Quantcast

Jump to content

» «
Photo

Documenting GTA3/VC memory addresses

1,185 replies to this topic
mvi
  • mvi

    Your mother

  • Members
  • Joined: 30 Oct 2004

#541

Posted 27 February 2005 - 01:55 PM

OK, I'm completely lost, I see all these codes representing different parts of Vice City, but how do I auctually implement them. Do I need a coding program, such as VBasic?

Linx
  • Linx

    Player Hater

  • Members
  • Joined: 23 Mar 2004

#542

Posted 27 February 2005 - 02:23 PM

You can use a memory searcher, like T-Search smile.gif .

J-Fox.GEMM
  • J-Fox.GEMM

    Ello...

  • Members
  • Joined: 31 Aug 2004

#543

Posted 27 February 2005 - 07:40 PM

Or Artmoney... (I think thats the fastest app)

mvi
  • mvi

    Your mother

  • Members
  • Joined: 30 Oct 2004

#544

Posted 28 February 2005 - 09:56 PM

OK, I've got it all to work, the only thing I now need to know is how they're found in the first place.

ESMazter
  • ESMazter

    http://www.erhan.es

  • Members
  • Joined: 27 Sep 2004

#545

Posted 01 March 2005 - 05:37 PM

Hey Andy could you upload your newest boundaries.cht file please?

Kryptos
  • Kryptos

    Hacker

  • Members
  • Joined: 05 Nov 2003

#546

Posted 01 March 2005 - 05:47 PM Edited by Kryptos, 01 March 2005 - 05:51 PM.

QUOTE (mvi)
OK, I've got it all to work, the only thing I now need to know is how they're found in the first place.

There's tutorials all over the Internet about this, and this isn't the topic to ask how to do something, this is specifically for documenting addresses. Use Nanobot2k's archive of tutorials to get started, which can be found here [http://pc.nanobot2k.org/?action=articles].

And there isn't one specific method to do something. Depending on your skillset you can go about finding addresses numerous ways, some prefer using editors, like T-Search and ArtMoney, while others prefer using disassemblers, like IDA, not to mention the god of Win32 hacking; SoftICE. I prefer both the latter, which are available on the net.

Andy80586
  • Andy80586

    Mark Chump

  • Members
  • Joined: 23 Jul 2003
  • United-States

#547

Posted 05 March 2005 - 12:16 AM

Memory hacking has its limitations, and in order to expand the boundaries you will need to modify the file itself with a hex editor. I posted some of the addresses in this thread, but boundaries.cht will not get you anywhere.

This will. Unzip it to the base Vice City directory, BACKING UP THE ORIGINAL FILE. This file is early alpha at best and will crash your game at one point or another (depending on what you are doing). Going too fast or acquiring a wanted level will crash the game in some places. This version does not have the fix for east and west water walls, so if you fly too far west or east you will hit one and get wasted. The file does the following:

1. Expands the boundaries to 200,000 each way.
2. Increases the maximum number of IDE objects to 4397 (from 3885).
3. Allows for 100 more TXD files to be referenced in the game.
4. Increases the total number of paths possible for the game.
5. Increases the path boundaries by deleting the x16 multiplier (all paths must be converted by dividing the xyz coords by 16 or they won't work).
6. Increases the helicopter height boundary.

Fixes for the near future include:

1. Eliminating the 2000 poly limit in .col files.
2. Fixing the water walls (I already know the address, but changing it causes some visual issues, so each function will need to be analyzed separately).
3. Fixing water boundaries and perhaps the radar.

DexX
  • DexX

    Black Hat

  • Feroci
  • Joined: 16 May 2002

#548

Posted 05 March 2005 - 01:49 AM

/* useful, andy. one more "bug", which i encounted while playing, is that if i stole a car with a car alarm, the alarm didnt shut off, ever.

I particularly look forward to seeing if you can increase the 2000-poly col limit... */

Opius
  • Opius

    General

  • Feroci
  • Joined: 27 Jun 2002

#549

Posted 05 March 2005 - 06:56 AM

Great work, as usual. It's amazing to see your work in action. I'm really looking forward to future releases.

