100% Working CE Wallhack (No unpacked required)

Quote:

Originally Posted by Jafet™ Nicely done mate, works like a charm, I activate the hack before I select a server or else it wont work, at least for me.

Quote:

Originally Posted by shadowshaban I got DC when i change MAP on dekaron.exe.Drakos CE is better.+ Cant use FarEye script on dekaron.exe cuz DC 2.

Quote:

Originally Posted by panpot Hey this is weird it not working for me i even change it after the patch here my script [ENABLE] alloc(blah,1024) label(return) 0052D09F://8D BC 24 88 00 00 00 JMP blah NOP NOP return: blah: LEA EDI,DWORD PTR SS:[ESP+88] CMP DWORD PTR DS:[EAX+402],5F626577 JE return MOV DWORD PTR DS:[EAX+402],5F626577 MOV DWORD PTR DS:[EAX+406],67616D69 MOV DWORD PTR DS:[EAX+40A],616D2E65 MOV DWORD PTR DS:[EAX+40E],00000063 JMP return [DISABLE] dealloc(blah) 0052D09F://8D BC 24 88 00 00 00 LEA EDI,DWORD PTR SS:[ESP+88]

Quote:

Originally Posted by TheNevan This should work... Search the array of bytes: 8D BC 24 88 00 00 00 on CE and use the adress closest to the current one. If it still doesn't work then i cant help ya :/ This works perfectly for me. Maybe you're playing global dekaron and not 2Moons?

Quote:

Originally Posted by Mr_Twistеr Global Dekaron and 2moons have the same offsets. The only thing could be if he uses unpacked dekaron.exe, then offsets might be different.

Quote:

Originally Posted by TheNevan Finally found a wall hack that works without needing an unpacked dekaron. Heres the script: Code: [ENABLE] alloc(blah,1024) label(return) 00765B53://array of bytes 8d bc 24 88 00 00 00 JMP blah NOP NOP return: blah: LEA EDI,DWORD PTR SS:[ESP+88] CMP DWORD PTR DS:[EAX+402],5F626577 JE return MOV DWORD PTR DS:[EAX+402],5F626577 MOV DWORD PTR DS:[EAX+406],67616D69 MOV DWORD PTR DS:[EAX+40A],616D2E65 MOV DWORD PTR DS:[EAX+40E],00000063 JMP return [DISABLE] dealloc(blah) 00765B53://array of bytes 8d bc 24 88 00 00 00 LEA EDI,DWORD PTR SS:[ESP+88] Credits go to bottomy for making the script itself, and to me for finding the correct offset. Enjoy! :cool: And btw guys dont thank me, go to bottomys thread and thank him :P

Quote:

Originally Posted by shadowshaban I got DC when i change MAP on dekaron.exe.Drakos CE is better.+ Cant use FarEye script on dekaron.exe cuz DC 2.

Quote:

Originally Posted by karanba First of all your script work perfectly on Dekaron and 2moons...just please tell me...how can I teleport to Doomed Maze and Aquari Ruins?

[ENABLE]
alloc(newmem,1024) 
label(returnhere) 
label(originalcode) 
label(exit) 
label(change_teleport) 

00553843: 
jmp newmem 
nop 
nop 
returnhere: 

newmem: 
originalcode: 
movzx ebx,word ptr [eax] 

cmp bx,0483 // check for Python Castle -> Tomb of the Black Dragon 
je change_teleport 

cmp bx,4E20 // check for Braiken Castle -> Draco Desert 
je change_teleport 

cmp bx,2B8C // check for North Morte -> Acquirai Ruins
je change_teleport

cmp bx,048D // check for tomb of the black dragon -> Cursed Mazed
je change_teleport

jmp exit 

change_teleport: 
mov word ptr [eax+00000106],0005 
mov word ptr [eax+0000010C],0005 

exit: 
movzx ebx,word ptr [eax+00000104] 
jmp returnhere 

[DISABLE]

dealloc(newmem)
00553843:
movzx ebx,word ptr [eax+00000104]

Quote:

Originally Posted by ♠Blunt♠ You need map hack. Code: [ENABLE] alloc(newmem,1024) label(returnhere) label(originalcode) label(exit) label(change_teleport) 00553843: jmp newmem nop nop returnhere: newmem: originalcode: movzx ebx,word ptr [eax] cmp bx,0483 // check for Python Castle -> Tomb of the Black Dragon je change_teleport cmp bx,4E20 // check for Braiken Castle -> Draco Desert je change_teleport cmp bx,2B8C // check for North Morte -> Acquirai Ruins je change_teleport cmp bx,048D // check for tomb of the black dragon -> Cursed Mazed je change_teleport jmp exit change_teleport: mov word ptr [eax+00000106],0005 mov word ptr [eax+0000010C],0005 exit: movzx ebx,word ptr [eax+00000104] jmp returnhere [DISABLE] dealloc(newmem) 00553843: movzx ebx,word ptr [eax+00000104]