Release Revolve Maple Scripts

Discussion in 'Other Games & MapleStory Private Servers' started by linkin12, Apr 28, 2019.

  1. linkin12

    linkin12 Canada The New Guy

    Post Count:
    42
    Likes Received:
    18
    Stats
    Some old scripts I decided to update (v146).

    [ENABLE]
    Alloc(DupeXHook,128)
    Label(Return)
    Alloc(SetPlatForm,128)
    Alloc(PlatForm,4)
    Label(PlatFormList)
    Label(NextPlatFormList)
    Label(ExitPlatFormThread)
    RegisterSymbol(PlatForm)

    Define(PlatFormID, #20) //CHANGE THIS

    CreateThread(SetPlatForm)

    SetPlatForm:
    mov esi,[01B49978] //Map Base
    test esi,esi
    je ExitPlatFormThread
    mov esi,[esi+80] //Platform Offset
    test esi,esi
    je ExitPlatFormThread
    sub esi,10 //top of list

    PlatFormList:
    mov eax,[esi+14]
    test eax,eax
    je ExitPlatFormThread
    cmp [eax+58],PlatFormID
    jne NextPlatFormList
    mov [PlatForm],eax
    jmp ExitPlatFormThread

    NextPlatFormList:
    mov esi,[esi+4] //Next List
    test esi,esi
    je ExitPlatFormThread
    jmp PlatFormList

    ExitPlatFormThread:
    ret

    DupeXHook:
    cmp [esp],0127FDFB //8B ? 8B ? 24 ? 89 ? ? ? ? 00 89 ? ? ? ? 00 89
    jne Return
    mov eax,esi
    add eax,340 //Mob Movement Offset
    mov eax,[eax]
    test eax,eax
    je Return
    mov eax,[PlatForm]
    mov [esp+18],eax
    mov dword ptr [esi+0340],04 //Mob Movement Offset
    jmp Return

    Return:
    //8B ? ? C3 CC CC CC CC CC CC CC CC CC CC CC CC DD
    jmp 0139D5A0

    0197BB90: //4Byte Scan ^
    dd DupeXHook

    [DISABLE]
    0197BB90: //Same as above
    dd 0139D5A0 //Address in Return

    DeAlloc(DupeXHook)
    DeAlloc(SetPlatForm)
    DeAlloc(PlatForm)
    UnRegisterSymbol(PlatForm)

    [Enable]
    Alloc(GNDHook,128)
    Label(Return)

    GNDHook:
    //85 ? 74 ? 81 ? ? ? ? ? ? ? ? ? 74 ? C7 ? ? ? ? ? ? ? ? ? C7 ? ? ? ? ? ? 8D ? ? ? ? ? E8 ? ? ? ? 8B ? ? ? ? ? E9 ? ? ? ? 8B ? ? ? ? ? 8B
    cmp [esp],0119BCD3
    jne Return
    mov [ebp-00002F0C],00000001
    mov edx,[ebp-00002F0C]
    mov [ebp-68],edx

    Return:
    //8B 81 ? ? 00 00 50 81 ? ? ? ? ? 51 E8 ? ? ? ? 83 ? ? F7 ? 1B ? F7 ? C3 CC CC CC 56
    jmp 01282B40

    0197736C: //4Byte Scan address in Return [12th Result]
    dd GNDHook

    [Disable]
    0197736C: //Same as above
    dd 01282B40 //Address in Return

    Dealloc(GNDHook)

    [ENABLE]

    alloc(Hook, 512)

    globalalloc(EHookRet, 4)

    label(JMP1)

    label(JMP2)

    label(JMP3)

    label(JMP4)

    label(Return)

    label(ReturnHook)


    Hook:

    cmp dword ptr [esp+14], 01181045 //8B 44 24 64 8B 88 ? ? ? ? 51 05 ? ? ? ? 50 E8 ? ? ? ? 83 C4 ? 85 C0

    jne Return

    mov dword ptr [esp+14], ReturnHook


    Return:

    jmp [EHookRet]


