{lang: 'en-US'}

[Tutorial]The Basics Of Maplestory Hacking

Table Of Content

First thing first, let me show you the power of hacking. The power of hacking is beyond your imagination.


1.Game Hacking
2.Anti hack programs
3.Auto Ban Systems
4.Trainers
5.Injectors 
6. Memory Hacking
7. Cheat Engine (CE) 
8. DLL Hacks and Injectors
  • Hacking Terminology
  • Hack Definitions:
  • General Stuff
  • Credits

First of all, this guide is created for those that have just started their hacking journey in Maplestory.
All the information here are contributed at other hacking forums, and I compiled all of the useful information here. This should be the best start-up guide for a beginner hacker in MapleStory. 

1.Game Hacking
Game hacking is the process of editing the games data, memory, etc to gain an unfair advantage over other players. Hackers normally use hacks to gain money faster, level faster and do everything better and abnormally. Hacks can be in different forms, from memory editing to program disassembling to packet editing. There are many different hacks out there.

2.Anti hack programs
Most online games have anti-hack programs, such as gameguard and hackshield.These programs are embedded into the games and they run in the background. The program will then scan constantly for memory edits within it's range of scanning. If there is a positive that the person is hacking, the hackshield program will send a command the the game to disconnect you.
The current version of Maplestory is using hackshield.

Hack Shield consists of:
  1. EhSvc.dll
    • EhSvc is the Hack Shield interface dll
    • It communicates between the game client and Hack Shield
    • It communicates with the Hack Shield driver (EagleNT.sys)
    • It initiates the hack tool detection engine
    • This is usually the only file needed to create a workable bypass
  2. V3Pro32s.dll
    • This is the hacking tool detection interface dll
    • This starts the hacking tool detection engine
    • This is helps the scanning of known hack signatures
    • A very important file. This could interrupt the Hack Shield driver if correctly intercepted
  3. V3Warp(d)(n)s.v3d
    • The anti-hacking engine pattern file
    • Not to sure exactly what this does, but it reads the 3N.mhe file
  4. EagleNT.sys
    • The Hack Shield kernel driver
    • Performs anti-hacking functions, protects the game client's process, and hooks certain API's, rendering them useless
    • If successfully uninitiated, it could enable the use of many API's and functions such as Read/WriteProcessMemory.
  5. 3N.mhe
    • The Heuristic engine file
    • Contains the patterns used to search for known hacks
  6. psapi.dll 
    • The process status helper dll
    • Helps scan process signatures and control process functions
Hack Shield Flow
Here is a graphical chart explaining how Hack Shield is started:

3.Auto Ban Systems
 By now all Maple Story players are aware of the auto ban. Now i will explain how it really works.

Most online games have an auto-ban system that bans the user for hacking. Most of the time, these will ban you for a month, a few weeks or days. Maple story has an auto-ban system, so does many other games, such as Wow, war rock, etc. These can be a pain in the butt. The auto-Ban system works by detecting the values of the game, and if something is abnormal,(as long as it has been coded to ban you for that hack.) it will ban you.

First of all Maple Story auto ban works with a file called the protection module.

When you enable Maple Story hacks, the protection module detects that some sort of alteration was done to its client files. The protection module will close the game as soon as it detects alteration. This is to prevent the player from using the hack. If the player has a bypass that will shut down the protection module, they will be able to play the game with the hack enabled. This is where the main part of auto ban comes in. Every time you do a hack and use it you are creating unknown movements in the game which will be sent through the game server and once this server verifies that it is indeed unknown movements that means that you have done some alteration towards the game files. After a while having the hack enabled, a message will pop up saying that you have been banned by GM Maple Story. GM Maple Story is the auto ban bot. This article has explained every detail of the Maple Story auto ban.

2.Client and Server
The client is the Maplestory.exe and all of its contents that you have downloaded in your computer.The server is where all the player levels,exp data and item data is stored.When a hack is said to be server sided,it means that other players using other clients will experience it.When a hack is said to be client sided, only the player with the client experiences it

3.Wz Editors 
Many hacks in the downloads section have a so called "patcher" What is a patcher? If you are new to hacking, a patcher is a program that will modify the selected file to do things such as a skill attacking more than 1 monster at once, making monsters spawn in an abnormal place, etc. There are many .wz patchers, such as the Svac and KOC Dem patchers in the downloads section. You can simply select the appropriate .wz file you need to patch from the maple folder and patch it. The default location for the maple folder is normally C:/nexon/maplestory or C:/maplestory(although the second one is less common now, the older maple installations had the second path.)

