hi i was just wondering whether godmode and supertubi and things like that still work when u use an unpacked client for maplestory. If so, can u please post a link as i cannot find it.

Yes and your not going to get it 3post leecher.

lol...ya..wat cuteharez is correct...if u wan to learn, use the search option =)

y not???? i have seriously searched for v.41 client but i cant seem to find it.....even in ce. please help me.

actually it is quite hard for a person who dunno assembly to unpack a client. even me also dunno how to do it actually, but so far, temp hack is still ok for me. but wizet and asiasoft won't win forever!

SO! i myself also learn throught sunbeam methods. Well i still trying to get CRC working on it anyway.

but anyway, leechers should learn them self. if they can't use a method that they dun know, they should use method that suite them. thts y i just use the temp hack only, until i can master assembly, then only i try make the unpack client

When GG see that many people are giving up on cheating they step down on security more people cheating they will not give up.

@nc_man8

Legend say NO PAIN NO GAIN
Resistance is furtile. You have been assimilated.

kitty and harez are right. Even i'm still learning. Don't expect to learn everything in like, one hour. We can fish for you each time youre hungry, but if we teach you how to fish, you can fish by yourself each time.

thanks anyhow guys.....i didnt think that unpacking client would be that hard....guess i have to stick to temp hack

Unpacking hard? Just download stripperX and click a button if u want to do it the idi0t's way (like me) lol

Lol stripperX ftw :). But I would love to learn how to do it manually, Sunbeam needs to make part two :P.

Yay i found an already modified client with in built hacks. U "pros" are right.....the search botton does work but it took me like 2 hrs of searching and reading through outdated threads. :)

modified client? is it mine? =\

yeah i think so its from CEF. xtls is that u??

xlcs
>=O why cant ppl spell my name right =\

wad do u mean the search doesn't work?
check this
http://www.mpcforum.com/search.php?searchid=1535601
7th result - MapleBooBoo

oh well...i guess my eyes arnt working as well. XLCS.....u r a legend man. ur client is great. thnx man.

To @CallProcedure,
i have some question about unpacking the maplestory.exe,
since i am still very noob, i dun understand y i am unable to unpack the exe. the log is as below.

stripper v2.11 rc2..
(c) by syd, 2002-2004..

00:39:01 - open MapleStory.exe..
00:39:03 - starting d:\stripperx\maplestory.exe..
Victim ImageBase - 00000000
Victim EntryPoint - 00000000
00:39:03 - unpacked file was not created..
00:39:03 - done..

i had tried a few times, and still the same result.

You need to get the new version.

To @harez,

stripper v2.13 beta 9..
(c) by syd, 2002-2006..

02:48:44 - open MapleStory.exe..
02:48:45 - starting d:\stripperx\maplestory.exe..
Victim ImageBase - 00000000
Victim EntryPoint - 00000000
02:48:45 - unpacked file hasn`t been created..
02:48:45 - done..

with the new version also the same.

Original EntryPoint :0031f53d
02:37:14 - saving C:\Program Files\WIZET\MapleStory\_MapleStory.exe..
02:37:14 - saving C:\Program Files\WIZET\MapleStory\_MapleStory.exe.log ..
02:37:14 - done..

Try reversing it 1st then do test.

still the same

03:33:00 - starting d:\stripperx\maplestory.exe..
Victim ImageBase - 00000000
Victim EntryPoint - 1a993501
03:33:00 - unpacked file was not created..
03:33:00 - done..

03:33:03 - open MapleStory.exe..
03:33:09 - starting d:\stripperx\maplestory.exe..
Victim ImageBase - 00000000
Victim EntryPoint - 1a993501
03:33:09 - unpacked file was not created..
03:33:09 - done..

03:33:12 - starting d:\stripperx\maplestory.exe..
Victim ImageBase - 00000000
Victim EntryPoint - 1a993501
03:33:12 - unpacked file was not created..
03:33:12 - done..

anyway, which version u r using now?
i tried it on v2.11,v2.13 and v2.07 all have the same result

@nc_man8: Wouldn't take you that long if you have been following this forum the past month :).

@katiekitty: Are you running stripperX on a separate MapleStory.exe or the one in the original Maple folder? Try using the one in the folder, it might be because MapleStory.exe needs the DLLs to run. It's ok as stripperX won't modify the original file.

i tried that also, still the same result.
i wonder wats going on.

oh well. guess they didnt downgrade GG huh... sigh...

@kattie: sometime i have this problem, then after restarting the comp, it works.

Hints*Maple BooBoo xlcs unpacked..But no Goodies inside...

i've restarted the pc a few times already. i think might be my processor got some problem with the math calculator processor(hope it is not), coz i've did some experiment with my pc(original clock speed 1.7Ghz Celeron) by overclocked it to 2.2++ghz(forget how much already) b4.

will the proccessor error give problem in this case?

Most likely not.
Mine is a P4 2ghz, the old one without HT

Or according to system info: x86 Family 15 Model 2 Stepping 4 GenuineIntel ~2004 Mhz

(ya, my comp sucks, anyone wants to buy me a new one?)

if like this maybe i'll try it on my sis AMD laptop.
if can, they i no need to spend time to do the temp hack already, wasted lots of time

I wonder if the dice vac can be edited into the client ?

i think can

Can, but i'm not going to do it.

1. Hotkeys, need to brush up my WinAPIs ;)
2. It's a stupid combination of vacs
3. It sucks
4. I'm not giving anyone vacs
5. I'm in no mood to put in vacs

I unpack it.. Only can use olly to edit it? I bet it is.. Thanks..

