3 03 [FUNCTION START]
push ebp
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>27</ID>
<Description>"Remove Skill/Damage Animations"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
01DA2E20://74 ? 8b cb e8 ? ? ? ? 3b 45 08 75 0c ff 15 fun start
ret 007c
0178808E://83 C1 14 85 C9 79 04 33 C9
DB 83 C1 90
[DISABLE]
01DA2E20:
db 55 8b ec 6a ff
0178808E:
DB 83 C1 14
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>28</ID>
<Description>"Show Hidden Skills"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
00C95519:
db eb 0c
//75 0c 39 83 ? ? ? ? 0f 85 ? ? ? ? 83 bb ? ? ? ? ?
[DISABLE]
00C95519:
db 75 0c
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>25</ID>
<Description>"Skill Injection"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>define(SkillInjection_1,03355434)//68 ? ? ? ? ff b7 ? ? ? ? e8 ? ? ? ? 83 c4 ? 84 c0 0f 84 ? ? ? ? 85 f6 b8 ? ? ? ? 0f 44 f0
define(SkillInjection_2,033554B6)
define(SkillInjection_3,03355466)
[ENABLE]
alloc(NDFA,256)
label(stop)
SkillInjection_1:
push 00000100 //injection speed, all 0's can DC some skills
SkillInjection_2:
push # //put your skill ID after the #
//Ruin 400011105
//Cleave 151121000
//Homing 35101002
//Strike Arrow II (Does More Damage Then III) 63101003
SkillInjection_3:
jmp NDFA
db 90 90 90 90 90 90 90
NDFA:
push esi
mov esi,[043C56A4]//8B 0D ? ? ? 03 FF 73 14 E8 ? ? ? 01 8B F8 85 FF 74 ? 8B 57 04 8D 4F 04 8D 45 F8 50 FF 52 18 80 7E 10 00 75 ? 8D
//55 8B EC 83 EC 08 53 8B 5D 08 56 57 8B F1 8B 0D ? ? ? ? FF ? ? E8
cmp [esi+B4],#0
jne stop
pop esi
mov [edi+0000378c],00000000
jmp SkillInjection_3+C
stop:
pop esi
jmp 033554C1
[DISABLE]
SkillInjection_1:
push 000007D0
SkillInjection_2:
push 04C4BAEA
SkillInjection_3:
je 033554C1
mov [edi+0000378c],00000000
</AssemblerScript>
<Hotkeys>
<Hotkey>
<Action>Toggle Activation</Action>
<Keys>
<Key>111</Key>
</Keys>
<ID>0</ID>
</Hotkey>
</Hotkeys>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>39946</ID>
<Description>"HIGH CHANCE OF AUTO BAN"</Description>
<LastState Value="" RealAddress="00000000"/>
<Color>0000FF</Color>
<GroupHeader>1</GroupHeader>
<CheatEntries>
<CheatEntry>
<ID>12</ID>
<Description>"Pet Vac"</Description>
<LastState/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[enable]
alloc(Hook,128)
label(Return)
label(Exit)
alloc(timer,4)
timer:
dd 00
0185FB53://2B 81 ? ? 00 00 3D B8 0B 00 00 0F 8C Call below
jmp Hook
Return:
Hook:
call 0187AD90
push esi
mov esi,eax
pushad
call 02FFE3E0//74 ? E8 ? ? ? ? 50 FF ? ? E8 ? ? ? ? 83 C4 08 84 C0 74 Call below
mov edx,eax
sub edx,[timer]
cmp edx,#50
jl Exit
mov [timer],eax
mov edi,[ebp+08]
lea ecx,[edi+04]
mov ebx,[edi+04]
mov ebx,[ebx+28]
call ebx
push [esi+04]
push [esi]
mov ecx,eax
call 030A5070 //1B C9 23 C8 E8 ? ? ? FE 5F C7 83 ? ? 00 00 down fun start
popad
pop esi
jmp Return
Exit:
popad
pop esi
jmp Return
[disable]
0185FB53:
call 0187AD90
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatEntry>
</CheatEntries>
<CheatCodes>
<CodeEntry>
<Description>Change of je 02EC93C5</Description>
<AddressString>00000000</AddressString>
<Before>
<Byte>EB</Byte>
<Byte>1A</Byte>
<Byte>FF</Byte>
<Byte>84</Byte>
<Byte>C0</Byte>
</Before>
<Actual>
<Byte>0F</Byte>
<Byte>84</Byte>
<Byte>7A</Byte>
<Byte>08</Byte>
<Byte>00</Byte>
<Byte>00</Byte>
</Actual>
<After>
<Byte>8B</Byte>
<Byte>8D</Byte>
<Byte>48</Byte>
<Byte>FF</Byte>
<Byte>FF</Byte>
</After>
</CodeEntry>
</CheatCodes>
<UserdefinedSymbols>
<SymbolEntry>
<Name>mobcount</Name>
<Address>06630000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>PacketRETADR</Name>
<Address>057F0020</Address>
</SymbolEntry>
<SymbolEntry>
<Name>PacketInfo</Name>
<Address>057F0820</Address>
</SymbolEntry>
<SymbolEntry>
<Name>PacketSize</Name>
<Address>057F1020</Address>
</SymbolEntry>
<SymbolEntry>
<Name>SW</Name>
<Address>057F0000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Header</Name>
<Address>057F0010</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Header22</Name>
<Address>13C61020</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Header33</Name>
<Address>057F1030</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Header11</Name>
<Address>05930010</Address>
</SymbolEntry>