4.Trainers
A trainer is a group of hacks/bots compiled together into a single program or DLL file. In the DLL form, when you inject the trainer DLL into the game process, it will pop up with a Graphical interface you can use to enable and active hacks/disable hacks. Trainers can also be .exe files also. The two types of trainers are in these 2 file formats: .exe, and .Dll

http://www.w8baby.com/forums/showthread.php?76269-The-Ultimate-Guide-to-Making-a-MapleStory-Trainer!

5.Injectors

Injectors are programs that are used to "inject" DLL files into a game to hack it, and edit it. Basically what a injector does is it forces the DLL into the process, and basically the DLL becomes "part" of the process when injected. All hacks in .dll form will require an injector.

6. Memory Hacking
A. Memory Hacking

1. What is Memory Hacking?
Memory hacking, a well known technique by most (hopefully all) MS hackers. Memory hacking is the first and most used method of hacking MS, it is also the post powerful. Memory hacking involves modifying the game's memory which in turn alters the game play. This is how many cheats such as monster vacuum's, godmodes, fly hack, and other cheats are made
2. How is it done?

Memory hacking is usually accomplished by using every hacker's best tool, Cheat Engine. It is also commonly done by creating a DLL file that is injected into the game process (more on this later). A less-commonly used method is done by other executable programs (EXEs), but that is usually harder to bypass so it is not as common.
3. What can they do?
Memory editing can do whatever your mind can imagine... well mostly everything. Anything from monster vacuums, godmodes (can't be hit by monsters), game exploits, packet editing (modifying the data sent to the game server), and more can be done with memory edits. Although many will disagree with me (I can see it already), Cheat Engine is probably the most powerful tool in hacking. Too all those folk who brag "Packet editors are way better than CE" just remember what a very intelligent hacker once said (darkbyte), "Cheat Engine can do everything a packet editor can... and more."
3. Where do people come up with these hacks?

I'm not going to far into detail here, but usually hacks are found by searching for a value (example, the amount of ammo in a pistol), finding out what modifies that value, and modifying the ASM to modify the outcome (infinite ammo). You'll learn about this the more you hack (hopefully).
4. Where can I learn to make my own hacks?

I wouldn't worry about this yet, but you can look at other scripts and learn how they work. It also helps to learn assembly. Reading old tutorials (even on updating scripts, pointers, finding pointers, anything) is great.

7. Cheat Engine (CE)

1. What is Cheat Engine?
Cheat Engine is your best friend. It lets you search for addresses, modify game memory, and basically overall just hack in general.
2. Where can I get Cheat Engine?
Get it from it's homepage, here.
Never get it ANYWHERE else.
3. How Do I configure Cheat Engine?

Since I'm so kind I uploaded the settings to here. If you are planning on bypassing HackShield (see later), you may want to enable the following settings:
4. What can/can't I do with Cheat Engine?

  • You CAN enable/disable hacks at the play screen.
  • You CAN search for values in the game.
  • You CAN modify the game's instructions.
  • You CAN'T use CE in-game unless you have a bypass (see below).
  • You CAN'T packet edit (not directly at least) with CE.
  • You CAN'T expect to learn how to use it in 5 minutes.
  • You CAN'T use it to press keys (for botting and such)
  • You CAN'T use it to inject DLLs into the game
5. CTs, scripts, and the address list. (How do I use a script/CT?)

AA scripts, the public's long time favorite friend. AA scripts are the most common type of hacks available online. How do you use this might you ask? Well let's explain:
1. Open CE, then open MS. If you're using my CE settings, it will auto-attach to MapleStory.exe. If not, go back to CE and click the glowing computer icon in the top left. Select MapleStory.exe from the process list and hit "Open."



2a. To load a CT, click the folder (by the computer), browse for it, and hit open. The scripts will appear in the address list below.

2b. To assign a script to the address list, first copy it to your clipboard. Next, click "Memory View" in CE, then navigate to Tools -> Auto Assemble (or press Ctrl+A while in the memory viewer). Paste the script in the dialog below, and navigate to File -> Assign to current cheat table.



3. When you're done, you can (optionally) save your CT by pressing the floppy disk icon (next to the computer icon) and typing in a name.
PRO-TIP: Rename the hacks by double-clicking them in the address list.

