[Release] MapleVintage (based on XiuzSource)

[MVCipher]

We weren't around for long so development isn't huge, but I think this would still be one of the best v62 repacks available. I'm done with MapleStory most likely, so I have no need for this. Major exploits have mostly all been fixed (double login exploit, wz editting any item in CS and purchasing exploit, bypass password exploit, lots of dupe exploits fixed, etc.) Skills should all work (Speen Infusion, Energy Charge, Power Guard, etc) although you might want to tweak the Energy Charge formula if you want it more gMS-like. There is a lot of logging, some useless and some useful. Very easy to remove if it bothers you. Feel free to look through the source to see what was added.

You must be registered to see links

Not much revolutionary in our scripts, just adding to save you some trouble in fixing the many broken ones in Xiuz.

If the download link breaks please PM me and I will update.

 

[Eric]

I remember seeing your server rise higher and higher gtop and then change to bye, mind me asking why you guys shutdown? ;P

Nice release nonetheless, this might be the first v62 with those buffstats implemented properly.

 

[MVCipher]

I remember seeing your server rise higher and higher gtop and then change to bye, mind me asking why you guys shutdown? ;P

Nice release nonetheless, this might be the first v62 with those buffstats implemented properly.

Yes I think it is the first.

And I wanted to prioritize college and work, drama happened, decided to shut down. Hopefully new servers can bloom in our place.

 

[RaptorJesus]

I was actually surprised with how much progress you guys made in such a short amount of time, good luck with your future endeavors though.

 

[Burgundy]

Best of luck to you and your team moving forward, thanks for the release.

 

[dolev159]

all pqs work?

 

[BerlingSpoon]

Are there no files missing from this download? I feel like it is missing something essential like a folder with java libraries. It might that i can grab them from somewhere else but i don't know what is compatible with this source. This is probably inappropriate so i am sorry, but i am trying to learn.

 

[Burgundy]

Are there no files missing from this download? I feel like it is missing something essential like a folder with java libraries. It might that i can grab them from somewhere else but i don't know what is compatible with this source. This is probably inappropriate so i am sorry, but i am trying to learn.

The standard libraries in xiuzsource should be good to run this with.

 

[pengsaizhen]

where download the match client? plz..thanks.

 

[MVCipher]

@dolev159 LMPQ works, KerningPQ works, LudiPQ you need to add the NPC scripts.
@BerlingSpoon Download XiuzSource and replace the src/scripts with what I provided. Going to have to do some basic editing in either the source or MySQL.
@pengsaizhen Lol..? You can find a v62 localhost easily if that is what you mean.

 

[pengsaizhen]

have some problems....could you share the full source? thanks...

 

[dolev159]

why not sql , you can to share full source ?

 

[Kimberly]

Like OP stated grab XiuzSource and replace the given files. XiuzSource is v0.62 source if that wasn't clear yet either.

 

[Miltank]

Holy poop there is HWID blocking in this source. Amazing release.

 

[MVVintage]

Holy poop there is HWID blocking in this source. Amazing release.

It'd be good to note here this is an improper formula for it. Me and BlitzMK figured this was the most appropriate way of doing it. It'll give all users a unique HWID > 0, I doubt it's right though. Works per computer from the looks of it (disregards VPNs, mac spoofers, etc(?))

 

[Eric]

It'd be good to note here this is an improper formula for it. Me and BlitzMK figured this was the most appropriate way of doing it. It'll give all users a unique HWID > 0, I doubt it's right though. Works per computer from the looks of it (disregards VPNs, mac spoofers, etc(?))

I still have to implement it myself. Surprised someone else actually knew about this, I made a thread about it a while ago LOL. You're correct, it is a unique SystemInfo MachineID. It is 16 bytes of data, and is initialized upon password select (and on SendViewAllCharPacket). It has some commands and I thought it got operating system information but in the end only got volume serial numbers.