<SymbolEntry>
<Name>DumpF</Name>
<Address>211A0000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook1_1</Name>
<Address>0BB90000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook1_2</Name>
<Address>0BB90400</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook1_3</Name>
<Address>0BB90800</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook1_4</Name>
<Address>0BB90C00</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook1_5</Name>
<Address>0BB91000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook1_6</Name>
<Address>0BB91400</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook1_7</Name>
<Address>0BB91800</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook1_8</Name>
<Address>0BB91C00</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook1_9</Name>
<Address>0BB92000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook1_10</Name>
<Address>0BB92400</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook1_11</Name>
<Address>0BB92800</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook2</Name>
<Address>0BB92C00</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook3</Name>
<Address>0BB93000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook3_2</Name>
<Address>0BB93400</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook4</Name>
<Address>0BB93800</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook5</Name>
<Address>0BB93C00</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook6</Name>
<Address>0BB94000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRCHook7</Name>
<Address>0BB94400</Address>
</SymbolEntry>
<SymbolEntry>
<Name>VirtualHook</Name>
<Address>0BB94800</Address>
</SymbolEntry>
<SymbolEntry>
<Name>RuneA</Name>
<Address>0BB95600</Address>
</SymbolEntry>
<SymbolEntry>
<Name>RuneX</Name>
<Address>0BB95800</Address>
</SymbolEntry>
<SymbolEntry>
<Name>RuneY</Name>
<Address>0BB95810</Address>
</SymbolEntry>
<SymbolEntry>
<Name>RuneCMP</Name>
<Address>0BB95820</Address>
</SymbolEntry>
<SymbolEntry>
<Name>RuneHook</Name>
<Address>0BB95830</Address>
</SymbolEntry>
<SymbolEntry>
<Name>filename</Name>
<Address>0E960000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Rabe</Name>
<Address>0E960100</Address>
</SymbolEntry>
<SymbolEntry>
<Name>KMS_Dump</Name>
<Address>27EF0000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>2keyboard</Name>
<Address>00B6EDC7</Address>
</SymbolEntry>
<SymbolEntry>
<Name>MobFilterHookMain1</Name>
<Address>00FEE5E5</Address>
</SymbolEntry>
<SymbolEntry>
<Name>MobFilterHookMain2</Name>
<Address>00FEEE5D</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Soul_Weapon_org</Name>
<Address>15DE0010</Address>
</SymbolEntry>
<SymbolEntry>
<Name>VacX</Name>
<Address>0AA90140</Address>
</SymbolEntry>
<SymbolEntry>
<Name>VacY</Name>
<Address>0AA90150</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Test1</Name>
<Address>0F5F0000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>MemoryDump</Name>
<Address>7FFF0000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>cmpDemi</Name>
<Address>04A90000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CUserLocal</Name>
<Address>04A90010</Address>
</SymbolEntry>
<SymbolEntry>
<Name>ONOFF</Name>
<Address>0FFE0040</Address>
</SymbolEntry>
<SymbolEntry>
<Name>mousevac1</Name>
<Address>04960020</Address>
</SymbolEntry>
<SymbolEntry>
<Name>mysw</Name>
<Address>04960410</Address>
</SymbolEntry>
<SymbolEntry>
<Name>mousevac2</Name>
<Address>04960420</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CMouseBase</Name>
<Address>04A90030</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CCharX</Name>
<Address>04A90020</Address>
</SymbolEntry>
<SymbolEntry>
<Name>SID</Name>
<Address>13610000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>InjectDelay</Name>
<Address>13610010</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CopyMemory</Name>
<Address>532F0000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>fusionattack_return</Name>
<Address>00E89DCB</Address>
</SymbolEntry>
<SymbolEntry>
<Name>PosXY</Name>
<Address>0AEC1CE0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>DumpM</Name>
<Address>10050000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRC1</Name>