    ReturnHook:

    mov eax,[esp+64]

    mov ecx,[eax+00001A00]

    push ecx

    add eax,000019F8

    push eax

    call 004014D0

    add esp,08

    test eax,eax

    jne JMP1

    mov eax,[esp+5C]

    mov edx,[eax+3D]

    push edx

    add eax,39

    push eax

    call 00486E20

    movzx eax,ax

    cwde

    push eax

    call 0056AF40

    add esp,0C

    test eax,eax

    je JMP1

    test ebp,ebp

    je 011810FA

    mov esi,[ebp+00000174]

    mov [esp+2C],00000000

    mov byte ptr [esp+54],03

    test edi,edi
    jle JMP2

    //Chubbz was here

    cmp dword ptr [ebp+000001B4],00

    je JMP2

    lea ecx,[esp+28]

    push ecx

    lea edx,[esp+6C]

    push edx

    lea ecx,[ebp+000001A8]

    call 00657740

    test eax,eax

    je JMP2

    mov eax,[esp+2C]

    add esi,[eax+3C]


    JMP2:

    imul esi,edi

    mov eax,AE147AE1

    imul esi

    sar edx,05

    mov ecx,edx

    shr ecx,1F

    add ecx,edx

    add edi,ecx

    test edi,edi

    jg JMP3

    xor edi,edi


    JMP3:

    lea ecx,[esp+28]

    mov byte ptr [esp+54],02

    call 00656180


    JMP1:

    test ebp,ebp

    je JMP2

    mov ebx,[esp+68]

    push ebx

    mov ecx,ebp

    call 006603B0

    push ebx

    mov ecx,ebp

    mov esi,eax

    call 00660460

    imul esi,edi

    jnl JMP4


    JMP4:

    xor edi,edi

    jmp 01181045+12B //Same as return address

    EHookRet:

    readmem(0161A0B0, 4) //Follow call above return address (call dword ptr [XXXXXXXX])

    0161A0B0: //Same as above
    dd Hook

    [DISABLE]

    0161A0B0: //Same as above

    readmem(EHookRet, 4)

    dealloc(Hook)

    dealloc(EHookRet)

    01B450B4 + 770

    01B450B4 + A560

    [Enable]
    Alloc(TeleportXY,128)
    Alloc(TeleXY,8)

    CreateThread(TeleportXY)

    TeleXY:
    dd -100//X
    dd 100 //Y

    TeleportXY:
    mov esi,[01B450B4] //Character Base
    push 01
    lea ecx,[esi+A320] //Teleport Toggle
    call 005B9500 //SetMapleStoryData
    push [TeleXY]
    lea ecx,[esi+A344] //Teleport X
    call 005B9500 //SetMapleStoryData
    push [TeleXY+4]
    lea ecx,[esi+A338] //Teleport Y
    call 005B9500 //SetMapleStoryData
    ret

    [Disable]
    DeAlloc(TeleportXY)
    DeAlloc(TeleXY)

    [ENABLE]
    Alloc(SetHook,256)
    Alloc(ItemX,4)
    Alloc(ItemY,4)
    Label(Return)
    Label(ReturnHook)

    //E9 ? ? ? ? CC CC CC CC CC 6A FF 68 ? ? ? ? 64 A1 ? ? ? ? 50 83 ? ? A1
    //push FF/-01 below ^
    01386320: //MAKE THIS BYPASSLESS //CWvsContext::SendBoobyTrapAlert
    db C2 04 00

    SetHook:
    cmp [esp], 0069318C //ADDRESS_ItemHookCMP
    jne Return
    mov eax,[esp+08]
    mov [ItemX],eax
    mov eax,[esp+0C]
    mov [ItemY],eax
    mov [esp], ReturnHook

