1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[Tutorial] Make a Trainer in C++ part 3

Discussion in 'Programming' started by DarkSpace, Aug 19, 2010.

  1. DarkSpace

    DarkSpace Well-Known Member Coder

    AA script was wrongly updated. Script has been editted. Thanks to Elite Crew for pointing it out

    Ok here is yet another tutorial. we'll cover scripts that dont have visable bytes that you can just convert to c++.
    script like

    You'll need to have Cheat Engine 5.6 or any other Tool that can read memory.
    Link will be at the end of the tutorial

    Code (Text):
    2. // Language Barrier Bypass
    3. // Updated by SeNeco
    4. [enable]
    5. 005E0DA9: //3B 4A 20 ?? ?? 6A ?? 6A ?? E8 ?? ?? ?? ?? 59 59 ?? ?? 50 8B CE E8
    6. mov dword ptr [edx+20],ecx
    7. db EB 0D
    9. 008FB0E9: //3B 4A 20 ?? ?? 68 ?? ?? 00 00 8D 45 08 50 B9 ?? ?? ?? 00 E8
    10. mov dword ptr[edx+20],ecx
    11. db eb 2f
    13. 008FB2FF: //3B 4A 20 ?? ?? 68 ?? ?? 00 00 8D 45 08 50 B9 ?? ?? ?? 00 E8 (2nd)
    14. mov dword ptr[edx+20],ecx
    15. db eb 2f
    17. [disable]
    18. 005E0DA9:
    19. db 3b 4a 20
    20. db 74 0d
    22. 008FB0E9:
    23. db 3b 4a 20
    24. db 74 2f
    26. 008FB0E9:
    27. db 3b 4a 20
    28. db 74 2f
    as you can see the enable section has 3 addies and things like "mov dword ptr [edx+20],ecx"
    To find what those things are in Bytes Open your CE5.6
    Start MapleStory and leave it on the Splash Screen.

    https://imagizer.ImageShack is toxicus/v2/834x702q90/540/mhERQr.png

    Click on the Little Computer under "File" on your CE

    And you'll get something like

    https://imagizer.ImageShack is toxicus/v2/340x405q90/536/HSSTQy.png

    Find MapleStory.exe there and press Open Button.

    when you are done. its time to get those Bytes

    Click on the Memory View Button on your CE and you'll something that looks like this screen

    https://imagizer.ImageShack is toxicus/v2/598x620q90/743/06Zh3C.png

    Go To "Tools" and select "Auto Assembly", Copy and paste the Above script into the Window.
    If you are reading this after version 0.63d then you'll need the updated script. but they all work the same way

    You'll have something like this
    https://imagizer.ImageShack is toxicus/v2/551x614q90/536/gtbkni.png

    Go to "File" and "Assign to currect cheat table"

    Now you'll have 1 hack added to your cheat table.

    https://imagizer.ImageShack is toxicus/v2/514x88q90/538/pWWOdK.png

    Now lets find the bytes.

    if you look at the script. 1st addy is
    Code (Text):
    2. 005E0DA9: //3B 4A 20 ?? ?? 6A ?? 6A ?? E8 ?? ?? ?? ?? 59 59 ?? ?? 50 8B CE E8
    3. mov dword ptr [edx+20],ecx
    4. db EB 0D
    Go Back to your Memory View window. right click anywhere in the top part of the window click on Go to Address

    https://imagizer.ImageShack is toxicus/v2/588x614q90/537/u3IUQ5.png

    Type the 1st addy in the box and Click OK
    https://imagizer.ImageShack is toxicus/v2/306x112q90/673/Yq26xE.png

    Here you see the bytes that should match the [disable] section of the code for that addy

    lets look at them
    https://imagizer.ImageShack is toxicus/v2/579x329q90/538/3iUiKE.png

    3b 4a 20
    74 0d

    Code (Text):
    1. [disable]
    2. 005E0DA9:
    3. db 3b 4a 20
    4. db 74 0d
    Good, that matches the disable Bytes. Now to find the enable bytes.

    go to your cheat table and tick the hack.

    and watch the bytes change!
    https://imagizer.ImageShack is toxicus/v2/561x330q90/674/CkOyUP.png
    The bytes changed from

    3b 4a 20
    74 0d


    89 4a 20
    eb 0d

    we can write our 1st addy in C++ now
    Code (Text):
    2. DWORD CCBarriorBypass1 = 0x005E0DA9; //3B 4A 20 ?? ?? 6A ?? 6A ?? E8 ?? ?? ?? ?? 59 59 ?? ?? 50 8B CE E8
    3. BYTE enableCCBypass1[] = {0x89, 0x4a, 0x20, 0xeb, 0x0d};
    4. BYTE disableCCBypass1[] = {0x3b, 0x4a, 0x20, 0x74, 0x0d};
    Now do the same thing with the other 2 addies. when you have all 3 completed. you can activate it like
    the hacks in Tutorial part 2

    Code (Text):
    2. void Form1::checkBox2_CheckedChanged(System::Object ^sender, System::EventArgs ^e)
    3. {
    4.     if(this->checkBox2->Checked)
    5.     {
    6.         memcpy((void*)CCBarriorBypass1, (void*)enableCCBypass1, sizeof(enableCCBypass1));
    7.                 //memcpy for addy 2
    8.                 //memcpy for addy 3
    9.     }
    10.     else
    11.     {
    12.         memcpy((void*)CCBarriorBypass1, (void*)disableCCBypass1, sizeof(disableCCBypass1));
    13.                 //memcpy for addy 2
    14.                 //memcpy for addy 3
    15.     }
    16. }
    Leave questions in this thread =P i'll read them and answer as fast as i can.

