some tut (well, explainations)

[MoFo]

updated a little..

Alrite someone pmed me asking for help, i ended up explaining most of the thing..
anyways, ill just post up what i had a lil modified.. I wont explain every single details but It is enough for ya'll to understand.. ()

btw ill use fastattack as an example here..

First of all maple story use DMA, so even if you find the right address in one game, It causes the variable of game to change location everytime we startup ms (it wont be the same) What you have to do is find a pointer. A static pointer act as a base, it NEVER change unless theres an update or something. the static pointer itself isnt the address to write on. Current static pointer is 60B930h. <-- that was for 0.08

After that, you need offsets. Even though ms uses DMA (the variables are allocated different memory locations) they always stay the same distance apart.. FastAttack speed is D0h from the pointer (h mean its in hexadecimal)

After knowing that, it should be easier to understand..
We want a trainer or someone else to get the right address without searching everytime, this is how it work. FastAttack Address = Static Pointer's value + D0h

So for example (it wont be the same for you)

FastAttack Address = 6546045646(I just made up this number) + D0h
use a hex calculator and thers ur address! If you have coding knowledge it should be easy to write a trainer.

If you dont fully understand, use google to specific tutorial on subjects.. You still need other tuts to find offsets, and static pointer. Thats it for now though, hope it helped the bunch that asked for how it works


--- update
How to find pointers and offsets -> simple way..
OK, I either use SoftIce or TSearch here. I'll be using TSearch (grab a copy somewhere or someone post a link ) to explain since SoftIce is a little more complicated.

So TSearch + hex/dec calculator (win calc is perfect) + IQ20 is what we need.

I'll use flash hack (godmode) as an example.

To find a pointer, you need an offset. We'll use TSearch's AutoHack to find one. Maple Story isnt debugger friendly(will close itself in debugger's presence), so either use IsDebuggerPresent or do the process quickly. Find godmode's address as usual (lets say you found 60BA00)

Once found, in tsearch, go to Autohack -> enable debugger, then Autohack -> AutoHack window.

In autohack's window, edit -> set breakpoint and put in the address you found for godmode (60BA00) then OK.

Multiple lines should appear in autohack's window (and by now, Maple Story should have closed itself). You should see something like this:

add esi,[ecx+0x12A] (made up, will be used as an example)

In short, it means add esi to ecx+0x12A (0x = hexa).
ecx is our pointer
0x12A is our offset

Now open Maple Story, and find godmode's address again (again, lets say you found 70BAFF). Once found, start up your calculator and set it to calculate hexadecimals.

Godmode's address -/+ offsets = pointer's value in hex, so it would be
70BAFF - 12A = 70B9D5

Convert the result to decimal (70B9D5h = 7387605), and search for that "exact value" in tsearch. You SHOULD only get one address (if not try 'em all by reversing the formula) and that address is the pointer! Now the only thing you have to do, is create a trainer that'll compute the formula (pointer's value + offset = god's address)

[mushashi_113]

ooh thanx alot, that helped, but one part which i didnt get is:

if the static address is static untill an update, and the speed hack is always : static + offset
and offset is always the same (<--- that im not so sure), then doesnt htat mean no matter how much u restart the game, the speed hack is the exact same value?

and i was wodnering, how come when i use t-search to find the values for speed hack, the lowest and fastest value is 0, and that value is alot slower than the speed hack found in your program.

i used the godmode --> + 5e1 = speed hack to find it

thanx

[MoFo]

Quote:

Originally Posted by mushashi_113

ooh thanx alot, that helped, but one part which i didnt get is:

if the static address is static untill an update, and the speed hack is always : static + offset
and offset is always the same (<--- that im not so sure), then doesnt htat mean no matter how much u restart the game, the speed hack is the exact same value?

and i was wodnering, how come when i use t-search to find the values for speed hack, the lowest and fastest value is 0, and that value is alot slower than the speed hack found in your program.

i used the godmode --> + 5e1 = speed hack to find it

thanx

The pointer's address is always the same, but the value will always change.
and its the pointer's "value" (not the address itself) + offset

and the reason ur speed is slower is because ur speedhack isnt the same as mine

[arukas]

hmm Mofo, let me ask u a question, since u are online atm... apparently i just got a new patch from maple story, and for some reason no matter how many times i click ur buttons with ur hack open its not working, perhaps something messed up in the programming? ... or is it somethingo n my own side... any suggestions...

