Quantcast

Jump to content

» «
Photo

Documenting GTA3/VC memory adresses

1,144 replies to this topic
_DK
  • _DK

    gta3 cleo

  • Feroci Racing
  • Joined: 12 Apr 2009
  • None

#1111

Posted 28 February 2013 - 05:18 PM Edited by DK22Pac, 23 May 2013 - 06:48 PM.

Logo size and position is described with CRect class/RwRect struct (2 corners with (x,y)). Here is the code starts from 0x4A3436 in VC 1.0:
CODE
// RwRect rect;
if(rsGlobal.h == 448)
 rect.y1 = flt_68D430;
else
 rect.y1 = rsGlobal.h * flt_68D434;
if(rsGlobal.w == 640)
 rect.x2 = flt_68D438;
else
 rect.x2 = rsGlobal.w * flt_68D43C;
if(rsGlobal.h == 448)
 rect.y2 = flt_68D440;
else
 rect.y2 = rsGlobal.h * flt_68D444;
if(rsGlobal.w == 640)
 rect.x1 = flt_68D448;
else
 rect.x1 = rsGlobal.w * flt_68D44C;

So, your code will be
CODE
// global vars  
float g_flt_68D430 = 138.0; // default value
float g_flt_68D434 = 0.3080357; // default value
float g_flt_68D438 = 157.0; // default value
float g_flt_68D43C = 0.2453125; // default value
float g_flt_68D440 = 8.0; // default value
float g_flt_68D444 = 0.017857144; // default value
float g_flt_68D448 = 27.0; // default value
float g_flt_68D44C = 0.042187501; // default value

// replacing
writeAddress(0x4A344C, &g_flt_68D430, 4);
writeAddress(0x4A345C, &g_flt_68D434, 4);
writeAddress(0x4A3472, &g_flt_68D438, 4);
writeAddress(0x4A3482, &g_flt_68D43C, 4);
writeAddress(0x4A3491, &g_flt_68D440, 4);
writeAddress(0x4A34A1, &g_flt_68D444, 4);
writeAddress(0x4A34B1, &g_flt_68D448, 4);
writeAddress(0x4A34C1, &g_flt_68D44C, 4);

HackMan128
  • HackMan128

    alovelyday

  • Members
  • Joined: 09 Jul 2006
  • None
  • Best Map 2013 "ViceCityStories PC Edition"

#1112

Posted 19 April 2013 - 10:19 AM

Is there any tool/trainer to remove cops/swat weapons? It would be cool if they will fight like a man, by hands.

Jack...
  • Jack...

    Wanted Level modifications

  • Feroci Racing
  • Joined: 06 Dec 2011
  • Serbia

#1113

Posted 19 April 2013 - 11:11 AM

Download v1.0 of my Police Weapons mod and then change cop and SWAT weapon values to 0. And for SA you can use version 1.1.


_DK
  • _DK

    gta3 cleo

  • Feroci Racing
  • Joined: 12 Apr 2009
  • None

#1114

Posted 19 April 2013 - 11:18 AM Edited by DK22Pac, 23 May 2013 - 06:48 PM.

I believe you need just to patch a constructor (CCopPed::CCopPed).
CODE
case 0:
   cop->GiveWeapon(WEAPON_NITESTICK, 1000, 1);
   cop->SetWeapon(WEAPON_COLT45, 1000);
//
case 1:
   cop->SetWeapon(WEAPON_MP5LNG, 1000);
   cop->SetCurrentWeapon(WEAPON_MP5LNG);
case 2:
case 3:
   cop->SetWeapon(WEAPON_UZI, 1000);
   cop->SetCurrentWeapon(WEAPON_UZI);
// ...