    Download CE 5.6
    Last edited: Aug 9, 2014
    • Like Like x 5
    • Great work Great work x 1
  2. Twister

    Twister Well-Known Member

    Great job again W8Dark, I love the way how you make things look so easy. Your tutorials have already helped me more then the ones Ive read.
  3. DarkSpace

    DarkSpace Well-Known Member Coder

    Good thats what they are supose to do =D
  4. Danny1994

    Danny1994 Likes to contribute Coder

    Funny how you can make such a long tutorial for such a easy shit :P
    But nice Tut anyhow !
  5. DarkSpace

    DarkSpace Well-Known Member Coder

    hey easy shyt for us maybe!

    but knowing the basics is half the battle.

    i had tons of questions about people not knowing how to convert scripts with more than 1 addy in them.
    so this tutorial covers how to convert hacks that are longer than 1 addy and that have asm in them that needs to be changed to bytes.
    • Like Like x 1
  6. Ation

    Ation s. mod Moderator Donor

    Wow, thanks - once again. Is there going to be "part 4"?
  7. DarkSpace

    DarkSpace Well-Known Member Coder

    yea part 4 will be a codecave scripts =P
  8. NonLeaf

    NonLeaf Well-Known Member

    Excelent tutorial ! I was working at it today, thanks! XD
  9. spawnfestis

    spawnfestis Well-Known Member

    Even though I don't like that these tutorials are not of the highest potential, I think it's great that you are adding pictures to the tutorials. I bet many of the "english-handicapped" people will understand these a lot better than the pure text ones..!
  10. DarkSpace

    DarkSpace Well-Known Member Coder

    yeah. i COULD make a tutorial with the complex things. but im making a tutorial for beginner programmers.
    its just to get them into programming, they'll learn tips and tricks as they go. like you, me and other programmers out there.
    you take what you have and you develop it into your own thing.

    these tutorials are just a guide line to how to go about doing things.

    i ask some people "how to do invisable mob check" and instead of them telling me how its done i just get
    "find mob animation pointer"

    thats help enough, i'll try all i can with it untill i get it. and yeah i dont mind that person telling me that because info is info.
    how you use it is up to you =D

    but thanks for the reply.
    would be nice if someone else also joined in and started making high level tutorials.

    i'd love to read some things that i still dont know how to do =D
  11. NonLeaf

    NonLeaf Well-Known Member

    W8Dark, I play maplestory for 3 years, and I hacked like 2, leeching hacks... because I never saw a good tutorial that explains how to make MY OWN hacks... now whit your tutorials i'm getting in, your making a good job, continue! I still have alot of questions but maybe they'll be answered in your next tutorial!


    EDIT: btw

    I did the same whit this script

    // MobDisarm
    // Updated by SeNeco
    0091F811: //75 1A 6A 14 89 10 8B 44 24 18 57 81 C6 ?? 04 00 00 56 89 01 begin_of_the_skype_highlighting--------------04 00 00 56 89 01------end_of_the_skype_highlighting E8 ?7 ?? 09 00 83 C4
    jmp 0091f727

    jne 0091f727

    And the code at c++ is:

    DWORD MobDisarmPointer = 0x0091F811;
    BYTE enableMobDisarm[] = {0x75, 0x1a};
    BYTE disableMobDisarm[] = {0x6a, 0x14};
    void Form1::checkBox5_CheckedChanged(System::Object ^sender, System::EventArgs ^e)
    memcpy((void*)MobDisarmPointer, (void*)enableMobDisarm, sizeof(enableMobDisarm));
    memcpy((void*)MobDisarmPointer, (void*)disableMobDisarm, sizeof(disableMobDisarm));

    But when I activate nothing happens, i think it's because of wrong bytes, can you confirm the bytes please?
  12. wh0re

    wh0re Nostalgia Overload Donor

    Nice w8dark, finished my autopot but got tons of errors lol
  13. DarkSpace

    DarkSpace Well-Known Member Coder

    you have the enable and disable bytes mixed up.

    these are the corerct bytes
    BYTE enableMobDisarm[] = {0xeb, 0x1a};
    BYTE disableMobDisarm[] = {0x75, 0x1a};

    practice a bit more =D you'll get it
  14. NonLeaf

    NonLeaf Well-Known Member

    Thanks man! Now i understand :D your awesome :b
  15. ixamxd

    ixamxd Well-Known Member

    when ull post part 4?
  16. inb4

    inb4 New Member

    This is some extremely good stuff man.
    I'm totally new on the site, but I've been coding C++ and ASM for several years :) I hope to contribute here.. Although GMS is better, I had to move to EMS because of ban :/
    The tutorial really refreshed my memory of C++, so thanks for that.
  17. DarkSpace

    DarkSpace Well-Known Member Coder

    ah sweet. new guides and tutorials and helpfull posts are always welcome.

    im looking to learn some new things also!
  18. iKaos

    iKaos Well-Known Member

    Nice tutorials man! Really helpful.
  19. DarkSpace

    DarkSpace Well-Known Member Coder


    lol =P
  20. Elite Crew

    Elite Crew Active Member

    Noice thread

    thx bby. :)

Share This Page