<Address>0AEC0000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRC2</Name>
<Address>0AEC03F0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRC3</Name>
<Address>0AEC07E0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRC4</Name>
<Address>0AEC0BD0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRC5</Name>
<Address>0AEC0FC0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CRC6</Name>
<Address>0AEC13B0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>PortalKami</Name>
<Address>0B9117A0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>SetFakePortal</Name>
<Address>0B9118A0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>FakePortal</Name>
<Address>0B911920</Address>
</SymbolEntry>
<SymbolEntry>
<Name>GetMobXY</Name>
<Address>0B9119A0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>GetPortal</Name>
<Address>0B911BA0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>RuneXSave</Name>
<Address>0B1217A0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>RuneYSave</Name>
<Address>0B1217B0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>RuneTo</Name>
<Address>0B6817D0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Rune</Name>
<Address>0B1218C0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>HookRuneSpawnXY</Name>
<Address>0B6017A0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>RuneCMPAddress</Name>
<Address>0AEC17C0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Time11</Name>
<Address>0AF80000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>RuneSpawnX</Name>
<Address>0AEC17A0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>RuneSpawnY</Name>
<Address>0AEC17B0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>item</Name>
<Address>0B701A60</Address>
</SymbolEntry>
<SymbolEntry>
<Name>MSUser_Stance_FirstAddress</Name>
<Address>019BBBFB</Address>
</SymbolEntry>
<SymbolEntry>
<Name>MSUser_Stance_SecondAddress</Name>
<Address>019BBC02</Address>
</SymbolEntry>
<SymbolEntry>
<Name>CCHook</Name>
<Address>07B01A60</Address>
</SymbolEntry>
<SymbolEntry>
<Name>SleepTime</Name>
<Address>07B01A70</Address>
</SymbolEntry>
<SymbolEntry>
<Name>MobXY</Name>
<Address>0B6B1D60</Address>
</SymbolEntry>
<SymbolEntry>
<Name>ATPT</Name>
<Address>0B741B60</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Times</Name>
<Address>0B0B1BA0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>U</Name>
<Address>0B0B1A60</Address>
</SymbolEntry>
<SymbolEntry>
<Name>X</Name>
<Address>075F17B0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>isBuff</Name>
<Address>0AEC1CC0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>HookRuneSpawn</Name>
<Address>0AEC1840</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Rune_Active</Name>
<Address>0AEC18C0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Mobvac</Name>
<Address>0B301E40</Address>
</SymbolEntry>
<SymbolEntry>
<Name>isBuff2</Name>
<Address>0AEC1CD0</Address>
</SymbolEntry>
<SymbolEntry>
<Name>jlgwxy</Name>
<Address>12EE0000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>switch</Name>
<Address>04A20000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>hook_hp</Name>
<Address>198C0000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>hook_mp</Name>
<Address>198C0080</Address>
</SymbolEntry>
<SymbolEntry>
<Name>MobSpeed1</Name>
<Address>04A90000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>AutoPortal</Name>
<Address>0FAD0000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Injection</Name>
<Address>20FB0000</Address>
</SymbolEntry>
<SymbolEntry>
<Name>Timer</Name>
<Address>20FB0100</Address>
</SymbolEntry>
<SymbolEntry>
<Name>MobFilterList</Name>
<Address>0FA30000</Address>
</SymbolEntry>
</UserdefinedSymbols>
<DisassemblerComments>
<DisassemblerComment>
<Address>"MapleStory.exe"+25C7454</Address>
<Comment>parameter
</Comment>
</DisassemblerComment>
<DisassemblerComment>
<Address>"MapleStory.exe"+25C745C</Address>
<Comment>make header call
</Comment>
</DisassemblerComment>
</DisassemblerComments>
</CheatTable>
Enjoy. Everything is provided in order to make it easy to update.
Lets hope this springs the MS section back to life. Share with everyone.