[Reposted because it got buried under spam] V0.36 Addresses, Scripts, and Pointers

[xIntegrity]

This thread will be updated if I find more.

Current Addresses:

-= Memory View Hacks =-
Shadow Partner - 00665AB6 ZF [X] [ ]
Super Tubi - 00498FC5 ZF [X] [X]
Swear Hack - 00458E8E ZF [X] [ ]
Levitate - 006C137D ZF [X] [X]
No Hit Godmode - 0067DE96 ZF [X] [ ]
Dark Sight - 00667BD1 ZF [X] [ ]
Fly V1 - 006B2D45 ZF [X] [ ]
Moon Walk - 0066A5DA ZF [X][X]
Unrandomizer- 00717A4D EAX
0 = 13 STR
1 = 13 DEX
2 = 13 INT
3 = 13 LUK

-= Pointers And Manual Addresses =-
Char X - Pointer Address: 007D5D88 Offset: 57C
Char Y - Pointer Address: 007D5D88 Offset: 580
Bottom Wall - Pointer Address: 007D5214 Offset: 18
Top Wall - Pointer Address: 007D5214 Offset: 10
Right Wall - Pointer Address: 007D5214 Offset: 14
Left Wall - Pointer Address: 007D5214 Offset: C
Unlimited Attack - Pointer Address: 007D5CEC Offset: 1358
No Breath - Pointer Address: 007D5CEC Offset: 2D0
People Scanner - Pointer Address: 007D521C Offset: 18
Monster Scanner - Pointer Address: 007D5218 Offset: 10

Current Scripts:

BEFORE GOING ANY FURTHER, YOU MUST READ THIS!!!
Some hacks might either crash your MapleStory or not work.

CRC Bypass

[ENABLE]
ALLOC(CRC,128)
ALLOC(DUMP,3670018)
LABEL(OLDMEM)
LABEL(RET)
LOADBINARY(DUMP,V36.CEM)
CRC:
CMP ECX,00400000
JB OLDMEM
CMP ECX,00780000
JA OLDMEM
MOV EAX,DUMP
ADD ECX, DUMP-400000
OLDMEM:
MOV EAX,[EBP+10]
DB 56 57
JMP RET
0046548A:
JMP CRC
RET:

[DISABLE]
0046548A:
MOV EAX,[EBP+10]
DB 56 57
DEALLOC(CRC)
DEALLOC(DUMP)

PIN Unrandomizer (Full Keyboard)

[enable]
alloc(pinunrandom,128)
label(returnhere)
00622A79:
jmp pinunrandom
returnhere:
pinunrandom:
add eax,edx
push edx
shr edx,1
mov [eax],edx
pop edx
cmp byte ptr [eax],ff
jmp returnhere

