Wednesday, June 29, 2011

[v0.98] Clientless Bot vs. Hendi's Rampage Engine and Icy Hack

Introduction
As the Chaos Patch is now started, I now have to write about this article. This will tell you the full history of the cutting-edge technology called Clientless Bot (CLB) as the secondary name. but officially named Hendi's Rampage Engine. Both bots function the same with minor changes in the CLB for fraudulent purposes, both access the files of MapleStory and logs in your account without ever opening your game client. Then with the correct settings set by the user, the CLB starts up the WH PG (Wild Hunter Power Guard) hack and loops the attacks to quickly level your Wild Hunter.

Requirements to Use Hendi's Rampage Engine
  1. You need a level 10 Wild Hunter.
  2. Place the WH in the strongest monsters' map you can find and log out.
  3. Open HRE, input your log-in info, and start the bot. The bot will show a loot log and a monitor log of changing channels, server errors, other botters coming to your channel, and so on.
  4. When you receive a socket error in HRE, it's normal and it will restart itself and auto log-in your WH again to continue botting.

Screenshot by the author.

Description of HRE according to the red numbers:
  1. Displays the map you're in.
  2. Map rush function added 6/25/2011.
  3. Displays the interaction of the character, its surroundings, and the game servers.
  4. Looting log.
  5. Unknown function.
  6. Displays your WH info.
  7. From the left you have the Connect/Disconnect button which the bot access your log-in info, the Start Bot button, an optional Mini Dungeon Rusher if you want to bot in mini dungeons, and the 13 Channels option for worlds that only have 13 channels. 

The Business Scandal with W8BABY
So why there are two names for this bot since both does almost the same functions? This is an actual address from Bizzaro of W8BABY to tell us how/why this Clientless Bot was released to the public.


@to any leakers, plz don't leak and keep it BT vip property only.
but if somehow u can't resist leaking, i kindly ask you to quote the whole thread/explanation to this release out of the respect of everyone who made this happen.


This bot was made by a former w8baby coder. 
Because this is the first time i ever released someone else's bot, I will explain a little bit about this bot and why i'm forced to release it.

so this started months ago, this guy named thor added me on msn . 
He told me he has been a bt users for a long time and we got to know each other. He mentioned to me he's friend with Riukuzaki‎ who helped him many time on his new project.

So he started telling me about his project [clientless bot] which basically 
utilizes his method of wz decryption/clientless login and the WH pg hacks made by Cam & Riu several months ago.

so he asked me about the possibilities of becoming a w8baby vip coder and make some profit for his bot cuz he's going to army.
at this time, billy and several other w8baby admins/ users have informed me,he's the scammer who was behind the BrandonMs Restarter keylogger instance and several other shit he did.
I still made a decision to take him as a vip coder and made connections with the Chinese friends i know to help him make profit.

anyway long story short.

i set up the connections and paid him 4k$ alertpay from my pocket before the Chinese made profit and pay me back,hoping that we can build up some trust and have a good start in a long business relationship.
and this was all after the agreement of being a loyal w8baby vip coder and not double selling the bot in another place.

so several weeks later,somehow he went to another small site with 1k registered member and decided to sell his bot there.
and only untill this morning was i informed about this sell by a trusted w8baby user.

at first i didn't believe it at all. im sure many would do the same.
why would someone stupid enough to go from #1 vip selling site to a 1k member new site to sell his bot. what kind of profit is he expecting????
but then he showed me the forum, so the only 2 explanations i could come up are
1. he's trying to sell it on both side hoping to more profit. and hoping to fly under the radar without me ever knowing it.
2. he's just too stupid / want more fame / being mislead

so after i talked to him for a good hr about the reason why he didn't even have the gut to tell me about this,
he apologized and begged me to put him back to w8baby vip coder and rls his bot here.
and on top he promised me to remove any licenses he sold in that site

im quite busy these days and really don't wanna be bothered with drama. so i gave him a second chance. 
and asked him to make a nice thread explaining about the cross work he did and why the bot is removed in their site.

