Quantcast

Jump to content

» «
Photo

Delphi - Memory Address - GTA SA

8 replies to this topic
FernandoXLR
  • FernandoXLR

    Player Hater

  • Members
  • Joined: 24 Nov 2011
  • Brazil

#1

Posted 30 December 2013 - 07:08 PM

Hi, I'm trying to create a program to activate cheats via android while I play, the server is done in Delphi.
 
I managed to change some values ​​in the game, like money, for example, with the function:
...
WriteProcessMemory(HandleWindow, ptr(Offset), @Value, Size, card);
...
 
but I can not change the "function address" that are on this page
 
I don't know how to use the function that is at address 0x00609F50 that refers to CCheat :: SetWantedLevel
 
Can anyone help me?
 
Thanks :)

FernandoXLR
  • FernandoXLR

    Player Hater

  • Members
  • Joined: 24 Nov 2011
  • Brazil

#2

Posted 03 April 2014 - 01:49 AM

UP

 

Please, does anyone know how to do?


trip
  • trip

    ~

  • Andolini Mafia Family
  • Joined: 10 Oct 2007
  • United-States

#3

Posted 03 April 2014 - 03:17 AM

Moving this to III Era mods/Coding.  I sense better luck there.

 

Cool ass idea.  Bonus points in your direction.


LINK/2012
  • LINK/2012

    LIVIN' IN CODE

  • Feroci Racing
  • Joined: 30 Jan 2011
  • Brazil

#4

Posted 03 April 2014 - 11:22 AM

A function address is the address a function code is located at, it's not a "data" in the sense of a variable you can modify and bum.

Thought an external program, I guess you can """"call"""" the function by using CreateRemoteThread.

 

By the way, isn't this WinAPI? Are you sure it works on Android buddy?


Bad.boy!
  • Bad.boy!

    SA modder

  • Members
  • Joined: 20 Jun 2010

#5

Posted 03 April 2014 - 08:58 PM

@link He wants to activate the cheats via android whilst he is playing the game on his pc (presumably).

 

You should look better for memory addresses. Usually you need functions when things start to get complicated. Changing the wanted level is relatively easy, take a look at the CWanted pool (0xB7CD9C) it'll suit most of your needs.


_DK
  • _DK

    Call me 'The Bald Guy"

  • Members
  • Joined: 12 Apr 2009
  • Ukraine

#6

Posted 03 April 2014 - 11:40 PM Edited by _DK, 03 April 2014 - 11:58 PM.

There's no CWanted pool in any of GTA. That address is a pointer to CWanted directly.

CWorld::Players[0].m_pWanted //CWanted *

wxwc.png


FernandoXLR
  • FernandoXLR

    Player Hater

  • Members
  • Joined: 24 Nov 2011
  • Brazil

#7

Posted 04 April 2014 - 04:52 AM

A function address is the address a function code is located at, it's not a "data" in the sense of a variable you can modify and bum.

Thought an external program, I guess you can """"call"""" the function by using CreateRemoteThread.

 

By the way, isn't this WinAPI? Are you sure it works on Android buddy?

 

The problem is only between Delphi and the GTA, after I can control the functions, just need to make a connection via wifi between android and Delphi.

 

Could you show me an example of CreateRemoteThread in this situation?


LINK/2012
  • LINK/2012

    LIVIN' IN CODE

  • Feroci Racing
  • Joined: 30 Jan 2011
  • Brazil

#8

Posted 04 April 2014 - 11:14 PM

Example in C++, I'm not familiar with Delphi

 

// We need a source thread body to copy to gta_sa.exe address space and call it as a new thread
static const uint8_t RemoteThreadBody[] =   // DWORD WINAPI RemoteThreadBody(LPVOID lpCheatFunctionToCall)
{
    0x8B, 0x44, 0x24, 0x04,     // mov eax,[esp+04]
    0xFF, 0xD0,                 // call eax
    0xC2, 0x04, 0x00            // ret 0004
};
 
 
// Calls gta_sa.exe cheat function assuming hProcess is gta_sa.exe process handle and lpCheatFunctionToCall the function address at hProcess
void CallGameCheat(HANDLE hProcess, void* lpCheatFunctionToCall)
{
    // Allocates some memory at gta_sa.exe to use as our thread body
    if(void* pMemory = VirtualAllocEx(hProcess, NULL, sizeof(RemoteThreadBody), MEM_COMMIT, PAGE_EXECUTE_READWRITE))
    {
        // Copy the thread body into the newly allocated memory
        WriteProcessMemory(hProcess, pMemory, RemoteThreadBody, sizeof(RemoteThreadBody), NULL);
        
        // Spawn the thread that will make the cheat call
        if(HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, pMemory, lpCheatFunctionToCall, 0, NULL))
        {
            // Wait until the thread ends (the cheat has been aplied) and finishes the thread handle
            WaitForSingleObject(hThread, INFINITE);
            CloseHandle(hThread);
        }
        
        // Free the remote memory we previoslly allocated
        VirtualFreeEx(hProcess, pMemory, 0, MEM_RELEASE);
    }
}
 
// Usage example:
CallGameCheat(hProcess, (void*)(0x00438E90));   // CCheat::Add2Stars
 
 
//
// Special note:
// Things mayn't go very well because the game isn't thread safe, so modifying stuff from another thread is kinda of undefined behaviour
//
// Other tricks could be used, but this one is the most trivial
//

FernandoXLR
  • FernandoXLR

    Player Hater

  • Members
  • Joined: 24 Nov 2011
  • Brazil

#9

Posted 05 April 2014 - 12:47 AM

Wow, thank you very much! I don't know c++, but I'll try to learn..





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users