    Return:
    jmp PtInRect

    ReturnHook:
    test eax,eax
    cmp dword ptr [esi+38],00 //Check for invisible items
    je 00693190 //Address of lea below hook addy
    mov ecx,[esp+4C]
    mov ebx,[ItemX]
    mov [ecx],ebx
    mov eax,[ItemY]
    mov [ecx+4],eax
    jmp 006931DE //Address in jne below hook address

    01B5D534: //PtInRect
    dd SetHook

    [DISABLE]
    01386320:
    db 6A FF 68

    01B5D534:
    dd PtInRect

    DeAlloc(SetHook)
    DeAlloc(ItemX)
    DeAlloc(ItemY)

    [Enable]
    alloc(SuperTubi,64)
    alloc(Stop,2)
    registersymbol(Stop)

    CreateThread(SuperTubi)

    SuperTubi:
    mov eax,[01B450AC] //Server Base
    mov [eax+00002148],00 //Tubi Offset
    //mov [eax+000021E8],00 //Global Delay Offset //Remove the '//' at the beginning if you also want 'Extreme Tubi'...
    push 01 //Sleep delay
    call Sleep
    cmp [Stop],1
    jne SuperTubi
    ret

    [Disable]
    Stop:
    dd 1

    [Enable]
    alloc(SuperTubi,64)
    alloc(Stop,2)
    registersymbol(Stop)

    CreateThread(SuperTubi)

    SuperTubi:
    mov eax,[01B450AC] //Server Base
    mov [eax+00002148],00 //Tubi Offset
    //mov [eax+000021E8],00 //Global Delay Offset //Remove the '//' at the beginning if you also want 'Extreme Tubi'...
    push 01 //Sleep delay
    call Sleep
    cmp [Stop],1
    jne SuperTubi
    ret

    [Disable]
    Stop:
    dd 1

    [Enable]
    Alloc(MGMHook,128)
    Label(MGMReturn)

    MGMHook:
    //85 ? 0F ? ? ? ? ? 39 ? ? ? ? ? 0F ? ? ? ? ? 8B ? E8 ? ? ? ? 85 ? 0F ? ? ? ? ? 8B ? ? ? ? ? 8D
    cmp [esp],00983854
    jne MGMReturn
    //85 ? 0F ? ? ? ? ? 8B ? E8 ? ? ? ? 85 ? 0F ? ? ? ? ? 8B ? E8 ? ? ? ? 85 ? 0F ? ? ? ? ? 8B ? E8 ? ? ? ? 85 ? 74 ? 8B ? E8 ? ? ? ? 85 ? 0F ? ? ? ? ? 33
    cmp [esp+4C],0099F3CF
    jne MGMReturn
    mov [esp+4C],009A05CD //Address in jne below ^

    MGMReturn:
    //8B ? ? ? B8 ? ? ? ? 8D ? ? ? ? ? ? 3B ? 74 ? 8B ? 85 ? 75 ? C2 ? ? B8 ? ? ? ? C2 ? ? CC CC CC CC CC CC CC CC CC CC CC 33 ? C3 CC CC CC CC CC CC CC CC CC CC CC CC CC 33
    jmp 00742610

    01892A30: //4Byte Scan address in Return [1st Result]
    dd MGMHook

    [Disable]
    01892A30: //Same as above
    dd 00742610 //Address in MGMReturn

    DeAlloc(MGMHook)

    Auto Hotkey CBPQ Script
    #MaxHotkeysPerInterval 99000000
    #HotkeyInterval 99000000
    #KeyHistory 0
    ListLines Off
    Process, Priority, , A
    SetBatchLines, -1
    SetKeyDelay, -1, -1
    SetMouseDelay, -1
    SetDefaultMouseSpeed, 0
    SetWinDelay, -1
    SetControlDelay, -1