Try this code for VC 1.0
CODE
05DF: write_memory 0x4ED76A size 14 value 0x90 virtual_protect 1
05DF: write_memory 0x4ED77C size 12 value 0x90 virtual_protect 1
05DF: write_memory 0x4ED7CB size 12 value 0x90 virtual_protect 1
05DF: write_memory 0x4ED7DB size 7 value 0x90 virtual_protect 1
05DF: write_memory 0x4ED81A size 12 value 0x90 virtual_protect 1
05DF: write_memory 0x4ED83C size 12 value 0x90 virtual_protect 1
05DF: write_memory 0x4ED84C size 7 value 0x90 virtual_protect 1
05DF: write_memory 0x4ED8B6 size 12 value 0x90 virtual_protect 1
05DF: write_memory 0x4ED826 size 2 value 0x90 virtual_protect 1
05DF: write_memory 0x4ED8C2 size 2 value 0x90 virtual_protect 1
05DF: write_memory 0x4ED8C8 size 5 value 0x90 virtual_protect 1

Jack...
  • Jack...

    Wanted Level modifications

  • Feroci Racing
  • Joined: 06 Dec 2011
  • Serbia

#1115

Posted 23 May 2013 - 11:50 AM

More SWAT rope stuff (gta vc 1.0):
End of the rope:
CODE
0x936A98 [Float]---X1
0x936A9C [Float]---Y1
0x936AA0 [Float]---Z1

0x936DA4 [Float]---X2
0x936DA8 [Float]---Y2
0x936DAC [Float]---Z2

0x9370B0 [Float]---X3
0x9370B4 [Float]---Y3
0x9370B8 [Float]---Z3

0x9373BC [Float]---X4
0x9373C0 [Float]---Y4
0x9373C4 [Float]---Z4
.
.
.
........ [Float]..X(n+1)=Xn+30C
........ [Float]..Y(n+1)=Yn+30C
........ [Float]..Z(n+1)=Zn+30C

Besides the outset and the end, every rope has several points between these two points (probably used for SWAT ped to come down). There're plenty of those addresses and "0C" is a distance between them. For exmpl: X1 end minus 0C is a point above the rope ending or X1 outset plus 0C is a point below the outset, that point plus 0C is a point below that one (0C+0C+0C...). Interesting memory region sigh.gif . I wish I can find a rope color sly.gif .

_DK
  • _DK

    gta3 cleo

  • Feroci Racing
  • Joined: 12 Apr 2009
  • None

#1116

Posted 23 May 2013 - 04:51 PM Edited by DK22Pac, 23 May 2013 - 06:44 PM.

CODE
0x936918 CRopes::aRopes[8]

0x632550 CRopes::CreateRopeWithSwatComingDown(CVector)
0x632C00 CRopes::FindCoorsAlongRope(unsigned int, float, CVector *)
0x632D50 CRopes::SetSpeedOfTopNode(unsigned int, CVector)
0x632DB0 CRopes::RegisterRope(unsigned int, CVector, bool)
0x632FC0 CRopes::Render(void)
0x633000 CRopes::Update(void)
0x633040 CRopes::Init(void)

0x632610 CRope::Render(void)
0x6329A0 CRope::Update(void)
0x6330A0 CRope::CRope(void)

0x5ABE20 CHeli::SendDownSwat(void)

0x4EB280 CCopPed::ProcessHeliSwat(void)

0x6DC300 RopeIndices[64]

Jack...
  • Jack...

    Wanted Level modifications

  • Feroci Racing
  • Joined: 06 Dec 2011
  • Serbia

#1117

Posted 23 May 2013 - 05:22 PM

Jeesus! How are you finding these things? I understand the first one - I saw it for a thousand times while I was doing this research (quote from Cheat Engine: "The value of the pointer needed to find this address is probably 00936918") but what about the rest of them? Are you using that tool you recomended me in this topic
Is this mean that my posts in this topic are all bumps and I shoud probably shut up?

_DK
  • _DK

    gta3 cleo

  • Feroci Racing
  • Joined: 12 Apr 2009
  • None

#1118

Posted 23 May 2013 - 05:27 PM Edited by DK22Pac, 23 May 2013 - 06:44 PM.

