GameRes游资网

 找回密码
 立即注册
查看: 18805|回复: 13

各位进来讨论一下冒险吸怪的原理吧。

[复制链接]
发表于 2006-5-13 18:00:00 | 显示全部楼层 |阅读模式
在这里这么多人想要冒险吸怪,可以讨论一下冒险吸怪的原理吧,
现在源代码都放出来啦,也不在于什么商业机密啦,我们只是想知道那个吸怪的内存地址怎么找出来的,大家讨论一下吧。
不过就算说出来啦,好多人都不知道是怎么一回事的,。因为这个游戏加了一个NP,就算知道啦也不见得会做这个挂。我希望有知道的高手,说一下原理吧。谢谢啦。
发表于 2006-5-13 18:47:00 | 显示全部楼层

Re:各位进来讨论一下冒险吸怪的原理吧。

如果有NP.基本上吸怪就不可能实现了.

无NP模式下,吸怪的地址是这么找的.

第一步:开修改器.或者是winhex 或者od
第二步:找怪物名字. 025版的时候,可以不知道以后的版本是不是这个样子
第三步:查看晃动值,由于怪物是不断的移动,所有必定有个2个值是晃动的.
第四步:锁定晃动值.比如晃动值是 35,那么,怪物向右移动后就是36,同样向左就是34.
          你锁定为01他就在地图的启始位置,锁定FF就在地图的最边边拉~!

这个游戏,如果真的有NP。在没研究过客服端的人,基本上出吸怪就是骗子。
发表于 2006-5-14 22:58:00 | 显示全部楼层

Re:各位进来讨论一下冒险吸怪的原理吧。

强人就自己写个客户端>_<
 楼主| 发表于 2006-5-15 21:55:00 | 显示全部楼层

Re:各位进来讨论一下冒险吸怪的原理吧。

现在出了吸怪是有的,因为一直都有吸怪,有NP还是一样有吸怪,
因为NP早就被人破啦,现在的问题我有点想不清楚的就是,是不是所有的怪物的晃动值都一样的吗?要不怎么锁定内存地址.
还有破NP也有有人写了一个程序进行破解的,谢谢二楼的回答.
发表于 2006-5-15 22:45:00 | 显示全部楼层

Re:各位进来讨论一下冒险吸怪的原理吧。

NP有2种方法.你这种鸟就算了吧。别想着什么吸怪了.
原来的吸怪都是用Trainer Maker Kit制作的.当时盛大没保护.
不知道你说的NP是不是真正的NP.
我看盛大主页没有标志含NP的符号,不知道是不是真的有!
如果真的有一般网站都会标示出来的.

或者是另外一种保护程序.而你把他说成nProtect了.