    #NoEnv ; Recommended for performance and compatibility with future AutoHotkey releases.
    ; #Warn ; Enable warnings to assist with detecting common errors.
    SendMode Input ; Recommended for new scripts due to its superior speed and reliability.
    SetWorkingDir %A_ScriptDir% ; Ensures a consistent starting directory.
    getProcessBaseAddress(WindowTitle, MatchMode=2) ;WindowTitle can be anything ahk_exe ahk_class etc
    {
    mode := A_TitleMatchMode
    SetTitleMatchMode, %MatchMode% ;mode 3 is an exact match
    WinGet, hWnd, ID, %WindowTitle%
    if !hWnd
    return ; return blank failed to find window
    ; GetWindowLong returns a Long (Int) and GetWindowLongPtr return a Long_Ptr
    BaseAddress := DllCall(A_PtrSize = 4
    ? "GetWindowLong"
    : "GetWindowLongPtr", "Ptr", hWnd, "Uint", -6, "UInt")
    SetTitleMatchMode, %mode% ; In case executed in autoexec
    return BaseAddress ; If DLL call fails, returned value will = 0
    }
    ;-----------------------------------------------
    ReadMemory(MADDRESS,PROGRAM)
    {
    winget, pid, PID, %PROGRAM%

    VarSetCapacity(MVALUE,4,0)
    ProcessHandle := DllCall("OpenProcess", "Int", 24, "Char", 0, "UInt", pid, "UInt")
    DllCall("ReadProcessMemory", "UInt", ProcessHandle, "Ptr", MADDRESS, "Ptr", &MVALUE, "Uint",4)
    Loop 4
    result += *(&MVALUE + A_Index-1) << 8*(A_Index-1)
    result := result<<32>>32 ;convert from unsigned to signed int
    return, result
    }
    ;Reads the value of a single pointer + offset in MapleStory
    win_title = "MapleStory"
    ReadMapleMemory(POINTER, OFFSET)
    {
    ;AHK uses window title
    return ReadMemory(ReadMemory(POINTER, "MapleStory") + OFFSET, "MapleStory")
    ;return ReadMemory(ReadMemory(POINTER, %win_title%) + OFFSET, %win_title%)
    }
    ;------------------------------------------------------------

    PeopleBase := 0x01B4997C
    PeopleCountOff := 0x00000018
    PeopleCount := ReadMapleMemory(PeopleBase, PeopleCountOff)
    CUserLocal := 0x01B450B4
    CharXOff := 0x0000B680
    CharYOff := CharXOff + 4
    AtkCountOff := 0x0000A560
    MobBase := 0x01B49980
    MobCountOff := 0x00000010
    MapInfoBase := 0x01B4B008
    MapIDOff := 0x00001378

    PlayerX := ReadMapleMemory(CUserLocal, CharXOff)
    PlayerY := ReadMapleMemory(CUserLocal, CharYOff)
    AttackCount := ReadMapleMemory(CUserLocal, AtkCountOff)
    MobCount := ReadMapleMemory(MobBase, MobCountOff)
    MapID := ReadMapleMemory(MapInfoBase, MapIDOff)



    lastTimeBuffed1 := A_TickCount
    buffDelay1 = 60000
    buffKey1 = a

    lastTimeBuffed2 := A_TickCount
    buffDelay2 = 60000
    buffKey2 = s

    lastTimeBuffed2 := A_TickCount
    buffDelay3 = 60000
    buffKey2 = d


    CoordMode, Pixel, Window

    loop
    {

    ;PlayerX := ReadMapleMemory(CUserLocal, CharXOff)
    ;PlayerY := ReadMapleMemory(CUserLocal, CharYOff)
    ;AttackCount := ReadMapleMemory(CUserLocal, AtkCountOff)

    MobCount := ReadMapleMemory(MobBase, MobCountOff)
    MapID := ReadMapleMemory(MapInfoBase, MapIDOff)