Yes, I used IDA to link functions with their original names from R*.
QUOTE
Is this mean that my posts in this topic are all bumps and I shoud probably shut up?

No. I just wanted to make that information more complete. Your address helped me too, I've started from it. icon14.gif

Starting from 0x936918, we have 8 CRope structs (each 0x30C bytes in size).
CODE
0x000 BYTE    isActive; is this rope exist
0x001 BYTE    ?
0x002 BYTE    ?
0x003 BYTE    padding
0x004 DWORD   index; unique index
0x008 DWORD   time; this is set to 20000 if rope is permanent (created with scm opcode)
0x00C CVector posn[32]; posn for each point (we have 32 points in one rope)
0x18C CVector speed[32]; speed for each point
0x30C; end

If you want to change rope color, you need to patch rope render function (CRope::Render).
CODE
05DF: write_memory 0x632758 size 4 value 0x64808080 virtual_protect 1 // color in ABGR
05DF: write_memory 0x632790 size 4 value 0x64808080 virtual_protect 1
05DF: write_memory 0x6327C9 size 4 value 0x64808080 virtual_protect 1
05DF: write_memory 0x632805 size 4 value 0x64808080 virtual_protect 1
05DF: write_memory 0x632841 size 4 value 0x64808080 virtual_protect 1
05DF: write_memory 0x63287D size 4 value 0x64808080 virtual_protect 1
05DF: write_memory 0x6328B9 size 4 value 0x64808080 virtual_protect 1
05DF: write_memory 0x6328F5 size 4 value 0x64808080 virtual_protect 1

Jack...
  • Jack...

    Wanted Level modifications

  • Feroci Racing
  • Joined: 06 Dec 2011
  • Serbia

#1119

Posted 24 May 2013 - 06:51 PM Edited by JACK JONES, 24 May 2013 - 07:14 PM.

QUOTE
0x008 DWORD   time; this is set to 20000 if rope is permanent (created with scm opcode)

I've been waiting for this. It's now possible to make the halicopters to lift vehicles biggrin.gif just like in that San Andreas mission called "Up, Up and Away!". Thank you DK22Pac. I've never dreamed that the memory addresses could be so fun.

juarez
  • juarez

    Memory Hacking

  • Members
  • Joined: 11 Jun 2011

#1120

Posted 25 May 2013 - 02:24 PM Edited by juarez, 25 May 2013 - 02:41 PM.

GTA VC 1.0

CODE

CScriptPath::AttahToObject  0x54DC10
CScriptPath::Add   0x54DC60
CScriptPath::Release   0x54DCC0
CScriptPath::LoadFromSave  0x54DE00
CScriptPath::WriteToSave  0x54DFE0
CScriptPath::ReplayProc   0x54E100
CScriptPath::Process                    0x54E140
CScriptPath::deconstructor  0x54E170
CScriptPath::Reset   0x54E210

m_fScriptPathSpeed   0x9B69B8
m_fScriptPathDistance   0x9B69BC
gScriptPath    0x9B69AC

Swoorup
  • Swoorup

    innovator

  • Members
  • Joined: 28 Oct 2008

#1121

Posted 10 June 2013 - 10:58 AM Edited by Swoorup, 10 June 2013 - 05:14 PM.

Hacking Vice City game boundaries.

game stores entities inside a grid of sectors
each sector consist of all entities inside of one 50 sq unit game area

there are originally 80 * 80 grid sector for vice city,
that means game can store 4000 sq units wide encompassable entities

simply changing the indexer to 500, we can have 40,000 sq units wide game boundaries

CODE

#include <windows.h>
#include <stdio.h>

#define ARRLEN(a) (sizeof(a)/sizeof(a[0]))