nProtect是nProtect!别的就不是了

呵呵~算了~你是想着吸怪的人,说多无意义!
发表于 2006-5-16 11:17:00 | 显示全部楼层

Re:各位进来讨论一下冒险吸怪的原理吧。

海外冒险岛外挂制作方法详细版
[GMS] Hacking 101 [Bypassing, addresses, pointers]
Announcements
irc.fukt.us #maplestory
/server -m irc.fukt.us -j #maplestory
Remember that IRC is not the same as the forum. You may not be treated too kindly.
- I will no longer be giving support in this thread. Most questions are now repeats. Before asking a question please try searching the forum or reading through the pages of this thread.
- The correct DBK32 file has now be uploaded.
- Thank Diddle for the alternate download location on MPC.
- I have changed my AIM and MSN settings to disallow people who aren't on my buddy list from contacting me. So please don't add me to your MSN or PM me on the forum either.
Introduction
Other stickies you should note.
- [GMS] v0.21 - Hack Values
- [GMS] Tutorial - All 4 VAC Hacks
There is an HTML verision of this tutorial available. [here]. This probably won't be as updated as this thread, though.
definately not updated recently. dont use it
My goals.
I am hoping this clears up many questions and issues. I will try and be as descriptive as humanly possible. If you have anything to add, please PM me or IM me.
You can get all the files needed in one zip.
In this tutorial, all files needed are separate downloads. If you would like all downloads in one compressed archive, you can download them from [ http://www.megaupload.com/?d=QONMUIAN ]. Replace the DOTs with the appropriate symbol. MPC censors the website. This tutorial does not cover the filenames used in that archive. So you'll have to figure that out for yourself. It should be pretty obvious though. Thanks to Rache for the contribution.
Common Problems
If you can only use godmode and nothing else [one register change],
then you need the modified DBK32 file.
If your computer reboots when you start MapleStory with CheatEngine
then try using Abyss webserver and checking over your hosts file / rev 566 server files.
If DupeX ListOffset value doesn't increase
then there is someone on the map, or you don't have the modified DBK32 file.
More to come...
contribute by replying...
The Bypass
What it does. This method of bypassing GameGuard emulates a GameGuard server on your own computer. That means instead of MapleStory looking fofr the GameGuard server on it's own website, it will read and update from your own computer. SunBeam put it best when he wrote in his thread [link]:
Quote:
Originally Posted by SunBeamThis method of "defeating" GameGuard came to life in 2001-2002. The first game ever having this protection was and still is - MU Online. The ideea of making a server that would "update" GameGuard with old files was commonly used at that time. People simply updated the tutorial and used it on other games that received GameGuard's "blessing". Which brings us to these days.
GameGuard uses a module that determines speed of transfer and checks if updates for any of its modules are available. If yes, the update begins, the modules are re-initialised, then launched and the game starts.
Formerly, the tutorial stated that in order to achieve server emulation, one needed to know what GameGuard "tells" the server. In simpler terms, where does GameGuard update from and what is the server's structure. Using a simple firewall, one can find the site, but can't determine the server directory from which GameGuard updates. For that I think I've heard something about a program called Ethereal which caught packets upon send. But it seems, GameGuard's packets are also encrypted nowadays.
Files you will need.
To start an emulation server you will need the following. An HTTPD (Web Server), the GameGuard Server Files (rev 566), and a modified host file. These files are hosted in various places, but for your convienience and security, I will provite my own sources.
a) You will first need to choose a web server. I have heard Abyss works fine, but I specifically use Apache with no problems. You can download Abyss Web Server from their website [here] (aprelium.com). You can download Apache HTTP Server from their website [here]. On that page there are many links. Scroll to where it says "Apache HTTP Server 2.0.55 is also available" and click "Win32 Binary (MSI Installer): apache_2.0.55-win32-x86-no_ssl.msi"
b) The GameGuard revision 566 server files can be download either [here], or from Katana [here] (In the 'Hack Downloads' section)
c) The modified host file is also available at Katana,. You can also grab it [here].
Getting started installing.
This tutorial, due to my lack of knowlege, only will explain how to install Apache. I'm sorry for the inconvenience. Moving on, once you have downloaded the Apache installer, run the file and go through the prompts. It is a standard installer file, and will ask you to confirm the license aggreement and (if you selected custom installation) ask you to choose a install location. It will ask you if you would like to install it as a service on port 80, or as an executable on port 8080. You must install it as a service for this to work. Once you get to the server configuration step, it will ask you for the server name, network name, and email address.