One note I do have to give though, is that in the future, could you try to make either a patch for gta-vc.exe, or a trainer that modifies it as it starts? The EXE you posted has a NO-CD crack applied, and any distribution of the EXE is technically against the EULA. It's dubiously legal, and I'd hate to see your project be hit with a cease-and-desist from Rockstar because of your means of distribution.

If you need with programming for a patcher or trainer, I'm sure the people in this topic will be more than happy to help you. smile.gif

Andy80586
  • Andy80586

    Mark Chump

  • Members
  • Joined: 23 Jul 2003
  • United-States

#550

Posted 05 March 2005 - 07:53 AM Edited by Andy80586, 05 March 2005 - 08:10 AM.

ok... i'll keep that in mind... maybe for future releases i will have the version require a cd, but for now I am going to have to take the file down. Do you think you can find another place to host it? Not like piraters would like something that crashes as much as this file does, but with crap like the DMCA in place anyone can get sued. So much for living in the "land of the free".

edit: or find a way to program what I did into some sort of patch? I tried using an .asi file for this but for some reason or another it failed to work right; it seemed to activate after it was needed.

I will look into applying everything I did a second time... maybe it will help get rid of some of the bugs that have shown up, and having it require a CD may make R* happier about it by not making piracy easier to pull off.

-Andy80586

Opius
  • Opius

    General

  • Feroci
  • Joined: 27 Jun 2002

#551

Posted 05 March 2005 - 08:00 AM

I'm sure if you post a list of edits you made, someone could make a small program that edits the original EXE to make it identical to the one you had up before. Another advantage to this method is that it should only be a couple of kilobytes, which would mean it wouldn't put a big strain on the server it's hosted on.

I know nothing of actual programming, so I'm afraid I can't help you out with this. I'm just trying to keep you in the clear from a legal standpoint.

Andy80586
  • Andy80586

    Mark Chump

  • Members
  • Joined: 23 Jul 2003
  • United-States

#552

Posted 05 March 2005 - 08:20 AM

OK, but that is going to be a long list. What I would need is something that starts before VC (an .asi file starts working after VC starts loading) that can set everything up that I did with the original file. But making the next version CD-only might add an air of legitimacy to the mod.

The problem with a list is that I changed lots of things at once with the search tool of Hex Workshop.

What I am thinking of is a tool similar to the Limit Adjuster, except it adjusts more limits.

Squiddy
  • Squiddy

    Back!

  • The Connection
  • Joined: 06 Oct 2004

#553

Posted 05 March 2005 - 10:17 AM

Great work Andy. I'm not sure but didn't you took a look on gta lc's launcher? It modifies the exe too, so couldn't this program be used for your changes too?

steve-m
  • steve-m

  • Feroci
  • Joined: 26 Jul 2002

#554

Posted 05 March 2005 - 12:39 PM

QUOTE (Andy80586 @ Mar 5 2005, 09:20)
What I am thinking of is a tool similar to the Limit Adjuster, except it adjusts more limits.

I would be happy to make a new version of the limit adjuster, incorporating all the new things you found. But one thing to make sure is that it works with different versions of VC (also the australian one).

Edit: You aren't allowed to spread the game's exe anyway.

-GRAVITY2-
  • -GRAVITY2-

    Map Modeller

  • Members
  • Joined: 03 Jul 2004

#555

Posted 05 March 2005 - 03:24 PM

SWEEET Id love the no COL thing. Could you do that first? Every modder would love it. Do you know where its located in the exe?

DexX
  • DexX

    Black Hat

  • Feroci
  • Joined: 16 May 2002

#556

Posted 05 March 2005 - 04:34 PM

/* @ andy, this is what i use, for loaders and trainers -
http://www.gamehacki...t=Trainermakers

At the top, Game Trainer 1.6.2, its fairly simple and gets the job done. People like steve who can code you something decent are helpful, but this is a quick down-and-dirty fix, which you can easily modify and distribute for testing purposes.

The code you actually need to know is super simple, like this:
CODE
poke 0434567 05

instuction, address to modify, value to insert. it'll generate, and compile ASM code for you. i didn't *see* any address limit listed either. give it a shot cool.gif */

Andy80586
  • Andy80586

    Mark Chump

  • Members
  • Joined: 23 Jul 2003
  • United-States

#557

Posted 05 March 2005 - 10:41 PM

QUOTE (-GRAVITY2- @ Mar 5 2005, 08:24)
SWEEET Id love the no COL thing. Could you do that first? Every modder would love it. Do you know where its located in the exe?