#define BOUNDMULT 10.0f

// all elements are stored in sector grid and 1 sector consist of all entities inside 50 sq units game area
// 80 * 80 sectors are in the game
DWORD dwBoundMultiplierInstRef[] = {
0x40cc9d,0x40ccd1,0x40e526,0x40e565,0x40e5a4,
0x40e5e4,0x40ea5e,0x40ea89,0x40eaba,0x40eaff,
0x40eb40,0x40eb82,0x40f141,0x40f19b,0x40f20f,
0x40f243,0x40f5ef,0x40f623,0x423c97,0x423cd8,
0x423d19,0x423d5b,0x42563c,0x42567d,0x4256be,
0x425700,0x4258fe,0x42593f,0x425980,0x4259c2,
0x42e575,0x42e5b4,0x42e5f3,0x42e631,0x47fb72,
0x47fba5,0x47fbdb,0x47fc0e,0x487555,0x487580,
0x4875b3,0x4875f8,0x487633,0x48765e,0x487d55,
0x487d80,0x487db3,0x487df8,0x487e33,0x487e5e,
0x487ff5,0x488020,0x488053,0x488098,0x4880d3,
0x4880fe,0x4baf0b,0x4baf36,0x4baf69,0x4bafae,
0x4bafe9,0x4bb014,0x4bb335,0x4bb360,0x4bb393,
0x4bb3d8,0x4bb413,0x4bb43e,0x4bd9fb,0x4bda3c,
0x4bda7d,0x4bdabf,0x4c7088,0x4c70a6,0x4c70c8,
0x4c70e2,0x4c70fc,0x4c7116,0x4c730c,0x4c734d,
0x4c738f,0x4c73d0,0x4c8a69,0x4c8a87,0x4c8aa9,
0x4c8ac3,0x4c8add,0x4c8af7,0x4c8b13,0x4c8b2d,
0x4c8b44,0x4c8b5b,0x4c8b72,0x4c8b96,0x4c8bad,
0x4c8bc4,0x4c8bdb,0x4c8bf2,0x4c8c09,0x4c8e38,
0x4c8e6f,0x4c8eb1,0x4c8ef0,0x4d28fa,0x4d2952,
0x4d2a70,0x4d2ac4,0x4d2c4d,0x4d2ca5,0x4d3245,
0x4d3286,0x4d32c7,0x4d3302,0x4d3f59,0x4d3fa0,
0x4d3fe5,0x4d4029,0x4d5227,0x4d5282,0x4d53f7,
0x4d5452,0x4d558c,0x4d55e2,0x4d580f,0x4d5857,
0x4d5896,0x4d58d7,0x4d5ba1,0x4d5bea,0x4d5c2b,
0x4d5c6d,0x4d5fbf,0x4d6007,0x4d6046,0x4d6087,
0x4d6393,0x4d63d9,0x4d641c,0x4d6460,0x4d6793,
0x4d67d9,0x4d681c,0x4d6860,0x4d6bb3,0x4d6bf9,
0x4d6c3c,0x4d6c80,0x4d82ef,0x4d8339,0x4d837c,
0x4d83c0,0x4d8b38,0x4d8b93,0x4d9434,0x4d948e,
0x4d94de,0x4d9530,0x4d9973,0x4d999e,0x4d99d1,
0x4d9a04,0x4d9a56,0x4d9c17,0x4d9f2e,0x4d9f59,
0x4d9f8c,0x4d9fbf,0x4da011,0x4da1d7,0x4da5a2,
0x4da5de,0x4da618,0x4da65b,0x4daa02,0x4dab90,
0x4dae60,0x4daff4,0x4e9af4,0x4e9b40,0x4e9b85,
0x4e9bcb,0x4e9fd4,0x4ea020,0x4ea065,0x4ea0ab,
0x4f35c3,0x4f360f,0x4f3654,0x4f369a,0x50d527,
0x50d562,0x50d59f,0x50d5eb,0x51d215,0x51d266,
0x51d2b1,0x51d2fd,0x53cfb4,0x53cffa,0x53d03b,
0x53d07d,0x552f2d,0x552f6c,0x552fab,0x552fe4,
0x56c427,0x56c468,0x56c4a9,0x56c4eb,0x56cf8a,
0x56cfcb,0x56d00c,0x56d04e,0x587747,0x587786,
0x5877c5,0x587803,0x587b87,0x587bc6,0x587c05,
0x587c43,0x5a88db,0x5a890f,0x5a8943,0x5a8977,
0x5b51a0,0x5b51ea,0x5b5232,0x5b5279,0x5bc71e,
0x5bc749};