a) If you are not on a router, skip to step 1b. If you are, you will need to visit [url=http://www.whatismyip.com[/url]WhatIsMyIP.com[/url] and copy your IP address down. Paste it into the server and network (first two) boxes of the Apache installer prompt. Skip to step c.
b) (If you are not on a router,) put 127.0.0.1 into the server name box and localhost into the network name box.
c) You may put any valid email address into the third box. (ex: admin@uber-l33t.net, mpcuser@hotmail.com, etc.)
Extracting the GameGuard Server files.
You must pay careful attention to this step.
a) Navigate to My Computer and click Drive C, Program Files, Apache Group, Apache2, then htdocs.
b1) Create a folder named nProtect
b2) Open nProtect folder. Create a folder named GameGuard
b3) Open GameGuard folder. Create a folder named RealServer
c) Open RealServer folder. Open the zip file containing the Revision 566 GameGuard Server files.
d) Extract all files into RealServer.
Overwriting your hosts file.
a) Navigate to My Computer. Click Drive C, Windows, system32, drivers, then etc.
b) Open the zip containing the modified hosts file.
c) Extract the file into the etc folder, overwriting the old file.
d) Right click hosts, click Properties. Make sure Read-Only is ticked. Click OK.
Intermission.
You have now successfully installed a emulation server for MapleStory. Pat yourself on the back and let's move on to the next step! Now that you have the server installed you need a program that will allow you to control a program's memory changes. PrevX Home seems to work fine for this. Why do we need this? Well the nProtect Game Monitor obviously tries to change MapleStory to hind the process. With this, we can allow or deny some of it's actions.
Files you will need.
For this obviously you only need PrevX Home. Again, this is available on Katana, but you can also get it [here]
Configuring the software.
Extract the installer and run it. It should be fairly simple. Just click through the prompts. When it asks you to restart, do so. Wait for your computer to boot back up, if PrevX does not open automatically, open it. It will ask if you want to check for updates, or it will say it has found updates. Do not let it update. Now for the configuration.
a) In the bottom left hand corner of Prevx it says &quotrotection Setting." Click the arrow and set it to Off as displayed in this image. [click for image]
b) Next, on the top of PrevX you should see the tabs labeled "Status," "Security Settings," "Event History," etc. Click Security Settings as illustrated here. [click for image]
c) Now in the list there should be many settings. If you look there should be one that says "Windows Memory." Next to it, there isa small plus symbol. Click it. [click for image]
d) There are four dots. One of them is white, the rest are gray. Click the second gray dot to turn it white. This will change the Windows Memory settings in Prevx from "off" to "query." Meaning from now on it will ask you what you want PrevX to do when a program tries to change another's memory.Now you are finished. Remember, when you restart your computer, it will always ask whether you want it to update. Don't let it. Click NO, then OK.
Cheat for fun, Cheat for life.
Now that everything is set up, you could technically start MapleStory. But we don't have anything to edit MapleStory's memory with right now, do we? Visit the lovely CheatEngine.org and click Download and then Cheat Engine 5.2. If the download is not available, get it [here] After downloading and extracting the installer file, run it. It as well is pretty straight forward. Choose an install location and you're off. If it asks you to restart your computer, please do so.
Configuring your Cheat Engine.
This step should be followed carefully. If you tick something you aren't supposed to, bad things could happen.
a) Launch Cheat Engine. It will ask you a few questions for the first launch. Click through them. You'll notice the CE logo in the top right corner; under it there is a setting button. Click it. [click for image]
b) There are six tabs at the top of the Cheat Engine settings. Make sure each one of them looks as displayed in the images bellow.
General Settings: [image here]
Scan Settings: [image here]
File Associations: image here]
Code Finder: [image here]
Assembler: [image here]
Extra: [image here]
Note: It is important in this last tab that you not click "Stealthmode (usermode)" as described in DragonBroly's tutorial. It is not needed and can conflict with kernalmode in some unappealing ways. [eg: restart your computer when closing MapleStory]
c) Click OK on the settings dialog. You are all done configuring Cheat Engine!
发表于 2006-5-16 11:18:00 | 显示全部楼层