he did all the above in less than 10min. i thought the drama is over.but little did i know more drama is coming on its way.
a few hours later, someone message me about him selling the bot again.

hey biz
that site is sellng clientless back again
seanh4x@hotmail.com : 3:14 PM (6 minutes ago)
Yeah, it's backup. Just a quick notification to W8Baby: I got Bizzaro source, so don't even dare releasing CLB.
but this time with the extra threatening.

now i think u guys don't know my history very well. i don't take lightly to threats/blackmail. nor do i take backstabbers well.

if that your way of trust and doing business, then i don't really wanna waste any time talking.
good luck with whatever you are doing and any future business venture.

How to use:


drop the files into Maplestory folder. run clb set up acc to bot clientlessly


Chinese instruction:
把挂放到游戏同一文件夹里运行。


一:点CLB上的connect - (add增加帐户)(login ID:你的帐户)(password 密码)(PIC 二次密码)-OK


可以一次性填多个需要挂机的号 。


二:在login 的界上选择你要开始挂机的号,登陆便可开始挂机了,方便简洁!


三:长期挂机,需要去新叶城买药(药水名字:Sorcerer Elixir),固定放在第五格子上。
Download
http://depositfiles.com/files/82fy4f7g2

pass: w8baby.comvip

BE SURE TO PLACE ALL FILES IN YOUR MAPLESTORY FOLDER.

Want an alternative trainer with this hack? [Click Here]

Credits
Cam & Riu for their original work of WH pg
Thor for his source and method of clientless login 
Thor for his stupidity of fame/profit/w.e making. 


Thanks
and Enjoy.
 Key points of his explanation:
  1. Thor is the scammer and backstabber. 
  2. Bizarro got $4k jacked from this guy.
  3. The reason HRE went public was to counterattack the threat Thor made saying, "I got Bizzaro [trainer] source, don't you dare release CLB."
  4. The hacking business is a serious business. A highly advanced bot that doesn't require the game client was paid for $4,000 to the supposed owner. Plus future profits coming in if none of this scandal happened.
  5. Note that Bizzaro never mentioned it was Hendi's Rampage Engine, but Clientless Bot.
The True Author of the Clientless Bot
On 6/15/2011, a public coder by the name of Hendi48 of SNSGaming came out to release his very own Hendi's Rampage Engine v2.3 and exclaims that all other versions of the HRE with the name CLB are all leeched products. 

But how in the world did Thor get ahold of the HRE source? Why didn't Hendi mentioned anything about the scandal? These questions still remain unanswered as we continue to leech off the works of the great coding idols we look up to. Nevertheless, it's very sad to see how the source was stolen and the con took $4k, which the hacking communities nor Bizarro said this has been resolved. I bet Bizarro was shocked to hear that the actual author of HRE is Hendi.

Reasons why the HRE is the best bot:
  1. When the PG hacks kills the mobs of the whole map, the drops appears right under your character, allowing you to loot almost all the drops with the filtered item system. This allows you to rake in the mesos. 
  2. Since the PG attacks all mobs at once no matter the level differences between you and the monster, you can gain massive amounts of levels at early levels and still grind the quickest at higher levels.
  3. It's designed to decrease CPU usage and allows you to open multiple HREs to bot more for profit. Similar to Multi-Maple Client but without the clients opened.
  4. It promises the most efficient botting available to the public as it auto logs in your character if the bot crashes.
Icy Hack
The WH PG hack is influenced by Riukuzaki, author of Riu Trainer and as been added to the trainer with the codename "Icy". It has exclusive features that the HRE doesn't have, vice-versa.






  • In the Icy section, you have the checkbox Icy. When ticked, it makes your Pink Bean attack all monsters in the map.
  • You have the Speed choice. The higher the speed, the faster damage you do to the mobs but will likely d/c you faster.
  • Monster ID is the monster you like to summon. The Default is Pink Bean.
  • If you looped the Call of the Hunter skill at a given interval, Change Monster ID changes the previously captured monster into the set Monster ID or Pink Bean.