DWORD dwCZonesBounds[] = {
0x4DE312,0x4DE31C,0x4DE32E,0x4DE338,
0x4DE364,0x4DE36E,0x4DE388,0x4DE392,
0x4DE46D,0x4DE477,0x4DE489,0x4DE493};

void updateGameBounds(void)
{
DWORD dwVp;
VirtualProtect((void*)0x401000, 0x27CE00, PAGE_EXECUTE_READWRITE, &dwVp);
static float fBoundMultiplier = 0.0020000001f;

for(int i = 0; i < ARRLEN(dwBoundMultiplierInstRef); i++)
 *(dwBoundMultiplierInstRef[i]) = (DWORD)&fBoundMultiplier;

for(int i = 0; i < ARRLEN(dwCZonesBounds); i++)
 *((float*)dwCZonesBounds[i]) *= BOUNDMULT;

*(float*)0x69136C = 50.0f * BOUNDMULT;

// world borders
*(float*)0x69135c *= BOUNDMULT;
*(float*)0x691360 *= BOUNDMULT;
*(float*)0x691364 *= BOUNDMULT;
*(float*)0x691368 *= BOUNDMULT;

//corona boarders
*(float*)0x69592c *= BOUNDMULT;
*(float*)0x695930 *= BOUNDMULT;
*(float*)0x695934 *= BOUNDMULT;
*(float*)0x695938 *= BOUNDMULT;

//car borders
*(float*)0x69a890 = 15950.0f;
*(float*)0x69a894 = -23950.0f;
*(float*)0x69a898 = 19950.0f;
*(float*)0x69a8a0 = -19950.0f;

// boat borders ??
*(float*)0x69afec = 15900.0f;
*(float*)0x69aff0 = -23900.0f;
*(float*)0x69aff4 = 19900.0f;
*(float*)0x69aff8 = -19900.0f;

// police chopper borders ??
*(float*)0x69c064 *= BOUNDMULT;
*(float*)0x69c068 *= BOUNDMULT;
*(float*)0x69c06c *= BOUNDMULT;
*(float*)0x69c070 *= BOUNDMULT;

// bullet boundaries ??
*(float*)0x69cf4c *= BOUNDMULT;
*(float*)0x69cf50 *= BOUNDMULT;
*(float*)0x69cf54 *= BOUNDMULT;
*(float*)0x69cf58 *= BOUNDMULT;

// projectile borders, simply destroy the projectiles
*(float*)0x69d1ac = -23990.0f;
*(float*)0x69d1b0 = 15990.0f;
*(float*)0x69d1b4 = -19990.0f;
*(float*)0x69d1b8 = 19990.0f;

DWORD dwVp2;
VirtualProtect((void*)0x401000, 0x27CE00, dwVp, &dwVp2);
}

int main()
{
updateGameBounds();
}


EDIT: this method would cause a bit of overhead on the game, since it stores larger entities inside a sector.
Sector searching algorithms, rendering algorithms might be bogged heavily

http://swoorup.x10.m.../Gamebounds.cpp

Jack...
  • Jack...