Re:各位进来讨论一下冒险吸怪的原理吧。

Final preparations.
Before launching MapleStory for your first hacking experience, theres one more thing you need to do. Deleting the GameGuard directory in your MapleStory installation isn't necessary but it can help assure that GameGuard will force itself to update.
a) Open My Computer. Click Drive C, Program Files, Wizet, then MapleStory.
b) Select the GameGuard directory, right click it and then hit Delete.
You're finished!
If you'd like to test everything out before you go hunting for pointers and addresses, you can start all the programs now if they aren't already started. If Apache was installed as a service, there should be a feather with a green arrow on it in your task bar (bottom right hand corner of your screen) [see picture]. If PrevX is started and configured correctly there should be a green star (without a red X through it) in your taskbar. Al lthat leaves to open is Cheat Engine.Starting MapleStory with CheatEngine.
a) Launch Cheat Engine. Then launch MapleStory.
b1) Click the computer button on the top left hand corner of Cheat Engine. [click for image]
b2) Scroll down and select MapleStory.exe. Click OK. [click for image]
c) A PrevX Home popup should come up. Click in the following order. [click for image]
Allow.
Deny.
Allow.
MapleStory should now start regularly. Another PrevX popup will come up within one to two minutes. You can dragit off to the side. Do not close, allow, or deny it until you close MapleStory.
Using CheatEngine
1) Addresses
Today, class we will be learning about addresses. Please take your seats and remember not to pass notes or whisper, or you will be send to the principal's office. Thank you.
So let's think of some scenarios here. You're a newbie to hacking. You go into the thread named '[OMS] .21 Addresses' Seems good, yes? To your horror, though, it shows just that, only addresses. You have no idea what to do with them, much less what Tick ZF means. Well, I am your shepard! I will guide you lost sheep to the ultimate hacking experience!
Most of the time when a thread just gives you an address and the words "Tick ZF" or "EAX 1," it means you are changing the addresses registers. This is done through the Memory View and is explained bellow.
Changing Registers
a) In Cheat Engine click the Memory View button. (You should have familiarized yourself with the program by now. I won't be providing screenshots for this section unless it is requested a lot)
b) Hit Ctrl+G (Goto Address)
c) Type the address that was given to you or you read about. Click Ok.
d) An address should now be highlighted on the top of the list. Right click that and select 'Change registers at this location.'
e) Depending on what it said in the thread will determine what you do here. If it tells you to Tick ZF, or says ZF=0, Tick the ZF box once. It's simple. If it says EAX 1, tick the EAX box, and type 1 into the space next to it. We'll do some more complicated things later.
MapleStory Global 0.21 Addresses
Unlimited Jump: Allows you to jump continuously one after another. You must hold down a directional key, unless you have the second address. It's simple to find and I won't give it out unless it is told by someone else first. 5ee77a (ZF 0)
Full Godmode: Protects you from melee, magic, and object damage. You must be damage first before it is activated on each map you enter. 5b66c2 (ZF 0)
Melee Godmode: There are two addresses for this. One protects you from objects and monster damage. 5C0E03 (ZF 0) And the other only protects your from objects. 5C0E5F (ZF 0)
Super Tubi: Tubi is a nickname for looting items much faster than normal. This address apparently loots faster than Tubi, making it Super Tubi! (Credits to TKC for finding this) 4697f8 (ZF 1) Note, if ZF 0 was only one ZF box, then ZF 1 must be two.
Fast Attack Speed: Careful. This one will disconnect you. It obviously increases your attacking speed. Set EAX to 0 or lower. 424422 (EAX
2) Pointers
Class, things are progressing nicely, lets keep it this way Susie, don't throw that paper airplane!
As stated in Dark Byte's thread on the Cheat Engine Forum [link]
Quote:
Originally Posted by Dark BytePointers are 4 byte values that hold the the address of a memorylocation instead of a normal value.
That address is used by the game to find out where to store and look for it's data. E.g: 10 bytes after the pointer to the start of the player data is health, 14 bytes after the start of the player data is armor, 18 bytes after the player is ammo etc.When you read a thread and it just says "50000a + C," or "Address: 50000a, Offset: C" that is a pointer. Pointers are not manipulated in the Memory Viewer as registers are. They are dealt with in the main Cheat Engine window. So close the memory viewer now if it is open.
a) Click 'Add Address Manually.' (Opposite the Memory View button)
b) Do not type any addresses in the Address box, instead, click &quotointer."
c) The words "This pointer points to: ??????" should come up. Bellow that, there are two boxes. One says "Address of pointer," the other says "Offset (Hex)." Type the address in the first, and the offset (if "50000a + C" if your pointer, "C" is your offset) in the second. Note: This pointer points to: ????? shoulod have changed.
d) Click ok. An address should have popped up in your cheat table. Now if the thread said to "Freeze @ 0," that would mean you need to change the value of the pointer to 0, and then click the freeze box. If you double click the address in the Value column, you can change it that way. On the far left, there is a column labeled Freeze. If you tick the box, it will freeze the value so it does not change.
MapleStory Global 0.21 Pointers
Unlimited Attack: MapleStory prevents you from attacking in one posistion over 100 timesi n a row. This will disable that limit.
6C60F4 + D60 (Freeze @ 0)
Anti-breath: When you attack, you cannot equip an item or change channels for a few seconds. Same goes for when you get hit by a monster or object. This disables that.
6C60F4 + 230 (Freeze @ 0)
NOTE: The following are not pointers, they are just manually added addresses to the Cheat Table. You can add them by simply typing the address (without clicking pointer) and then changing the Type of Byte if necessary.
Tubi: This address will allow you to pick up items without the normal delay you get.
6C91A8 (1 byte) Freeze @ 0
Let's take it nice and easy now. You may be wondering where all the vacs are. Well I've put them in another section of course. Gosh, silly.