Screenshot by the author. IGNs were censored for privacy. Icy hack in action.

Outro
The WH PG hack surpasses the IRM (It's Raining Mines) hack, another full map attack that Nexon patched. The HRE is a breakthrough of the common ways of botting with a very interesting history to it. It also acts as a multi-client for the game limited to Wild Hunters. The Wild Hunter class has proven again that it's one of the best botters in the communities.

Thursday, June 16, 2011

[v0.98] Hoblin PQ Experience Exploit

This morning, the hacking communities discovered an EXP exploit inside the Hoblin PQ that allows you to beast-level godly. Almost everyone in the recruiting channels of the PQ (Ch. 1) was packed with players saying "J>GLITCHED PQ@@@@@@@".

The PQ's minimum level requirement is 80. The glitch is not even hard at all to do. With at least a party of 3 and up to the max of 6, you go escort Shammos through 5 long maps until you reach King Rex. After killing the king, you attempt to exit the portal through the map, but only to find that you continuously gained 89k EXP for yourself!

For you legits, you just sit there and hold down the Up key to glitch your EXP. Pretty lame but hackers have it better.

For hackers, you can log the portal packet in King Rex's map, and spam it at a fast delay such as 100 ms with a packet sender and you'll be leveling godly!

Around 11:45 AM PST, Nexon took action by shutting down the game and doing an unscheduled server maintenance.

[v0.98] Map Crash Experiences

So after v0.98's public map crash was released, the below tells the common outcomes in our gameplay.

Pros
  1. When the faction town battles begin, using the map crash to disconnect your faction opponent so that you can win more EXP and Insignias.
  2. Disconnect people who annoy or piss you off.
  3. Dominate a hotspot training map or just any map.
  4. Steal a FM spot and not be disconnected if you can block the crash.
Cons
  1. People who also know about the Map Crash packet can d/c you.
  2. The people you can't crash, the ones that blocked it with a packet editor or CE, may crash you back for their advantage.
  3. Slows you down from getting more Insignias.
  4. Free Market sales drop dramatically. Those with Store Permits instead of a NX Merchant will be crashed.
Tonight is when the server maintenance will fix all these problems and hopefully get rid of it as well.


Monday, June 13, 2011

[v0.98] Map Crash!

It's been awhile since I've seen a map crash. Basically the map crash is based on sending a packet. All credits go to DOTcurrency to finding the crash and Cam1596 for the crash prevention. - Yesterday 11:24 PM
Code:
Mapcrash packet: 48 00 64 95 17 02 00 00
Send packet on any class, any level, instant map crash

Block E4 to stop it


Quote Originally Posted by Cam1596 View Post
If you don't have access to a tool that can block RECV you can enable this script with CE & it will prevent you from crashing.

Code:
Crash Fix Script -

[enable]
0092536F:
db E9 8E 19 00 00 90
[disable]
0092536F:
db 0F 87 8D 19 00 00

Cake vs. Pie 2: Twitchin' for a Glitchin'

The C.V.P. event has been ongoing for more than 2 weeks and it's approaching its end for the Chaos Update Patch near the end of this month. Nexon claims they have improved the C.V.P. event and said it's going to be better than last year. Despite the fact that there occurred massive channel crashes, duping, Silver Coin exploits, the event provided some nice glitches.

Auto-Winning for Maximum Insignias No Matter Which Faction
Usually the faction who turned in the most cake/piece pieces will most likely win because the system bunches every faction person into the first few channels (1-4). Additionally, the Attack team always wins. Waiting for the specific towns to have faction battle are dreadful and you don't want to earn less Insignias just for this . Luckily, there's a glitch for earning the most for yourself.