Process::

1.) i d/l ur rar, extracted it, and extracted it again...
2.) stuck it into a folder
3.) ran the program both before and after maple story was opened
4.) debuged it, looked over the wholet hing
5.) played around with it, nothing

Specs::

1.) Specs of my Maple Story: i did the compatibility mode of what not
2.) i dont use diamond guard process (that thing is very cruddy on my perspective)
3.) And i have run many sorts of hacks on it, including the fact that for some reason my 3D analyze doesn't even work with it anymore

[MoFo]

well if my hack found maple story's process right, it should say so(if it failed or you get an error , just rerun it)

in game, you should be able to f1/f2, you should be blinking if godmode is on..
its for mapleglobal 0.08

oh and if your using windowed mode wif windows' sniper encapsulate that might be the problem... encapsulate after opening the hack..

I dont have any other idea..

[arukas]

hmm i am not running in encapsulate mode, in fact the windows mode doesn't even work for me...

ah one more thing, perhaps i have to turn off the comaptibility?... hmm i dont know i have reinstalled it over 6? 7? times already its just being a nutjob

hmm says error injecting into DLL? or was it Error injecting DLL?

[mushashi_113]

oooh i get it now,
i plugged in the pointer address into t-search and got 168 as value, then i put taht into hex calculator and added d0 to it, and i got 238 from the calculator, i then placed this address into tsearch and it has no value, am i supposed to change the empty value to some number?

[MoFo]

you shouldnt have 168 as a value..
the pointer is 4bytes, forgot to mention =/

[mushashi_113]

oh, that nets me a bigger number, heres what happens now:

i place in 060B930 in 4byte < tsearch shortens it to 60B930
the value i recieve is 327800500 < whuich seems awfully big already
i go into my handy calculator and add D0 < which is D zero
my result is 3278005D0 <-- another big number
i place it back into my t-search as a 4 byte new address
but since its too big of a value, it turns into FFFFFF for address <-- im stuck here

everything seems to go pretty well cept the fff part, so yea srry for askin for so much help

thanx

[MoFo]

Quote:

Originally Posted by mushashi_113

oh, that nets me a bigger number, heres what happens now:

i place in 060B930 in 4byte < tsearch shortens it to 60B930
the value i recieve is 327800500 < whuich seems awfully big already
i go into my handy calculator and add D0 < which is D zero
my result is 3278005D0 <-- another big number
i place it back into my t-search as a 4 byte new address
but since its too big of a value, it turns into FFFFFF for address <-- im stuck here

everything seems to go pretty well cept the fff part, so yea srry for askin for so much help

thanx

you are mixing up decimal and hexadecimal
ill make an example wit your numbers

so you got 327800500 as a value <-- this is in decimal
convert the value with any cool calculator
and you should obtain 1389D6B4 <-- same value but in hexa
then you add D0 to it wich result to 1389D784 <-- wich is what ur lookin for

Quote:

hmm i am not running in encapsulate mode, in fact the windows mode doesn't even work for me...

ah one more thing, perhaps i have to turn off the comaptibility?... hmm i dont know i have reinstalled it over 6? 7? times already its just being a nutjob

hmm says error injecting into DLL? or was it Error injecting DLL?

are you sure ur using my hack? thers no dll involved in mine

and how i find the offset?
D0h is for speed attack, what used for climb hack or so? (dont tell me the offset, tell me the way u find it)
and thank-you very much! after ill know how to find offsest ill make my own trainer!

[mushashi_113]

ooh thx now i get it. so to find the static address after a patch, you:
1. find the godmode hack manually, through the speed hack +5e1
2. you subtrack the offset from the adress of godemode hack
3. you convert taht value to decimal and search for it in t-search
4. hopefully you get one address, and taht should be the new static address after a patch has occured, if not, just keep searching the same value.
i havnt really tried this out as i got bored of maple story, but im guessing thats how it works


and to find an offset of any hack, you probably have to be able to do that hack manually, and then subtract the address of that hack away from the static value (make sure its in hex), and taht should get you the offset of the hack you want offsets for

[MoFo]

yeah thats it, and i dont use that 5e1 thingy since my speedhack isnt the same as the one ur using. to find an offset you have to be able to do it manually, after that u can make a proggy that'll compute the information by itself

[klandestine]

Seems to be helping so its stuck ... for now

K

[mushashi_113]

now that the static and the offsets are cleared, can you explain or post a link taht explains the program that you used to create the trainer?, srry for begging

thanx