Can someone teach me or give me hints on how to put script into client? Maybe teach me how to put CRC bypass into a client..

Nevermind I found maplebooboo and i will analysis thanks xlcs..

hi, I'm new to this forum.But I've been a CEF member for long time.

Someone somehow released this client at CEF.
It's working and contain:
FGM
Tubi
Anti-Breath
Unlimited-Attack

Download Mirror: http://www.badongo.com/file/2863015

Don't be lame.. If you are CEF member for a long time don't you even know xlcs is callprocedure?? Don't you tell me xlcs is not from CEF!!!! and he is the one who post the client and the client is call maplebooboo.. and can be search and please no other links and no more ands..

Sry, I'm kinda mindless.
So the credit goes to xlcs a.k.a CallProcedure.

if not mistake, CallProcedure old account in mpc xlcs is banned due to he bombed some noobs pc, so CallProcedure is a new account. but i think CallProcedure's old account already unban already

xlcs the noob :D

yay! i found the problem y i can't unpack the client already, it is really my PC problem. i do it at my sis laptop, no problem at all.

ya i'm unbanned i just don want to use this acc..

Hopefully I might edit the client with vac into it by tomorrow...

Hmm I'll need to find other forms of "triggers" to replace hotkeys if I were to implement vacs into the client ..

Rem someone posted a kind of "on-attack" kind of address that might work fine as a event trigger ....

GetAsyncKeyState or keyb_event

xlcs.. Where you learn you reverse engineering and how long you learn it? currently still learning using lena's tut.

im not sure, started C++ about a week ago. currently learning WINAPIs.

Source: Google, MSDN, CodeProject, CEF IRC for questions

i'm learning how your CRC bypassed client works. i'm just wondering how did you "attached" the content of CEM file into the client?

#index<xlcs.h>

00772D60 0000 ADD BYTE PTR DS:[EAX],AL
00772D62 0000 ADD BYTE PTR DS:[EAX],AL
00772D64 0000 ADD BYTE PTR DS:[EAX],AL
00772D66 0040 CD ADD BYTE PTR DS:[EAX-33],AL



[Enable]
00772D60:
add [eax],al
add [eax],al
add [eax],al
add [eax],al

xlcs... Let me ask you something.. I can understand all but
ADD BYTE PTR DS:[EAX-33],AL

Why must :[EAX-33],AL while script does not it..

i'm viewing the exe with olly. and you're saying xlcs is using C++ to include the header file. i'm lost...

edit: so it's not purely using olly to debug but you've to repack the client with another app?

you don't need to repack..

00772D60 0000 ADD BYTE PTR DS:[EAX],AL
00772D62 0000 ADD BYTE PTR DS:[EAX],AL
00772D64 0040 8F ADD BYTE PTR DS:[EAX-71],AL
00772D67 40 INC EAX
00772D68 CD CC INT 0CC
00772D6A CC INT3

[Disable]
00772D60:
add [eax],al
add [eax],al
add [eax-71],al
inc eax

xlcs... Let me ask you something.. I can understand all but 00772D68 CD CC INT 0CC..

Why must INT 0CC?? And is put in disable part or enable part -.-

Thats one hell of complicated code but I think INT stands for Interrupt if I am not wrong ...

Btw u quote my old post...

Anyway. it's not complicated.. the top part and bottom part is the same..

00F210FE 0000 ADD BYTE PTR DS:[EAX],AL
00F21100 8BC6 MOV EAX,ESI
00F21102 89BE 14010000 MOV DWORD PTR DS:[ESI+114],EDI ; ntdll.7C910738
00F21108 90 NOP
00F21109 90 NOP
00F2110A - E9 C2EA79FF JMP MapleSto.006BFBD1
00F2110F 90 NOP

hvc:
mov [havoc],esi
mov [esi+00000114],edi
jmp hvoc


006BFBCB: //89 BE 14 01 00 00 E8 0E 83 7D 0C 00 74 nt_xvmon
jmp hvc
nop
hvoc:

Will this do??

About the : CD ADD BYTE PTR DS:[EAX-33],AL

I think I forgot to add another 00 to it lol, i'll fix it.

And in your last post: I don't understand what u're trying to do.

i'm trying to work out how does the CRC bypass client with hacks embedded works. the simplest hack in it is godmode. hope you guys can bear with me.

the godmode address is E28727 in the Bypass code section. where can i find the code that change the opcode from JE to JNE?

How do i allocate memory to owner maplestory instead of (itself)? Using olly.

Can anyone tell me if Slow dupe able to let me move around?? and Does it dc??

Call procedure.. Can i have anywhere to contact you instead of just forums.. I just need it so i can ask question =)

I won't bug you when you are not free..

@hsyeow: Better grammar plz, I dont really understand you. But I'm guessing u want god mode inside? Simple:
Goto the address in olly, inverse jmp it.

@X-hide: CEF IRC, I'm usually there, and u can ask other ppl for help too : fukt.us #cef

sorry. let me rephrase. i'm using your edited client with godmode embedded inside already. i viewed it with olly expecting to find JNE 006885b9. instead, what i found is the original opcode: JE 006885b9

so how/where did the godmode get activated

off-topic: you've just confirmed my suspicion that i need to properly structure my writing.

He could have use another godmode address.. Look in CEForum post.. I will download IRC.. ok

oh ya, I'm using another god mode address, 687715, there's 7 versions of god mode on cef =\

i can't connect to fukt.us server..

oh... f*ck me. totally forgot about the multiple godmode addressed. thanks. that should clear up some smog. moving on to next hack...

@X-hide: Where is lena's tutorial? CEF?

nope.. tuts4you search this in google..