  1. As long as you're in a map where the Red Invitation Letter can appear, the glitch can happen (not to be confused with the Ani Raid Invitation Letter). Also to avoid failing this glitch, you must be in channels other than 1-5.
  2. This is the most important step already. Make yourself go into an out-of-breath state. Now quickly click the invitation until you get the dialog box: "You are out of breath. Please try again."
  3. Close that dialog box. Now you can change to a channel where you think Attackers aren't there.
  4. Congratulations. You're either alone, with your fellow Factionees, or another attacker who will most likely ruin you auto-win.
  5. Wait until the timer runs out to receive your Insignias. 
Why This Works
Apparently, the MapleStory Developers of C.V.P. makes you CC to the official battling channels. But due to one of MapleStory's annoying out-of-breath function, this defeats it, making you able to CC to any channel.

Opposing Faction Strikes Back
When the glitch went public, your opposing faction is ready to troll back. Despite the fact that whichever faction donated the most to initiated the battle, anyone can do the glitch. And if you happen to find your opposition in your glitched channel, you're just unlucky. But glitching to a channel while your faction has the upperhand is just a bitch move and you'll be shunned.

C.V.P. Random Box Glitch
Now this glitch is like rolling a polygon with infinite sides and only 2 sides matter: landing on this side will get your the 6th Anniversary Chair or that side will get you the Cake vs. Pie Weapon.

  1. Get 2 of these boxes.
  2. Fill your inventory with junk that you will never get from the box. Arrows for Bow are the best option and the cheapest to do this. Ironic that the Silver Coin exploit used arrows. IMPORTANT: Make sure you don't have an incomplete stack of items such as 60 Power Elixirs, 59 Melting Cheese, 1 Unripe Onyx Apple. Even though you don't have an empty slot in your Use tab, the box might fill up those incomplete stacks.
  3. Now you have to choose one of the following methods.
3a. This method uses auto-clicking. Notice that Gaga's dialog box always end up in the same position even if you moved it anywhere and closed it. Now, open your inventory and get a good overlap of the CVP Random Box and the 'Next' button. If done correctly, you can continuously click on the same spot, clicking the 'Next' button on the dialog box as well as opening the box at the same time. Don't worry about your inventory being full. Like I said, it's like a dice roll of many sides. 

3b. This method uses packets and botting. Find the packet for opening the CVP R. Box and have it ready for spamming. Next set your NPC Chat hotkey at an interval of your choice (e.g. 100 ms) and begin the bot. Now spam the packet at your choice of delay, depending on how good your computer handles the procedure. WARNING: You might d/c if spammed too quickly. 

You'll get the chair in 30 min. - 2 hours, depending on how lucky you are for both methods.


There are no credits for whoever found this first. Personally I found this on accident when the event first came out but never came to my attention that this was in fact a glitch. 

Monday, June 6, 2011

[v0.98] Massive Duping Caused Game To Go Offline

About Duping
I got back home at the beginning of nighttime 6/5/2011 and just to hear my alliance talking about channels crashing and lots of duping going on. So I went to search what was up in the hacking communities. Turns out a duping method was released to public and I know I got to take advantage of this.

Duping is another word for duplicating. In MapleStory, it is the duplication of game items.

Duping involves the crashing of a channel of a server. There are many methods to crashing a channel and v0.98 brings another unique method to hackers. It manipulates the green letter invitation that takes you into a mini battle between the Cake and Pie factions. These invitations happen at :15 and :45 of every hour and the 30-minute gap between each duping session seems like a rush to me. The timing must be exact or else you would miss it and wait a long time.

How It Works
A hacker would use a tool that would send many requests to the server. In this case, a packet editor was use to send a certain packet. The server would overload and thus making the channel crash for an amount of time. Similar to a DDoS attack on a website. During that amount of time, the channel that your characters crashed in would be rolled back a few minutes. Meaning, the last known data of your character file, everything that happened that last few minutes would be booted back up. And the latter part after that few minutes doesn't exist in your file. The screen would show that you didn't do anything even though you did. With this information and functions given to you, planning a dupe session can come up to one's mind.

So you're curious of steps? Well most likely Nexon will get this crashing method fixed so here goes. People claimed they know other methods but this was the one I used.