    Wanted Level modifications

  • Feroci Racing
  • Joined: 06 Dec 2011
  • Serbia

#1122

Posted 27 July 2013 - 06:11 PM Edited by JACK JONES, 26 August 2013 - 05:54 AM.

gta vc 1.0:
Some funny stuff found by me whatsthat.gif :
Light at the lighthouse 3D position for the light start:
CODE
0x7D3CB4 - [pointer]
   * +0x34 - [float] - X
   * +0x38 - [float] - Y
   * +0x3C - [float] - Z


EDIT:
While I was searching for the horizontal angle of the lighthouse corona I found some funy address quite by accident:
CODE
0x7D54F0 [Float] - default is 0.80000 // time before ricochet and blood vanish (I think)

This address is pretty interesting - when I increased the value to 5 ricochet from bullets and also a blood from the peds wounded by firearm went crazy. Light from ricochet (yellow) and blood (red) last longer then before and also their reflected angles are about 90 degres. Unfortunetly increased ricochet can't actually harm the peds but it still looks great. It seems like a slightly improved gore level happy.gif .

EDIT2:
CODE
0x695498 [float] - size of stars around the lighthouse - default 0.8 (with 100 it looks like a giant sun is about to hit the Earth)


gta3 v1.0:
Wanted Level vehicles ID
CODE
0x4182B7 [Byte] - first police car
0x418224 [Byte] - second police car
0x418231 [Byte] - Enforcer
0x41825D [Byte] - FBI car
0x4182A7 [Byte] - Barracks OL
0x4182B1 [Byte] - Rhino

It's changable but as in VC the models must be loaded and the new cars will be empty.

Wanted star needed for a specific police car to appear:
CODE
0x4ADBE3 [Byte] - 6th star
0x4ADBC3 [Byte] - 5th star
0x4ADBA3 [Byte] - 4th star

Changing the number of a star can make that the car from the other star comes.

Police skins:
CODE
0x4C11F2 [Byte] - Cop
0x4C1241 [Byte] - SWAT
0x4C12A0 [Byte] - FBI
0x4C12FC [Byte] - Army

Cop works only in wanted level.

Roadblocks:
CODE
0x43719C [byte] - Barracks OL
0x4371BA [byte] - FBI car
0x4371D8 [byte] - Enforcer
0x4371E4 [byte] - Police


It's so easy to modify Liberty wanted level now muppetmaster_karma.gif

And also this one:
CODE
0x6E9910 [byte] - ricochet and gore (for gta3)
devil.gif devil.gif devil.gif

_DK
  • _DK

    gta3 cleo

  • Feroci Racing
  • Joined: 12 Apr 2009
  • None

#1123

Posted 24 October 2013 - 10:36 PM

Classes hierarchy in VC.

CPlaceable
   |
   +----CCamera
   |
   +----CParticleObject
   |
   +----CEntity
           |
           +----CBuilding
           |       |
           |       +----CTreadable
           |
           +----CDummy
           |       |
           |       +----CDummyObject
           |
           +----CPhysical
                   |
                   +----CObject
                   |       |
                   |       +----CCutsceneObject
                   |       |
                   |       +----CProjectile
                   |       |
                   |       +----CStingerSegment
                   |
                   +----CPed
                   |       |
                   |       +----CCivilianPed
                   |       |
                   |       +----CCopPed
                   |       |
                   |       +----CEmergencyPed
                   |       |
                   |       +----CPlayerPed
                   |
                   +----CVehicle
                           |
                           +----CAutomobile
                           |
                           +----CBike
                           |
                           +----CBoat
                           |
                           +----CTrain
                           |
                           +----CHeli
                           |
                           +----CPlane
  • Silent likes this

xanser
  • xanser

    Player Hater

  • Members
  • Joined: 12 Sep 2006
  • None

#1124

Posted 28 December 2013 - 04:04 AM

QUOTE Is there maybe something related to firing offest point of the tank's barrell?
Thanks to remind, I'll check it soon

 

 

0x5864F4 (float) - cannon offset from centre (use windscreen_dummy value, default is -1.394)
0x586518 (float) - fire offset from centre (use barrel_dummy value, default is 2.95)
0x586523 (float) - height of fire (default is 2.97)


sharpie_eastern
  • sharpie_eastern

    Hmm, four in bed? That's a kick I haven't tried yet

  • Members
  • Joined: 25 Oct 2008
  • United-States

#1125

Posted 30 December 2013 - 08:53 AM Edited by sharpie_eastern, 31 December 2013 - 12:28 AM.