I do not know where it is, or even if the limit is 2000 (there might be two separate limits, one for polys and one for vertices), but I tried making a base terrain for another island (it had 5766 vertices and 1922 polys) and it crashed the game.

DexX
  • DexX

    Black Hat

  • Feroci
  • Joined: 16 May 2002

#558

Posted 13 March 2005 - 06:09 PM Edited by ashdexx, 13 March 2005 - 06:12 PM.

/* user posted image

My Rancher (!) with fire truck lights, re-assigned, positioned, and scaled, to a new vehicle. It also has the emergency Radio, and a glitchy-siren. Squad cars, FBI, swat, and other EM vehicles are next on the list, hopefully i'll get the colors too.
Here's the firetruck Addy's (all are byte):
Firetruck Radio/Siren Vehicle ID: 0x5b8525
Firetruck EM Lights vehicle ID: 0x58be29
Firetruck EM Light Position ID: 0x58be87
Note: All 3 of these MUST be set at once, to the same vehicle, or your game will get glitchy with the firetruck/vehicle your trying to replace it with!!

Reposition and resize the Lights to match your vehicle (all are float?):
Firetuck light Z position: 0x69a644
Firetuck light X position: 0x69a6c0
Firetuck light Y offset: 0x69a708
Firetuck light horizontal scale: 0x69a728

It should be noted my Rancher was loaded through my custom main.scm, and was not part of the normal traffic. you may need to load your model first, i havent tested it otherwise.

I've also managed to re-position the hunter weapons. You can still use them only on other choppers (helis), but i can place them pretty much anywhere i want on the helis now. Nobody f*cks with my Maverick anymore tounge.gif

what else, what else........oh, and i got the addresses for the weapon + ammo you get when you enter a police car, or a caddy (you get a golfclub when you enter a caddy). I''ll be posting everything at once in the next day or so, once i get it all organized, and get some sleep sleepy.gif */

JernejL
  • JernejL

    Big Homie

  • Feroci
  • Joined: 11 Mar 2002

#559

Posted 13 March 2005 - 07:29 PM

but how did you change the light colors??

random_download
  • random_download

    :o

  • Members
  • Joined: 07 Mar 2004

#560

Posted 13 March 2005 - 09:40 PM

QUOTE
Squad cars, FBI, swat, and other EM vehicles are next on the list, hopefully i'll get the colors too

Ashdexx hasn't changed them yet has he? The firetruck lights are yellow and red normally.

J-Fox.GEMM
  • J-Fox.GEMM

    Ello...

  • Members
  • Joined: 31 Aug 2004

#561

Posted 14 March 2005 - 05:06 PM

Any ideas for the menu text colors (pink)? notify.gif

jacob.
  • jacob.

    Homie

  • Members
  • Joined: 27 Jun 2004

#562

Posted 14 March 2005 - 05:13 PM

I think those have some sort of 'texture' that is packed in GTA-VC.EXE, perhaps extractable with Reshack - all though you may not recognize it even if you see it.

DexX
  • DexX

    Black Hat

  • Feroci
  • Joined: 16 May 2002

#563

Posted 14 March 2005 - 05:56 PM

QUOTE (!cMc! Jacob @ Mar 14 2005, 11:13)
I think those have some sort of 'texture' that is packed in GTA-VC.EXE, perhaps extractable with Reshack - all though you may not recognize it even if you see it.

/* no, it uses the standard font in the fonts.txd. there's nothing useful you can grab form the exe with reshack.

@ delfi - those are the standard firetruck light colors.

Some of the menu colors are listed in the sourcecocde to the GTA:LC trainer, check that out. */

ModelingMan
  • ModelingMan

    Crackalacking!

  • Feroci
  • Joined: 23 Jan 2004
  • Scotland

#564

Posted 14 March 2005 - 06:30 PM Edited by ModelingMan, 14 March 2005 - 06:33 PM.

