Xemectrum

Posted: **Fri Jun 18, 2010 9:45 pm**

Yes, this is a tutorial including converting simple AA script, to codecave scripts.
It will be short and sweet. I don't include any dll stuff inside just merge it with the dll you've made.
Ok, let's start it.

We take this simple Instant Drop script

Code: Select all

//instant drop
// updated to MSEA 93 by nerrazzuri
[enable]
00ad0dd0:
add [eax],al
add [eax],al
add [eax],al
add [eax],al

[disable]
00af0dd0:
add [eax],al
add [eax],al
add [eax-71],al
inc eax

now to convert to a C++ script, you need to have it's bytes, which located in the memory view of Cheat Engine. (To learn on how to view Cheat Engine memory without getting HAD, LOOK HERE.)

I'll just give you the bytes here.

Code: Select all

add [eax], al //bytes 00 00
add [eax-71], al//bytes 00 40 8f
inc eax// bytes 40

The byte should be, 00 00 00 00 00 40 8f 40. This is the [disable] part, while for the [enable] part, we see that,

Code: Select all

add [eax], al // bytes 00 00

So, the bytes should be 00 00 00 00 00 00 00 00.

Create variables for the address that will be edited in the script.

Code: Select all

DWORD dwInstantDropAddy = 0x00af0dd0;

Declare a variable that will hold the bytes when the hack is enabled.

Code: Select all

BYTE Enabledbytes[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};

Declare a variable that will hold the bytes when the hack is disabled.

Code: Select all

BYTE Disabledbytes[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x8f, 0x40};

And write a function for the hacks

Code: Select all

void InstantDrop (__in BOOL bEnable)
{
     if(bEnable)
     {
           memcpy((void*)dwInstantDropAddy, Enabledbytes, sizeof(Enabledbytes));
     }
     else
     {
           memcpy((void*)dwInstantDropAddy, Disabledbytes, sizeof(Disabledbytes));
     }
}

now you are successfully converted a simple AA script to C++.

Posted: **Fri Jun 18, 2010 9:46 pm**

We are going to a more advance step, codecave, TBH, sometimes I have difficulties to convert some script also, but in these tutorial, I'll just teach you how to convert scripts that I know.

We are using full monster book script. Here is it.

Code: Select all

[ENABLE] 
alloc(MonsterBook,24) 
registersymbol(MonsterBook) 

0095d048:
jmp MonsterBook

MonsterBook: 
mov eax,5
jmp 0095d04d

[disable] 
0095d048:
call 007018c0

dealloc(MonsterBook,24) 
unregistersymbol(MonsterBook)

Alright, for codecave script, you could use inline ASM to insert the script directly. But first, you have to define jump globally so that the function could jump into the inline ASM script.

Code: Select all

#define jmp(frm, to) (int)(((int)to - (int)frm) - 5);

And then, we declare the address.

Code: Select all

DWORD g_dwBook = 0x0095d048, g_dwBooKRet = g_dwBook + 5;
char  g_szBookMem[5];

I know a lot of people doesn't really understand this, just follow the tutorial and you'll eventually understand it.

Create a function for inline ASM and add the AA script into it.

Code: Select all

__declspec(naked) void __stdcall MonsterBook()
{
    __asm 
    {
         mov eax,5
         jmp dword ptr [g_dwBookRet]
    }
}

Ok, I'll explain this one by one, why

Code: Select all

g_dwBooKRet = g_dwBook + 5;

It's because the codecave need to jump to the address 0095d04d, which have 5 bytes at the original address 0095d048.

Well for the

Code: Select all

jmp dword ptr [g_dwBookRet]

It's kinda like, jump a word instead of byte(correct me if i'm wrong).

Now, we need to create a function to call the inline ASM.

Code: Select all

void tglMonsterBook(__in BOOL bEnable)
{
     memcpy(g_szBookMem, (void*)g_dwBook, 5)//copy clean memory
     if(bEnable)
     {
          *(BYTE*)  g_dwBook = 0xe9; // 0xe9 = jmp
          *(DWORD*)(g_dwBook + 1) = jmp(g_dwBook, MonsterBook); // jmp to cave
     }
     else
     {
           memcpy( (void*)g_dwBook, g_szBookMem, 5);//copy the original bytes back to the address
     }
}

This is basically how a codecave script could be written in C++. I'll explain what is in the function.