[disable]
00622A79:
add eax,edx
cmp byte ptr [eax],0a

Unrandomizer STR

[Enable]
00717A48:
mov eax,0

[Disable]
00717A48:
mov eax,00007fff

Unrandomizer DEX

[Enable]
00717A48:
mov eax,1

[Disable]
00717A48:
mov eax,00007fff

Unrandomizer INT

[Enable]
00717A48:
mov eax,3

[Disable]
00717A48:
mov eax,00007fff

Unrandomizer LUK

[Enable]
00717A48:
mov eax,4

[Disable]
00717A48:
mov eax,00007fff

Instant Drop

[enable]
76BC38:
add [eax],al
add [eax],al
add [eax],al
add [eax],al

[disable]
76BC38:
add [eax],al
add [eax],al
add [eax-71],al
inc eax

No Hit Godmode

[ENABLE]
0067DE96:
je 0067ED3A

[DISABLE]
0067DE96:
jne 0067ED3A

Super Tubi

[enable]
498fc5:
db 90 90

[disable]
498fc5:
db 75 36

Swear Hack

[Enable]
458E63:
db ff

[Disable]
458E63:
db 01

Shadow Partner



00665AB6:
jne 00665F61

[DISABLE]
00665AB6:
je 0065F61



Moon Walk

[enable]
66a5da:
db 90 90

[disable]
66a5da:
db 75 38

Selective Wall Vac

[ENABLE]
alloc(begin,2048)
alloc(olddata,32)
alloc(pointer,4)
alloc(bool,4)
registersymbol(bool)
registersymbol(olddata)
label(set)
label(ret)
label(end)
begin:
cmp [bool],1
je set
ret:
mov esi,olddata
movsd
movsd
movsd
movsd
pop edi
jmp end
set:
mov esi,[007d5214]
mov esi,[esi+0C]
mov [pointer], esi
mov esi,[pointer]
mov [olddata],esi
mov esi,[007d5214]
mov esi,[esi+10]
mov [pointer], esi
mov esi,[pointer]
mov [olddata+04],esi
mov esi,[007d5214]
mov esi,[esi+14]
mov [pointer], esi
mov esi,[pointer]
mov [olddata+08],esi
mov esi,[007d5214]
mov esi,[esi+18]
mov [pointer], esi
mov esi,[pointer]
mov [olddata+0C],esi
mov [bool],0
jmp ret
006B266c:
jmp begin
end:
olddata:
DB 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
pointer:
DB 00 00 00 00
bool:
DB 01 00 00 00
////////////////////////////////////////////////////////////////////////////////
///
// SWvac (Selective Wall Vac)
// Author: nog_lorp
//
// This causes the classic wall vac to affect only flying and floating monsters
// meaning that it will never DC, regardless of what map you use it on. (It may
// still DC if you freeze walls and change map).
//
// NOTE: Turn this script on after entering a map. Then wallvac to your heart's
// content! This is full map, non-DC! Remember to turn off when you leave map
// (right before you leave map or right after entering different map).
//\
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\\\\\\\\\\\\\\\\\\\\\\\\\\\
[DISABLE]
dealloc(begin)
dealloc(olddata)
dealloc(pointer)
dealloc(bool)
006B266c:
movsd
movsd
movsd
movsd
pop edi

dICE Vac





[enable]
alloc(dICE,64)
alloc(right,4)
alloc(left,4)
registersymbol(right)
registersymbol(left)
label(return)
//z0mg lets secks ICE} n d3BuGG3D nao
//ORGY!!!
dICE:
pushad
mov edx, [7d5d88]
mov ebx, [edx+57c]
mov ecx,[edx+580]
add ebx, [right]
sub ebx, [left]
mov eax,[7d5214]
mov [eax+C],ebx
mov [eax+14],ebx
mov [eax+10],ecx
mov [eax+18],ecx
popad
mov [ebx], eax
mov edi,[ebp+10]
jmp return
right: //Set right to 0.
db 00 00
left: //Set left to 0.
db 00 00
6b68f6:
jmp dICE
return:
6b9258:
db 0f 84
6b2d45:
db 75
6b2fe1:
db 0f 85

[disable]
6b68f6:
mov [ebx], eax
mov edi,[ebp+10]
6b9258:
db 0f 85
6b2d45:
db 74
6b2fe1:
db 0f 84
dealloc(dICE)
dealloc(left)
dealloc(right)
unregistersymbol(left)
unregistersymbol(right)

Dicev2 Mouse Controlled (Tested and it works)



[enable]
alloc(dICE,64)
label(return)
dICE:
pushad
mov edx, [7D5360]
mov edx, [edx+978]
mov ebx, [edx+80]
mov ecx, [edx+84]
mov eax,[7d5214]
mov [eax+C],ebx
mov [eax+14],ebx
mov [eax+10],ecx
mov [eax+18],ecx
popad
mov [ebx], eax
mov edi,[ebp+10]
jmp return
6b68f6:
jmp dICE
return:
6b9258:
db 0f 84
6b2d45:
db 75
6b2fe1:
db 0f 85
[disable]
6b68f6:
mov [ebx], eax
mov edi,[ebp+10]
6b9258:
db 0f 85
6b2d45:
db 74
6b2fe1:
db 0f 84
dealloc(dICE)

Dicev3 ItemX+Y (Tested but unsure. It sort of looks like Dicev5 Melee except monsters are on your left and a bit further away)



[enable]
//WallVac to ItemXY instead of CharXY
//dICE v2
// hehe Never Fails!
alloc(dICEv2,256)
alloc(Right,4)
alloc(Left,4)
label(backToIt)
registersymbol(Right)
registersymbol(Left)

dICEv2:
mov edx,[ebx+00000548] //item Y
mov ecx,[ebx+00000544] // item X
push edx
push ecx
push [ebx+00000548]
push [ebx+00000544]
//Walls
mov eax,[7d5214]
pop ecx
mov [left],66
sub ecx,[left]
add ecx,[right]
mov [eax+C],ecx
mov [eax+14],ecx
pop edx
mov [eax+10],edx
mov [eax+18],edx
jmp backToIt
004339EA:
jmp dICEv2 // found this by doing a what accesses this address
nop // search on the item x address
nop // it is constantly accessed just like uber
nop // so it will constantly keep setting the walls!
nop
nop
nop
nop
backToIt:
Right:
db 00 00
Left:
db 00 00
6b9258:
db 0f 84
6b2d45:
db 75
6b2fe1:
db 0f 85