QUOTE (By J-Fox.GEMM Posted on Mar 14 2005 @ 17:06)
Any ideas for the menu text colors (pink)?  notify.gif

Hammer already got those addresses for GTA:LC, one minor drawback is that the memory addresses must be edited before the function they are in is called, ergo you must edit the values while the intro is playing.

QUOTE (By !cMc! Jacob Posted on Mar 14 2005 @ 17:13)
I think those have some sort of 'texture' that is packed in GTA-VC.EXE

They are in RGBA format, e.g.:
CODE
push 0FFh; A
push 0E1h; B
push 96h ; G
push 0FFh; R
call <blah>

The above colour is the menu text, which is: ▲▼▲▼

jacob.
  • jacob.

    Homie

  • Members
  • Joined: 27 Jun 2004

#565

Posted 15 March 2005 - 05:17 AM

RGB A? Whats the A stand for?


Kryptos
  • Kryptos

    Hacker

  • Members
  • Joined: 05 Nov 2003

#566

Posted 15 March 2005 - 05:37 AM

Alpha, it's the transparency (00 is completely transparent, FF is completely solid). You can refer to DirectX's D3DCOLOR (0xFFFFFFFF where the first FF is the alpha, the second is the blue, the third is the green and the last is the red, i.e. it's stored as ABGR opposed to RGBA which is why they are pushed onto the stack in that order):

QUOTE (ModelingMan)
CODE
push 0FFh; A
push 0E1h; B
push 96h; G
push 0FFh; R
call <blah>

So if you plan on using hex color codes in spookie's DLL make sure you start off with the transparency and then reverse the code, i.e. the hex color code #2C5D3F would become 0xFF3F5D2C.

ModelingMan
  • ModelingMan

    Crackalacking!

  • Feroci
  • Joined: 23 Jan 2004
  • Scotland

#567

Posted 15 March 2005 - 07:35 PM

QUOTE (Kryptos @ Mar 15 2005, 05:37)
QUOTE (ModelingMan)
CODE
push 0FFh; A
push 0E1h; B
push 96h; G
push 0FFh; R
call <blah>

So if you plan on using hex color codes in spookie's DLL make sure you start off with the transparency and then reverse the code, i.e. the hex color code #2C5D3F would become 0xFF3F5D2C.

Yeah, Smithers is the one who is doing the DX code with spookies source, but yeah I was aware of that but thanks for pointing it out.

DexX
  • DexX

    Black Hat

  • Feroci
  • Joined: 16 May 2002

#568

Posted 15 March 2005 - 09:31 PM

/* sorry for the delay, ill post those address when i get home. some of the sutff doesn't translate from one vehicle to another though, all the work i did for the firetruck, the corresponding addresses in the same blocks, that *look to be* from the ambulance, dont change jack sh*t cry.gif

got the rhino mapped out though. part of the police car.

question @ all who know anything about the ped blocks; while messing around with the memory yesterday, i stumbled across part of the ped block, that looks like its holds SCM information (they were custom actors from my scm, not just random peds). Anyway, by altering part of the commands, i was able to re-direct the ped to do something else. the ped i was messing with had instructions to watch to a certain set of coordinates, and sure enough, when i changed those coords in memory, he walked to the new coords instead tounge.gif
mmm....realtime scripting?

Is this similar too, or the same method as things like MTA and GEMM and GTA:C are using? i don't recall seeing any mention of it (what i just posted) in here. */

Kryptos
  • Kryptos

    Hacker

  • Members
  • Joined: 05 Nov 2003

#569

Posted 16 March 2005 - 12:55 AM Edited by Kryptos, 16 March 2005 - 03:42 AM.

Yeah, currently they define actors in the SCM which they then control via memory injection. Most groups are shifting towards SCM injection now, the method which spookie and [sheep] released in their spooshdemo and DX/SCM DLL (and don't flame me MTA, I know Kyeman was working on this stuff a year ago). You'll also probably see low level calls using modules loaded into the executable to allow full access to the engine's functions.

jacob.
  • jacob.

    Homie

  • Members
  • Joined: 27 Jun 2004

#570

Posted 17 March 2005 - 01:38 AM

QUOTE (Kryptos)
(and don't flame me MTA, I know Kyeman was working on this stuff a year ago)

Really? Did you mean that kyeman was helping spooky or was working on a seperate one alone?




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users