3) Vacuums
Vacuum hacks in theory will take all the monsters on the map and move them to a desired location. Depending on the type of vacuum you use, dpeends on where they are moved to exactly.
With the 'wall' vacuum, you are changing the wall boundries of the map so that the mosnters will spawn to one point, while this works to an extent, if you change channel, you will be sucked to that point as well. Pointers are used for this vacuum.
With 'DupeX' vacuum, depending on the flavor you want, normal or monster, either all the monsters will be vacuumed to your posistion and follow you, or they will stay stationary. A auto-assemble injection code is used for this vacuum followed by a few register changes.
With a client sided 'EAX' vacuum, you and all monsters and NPCs will automatically be sucked to the point you input. Other players will not see you move from where you origionally were. This vacuum uses Hexadecimal converted X and Y coordinated inserted into the EAX register of an address.
With a server sided 'EAX' vacuum, you can specify a Y axis to be sucked to, along with all monsters and NPCs. Once there, you can walk anwhere on the Y axis, including on the air. When you jump, though, you will fall until you hit a surface, and then by sucked back to the Y axis. A noticable different between this and the clientsided version is that the other players will see you i nthe posistion you are really in. To use this vacuum, the same is done for client sided, except it uses different addresses. Optionally, you can use the X axis too, but some like to use a DupeX or Wall with this vacuum, so they can move still.
So now that you have all the information on these wonderful hacks, choose one you'd like to test drive.
MapleStory Global 0.21 Vacuums
a) Wall
Add the following addresses manually to your Cheat Table.
Left Wall: 6C5794 (address) + 4 (offset);
Right Wall: 6C5794 (address) + C (offset);
Top Wall: 6C5794 (address) + 8 (offset);
Bottom Wall: 6C5794 (address) + 10 (offset);
X Coordinate: 6C6130 (address) + 564 (offset);
Y Coordinate: 6C6130 (address) + 568 (offset);
Your X and Y coordinates are the posistion of your character on the map. (OMG you're algebra class paid off?) The left, right, top and bottom walls are the boundries of the map.
To use this vacuum, move to a posistion you would like to suck the mosnters to. Generally, you must be in an area where the mosnters will not get stuck on the platforms when they are sucked. That means no platforms can be above or bellow you. It has to be somewhat of an empty area. Usually the far left and right are good wall vacuum locations.
When you have found an area, look at your X and Y coordinates. Double click your left wall value and change it to your X coordinate. Do the same for your right wall value. For your top and bottom all values, change them to your Y coordinate.
If you do not want to be sucked in with the rest of the monsters, do not change channel. To have all the mosnters spawn in your new vacuum area, you need to go through the map and kill everything. From then on, the monster will spawn within the new designated boundries.
发表于 2006-5-16 11:18:00 | 显示全部楼层