4. To enable/disable hacks, simply click the check box next to hack (checked = enabled).

5. Close CE before you press "Play!" (unless you have a bypass), and hack away!

Another useful feature of CE is the ability to monitor values at certain addresses. Here's a short tutorial on how to add an address and a pointer.

1. Attach CE to MS (see above).

2. Press "Add Address Manually" in CE.

3a. If you're not adding a pointer, simply type in the address, description (name, ex: Current HP), and select the data type. The data type is usually 4byte, with double being the second most common. Press "OK."

3b. If you are adding a pointer, fill in the description, and select the data type. Tick the check box marked "Pointer." Fill the the base address in the box on the left, and press "Add" for each offset in the pointer. Next, fill in the offsets in the boxes on the right (starting at the bottom). When finished, press "OK."


8. DLL Hacks and Injectors
A. DLL hacks

1. What are they?
DLL hacks are programs compiled (created into) a DLL file, which is then injected into the game process to modify the game memory.
2. How do I use them?

You use them by first injecting them into the game (see below). Some will provide dialogs to change settings or enable/disable things while in-game. Others will simply perform their job when injected and do nothing more (bypasses for example).
3. What can they do?

They can do everything AA scripts can do, and more. They provide a user interface so things can be enabled or disabled while in-game. They can display visual data such as pointers and what not, and also press keys for you, allowing you to bot while not on the computer.
4. How can I make sure they are safe?
First of all, if you don't trust it, don't download it. w8baby requires all releases to be approved by a mod, so most malicious things never even make it in contact with the public. To be safe, always scan your DLL file with VirusTotal, Jotti VirusScan, Kaspersky, or whatever floats your boat.
B. Winject & Other Injectors

1. What is a DLL injector?
A DLL injector is a program designed to inject (or load) a DLL into another process. This is how all DLL hacks are loaded into the game process. I do this using Winject, a simple DLL injector located here.
2. How can I inject a DLL into MapleStory? (Winject How-To)

There are many different types of injectors and all require a different method to use them. Here is an example of how to use Winject written by FirsT.
3. Common Problems
  • Error: "... is already injected or loaded into process.exe..."
  • Solution: Your DLL is already injected! Close the process and re-open it to inject the file again.
  • Error: "Both injection-methods failed!"

    Solution: Either the DLL wasn't compiled correctly or you are missing a required library (such as a C++ runtime) to use the file. Check with the author/source to see what files are required and install them.

    Hacking Terminology

    1.Bypasses
    A bypass is something that is coded that will prevent the hacking detection system from detecting the hacks you are using.Hs-crc refers to the hackshield cyclic redundancy check while Ms-crc refers to the check in the maplestory itself.If Hs-crc has failed,you will get a message that says hack detected.However,if the Ms-crc fails,the maple will just crash by itself.

    Bypassing The Checks

    A. What is HackShield?

    Ahnlab's HackShield is the notorious rival of MS's old anti-cheat we all knew as nProtect GameGuard. It scans for known cheats (such as CE, Winject, etc.) and closes the game process when it detects them. It also blocks the use of several hacking-related functions which makes many hacks useless without a bypass.
    B. What is a CRC?

    A CRC is a check ran by both HackShield and MS to check for modifications to the game memory. It constantly monitors the memory and if it detects any alterations, it closes the game process.
    C. How can I bypass these checks?
    In order to use memory hacking, this check must be relocated to a copy of the game memory that is free of alterations. There is USUALLY a public DLL file out to bypass these checks. Also, there are sometimes AA scripts that will bypass them, too. An example for gMS v87 can be found here. At times, there are also HackShield bypass's that become public. This will allow you to use CE while in-game, which is a great thing.
    V. Programming and Beyond (C++/C#/Delphi/etc.)

    A. What is programming?


    Computer programming (often shortened to programming or coding) is the process of designing, writing, testing, debugging / troubleshooting, and maintaining the source code of computer programs. This source code is written in a programming language.
    B. What can I do with programming?

    Using programming you can create your own hacks, bots, and other utilities. Also please do not forget, YOU CAN USE PROGRAMMING FOR THINGS OUTSIDE OF MAPLESTORY HACKING! And yes, it was completely necessary to put that in caps.
    C. Where can I learn to program?

    Books are usually your best bet, ask other people for suggestions on books as I've only read one book on C++: Accelerated C++. I'd recommend it for beginners as it outlines almost if not every aspect of Pure C++. After you learn the basics, you can move on to learning about the Windows API (you'll learn what this is once you learn to program) and finally onto game hacking.
    D. Programming Resources

    I need the community's help on this one. If you know of ANY good programming resources, please bring them to my attention (PM, MSN, whatever).

