Memory Hacking Software

My methods work about the same on all anti-cheats (citation needed).
And no, I am not working on Warden. For all I know MHS already bypasses it.

I am working on nProtect Game Guard.


L. Spiro

just wondering, in the new release of MHS (MHS4.0.0.14) can it function packet editor on maple story now? like using this tutorial, to create our own packet editor since the last version of MHS couldnt debug maple

after setting breakpoint for (the bold one) send function

71AB428A | 8BFF | MOV EDI, EDI |
71AB428C | 55 | PUSH EBP |
71AB428D | 8BEC | MOV EBP, ESP | ;moves stack pointer into EBP
71AB428F | 83EC 10 | SUB ESP, 10 |


it asks me whether i want to attach the debugger or not. and IF i press yes and then load maple, that restarts my comp. and if i press no, and load maple, it let me go on maple but nothing shows up on the code editor window. so either way, i cant see any packets =S

im still having trouble at the same spot with the newer version.

No packets show up in the code editor after the end of the 1st part.


Another thing, that script at the bottom, does that add all 3 break points for me? Do i add all 4 scipts then compile, or one at a time?

i think i have the same problem with zyphyr

no packets shown in the script editor window

but one of my bigger problem is that i know we need to attach the debugger, but wheneveri attach it and go on maple story, it restarts my computer lol

That is because nProtect Game Guard restarts your computer when a debugger is detected on Maple Story.

Attaching is the first step. I can make the debugger attachment undetected in the next release or the one after.


L. Spiro

well... it hasnt made me reboot yet, but is still don't see any packets...

Since maplestory is server sided and the only method I know is searching values and changing them for single player games, I thought I'd eventually learn packet editing, but maple can't be packet edited..? I'm not sure if I'm interpreting the above posts correctly :/

Edit: OOPs, didn't see your last post Spiro. Sorry.
NOMOARQUESTIONS.

Well, maybe one. Would learning C++ help me with the whole packet editing deal? I've been learning the basics slowly the past few weeks, and I'm hoping it will help me with all of this.

There are many ways to edit packets, and if you plan to go the eay route of using L. Spiro Script you should leanr C/C++.


L. Spiro

i'm planning to learn C++

well i guess what more people are having problem with is just

Attach debugger = reboot/cant see any packets
not attaching debugger = wont work

i guess its not about editing packets in MHS that people are having difficulties with
think that people cant read the packets

oh im talking about maple story atm, L spiro, were you talking about other game that works perfectly fine with packet editing with MHS?

It works on games that do not block the Debugger. Of course.


L. Spiro

i'm practising using this on other games atm
and i have a lil question that i dont know how to solve it

if you want to compare the packet to something or change the packet around, you'd do so directly after the ReadProcessMemory call. Make any changes to byte array packet as you want, then WriteProcessMemory(GetCurProcessHandle(), (void *)ptr, packet, len, NULL);.

i dont really understand how to change the packet and then send it.. T_T
help pleaase

check out Shynd's other tutorial "InfernoRose Packet - Using Script Breakpoint Handling" in the code submission section.
It deals with changing the packet contents before sending.

I would just like to say "Holy Crap, that's freakin' awesome".

One Moment, *closes jaw.


Dude that is amazing, and thank you for showing the power of MHS. Now if I could just get a start. But that definitely opens up doors.


I think that is what MHS is all about. Opening the doors and giving you the crowbar to unlock them yourself, all you have to do is take the time to open them yourself, and you sir certainly have done that.

Great tutorial!
Unfortunately I just get every 5 minutes or something like this a packet, I think that the send(); function gets used by the protection system and the game uses WSASend();.
The recv(); bp does not return any packet data at all, but I think it is just the game. The game actually encrypts its packets but I first just want to get a packet editor/sender to work. After this works good I will try to find the encryption routine.

Im pretty new to this kind of things but I understood many parts of your tutorial, I just have some questions left:

I found some more functions like sendto, recvto, WSASend in ws2_32.dll which are not documented in your tutorial.
Are those functions doing the same like send(); or recv();?

How did you find 'EBP+0x00;
EBP+0x04;
EBP+0x08;
EBP+0x0c;
EBP+0x10;
EBP+0x14'?

Is it the same in sendto, recvto and WSASend functions?
Did you 'open' the stack and just noted the address down?
I tried to activate the stack tab in the disassembler but no luck yet.
I looked into the help file but there are not any information about it.

How did you find out where the breakpoint has to be set?
Did you look for a specific piece of code or is it just random?
How do we know when the stack gets realigned?

I look forward to your answers.