Here is the client sub if you're interested:

int __thiscall CSystemInfo::Init(void *this)
{
  signed int v1; // ebx@1
  int v2; // edx@13
  signed int v3; // eax@13
  int v4; // ecx@13
  int v5; // esi@14
  CSystemInfo *v6; // esi@15
  int v7; // ecx@15
  CSystemInfo *v8; // edx@15
  int v9; // eax@15
  int v10; // ecx@15
  int result; // eax@16
  int v12; // eax@21
  int v13; // ecx@21
  CSystemInfo *v14; // esi@21
  int v15; // edx@21
  __int64 v16; // kr08_8@22
  CSystemInfo *v17; // esi@22
  int v18; // eax@22
  CSystemInfo *v19; // [sp+7Ch] [bp-9B8h]@1
  char v20[9]; // [sp+80h] [bp-9B4h]@1
  int v21; // [sp+89h] [bp-9ABh]@1
  __int16 v22; // [sp+8Dh] [bp-9A7h]@1
  char v23; // [sp+8Fh] [bp-9A5h]@1
  int v24; // [sp+90h] [bp-9A4h]@11
  char v25; // [sp+94h] [bp-9A0h]@11
  struct _NCB pncb; // [sp+98h] [bp-99Ch]@1
  char v27; // [sp+D8h] [bp-95Ch]@11
  CSystemInfoVtbl *v28; // [sp+DCh] [bp-958h]@1
  int v29; // [sp+E0h] [bp-954h]@21
  int v30; // [sp+E4h] [bp-950h]@21
  int v31; // [sp+E8h] [bp-94Ch]@21
  int v32; // [sp+1DCh] [bp-858h]@3
  __int16 v33; // [sp+1E0h] [bp-854h]@8
  char v34; // [sp+1E4h] [bp-850h]@6
  char v35; // [sp+434h] [bp-600h]@11
  char v36; // [sp+437h] [bp-5FDh]@11
  char v37; // [sp+634h] [bp-400h]@11
  char v38; // [sp+834h] [bp-200h]@11

  *(_QWORD *)&v20[1] = 0i64;
  v19 = (CSystemInfo *)this;
  v21 = 0;
  v22 = 0;
  memset(&pncb, 0, sizeof(pncb));
  v20[0] = 0;
  v23 = 0;
  LOBYTE(v28) = 0;
  pncb.ncb_command = 55;
  pncb.ncb_buffer = (char *)&v28;
  pncb.ncb_length = 256;
  Netbios(&pncb);
  v1 = 0;
  if ( (_BYTE)v28 )
  {
    while ( 1 )
    {
      memset(&pncb, 0, sizeof(pncb));
      pncb.ncb_command = 50;
      pncb.ncb_lana_num = v1;
      if ( !Netbios(&pncb) )
      {
        memset(&pncb, 0, sizeof(pncb));
        strcpy(pncb.ncb_callname, "*");
        pncb.ncb_command = 51;
        pncb.ncb_lana_num = v1;
        memset(&v32, 0, 0x258u);
        pncb.ncb_buffer = (char *)&v32;
        pncb.ncb_length = 600;
        if ( !Netbios(&pncb) )
          break;
      }
      ++v1;
      if ( v1 >= (unsigned __int8)v28 )
        goto LABEL_11;
    }
    if ( v34 != -2 && v34 != -1 )
    {
      if ( v34 )
        v20[0] = v34;
    }
    else
    {
      *(_DWORD *)v20 = v32;
      *(_WORD *)&v20[4] = v33;
    }
  }
LABEL_11:
  GetWindowsDirectoryA(&v35, 0x200u);
  v36 = 0;
  if ( GetVolumeInformationA(&v35, &v37, 0x200u, (LPDWORD)&v24, (LPDWORD)&v25, (LPDWORD)&v27, &v38, 0x200u) == 1 )
    *(_DWORD *)&v20[6] = v24;
  v2 = 0;
  v3 = 0;
  v4 = (int)v20;
  do
  {
    v5 = v3 + 3;
    LOWORD(v5) = *(_WORD *)v4 * (v3 + 3);
    v2 += v5;
    ++v3;
    v4 += 2;
  }
  while ( v3 < 6 );
  v6 = v19;
  v7 = *(_DWORD *)&v20[4];
  *(__int16 *)((char *)&v22 + 1) = v2;
  v8 = (CSystemInfo *)((char *)v19 + 20);
  *(_DWORD *)&v19->MachineId[0] = *(_DWORD *)v20;
  v9 = *(_DWORD *)&v20[8];
  *(_DWORD *)&v8->SupportId[0] = v7;
  v10 = *(int *)((char *)&v21 + 3);
  *(_DWORD *)&v8->SupportId[4] = v9;
  *(_DWORD *)&v8->SupportId[8] = v10;
  RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion", 0, 3u, (PHKEY)&v19);
  if ( v19 )
  {
    v24 = 256;
    if ( RegQueryValueExA((HKEY)v19, "CxSupportId", 0, (LPDWORD)&v25, (LPBYTE)&v28, (LPDWORD)&v24) || v24 != 16 )
    {
      CoCreateGuid((GUID *)v20);
      RegSetValueExA((HKEY)v19, "CxSupportId", 0, 3u, v20, 0x10u);
      v16 = *(_QWORD *)&v20[4];
      v17 = (CSystemInfo *)((char *)v6 + 4);
      v17->vfptr = *(CSystemInfoVtbl **)v20;
      v18 = *(int *)((char *)&v21 + 3);
      *(_QWORD *)&v17->SupportId[0] = v16;
      *(_DWORD *)&v17->SupportId[8] = v18;
    }
    else
    {
      v12 = v29;
      v13 = v30;
      v14 = (CSystemInfo *)((char *)v6 + 4);
      v14->vfptr = v28;
      v15 = v31;
      *(_DWORD *)&v14->SupportId[0] = v12;
      *(_DWORD *)&v14->SupportId[4] = v13;
      *(_DWORD *)&v14->SupportId[8] = v15;
    }
    result = RegCloseKey((HKEY)v19);
  }
  else
  {
    result = (int)v6->SupportId;
    do
    {
      *(_BYTE *)result = *(_BYTE *)(result + 16);
      ++result;
    }
    while ( -4 - (signed int)v6 + result < 16 );
  }
  return result;
}