    //MSCRC - No on no hack
    //MSEA v101
    [enable]
    alloc(mscrc,100)
    alloc(copy,1024)
    alloc(dump,10482664)
    createthread(copy)
    label(exitmscrc)
    label(mscrcret)
    label(llop)
    label(getoutahere)

    mscrc:
    cmp eax,00401000
    jl exitmscrc
    cmp eax,00E00000
    jg exitmscrc
    sub eax,00401000
    push ecx
    lea ecx,[dump]
    add eax,ecx
    pop ecx
    exitmscrc:
    movzx ecx,byte ptr [eax]
    mov eax,[ebp+14]
    jmp mscrcret

    copy:
    mov eax,00401000
    lea ecx,[dump]
    llop:
    xor ebx,ebx
    movzx ebx,byte ptr [eax]
    mov byte ptr [ecx],bl
    inc eax
    inc ecx
    cmp eax,00E00000
    jg getoutahere
    jmp llop
    getoutahere:
    lea ebx,[dump]
    add ebx,789F74 // 00B8AF74 - 401000
    xor eax,eax            
    mov al,0F
    mov byte ptr [ebx],al
    inc ebx
    mov al,B6
    mov byte ptr [ebx],al
    inc ebx
    mov al,08
    mov byte ptr [ebx],al
    inc ebx
    mov al,8B
    mov byte ptr [ebx],al
    inc ebx
    mov al,45
    mov byte ptr [ebx],al
    ret

    00B8AF74:
    jmp mscrc
    db 14
    mscrcret:

    [disable]
    00B8AF74:
    db 0F B6 08 8B 45 14

    dealloc(mscrc)
    dealloc(dump)
    dealloc(copy)


    Hack Definitions:
    (This was a quick guide I just wrote, Don't expect it to be perfect. - All recources posted were crossed for the current version of maplestory [V99.1])



    GodMode - Does not recieve damage. Can not be killed (God like.)
    Full Godmode - Does not recieve damage. Can not be killer (God like.)
    Miss Godmode - Player takes damage once, then attacks will miss for a specified number of attacks.
    Block Damage - Prevents damage packet from being recieved(or sent not sure which) meaning the health doesn't go down.
    Morph Godmode - Client Sided (Only you see it), will transform you as if your using a buff, general setting is 9, Allows looting and traveling without taking damage, but play can't attack.
    Anti death - Player can't attack or travel or loot, but can walk around after death (usualy used to move to safety then combined with revive packet)
    Tubi - (Anything tubi related, includes super tubi etc) Removes the delay from looting, can loot faster and multiple items at any one time.
    UA(unlimited attack) - Allows you to attack with a bot without having to move after every 100 hits.
    UB(unlimited buff) - Allows you to cast the same buff when botting without having to move every 20 casts.
    No player KB - Player doesn't get bounced or "pushed" when hit.
    No mob KB - Mobs will not be moved when you hit them.
    Sit hack - Player sits down anywhere.
    CS mouse Fly - Client sided, the player can fly using thier mouse but only they see it.
    SS mouse Fly - Server sided, Player can fly using their mouse everyone can see it.
    MMC - Mob mind control, Monsters will go to selected point of map, works best with flying or swimming mobs.
    Icy - Causes the WH skill "call of the hunter" to act as a killing machine, *Riu version loot drops on your head if mini map is open.
    Jump down any - No distance check when jumping down, Allowing jumping down from anywhere *When jumping from map floor, it will reload map.
    Fall through floor - Player falls continuously until disabled, this may cause the game to crash if you forget to dissable it after a while.

    Botting Definitions:

    Auto CC - Automaticaly sends the change channel packet (Doesn't check for breath), when a criteria is met, criteria is but not limited to (Time || People || attacks).
    Auto CS - Automaticaly send cash shop packet (Doesn't check for breath), when a criteria is met, criteria is but not limited to (Time || People || attacks).
    Auto attack - Will simulate a key press at assigned intervals directly into the process (doesn't usualy need to be focused.) on an assigned keyboard key.
    Auto Loot - Loot items on the floor automatically by spamming the pick-up items key.
    General Stuff
    Hacks Section

    Tubi
    -Increases looting speed by causing you to pick all the items up at once instead of one at a time.