[disable]
004339EA:
push [ebx+00000548]
push [ebx+00000544]
6b9258:
db 0f 85
6b2d45:
db 74
6b2fe1:
db 0f 84
//dealloc(dICEv2,244)
//dealloc(Right,4)
//dealloc(Left,4)
//unregistersymbol(Right)
//unregistersymbol(Left)



Dicev4 Super (Very unsure)



[enable]
//WallVac to ItemXY instead of CharXY AND
//Super DUPER dICE FULL CONTROL OF DICE VAC!!!
// Gthuggin Technologies
// Original script by ICE and dBuGG3d
// Improved with the help of madeinqc
// Thanks Marco!
alloc(SuperDICE,300)
alloc(Right,4)
alloc(Left,4)
label(backToIt)
registersymbol(Right)
registersymbol(Left)
//My Add-ons
label(Mreturn)
alloc(Options,4)
alloc(GetWallValues,88)
alloc(NoVac,20)
alloc(MesoDrop,24)
alloc(MoveLeft,64)
alloc(MoveRight,64)
alloc(VacStart,4)
alloc(Xcheck,44)
alloc(Xcheck2,44)
alloc(Xcheck3,44)
alloc(RestoreJumping,44)
alloc(RestoreRopeJump,44)
label(ON)
label(ON2)
label(OFF)
alloc(LeftWall,4)
alloc(RightWall,4)
alloc(TopWall,4)
alloc(BottomWall,4)
alloc(ResetWalls,88)
alloc(Mouse,88)
alloc(KeepOn,4)
alloc(KeepSettingMouse,32)
alloc(JustSetOnce,32)
NoVac:
push [ebx+00000548]
push [ebx+00000544]
jmp backToIt
// Grabs the wall values before enabling
// So it knows what to set them back to
// When you disable the wallvac by dropping 40 mesos
GetWallValues:
pushad
mov eax,[7d5214]
mov ecx,[eax+C]
mov [LeftWall],ecx
mov ebx,[eax+14]
mov [RightWall],ebx
mov ecx,[eax+10]
mov [TopWall],ecx
mov ebx,[eax+18]
mov [BottomWall],ebx
mov [VacStart],0
mov [Options],A
mov [right],0
mov [left],0
popad
jmp SuperDICE
ResetWalls:
pushad
mov eax,[7d5214]
mov ecx,[LeftWall]
mov [eax+C],ecx
mov ebx,[RightWall]
mov [eax+14],ebx
mov ecx,[TopWall]
mov [eax+10],ecx
mov ebx,[BottomWall]
mov [eax+18],ebx
mov [VacStart],0
mov [Options],A
mov [right],0
mov [left],0
popad
jmp SuperDICE
Mouse:
pushad
mov edx, [007d5360]
mov edx, [edx+978]
mov ebx, [edx+80]
mov ecx, [edx+84]
mov eax,[007d5214]
mov [eax+C],ebx
mov [eax+14],ebx
mov [eax+10],ecx
mov [eax+18],ecx
popad
cmp [KeepOn],01
je NoVac
mov [Options],A
jmp SuperDICE
MesoDrop:
mov [Options],eax
cmp eax,[esi+000000b4]
jmp Mreturn
MoveRight:
mov [left],0
add [right],32
mov [Options],F
jmp SuperDICE
MoveLeft:
mov [right],0
add [left],32
mov [Options],F
jmp SuperDICE
KeepSettingMouse:
mov [KeepOn],01
mov [Options],46
jmp Mouse
JustSetOnce:
mov [KeepOn],0
mov [Options],A
jmp Mouse

SuperDICE:
cmp [VacStart],00
jne GetWallValues
cmp [Options],A // 10 to stay in one spot
je NoVac
cmp [Options],14 // 20 to move left
je MoveLeft
cmp [Options],1E // 30 to move right
je MoveRight
cmp [Options],28 // 40 to reset walls to original values
je ResetWalls // 50 to completely disable dice after resetting walls
cmp [Options],3C // 60 to set vac to mouse pointer
je JustSetOnce
cmp [Options],46 // 70 to constantly set vac to mouse pointer
je KeepSettingMouse
cmp [Options],63 // 99 to get new wall values if you change map
je GetWallValues
mov edx,[ebx+00000548] //item Y
mov ecx,[ebx+00000544] // item X
push edx
push ecx
push [ebx+00000548]
push [ebx+00000544]
//Walls
mov eax,[7d5214]
pop ecx
sub ecx,[left]
add ecx,[right]
mov [eax+C],ecx
mov [eax+14],ecx
pop edx
mov [eax+10],edx
mov [eax+18],edx
jmp backToIt