This is where it calls the GetVolumeInformation() and returns the serial number.

___:00B14114 ; BOOL __stdcall GetVolumeInformationA(LPCSTR lpRootPathName, LPSTR lpVolumeNameBuffer, DWORD nVolumeNameSize, [b]LPDWORD lpVolumeSerialNumber[/b], LPDWORD lpMaximumComponentLength, LPDWORD lpFileSystemFlags, LPSTR lpFileSystemNameBuffer, DWORD nFileSystemNameSize)

This is from the microsoft libraries though, but you could definitely find how everything being translated if you really care to. But, either way, just adding all the ints together generates a unique 16-byte MachineID. I have yet to test it on a mac spoofer, but iirc, using a VPN I had the same MachineID.

Nice job though, something you don't see in public sources.

 

[MVVintage]

I still have to implement it myself. Surprised someone else actually knew about this, I made a thread about it a while ago LOL. You're correct, it is a unique SystemInfo MachineID. It is 16 bytes of data, and is initialized upon password select (and on SendViewAllCharPacket). It has some commands and I thought it got operating system information but in the end only got volume serial numbers.

Here is the client sub if you're interested:

int __thiscall CSystemInfo::Init(void *this)
{
  signed int v1; // ebx@1
  int v2; // edx@13
  signed int v3; // eax@13
  int v4; // ecx@13
  int v5; // esi@14
  CSystemInfo *v6; // esi@15
  int v7; // ecx@15
  CSystemInfo *v8; // edx@15
  int v9; // eax@15
  int v10; // ecx@15
  int result; // eax@16
  int v12; // eax@21
  int v13; // ecx@21
  CSystemInfo *v14; // esi@21
  int v15; // edx@21
  __int64 v16; // kr08_8@22
  CSystemInfo *v17; // esi@22
  int v18; // eax@22
  CSystemInfo *v19; // [sp+7Ch] [bp-9B8h]@1
  char v20[9]; // [sp+80h] [bp-9B4h]@1
  int v21; // [sp+89h] [bp-9ABh]@1
  __int16 v22; // [sp+8Dh] [bp-9A7h]@1
  char v23; // [sp+8Fh] [bp-9A5h]@1
  int v24; // [sp+90h] [bp-9A4h]@11
  char v25; // [sp+94h] [bp-9A0h]@11
  struct _NCB pncb; // [sp+98h] [bp-99Ch]@1
  char v27; // [sp+D8h] [bp-95Ch]@11
  CSystemInfoVtbl *v28; // [sp+DCh] [bp-958h]@1
  int v29; // [sp+E0h] [bp-954h]@21
  int v30; // [sp+E4h] [bp-950h]@21
  int v31; // [sp+E8h] [bp-94Ch]@21
  int v32; // [sp+1DCh] [bp-858h]@3
  __int16 v33; // [sp+1E0h] [bp-854h]@8
  char v34; // [sp+1E4h] [bp-850h]@6
  char v35; // [sp+434h] [bp-600h]@11
  char v36; // [sp+437h] [bp-5FDh]@11
  char v37; // [sp+634h] [bp-400h]@11
  char v38; // [sp+834h] [bp-200h]@11

  *(_QWORD *)&v20[1] = 0i64;
  v19 = (CSystemInfo *)this;
  v21 = 0;
  v22 = 0;
  memset(&pncb, 0, sizeof(pncb));
  v20[0] = 0;
  v23 = 0;
  LOBYTE(v28) = 0;
  pncb.ncb_command = 55;