Code: Select all

*(BYTE*)  g_dwBook = 0xe9;

as I stated, it is a jump into the inline assembly script. We declare a jump that will jump to the codecave.

Code: Select all

*(DWORD*)(g_dwBook + 1) = jmp(g_dwBook, MonsterBook);

This is where will jump into the codecave script.

Well that's all from my tutorial, correct me if I had written anything wrong, we can learn together. =)

Posted: **Fri Jun 18, 2010 10:50 pm**

1st 2 reply here

lol not many people interested in making hacks but are interested in leeching/buying them ._.
EDIT:
i found out this!!!.......
check your last code post
it has this erroe

Code: Select all

[/code}

Posted: **Fri Jun 18, 2010 11:14 pm**

I know that, I don't expect much from this thread though, just share some thought, anyway, edited the error part. Learn it and release stuff here. =)

Posted: **Fri Jun 18, 2010 11:16 pm**

I would be interested if tutorials to create a private bypass for each version were around <.<
(I do remember that someone on the internet had a very, very, very in-depth tutorial on making MapleStory bypasses for each new version that came out, like, it was generic and could be applied for any MapleStory version, you just had to use your noodle and figure it out >.>)

And if I knew C++ more.
I've tried to learn C++ before <.<
Not for hacking purposes, but for the sake of it.

But no C++ tutorial on the net managed to get me beyond making a console application that took user input and played around with it.
Or go in-depth with text-file editing and stuff =/

Ugh, ranting on here

Posted: **Fri Jun 18, 2010 11:42 pm**

LOL once i see C++ my eyes go @_@
What to click sia >.<

Still learning slowly ba
i wan to be like nerrazzuri
So Pro :X

Posted: **Sat Jun 19, 2010 12:07 am**

LearningCode wrote:I would be interested if tutorials to create a private bypass for each version were around <.<
(I do remember that someone on the internet had a very, very, very in-depth tutorial on making MapleStory bypasses for each new version that came out, like, it was generic and could be applied for any MapleStory version, you just had to use your noodle and figure it out >.>)

And if I knew C++ more.
I've tried to learn C++ before <.<
Not for hacking purposes, but for the sake of it.

But no C++ tutorial on the net managed to get me beyond making a console application that took user input and played around with it.
Or go in-depth with text-file editing and stuff =/

Ugh, ranting on here

The old method isn't usable since MapleStory updated from episode 1 to 2(I assume that tutorial was ages ago.)

Posted: **Sat Jun 19, 2010 12:24 am**

Yea, the tutorial was waaaaay long ago =/
I actually only downloaded maple again 2days ago =x

Long time since I touched maple.
I still remember when hacking Maple with a simple CheatEngine program was possible <.<

So..
No one has taken the time out to teach us clueless folk to make our own bypasses? =(
Being a leecher is a really horrible feeling, by the way =/

Posted: **Sat Jun 19, 2010 1:22 am**

me too... im just starting out on C++
Hahas tired with Wz Edit already everytime go in game dc one dunno what thing to edit
So i went with C++ and found it somewhat interesting

Posted: **Sat Jun 19, 2010 2:44 am**

C++ can do more than you imagine, that's why Windows use C++ to code in. =)

Xemectrum

[Tutorial]How to convert ASM script to C++

[Tutorial]How to convert ASM script to C++

Re: [Tutorial]How to convert ASM script to C++

Re: [Tutorial]How to convert ASM script to C++

Re: [Tutorial]How to convert ASM script to C++

Re: [Tutorial]How to convert ASM script to C++

Re: [Tutorial]How to convert ASM script to C++

Re: [Tutorial]How to convert ASM script to C++

Re: [Tutorial]How to convert ASM script to C++

Re: [Tutorial]How to convert ASM script to C++

Re: [Tutorial]How to convert ASM script to C++