Does anyone know the BF Inject memory address? I've found a few but they don't work for VC, I can't tell if they're for III or not. Does anyone have any vehicle memory addresses in general to give?


_DK
  • _DK

    gta3 cleo

  • Feroci Racing
  • Joined: 12 Apr 2009
  • None

#1126

Posted 01 January 2014 - 05:18 AM

What do you actually want? Model data (CVehicleModelInfo) address or what?

sharpie_eastern
  • sharpie_eastern

    Hmm, four in bed? That's a kick I haven't tried yet

  • Members
  • Joined: 25 Oct 2008
  • United-States

#1127

Posted 02 January 2014 - 10:36 PM Edited by sharpie_eastern, 02 January 2014 - 10:39 PM.

What do you actually want? Model data (CVehicleModelInfo) address or what?

I could make a list?
Changing car hardcoded type (Not related to the default.ide)
Changing car hardcoded door sound
Stinger hardcoded attributes
Linerun's hardcoded attributes

Firetruk hardcoded attributes
Ambulan hardcoded attributes

FBI Car hardcoded attributes

Taxi hardcoded attributes

Mrwhoop hardcoded attributes

BFInject hardcoded attributes

Police hardcoded attributes
Enforcer hardcoded attributes

Banshee hardcoded attributes

Bus hardcoded attributes
Rhino hardcoded attributes
Barracks hardcoded attributes

Dodo hardcoded attributes
Coach hardcoded attributes

Cabbie hardcoded attributes
Hunter hardcoded attributes
Caddy hardcoded attributes
Polmav hardcoded attributes
 


TommyCJFaann
  • TommyCJFaann

    Posterised.

  • Members
  • Joined: 08 Dec 2013
  • India

#1128

Posted 05 January 2014 - 11:58 AM

Is there any addresses for Radar ring position?


Aleph-Zero
  • Aleph-Zero

    ...

  • Members
  • Joined: 11 Jan 2014
  • None

#1129

Posted 11 January 2014 - 10:04 PM Edited by Aleph-Zero, 11 January 2014 - 10:07 PM.

All offsets posted here are only tested for GTAVC 1.0

[PlayerBase]

        +0x528(4byte) = Pointer for Entity being touched by player. (CVehicle, CPed)

        +0x594(1byte) = Number of Peds loaded. 10 seems to be the limit.

 

 

I'll edit this post once i get more stuff that is not on the wiki.


HackMan128
  • HackMan128

    alovelyday

  • Members
  • Joined: 09 Jul 2006
  • None
  • Best Map 2013 "ViceCityStories PC Edition"

#1130

Posted 15 January 2014 - 04:43 PM

Anyone know how to determine that game is rendering or not?

Because when user is in menu, then game stops (freeze), the same reaction is in splashscreens.


_DK
  • _DK

    gta3 cleo

  • Feroci Racing
  • Joined: 12 Apr 2009
  • None

#1131

Posted 15 January 2014 - 09:45 PM Edited by _DK, 15 January 2014 - 09:55 PM.

You've already answered for your question.
You need to check if menu is activated and camera fading status.
kxjz.png
Offsets for VC 1.0
0x869630 CMenuManager FrontEndMenuManager
  +0x38 m_bMenuActive

0x46F737 signed int __thiscall CCamera::GetScreenFadeStatus(CCamera *this)
0x7E4688 CCamera TheCamera
If you want to execute your code only when rendering is goes, you can simply inject your code there. For example
CPatch::RedirectCall(0x4A604A, MyDrawing); // the place where RenderScene() is called

void MyDrawing()
{
    // call RenderScene()
    CALLVOID(0x4A6570);
    // draw your own stuff, notice that's the place where you can draw 3d stuff. 2d stuff like HUD is drawn in another place.

}
  • HackMan128 likes this

TommyCJFaann
  • TommyCJFaann

    Posterised.