    PIC Type
    -Allows you to type in your PIC instead of clicking the buttons.

    No Aran Movement
    -You don't inch forward slowly while attacking as an Aran.

    No KB
    -You are not knocked back by monster attacks, similar to using the skill "Power Stance"

    Click Tele
    -Allows you to teleport to specified spot by clicking there.

    Map Speedup
    -Increases the speed at which everything in the map moves.

    CS MouseFly
    -You fly according to your mouse location. Client Sided.

    Bind Any Skill
    -Allows you to bind any skill to your keyboard.

    Hidden Potential
    -Allows you to view an un-revealed items hidden potential without revealing it.

    No Breath
    -No breath animation allowing you to do things such as CC and equip items after being hit or attacking.

    Auto BaM Auras
    -Automatically uses the "Battle Mage"s aura skills.

    Unlimited
    Attack
    -Attacking does not stop at the 100 per XY coordinate.

    Buffs
    -Buffs last forever.

    Mob Control
    No KB
    -When attacked by a mob you do not get knocked backwards, similar to using the "Power Stance" skill.

    No FightBack
    -Mobs will not fight back when attacked.

    Silence
    -Mobs do not cast magic.

    Safe Lag
    -Mobs do not move.

    Lemmings
    -Mobs fall off of their platforms.

    Godmode

    Full
    -No mob can do any damage to you.

    7miss
    -When hit mobs will miss 7 times and then hit on the 8th.

    Packet
    -Blocks the damage packet.

    Long Blink
    -When hit you will have invincibility frames for longer.

    Morph GM
    -Turns you into a random transformation and nothing can damage you.

    AutoRevive
    -When you die you revive in the same map automatically.


    PG

    Class
    -Spams a class specific skill.
    I/L Mage~F/P Mage~Priest~BaM = Level 70+ "Teleport Mastery" skill is used.
    Mech = 120+ "Giant Robot SG-33" skill is used.
    BaM-Twister = 120+ "Twister" skill is used.

    Delay
    -What delay the skill is spammed at, 1 being the fastest and 15 being the slowest.

    No Animation
    -When using PG no hit animation is displayed, reducing lag greatly.


    Mechanic Hax

    Permaflame
    -Mechanics "Flamethrower" attack lasts forever instead of the max level 8 seconds.

    RocketBooster NoJump
    -When enabled your Mechanic will jump lower and upon landing will cause damage to mobs around themself. Credits @Genesis

    Perma-Siege
    -The 3rd job skill "Siege Mode" lasts forever along with with you can move in it upon enabling this hack.

    Perma-Tank
    -When "Seige Mode" is used in the 4th job "Tank Mode" and this hack is enabled you can move around along with it lasts forever.


    IRM

    Auto
    -Uses the "Wild Hunter" second job skill "It's Raining Mines!" and automatically drops mines on top of mobs in the map.

    Manual
    -Uses the "Wild Hunter" second job skill "It's Raining Mines!". Allows you to manually set where the mines will fall.

    Spam Delay
    -The speed at which the skill is used.

    LVL
    -The current level of "It's Raining Mines!"


    Vacs Section

    Dupex

    Enabled
    -Enables Dupex, used on jumping mobs.

    DupeD
    -Causes normal mobs to jump Credits @Genesis

    Range
    -The amount of the map that is vacuumed to you.

    Delay
    -How often mobs are vac'd to you.


    Kami

    Kami Offsets
    -Using the specified offsets, this hack when enabled will teleport you to that position away from the mob. (EG X-30 Y-40 would put you 30 to the right or left of the mob and 40 Y would put you 40 above the mob, the coordinates should be played around with until you have a happy result.) Best used

    Loot
    -Similar to the Kami hack but instead it teleports to items whenever the condition in the Bot>AutoLoot>If is met.


    Filtered Fade

    Normal
    -Allows you to kill a mob by sending a packet. No items drop (There are glitched mobs where items DO drop) and you receive no EXP.

    Boss
    -Allows you to kill a boss by sending a packet. No items drop (There are glitched mobs where items DO drop) and you receive no EXP.

    Pet Item Vac
    -Using a pet meso magnet/item pouch this hack vacuums all items to your pet.

    Special Thanks/Conclusion
    Thanks to anyone who found this information useful, the authors of any content I provided in this article, and to me for compiling this information.

    FullyAwesome from w8baby

    Blogger Tips and TricksLatest Tips And TricksBlogger Tricks