    If MapID = 610030600
    {
    If MobCount >= 1
    {
    sleep 200
    ImageSearch, FoundX, FoundY, 0, 0, %A_ScreenWidth%, %A_ScreenHeight%, C:\Users\Jayden\Pictures\Untitled.png
    if ErrorLevel = 0
    {
    sleep 500
    Send {9 2}
    sleep 1500
    Send {Control 10}
    sleep 100
    Send {Control 10}
    sleep 100
    Send {Control 10}
    sleep 100
    Send {Control 10}
    sleep 100
    Send {Control 10}
    sleep 1000
    Send {0 2}
    sleep 1500
    Send {Control 10}
    sleep 100
    Send {Control 10}
    sleep 100
    Send {Control 10}
    sleep 100
    Send {Control 10}
    sleep 1000
    Send {8 2}
    sleep 1500
    Send {Control 10}
    sleep 100
    Send {Control 10}
    sleep 100
    Send {Control 10}
    sleep 100
    Send {Control 10}
    }
    else
    {
    sleep 100
    Send {8 2}
    sleep 1000
    Send {Control 50}
    sleep 100
    Send {Control 50}
    sleep 100
    Send {Control 50}
    sleep 100
    Send {Control 50}
    }
    }
    }

    If MapID = 682020000
    {
    sleep 2000

    ControlSend, ,%buffKey1%, MapleStory
    sleep 2000

    Send {s down}
    sleep 100
    Send {s up}
    sleep 4000

    Send {d down}
    sleep 3000
    Send {d up}
    sleep 3000

    Send {y}
    sleep 1000
    Send {Down 4}
    sleep 1000
    Send {y}
    sleep 2000
    }
    }

    F11::
    {
    ExitApp
    }
     
    assasin, Emerath, gipal and 1 other person like this.

    Mr. Ad Advertisement

     
  2. Fidgetguy

    Fidgetguy Portugal Lurker

    Post Count:
    9
    Likes Received:
    0
    Stats
    how i put them to work? just inject to the game? could u teach me how i'm new to that stuff
     
  3. Retard

    Retard Israel ¯\_(ツ)_/¯ Premium

    Post Count:
    1,530
    Likes Received:
    631
    Stats
    You can also just edit the WZ files to get more damage, they don't have any damage checks :)
     
  4. shavit

    shavit Israel Veteran Hacker

    Post Count:
    112
    Likes Received:
    840
    Stats
    don't you need mscrc bypass as well for some of these?
     
  5. lalaefi

    lalaefi Israel Premium Premium

    Post Count:
    578
    Likes Received:
    2,830
    Stats
    Add discord got question
     
    TomerT likes this.
  6. Fidgetguy

    Fidgetguy Portugal Lurker

    Post Count:
    9
    Likes Received:
    0
    Stats
    revolve recentrly change his wz files and idk how to work with that if u could help me
     
  7. Fidgetguy

    Fidgetguy Portugal Lurker

    Post Count:
    9
    Likes Received:
    0
    Stats
    error line 23 at full map loot
     
  8. HanaYing

    HanaYing Malaysia Lurker

    Post Count:
    4
    Likes Received:
    0
    Stats
    Thanks!!! Dupex works, but do you know how can i vac the mobs on a certain spot in the map?
     
  9. 543820057

    543820057 China The New Guy

    Post Count:
    45
    Likes Received:
    4
    Stats
    its work for old servers?
     
  10. MeitarM

    MeitarM Israel Lurker

    Post Count:
    4
    Likes Received:
    0
    Stats
    how i can use the cbpq script doesnt let me after i put it into ce
     
  11. assasin

    assasin Bolivia The New Guy

    Post Count:
    41
    Likes Received:
    0
    Stats
    you have discord? i send you a message check inbox
     
  12. normankee552

    normankee552 Malaysia Veteran Hacker

    Post Count:
    169
    Likes Received:
    45
    Stats
    Still brining up 1month old thread?
     

Share This Page

  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies.
    Dismiss Notice
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies.
    Dismiss Notice