Code Cave Values

[MuffledCobra]

Nope. Didn't work, joshtch.

Please oninuva, make the tutorial soon.

[m0onight]

ther is tut in some other fourm and i dun think it work and i think u better make a tut out for us = )

[joshtch]

Ya okay =/ I tried... hehe Oni make tha tut soon =]

[m0onight]

lol if wan give tut give pic tut would even be better = )

[Oninuva]

So impatiant... lol :p takes time to write a tut with pictures.

[MuffledCobra]

We're animals. We were born this way.

[m0onight]

lol pic tut is just 2 make sure = )

[daer0n]

anychance of a cave value for mp of some sort? i am trying to code cave unlimited mp.

[daer0n]

Ok, well in this tutorial i will teach u how to use jump hack.

CodeCaving is fooling MS into using a clean slate of data rather than the pre-selected one, allowing u to edit this clean slate and make it whatever u want

a CODECAVE is a blank address of memory that u can change into watever u want it to be

1. Search -555 (double) in ur cheat engine scan feature

u should get some addresses, 1 should be exactly -555

*Check is ur address 6ea3f8 or something close? if yes that u are fine

2. hopefully u dont have any memory view hacks on, if so, go toggle breakpoint them (hope u dont dc )

Double Click Address that is exactly -555( it should now be in bottom address list)

if u try to change the value now, u will dc

right click it and select "Find out wat accesses this Address"

3. if box remains blank, go in game and jump around, then come back

4. u should see some addresses, find the one that ends in "fmul qword ptr ['the addy that's value is -555']

*check, is this address 00646be1 by any chance? if so, ur doing it right, if not.... just use it anyway

wat this means is that when u jump, maplestory ask, "Hey, how high do i let him jump..?" it goes to: fmul qword ptr [006ea3f8] and looks for the value inside of: 006ea3f8

wat is that value? -555, u jump at a rate of -555, and u cannot edit -555 without dcing... unless...

so now that u found wat address is looking for the jump value "00647be1"

5., go to memory view, go to address "the one that u found in "What Accesses THis Address" it should be 646be1

*check, is the despcription on far right, also known as assembler code, :fmul qword ptr [006ea3f8] ??, it should be or at least very close

7. now go to Tools+Scan for CodeCaves

8. press start and stop very quickly, because CE can scan for thousand of codecaves and we only need a few

9. write down the first 2 codecaves

*check, are these 00400019 and 004001bd?

10. go to ur first codecave (ctrl+g)

11. double click the "Assembler Code" it should currently be Add EAX, al

12. put in the same as 646be1: fmul qword ptr [006ea3f8]

BUT, instead of telling mapletory to use the value of 006ea3f8, we tell it to use a blank address (your second codecave u wrote down)

SO... fmul qword ptr [004001bd]

press ok

13. it should now ask u if u want to replace it with NOPs, say yes

14. now go to the line directly below that, 0040001f

15. do the same thing as before, change the assembler code to : jmp 00646be7

16. say yes to the " replace with NOPs"

*check, in the line below 0040001f, is the assembler code NOP? it should be

17. now go to add address manually, no pointer, add the address: 004001bd Type: Double

18. the value should be 0, change it to be wat u want to jump, normal is -555, so lets go with -950 for now

19. now go to the address 00646be1, change register

20. tick EIP-(first codecave here- "00400019?')

21. go in game and try to jump, do u jump high?

22. change value as u please for higher or lower jumps

Recap:

u redirect maplestory to use ur fake jump address rather then the pre-designited one

u can edit this new address (004001bd) to be watever u want



found this on MPC should help

[blackPotato]

hey can someone help me im new to this