  pncb.ncb_buffer = (char *)&v28;
  pncb.ncb_length = 256;
  Netbios(&pncb);
  v1 = 0;
  if ( (_BYTE)v28 )
  {
    while ( 1 )
    {
      memset(&pncb, 0, sizeof(pncb));
      pncb.ncb_command = 50;
      pncb.ncb_lana_num = v1;
      if ( !Netbios(&pncb) )
      {
        memset(&pncb, 0, sizeof(pncb));
        strcpy(pncb.ncb_callname, "*");
        pncb.ncb_command = 51;
        pncb.ncb_lana_num = v1;
        memset(&v32, 0, 0x258u);
        pncb.ncb_buffer = (char *)&v32;
        pncb.ncb_length = 600;
        if ( !Netbios(&pncb) )
          break;
      }
      ++v1;
      if ( v1 >= (unsigned __int8)v28 )
        goto LABEL_11;
    }
    if ( v34 != -2 && v34 != -1 )
    {
      if ( v34 )
        v20[0] = v34;
    }
    else
    {
      *(_DWORD *)v20 = v32;
      *(_WORD *)&v20[4] = v33;
    }
  }
LABEL_11:
  GetWindowsDirectoryA(&v35, 0x200u);
  v36 = 0;
  if ( GetVolumeInformationA(&v35, &v37, 0x200u, (LPDWORD)&v24, (LPDWORD)&v25, (LPDWORD)&v27, &v38, 0x200u) == 1 )
    *(_DWORD *)&v20[6] = v24;
  v2 = 0;
  v3 = 0;
  v4 = (int)v20;
  do
  {
    v5 = v3 + 3;
    LOWORD(v5) = *(_WORD *)v4 * (v3 + 3);
    v2 += v5;
    ++v3;
    v4 += 2;
  }
  while ( v3 < 6 );
  v6 = v19;
  v7 = *(_DWORD *)&v20[4];
  *(__int16 *)((char *)&v22 + 1) = v2;
  v8 = (CSystemInfo *)((char *)v19 + 20);
  *(_DWORD *)&v19->MachineId[0] = *(_DWORD *)v20;
  v9 = *(_DWORD *)&v20[8];
  *(_DWORD *)&v8->SupportId[0] = v7;
  v10 = *(int *)((char *)&v21 + 3);
  *(_DWORD *)&v8->SupportId[4] = v9;
  *(_DWORD *)&v8->SupportId[8] = v10;
  RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion", 0, 3u, (PHKEY)&v19);
  if ( v19 )
  {
    v24 = 256;
    if ( RegQueryValueExA((HKEY)v19, "CxSupportId", 0, (LPDWORD)&v25, (LPBYTE)&v28, (LPDWORD)&v24) || v24 != 16 )
    {
      CoCreateGuid((GUID *)v20);
      RegSetValueExA((HKEY)v19, "CxSupportId", 0, 3u, v20, 0x10u);
      v16 = *(_QWORD *)&v20[4];
      v17 = (CSystemInfo *)((char *)v6 + 4);
      v17->vfptr = *(CSystemInfoVtbl **)v20;
      v18 = *(int *)((char *)&v21 + 3);
      *(_QWORD *)&v17->SupportId[0] = v16;
      *(_DWORD *)&v17->SupportId[8] = v18;
    }
    else
    {
      v12 = v29;
      v13 = v30;
      v14 = (CSystemInfo *)((char *)v6 + 4);
      v14->vfptr = v28;
      v15 = v31;
      *(_DWORD *)&v14->SupportId[0] = v12;
      *(_DWORD *)&v14->SupportId[4] = v13;
      *(_DWORD *)&v14->SupportId[8] = v15;
    }
    result = RegCloseKey((HKEY)v19);
  }
  else
  {
    result = (int)v6->SupportId;
    do
    {
      *(_BYTE *)result = *(_BYTE *)(result + 16);
      ++result;
    }
    while ( -4 - (signed int)v6 + result < 16 );
  }
  return result;
}