Re:各位进来讨论一下冒险吸怪的原理吧。

b) DupeX
It is obviously a good idea to have a godmode on before aply this vacuum. For this, you will need the modified DBK32 file for your Cheat Engine. Download it [here]. To use it, close Cheat Engine and extract it to the program directory (C:/program files/Cheat Engine/). You can now have up to four register changes in the Memory View.
First off, enter the Memory Viewer and hit Ctrl+A, to enter the Auto-Assembler. Paste the following code into the box and hit OK. A list of addresses will pop up. You only need the first four numbers / letters of one of the addresses. The last four stay the same constantly with each injection of the code.
DupeX (Monsters will follow you.)
Code:
alloc(FindCharacterAddress, 1024)
alloc(ListOffset, 4)
alloc(ESIList, 1024)
alloc(DupeXVac, 1024)
alloc(EDIValue, 4)
label(EndSearch)
label(CompareOffset)
label(StoreESI)
label(DoNormal)
FindCharacterAddress:
mov [esi+114],edi
push eax
push ebx
push ecx
push edx
mov eax,0
mov ebx,ListOffset
mov ecx,ESIList
mov edx,EDIValue
CompareOffset:
cmp eax,[ebx]
je StoreESI
cmp esi,[ecx+eax*4]
je EndSearch
inc eax
jmp CompareOffset
StoreESI:
mov [ecx+eax*4],esi
inc eax
mov [ebx],eax
mov [edx],edi
EndSearch:
pop edx
pop ecx
pop ebx
pop eax
jmp 5F0DE2
DupeXVac:
push eax
push ebx
push ecx
mov ebx,[ListOffset]
dec ebx
mov ecx,ESIList
mov eax,[ecx+ebx*4]
cmp esi,eax
je DoNormal
mov edi,[eax+114]
DoNormal:
mov [esi+114],edi
pop eax
pop ebx
pop ecx
jmp 5F0DE2
DupeXMonster (Monsters will stay in one posistion)
Code:
alloc(FindCharacterAddress, 1024)
alloc(ListOffset, 4)
alloc(ESIList, 1024)
alloc(DupeXVac, 1024)
alloc(EDIValue, 4)
label(EndSearch)
label(CompareOffset)
label(StoreESI)
label(DoNormal)
FindCharacterAddress:
mov [esi+114],edi
push eax
push ebx
push ecx
push edx
mov eax,0
mov ebx,ListOffset
mov ecx,ESIList
mov edx,EDIValue
CompareOffset:
cmp eax,[ebx]
je StoreESI
cmp esi,[ecx+eax*4]
je EndSearch
inc eax
jmp CompareOffset
StoreESI:
mov [ecx+eax*4],esi
inc eax
mov [ebx],eax
mov [edx],edi
EndSearch:
pop edx
pop ecx
pop ebx
pop eax
jmp 5f0dfa
DupeXVac:
push eax
push ebx
push ecx
mov ebx,[ListOffset]
dec ebx
mov ecx,ESIList
mov eax,[ecx+ebx*4]
cmp esi,eax
je DoNormal
mov edi,[EDIValue]
DoNormal:
mov [esi+114],edi
pop eax
pop ebx
pop ecx
jmp 5f0dfa
Switch to your main Cheat Engine window. You may close the Memory Viewer if you like. Add an address manually. Type in the address ending in 0400. (EX: 0D010400) Name it in the description "ListOffset" if you like. The value should be zero.
Return to the Memory Viewer and goto (Ctrl+G) 5F0DDF. Right-click it and 'Change registers at this location.' Tick EIP and type the address ending in 0000.
Switch to the main CE window. The ListOffset value should be increasing. Wait for it to stop, it is reading the mosnters movement on the map.
Once it stops increasing, return to MapleStory, and move a bit on your own character. Tab out of MapleStory and look at the ListOffset value. It should have increased by one (possibly two if you have a pet).
Return to the Memory Viewer and change the register at 5F0DDF again. Leave EIP ticked, jsut change thet last four digits of that address to 0804. Return to MapleStory, and all the monsters should be sucked to your location.
To turn this vacuum off, enter the Memory Viewer and click View -> Breakpointlist. Find 5F0DDF and click it. Then click delete. Change the value of Listoffset to zero.
c) Clientsided EAX
For this you will need the wall vacuum's X and Y coordinates in your Cheat Table. You will be converting their values into Hexadecimal. Windows Calculator does not work well for this as it does not factor in negative values. Cheat Engine, though, does. If you right click the X or Y coordinate, and select, "Show this value in Hexadecimal," it will show you the converted Hexadecmal value.
Now switch to Memory View and goto (Ctrl+G) 5F1CC1. Right-click it and change the register. Tick EAX and type in the converted hexadecimal value of the X coordinate.
Goto (Ctrl+G) 5F1D26. Chagne the register. Tick EAX. Type the converted hexadecimal vale of the Y coordinate.
Return to the game. You, all NPCs, and all monsters should be sucked to the posistion you entered. Remember that other players will see you in the origional posistion. I do not know the exact specifics about what other players can and cannot see, but if anyone would like to test it out with a friend, please PM me your findings and I will add it to this section.
To remove this vacuum, enter the Breakpointlist in Memory View (View -> Breakpointlist) and delete 5F1CC1 and 5F1D26
发表于 2006-5-16 11:19:00 | 显示全部楼层