006AF705:
jmp MesoDrop
nop
Mreturn:
004339EA:
jmp SuperDICE // found this by doing a what accesses this address
nop // search on the item x address
nop // it is constantly accessed just like uber
nop // so it will constantly keep setting the walls!
nop
nop
nop
nop
backToIt:
VacStart:
db 00 00 00 99
Options:
db 00 00 00 00
Right:
db 00 00 00 00
Left:
db 00 00 00 00
KeepOn:
db 00 00 00 00
Xcheck2:
cmp [Options],32
je 006b93c0
jmp ON2
6B9251:
jmp Xcheck2
nop
nop
nop
nop
nop
nop
nop
nop
ON2:
RestoreRopeJump:
cmp eax,edi
pop ecx
pop ecx
je 006b30b7
jmp ON
Xcheck:
cmp [Options],32
je RestoreRopeJump
cmp eax,edi
pop ecx
pop ecx
jne 006b30b7
jmp ON
6B2FDD:
jmp Xcheck
nop
nop
nop
nop
nop
ON:
RestoreJumping:
cmp [ebx+00000158],esi
push edi
je 006b2d4c
jmp OFF
Xcheck3:
cmp [Options],32
je RestoreJumping
cmp [ebx+00000158],esi
push edi
jne 006b2d4c
jmp OFF
6b2d3e:
jmp Xcheck3
nop
nop
nop
nop
OFF:

[disable]
004339EA:
push [ebx+00000548]
push [ebx+00000544]
006AF705:
cmp eax,[esi+000000b4]
6b2d3e:
cmp [ebx+00000158],esi
push edi
je 006b2d4c
6B9251:
cmp dword ptr [edi+00000220],03
jne 006b93c0
6B2FDD:
cmp eax,edi
pop ecx
pop ecx
je 006b30b7
dealloc(SuperDICE)
dealloc(Right)
dealloc(Left)
unregistersymbol(Right)
unregistersymbol(Left)
dealloc(VacStart)
dealloc(NoVac)
dealloc(MesoDrop)
dealloc(Options)
dealloc(MoveLeft)
dealloc(MoveRight)
dealloc(LeftWall)
dealloc(RightWall)
dealloc(TopWall)
dealloc(BottomWall)
dealloc(ResetWalls)
dealloc(Mouse)
dealloc(Xcheck)
dealloc(Xcheck2)
dealloc(Xcheck3)
dealloc(RestoreJumping)
dealloc(RestoreRopeJump)
dealloc(KeepOn)
dealloc(KeepSettingMouse)
dealloc(JustSetOnce)




Dicev5 Melee



[enable]
alloc(dICE,64)
label(return)
//z0mg lets secks ICE} n d3BuGG3D nao
//ORGY!!!
dICE:
pushad
mov edx, [7d5d88]
mov ebx, [edx+57c]
mov ecx,[edx+580]
add ebx, 46

mov eax,[7d5214]
mov [eax+C],ebx
mov [eax+14],ebx
mov [eax+10],ecx
mov [eax+18],ecx
popad
mov [ebx], eax
mov edi,[ebp+10]
jmp return

6b68f6:
jmp dICE
return:
6b9258:
db 0f 84
6b2d45:
db 75
6b2fe1:
db 0f 85
[disable]
6b68f6:
mov [ebx], eax
mov edi,[ebp+10]
6b9258:
db 0f 85
6b2d45:
db 74
6b2fe1:
db 0f 84
dealloc(dICE)




Dicev6 Ranged



[enable]
alloc(dICE,64)
label(return)
//z0mg lets secks ICE} n d3BuGG3D nao
//ORGY!!!
dICE:
pushad
mov edx, [7d5d88]
mov ebx, [edx+57c]
mov ecx,[edx+580]
add ebx, af

mov eax,[7d5214]
mov [eax+C],ebx
mov [eax+14],ebx
mov [eax+10],ecx
mov [eax+18],ecx
popad
mov [ebx], eax
mov edi,[ebp+10]
jmp return

6b68f6:
jmp dICE
return:
6b9258:
db 0f 84
6b2d45:
db 75
6b2fe1:
db 0f 85
[disable]
6b68f6:
mov [ebx], eax
mov edi,[ebp+10]
6b9258:
db 0f 85
6b2d45:
db 74
6b2fe1:
db 0f 84
dealloc(dICE)