This is where it calls the GetVolumeInformation() and returns the serial number.

___:00B14114 ; BOOL __stdcall GetVolumeInformationA(LPCSTR lpRootPathName, LPSTR lpVolumeNameBuffer, DWORD nVolumeNameSize, [B]LPDWORD lpVolumeSerialNumber[/B], LPDWORD lpMaximumComponentLength, LPDWORD lpFileSystemFlags, LPSTR lpFileSystemNameBuffer, DWORD nFileSystemNameSize)

This is from the microsoft libraries though, but you could definitely find how everything being translated if you really care to. But, either way, just adding all the ints together generates a unique 16-byte MachineID. I have yet to test it on a mac spoofer, but iirc, using a VPN I had the same MachineID.

Nice job though, something you don't see in public sources.

Not surprised you had posted a thread about this actually! You have a lot of good documentation/reference stuff in your posts about material regarding the BMS files. I had no clue at first how to go about it, and initially the 4 int's added together would result in a negative MachineID for some people which didn't seem right, so the next most sensible thing was to add 0x7FFFFFFF.
I thought originally it got some serials in relation to your Hard Drive and possibly motherboard, but I guess that wasn't the case after all.

 

[Eric]

Not surprised you had posted a thread about this actually! You have a lot of good documentation/reference stuff in your posts about material regarding the BMS files. I had no clue at first how to go about it, and initially the 4 int's added together would result in a negative MachineID for some people which didn't seem right, so the next most sensible thing was to add 0x7FFFFFFF.
I thought originally it got some serials in relation to your Hard Drive and possibly motherboard, but I guess that wasn't the case after all.

Yep, I had the same problem with negative id's and was like wat. ;P I thought so too, it would make sense being other hardware cuz selecting chars is HWID..

 

[Twdtwd]

Holy poop there is HWID blocking in this source. Amazing release.

It'd be good to note here this is an improper formula for it. Me and BlitzMK figured this was the most appropriate way of doing it. It'll give all users a unique HWID > 0, I doubt it's right though. Works per computer from the looks of it (disregards VPNs, mac spoofers, etc(?))

MapleSolaxia actually had HWID bans in the release as well, just was never announced. They used the volume serial number that was sent to the server in the char select packet for yet another method.

 

[MVVintage]

MapleSolaxia actually had HWID bans in the release as well, just was never announced. They used the volume serial number that was sent to the server in the char select packet for yet another method.

Correct me if I'm wrong but didn't you guys do it as a string? It seems to differ from the login one (from what I saw), and I couldn't find it in v62 for the character selection one, unless I glanced over it.

EDIT: I did miss it! Thank you for mentioning this.