  • Members
  • Joined: 08 Dec 2013
  • India

#1132

Posted 16 January 2014 - 01:00 PM

Hey _DK,

 

Any addresses for Radar map position?


HackMan128
  • HackMan128

    alovelyday

  • Members
  • Joined: 09 Jul 2006
  • None
  • Best Map 2013 "ViceCityStories PC Edition"

#1133

Posted 23 January 2014 - 12:45 PM Edited by HackMan128, 23 January 2014 - 01:08 PM.

@UP

I think there was something related to radar.

Check these posts:

Posted by: JernejL Tuesday, Jul 20 2004, 21:38

Posted by: Cowpat Tuesday, Jul 27 2004, 21:56

Posted by: TwoZero Sunday, Oct 10 2004, 14:58

Begin at page 9

Anyone can check this address? VC 1.0

0xA10B2C //boolean probably Is Replay is playing

Probably it's related to Replay, but I'm afraid about stability of this Address.


_DK
  • _DK

    gta3 cleo

  • Feroci Racing
  • Joined: 12 Apr 2009
  • None

#1134

Posted 23 January 2014 - 08:07 PM

0xA10B2C     ; CReplay::bDoLoadSceneWhenDone

If you looking for replay status, here you go

0xA10AF6     ; CReplay::Mode
  • HackMan128 likes this

HackMan128
  • HackMan128

    alovelyday

  • Members
  • Joined: 09 Jul 2006
  • None
  • Best Map 2013 "ViceCityStories PC Edition"

#1135

Posted 29 January 2014 - 04:39 PM Edited by HackMan128, 29 January 2014 - 05:16 PM.

Another question. Is possible to get fade background color status?

I think that background fade 016A is always visible, but it is changing it's alpha channel, when it's fade in, it's increment, if fade out, decrement value of alpha channel.

 

//EDIT

Thanks


_DK
  • _DK

    gta3 cleo

  • Feroci Racing
  • Joined: 12 Apr 2009
  • None

#1136

Posted 29 January 2014 - 04:54 PM Edited by _DK, 29 January 2014 - 04:56 PM.

Here you go
0x7E4688 CCamera TheCamera
 +0x910 m_fFadeValue // float 0.0 - 255.0
Also is stores here.
0xA10B16 CDraw::FadeValue // unsigned char 0 - 255
  • HackMan128 likes this

xanser
  • xanser

    Player Hater

  • Members
  • Joined: 12 Sep 2006
  • None

#1137

Posted 15 February 2014 - 02:35 PM

Anyone know how to determine that game is rendering or not?

Because when user is in menu, then game stops (freeze), the same reaction is in splashscreens.

 

0xA10B36 PauseRender

  • HackMan128 likes this

MAJEST1C_R3
  • MAJEST1C_R3

    Goodfella

  • Members
  • Joined: 21 Oct 2011
  • Russia

#1138

Posted 20 February 2014 - 12:28 PM

I have question about LCS and VCS (both PS2 and PSP) hacking. Can someone check how can be increased byte size limits for LVZ files (WorldStream)? Without it this is no way to change game textures to high-res ones (you can change texture to high-res only if change another to low res) . This problem also with manhunt 2 PS2 and PSP


TommyCJFaann
  • TommyCJFaann

    Posterised.

  • Members
  • Joined: 08 Dec 2013
  • India

#1139

Posted 28 February 2014 - 02:08 PM

Hello Guys...

 

Could anybody find resolution addresses?

 

For:

 

640x480

1024x768

1280x720

1366x768


HackMan128
  • HackMan128

    alovelyday

  • Members
  • Joined: 09 Jul 2006
  • None
  • Best Map 2013 "ViceCityStories PC Edition"

#1140

Posted 19 March 2014 - 07:52 PM Edited by HackMan128, 19 March 2014 - 08:52 PM.

Anyone know address of "earthquaqe" when the greenade explodes?

//EDIT: Shake camera opcode :)





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users