Dark Sight

[ENABLE] 00667BD1: je 00667BDE [DISABLE] 00667BD1: jne 00667BDE

00667BD1:
je 00667BDE

[DISABLE]
00667BD1:
jne 00667BDE



Flying Monsters

[ENABLE]
006B2A8C:

db 75

[DISABLE]
006B2A8C:
db 74



Assaulter Slide

[ENABLE]
0067A241:

je 0067A2D5

[DISABLE]
0067A241:
jne 0067A2D5



Teleport Up

[ENABLE] 006B54D4: db 76 [DISABLE] 006B54D4: db 73

006B54D4:
db76

[DISABLE]
006B54D4:
db 73



Teleport Left

[enable]
6B53D4:
db 72
[disable]
6B53D4:
db 73

Teleport Right

[enable]
6B5443:
db 77
[disable]
6B5443:
db 76

Suck Down

[ENABLE] 006B9258: je 006b93c8 [DISABLE] 006B9258: jne 006b93c8

006B9258:
je 006B93C8

[DISABLE]
006B9258:
jne 006B93C8



Attack Teleport

//found by dragonfngs
[enable]
0067a1c1:
jne 0067a1c8
[disable]
0067a1c1:
je 0067a1c8

Dragon Vac

[enable]
00534A0A:
jne 00534a21
00534A1F:
je 00534a31
0076A908:
dd 1
006B53D4:
jb 006b5429

[disable]
00534A0A:
je 00534a21
00534A1F:
jne 00534a31
0076A908:
dd 0
006B53D4:
jae 006b5429

Zero Vac

[Enable]
534a0a:
je 00534a21

[Disable]
534a0a:
jne 00534a21

Mouse Vac (Travelling)

[Enable]
Alloc(MouserX,512)
Alloc(MouserY,512)
label(back)
label(return)
6b68f6:
jmp MouserX
back:
6b695b:
jmp MouserY
return:
MouserX:
mov eax, [007D5360]
mov eax, [eax+978]
mov eax, [eax+80]
mov [ebx], eax
mov edi,[ebp+10]
jmp back
MouserY:
mov eax, [007D5360]
mov eax, [eax+978]
mov eax, [eax+84]
mov [edi], eax
mov ebx,[ebp+14]
jmp return
[Disable]
6b68f6:
mov [ebx], eax
mov edi,[ebp+10]
6b695b:
mov [edi],eax
mov ebx,[ebp+14]
dealloc(MouserX)
dealloc(MouserY)

Zig Zag vac

[enable]
6b2d45: //Fly v1
db 75
6b2fe1: //Monster Jump
db 0f 85
[disable]
6b2d45:
db 74
6b2fe1:
db 0f 84

Credits to ICE} for the Selective Wall Vac and dICE Vac, dragonfngs for the Dragon Vac, Zero Vac, and Mouse Vac, and I found all the other scripts myself. (Myself meaning xterminator1 for posting it and anything he did in finding/making these scripts and pointers)

BTW, this is for the guy that learned how to make CT's all by himself and for anyone that couldnt find it due to spam.

WOAH lol. Looks like it didn't copy the little bubbles when I got this off of xterminator1's thread. :o I'll work on fixing it :)

Okay then....Well this is copy and pasted from xterminator1's thread which is buried WAYYYY down below. When I pasted it, it wouldn't let me post it because there's a 20 image limit. Apparently there was 156 images? Anyways, the only way for me to get the scripts lined up properly is nearly impossible for me because I'm feeling lazy right now. And that way is to retype them which could take from 1-2 hours.

Okay well, I was bored and I fixed everything. Just no bubbles so yeah.

[hehehekid]

cool but dont they cts for that now? :P

[xIntegrity]

Yeah they do. But this is for people who I guess wanna play with scripts, add stuff to their CT because they don't have a high detailed one and whatnot. Or I guess even make a custom CT that has only the useful stuff.

[evi]

You could just have bumped his thread up you know...

[tomnelson]

This is all copied and pasted wrong.

[xIntegrity]

Quote:

Originally Posted by evi

You could just have bumped his thread up you know...

Yeah? Well I'm a GzP newb. I don't know how to bump.

and tomnelson, it technically wasn't copy and pasted anymore cause it made me remove the bubbles. Apparently the images of the parts of ALL the bubbles together was 156....136 past the 20 image limit. So I had to remove the bubbles, then retype everything.

[tomnelson]

Um, it is called using [code]

example

Code:

gay

[code] - This starts it
- Put what you want here
[sss/code] - Take out the sss and this finishes it

[evi]

You could just have said, Good job for finding the addresses xterminator. A post automaticlly bumps up a thread.

[metsysman]

Try and keep this up lol

[kappieman9]

Lol what is SuperdICE? DupeX + dICE works fine for me. Can anyone explain?