Re:各位进来讨论一下冒险吸怪的原理吧。

d) Serversided EAX
WARNING: I have now thouroughly tested the 'serverside' EAX vacuum and have concluded that it is not a safe method of vacuuming. If a user comes into view of your dot on the minimap, your character is pulled to ground level no matter where you are [underground, in the sky]. Use it with caution and at your own risk.
As for the clientsided version of the EAX vacuum, you need the X and Y coordinates from the wall vacuum. Switch your X and Y coordinates to the converted Hexadecimal values.
Enter Memory View, goto (Ctrl+G) 5ee1b4. This is the Y axis address. Change the register on it. Tick EAX and enter the converted hexadecimal value of the Y coordinate. If you return to MapleStory right now, you will find that you can walk to the air of that Y axis. You will fall if you jump. Once you hit the ground, though you will be returned to the Y axis.
Be careful when vacuuming to the top of the map and attacking mosnters in the air. Sometimes you will fall to the ground but it will not show on your screen. I suggest using this to vacuum monsters bellow the ground. If you do this though, make sure other players cannot see you or click you so you will not be reported.
I suggest using DupeX or Wall with this instead of the X axis address. If you'd like to experiment, though, the X axis address is 5ee18e.
e) Item
NOTE: This is not actually an item vacuum. It is just in this section because that is it's most used function. It does not, though, suck all items to a location because these addresses are the character's write points. What you can do is loot from a point without actually being there.
On the main CE window, click Add Address Manually and then click Pointer. Add 6c60F4 as the address and 344 as the offset. Label it something like "Write [x]." Add another pointer. This time the address is 6c60F4 and the offset is 348. Lable it "Write [y]."
To use this, move in the game to the posistion you would like to loot from. Return to CE and freeze the addresses. Go back into the game and drop an item. Move away from the item and loot. The item will loot as if you were standing there.
NOTE: The loot speed of this alone is very slow. If you use Tubi with this and hold down the loot key, it will be faster.
4) Unrandomizer
Unrandomized Dice Roll
Hate spending all that time making 4/4 characters? Now you don't have to anymore!
Login and create a character on a server. Choose the name, check it, and then tab down to Cheat Engne. Now depending on what you'd like a 13 in, dpeends on how you will configure the unrandomizer. Go into the Cheat Engine settings and in the first tab, click Configure Unrandomizer. Type 0 for Strength, 1 for Dexterity, 2 for Intelligence, or 3 for Luck. Hit ok. Close the CE settings.
Tick Unrandomizer on the main CE window and then return to MapleStory. Roll the dice. You should have recieved a 13 in the stat you wanted and a 4 in everything else. Tab back out of MapleStory and into CE. When the unrandomizer checkbox reappears, untick it. Return to MapleStory and continue creating your character. You are done!
Unrandomized Attack Type
NOTE: I have obtained permission to post this from SunBeam. All credit for the script goes to him.
Enter Memory Veiw and Ctrl+A to access the Auto-Assembler. Copy the following into the space provided.
Code:
FULLACCESS(400320,4)
400320:
mov eax,00000079
ret
dec eax
adc al,69
leave
std
inc ebx
add eax,[eax]
add ecx,00269ec3
mov [eax+14],ecx
mov eax,ecx
shr eax,10
and eax,00007fff
ret
jmp 635447
Hit OK and close the Auto-Assembler. In Membery view goto (Ctrl+G) 635425 and change the registers. Tick EIP and set it to 400320.
According to SunBeam:
* This will freeze monsters from moving but they will regain movement once you attack.
* You will always swing when you attack, thus doing more damage.
To disable this, go into Memory View, View -> Breakpointlist, delete 635425.
Windowed Mode
So you like to be able to use other programs without tabbing down, right? I do too. This section explainshow to use the d3d8.dll file to run MapleStory in windowed mode. A bypass is required.
Included [here] is a zip with d3d8.dll and maplestory.bat. Heres what you do with them:
a) Extract the zip file to your desktop.
b) Open My Computer; double-click Drive C, Program Files, Wizet, then MapleStory, or click [here].
c) Move d3d8.dll into the MapleStory folder you just opened.
d) Open maplestory.bat to open the game in windowed mode.
Note: To play the game in full-screen mode, you must move d3d8.bat out of the MapleStory directory, otherwise, when starting maple you will get an error message in Korean.
Note: The included bat file tries to open from C:/Program Files/Wizet/MapleStory/. If you do not have MapleStory installed there you need to edit the bat file.
发表于 2006-5-16 11:19:00 | 显示全部楼层