1.     Since I didn't know who to trust to help me dupe, I used 3 computers. One is the crasher, the merchant, and the buyer. 
2.     The crasher would be in town, waiting for the green letter invitation to happen so it can proceed to crash when the time comes. The buyer and merchant would figure out which items to be duped. These guys would be doing their transactions in Free Market.
3.     The merchant opens on his/her store with the items placed at a price that can be instantly bought and convenient for the buyer. 
4.     The buyer buys the stuff, let say for 1 meso each, and then bank those items in storage to protect its data from being rolled back
5.     Steps 3 and 4 can be repeated for as much as you want. Actually, only a specific amount of time. I will explain why.
6.     When the hour is :15 or :45, the crasher will receive the invitation, and he/she will go into the waiting room before the battle. 
7.     Crasher will now send a packet while still in the waiting room. Just a couple sends of this packet will allow your game client to freeze, and then close on you. This packet looks very identical to a Quest packet but I didn't bother looking into it.
8.     Log back in the same world you were in. The buyer should still have the bought items and the merchant would still have the items that he/she sold. Congratulations, you've gained PROFIT!

Keep in mind that the key to duping is the rollback of a channel. Channel rollback only rolls back a 3-5 minutes. So if you do steps 3 and 4 while the invitation is not even close to coming up, you're just wasting your time.

Legit Players Riding On Hackers
Nowadays, who doesn't have connections with the crooks? Even they're asking when's the next channel hit so they can benefit from this. What's wrong with this is that you're not even loyal to the game anymore and your integrity is now shit for doing this. But oh well, we're all humans. The legits would take advantage of the hackers during the process of duping by buying the items that merchants put up for 1 meso each. Then they run off. NINJA'D! If not careful, you could lose a lot of money and you would rage if that was a godly item like a 26 ATT SCG (Stormcaster Gloves) sold for 1 meso. But if you got the timing correctly, you can save yourself from rage-quitting the game. All you have to do is have someone crash the channel that you sold/bought the items you were in and both the noob that ran off with your item and you would get the same item. See what I did there? Win-win situation.

That night my awareness was high because all these pros running in and out of the FM rooms just to see who slipped for a chance of profiting themselves. So far, none of my items were stolen.

Nexon's Response
After the 9:45 PM PST session was done, Nexon decided to disable the invitations so that no duping can happen. We all thought this was the end, until the morning 6/6/2011, the invitations opened again and everyone was duping. At 10:45 AM PST, duping happened again and this time Bera was not responding to my request to go in it. All other channels worked though. The game shut down around 11 AM and Nexon addresses the issue. For more information, click here.

Thursday, June 2, 2011

[v0.98] Return of the Silver Coin Exploit! - 5/27/11

Shortly after the patch of the last exploit, Nexon updated the game with the Cake vs. Pie event, a demanding event that was first brought up last anniversary. We all thought that the Chaos Scroll exploit was gone for good, but the method was still fresh to our minds.

When the new patch was up on 5/25/11, Inkie the 6th Year Anniversary NPC displays the Chaos Scroll for sale. As surprising to me like everyone, I thought, "Another possible exploit?" Still, the hacking community showed no news about it. We all went back to being worked up on the latest White Scroll Exploit that not a single person decide to release to the public.

In the Friday afternoon of 5/27/11, the same daring hacker (name cannot be released) releases the Silver Coin Exploit! The exploit was exactly the same as last time from step 1. Now why in the world would Nexon, who oversaw and concealed the exploit a couple weeks ago,  decide to allow hackers be benefited again?! No one knows why, but it was very amusing.

I learned from the last exploit that Nexon deleted all the chaos scrolls that were exploited. So I decided to start scrolling whatever items I can so the scrolls can't be traced. I gained over 10k Silver Coins but only redeemed 200 Chaos Scrolls. But unfortunately, a few hours later, Maplestory went offline as the GMs resolved the issue. Pretty quick this time for a Memorial Day weekend.
Note that they said "serious issue." There's a saying for this: Fool me once, shame on you. Fool me twice, shame on me. Well Nexon, shame on you for bringing back the exploit ;).

Accounts that edited packets to do the exploits were erased from the system. When tried logging in, it doesn't even tell you that you're permanently banned. It shows nothing.