Re:各位进来讨论一下冒险吸怪的原理吧。

GameGuard Error Refferance
As posted on mSecrets, [here] by wubawuba
Quote:
Originally Posted by wubawuba
Error 110 - This is indicating that NProtect has already been loaded once and is still resident in memory. Please hit CONTROL-SHIFT-ESCAPE to bring up the task manager, click processes, and perform an end process on trose.exe and GameMon.des. If ending these processes does not resolve the error, please reboot your PC.
Error 112 - Please be sure your PC is free of viruses, and that sufficient memory is available. You may wish to make sure your virus scanning program is up-to-date and functioning properly, and that you do not have too many other open programs.
Error 114 - Unfortunately a specific solution to this error is unavailable. In general, it is indicating that some software on your PC is preventing NProtect from loading. Please verify that you have administrative access to the PC you are using, and that you have shut down all nonessential software. Also, you may wish to end any unnecessary system services or processes if you feel comfortable doing so. You may also wish to try teporarily disabling any virus scanning, firewall, or security software on your PC.
Error 120 - Your installation of NProtect is either incomplete or damaged. Please delete the GameGuard folder and repatch MapleStory, or try clicking on the [Check Files] button.
Error 124, 141, 142, 150, 153 - Same as Error 120
Error 155 - This error should not occur under Windows XP. If it is encountered, your PC may have a severe virus or be experiencing Operating System / Hard Disk corruption. Please visit http://www.microsoft.com/ for assistance in restoring this file for your particular OS version. If you are unable to restore it, we recommend contacting a qualified PC technician to examine your PC.
Error 170 - Due to a problem with the GameGuard INI, the program was unable to launch. We recommend deleting the GameGuard folder and re-running the MapleStory patch program again in order to redownload the NProtect files.
Error 340 - This is indicating that the NProtect patches failed to download, either due to an overly restrictive firewall or network issues leading to failed downloads [such as timeouts, corrupted packets, etc.] We recommend checking your firewall settings as well as your current connection stability, and trying again at a later time.
From MapleGlobal: "This Error occurs when GameGuard fails to connect and download from server."
Error 350 - The NProtect patcher was cancelled. Please close MapleStory and NProtect and load the game anew.
Error 360 - The NProtect patch process failed due to corrupted files, or an overly restrictive firewall. Please be sure to allow NProtect access through your firewall. If the problem persists, delete the GameGuard directory and run the MapleStory patcher again.
Error 361 - Gameguard did not install well. Maybe you cancelled it or something. Either Re-download gameguard or goto Internet>Settings>Network>Check security program on top is working or not. Also check if you need to get authorized to use the internet.
Error 380 - This is indicating that either there is a problem with your internet connection, security software on your PC is blocking NProtect from accessing its patch server, or the NProtect patch server is temporarily down. You may wish to wait a while and try again, and verify your firewall settings, as well.This is an awesome refferance and I commend wubawuba for taking the time to find all the error, gather information on them and post this for everyone. I hope it helps and clears up your problems / allows you to find and fix them.
Conclusion
I hope you have learned and profited from this tutorial. Please keep in mind that Knowlege is Power, and with great knowlege comes great responsibility. When you are using a vacuum, always clean up the mosnters afterwards so they spawn normally.
Do not repost this tutorial on any other forum! While the addresses, injection code, pointers and steps taken to achieve these hacks is public domain, this tutorial is not. Do not redistribute it.
I will not ask for this to be stickied, but I think it would clean up the forum and cut down on the questions if it were. It's ultimately up to the moderators, though.
If you find any spelling mistakes or would like to add to this tutorial, please let me know in a PM here or an IM.
reserved
__________________
Quote:
Originally Posted by #mpc_ms
* Hitmaster reaches out to Paine with open arms
* Paine Should warn you he's currently naked.
* Hitmaster cowers in fear
* Hitmaster but then realizes you're a man
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

小黑屋|广告投放|信息发布|关于本站|手机版|GameRes游资网 ( 闽ICP备05005107-1 )

GMT+8, 2018-1-21 17:02

快速回复 返回顶部 返回列表