Quantcast
Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
    1. Welcome to GTAForums!

    1. Red Dead Redemption 2

      1. PC
      2. Gameplay
      3. Missions
      4. Help & Support
    2. Red Dead Online

      1. Gameplay
      2. Find Lobbies & Outlaws
      3. Help & Support
    1. Crews & Posses

      1. Recruitment
    2. Events

    1. GTA Online

      1. Diamond Casino & Resort
      2. DLC
      3. Find Lobbies & Players
      4. Guides & Strategies
      5. Vehicles
      6. Content Creator
      7. Help & Support
    2. Grand Theft Auto Series

    3. GTA 6

    4. GTA V

      1. PC
      2. Guides & Strategies
      3. Help & Support
    5. GTA IV

      1. Episodes from Liberty City
      2. Multiplayer
      3. Guides & Strategies
      4. Help & Support
      5. GTA Mods
    6. GTA Chinatown Wars

    7. GTA Vice City Stories

    8. GTA Liberty City Stories

    9. GTA San Andreas

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    10. GTA Vice City

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    11. GTA III

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    12. Top Down Games

      1. GTA Advance
      2. GTA 2
      3. GTA
    13. Wiki

      1. Merchandising
    1. GTA Modding

      1. GTA V
      2. GTA IV
      3. GTA III, VC & SA
      4. Tutorials
    2. Mod Showroom

      1. Scripts & Plugins
      2. Maps
      3. Total Conversions
      4. Vehicles
      5. Textures
      6. Characters
      7. Tools
      8. Other
      9. Workshop
    3. Featured Mods

      1. DYOM
      2. OpenIV
      3. GTA: Underground
      4. GTA: Liberty City
      5. GTA: State of Liberty
    1. Red Dead Redemption

    2. Rockstar Games

    1. Off-Topic

      1. General Chat
      2. Gaming
      3. Technology
      4. Programming
      5. Movies & TV
      6. Music
      7. Sports
      8. Vehicles
    2. Expression

      1. Graphics / Visual Arts
      2. GFX Requests & Tutorials
      3. Writers' Discussion
      4. Debates & Discussion
    1. News

    2. Forum Support

    3. Site Suggestions

JernejL

Documenting GTA3/VC memory addresses

Recommended Posts

Stretchnutter

thats not where the block starts.... what you get is another pointer to the exact block.

 

EDIT: and make sure you are in a car to begin with.

Edited by Stretchnutter

Share this post


Link to post
Share on other sites
James Caldwell

Well I have tried and tried and tried... but your handling block doesn't work with me. You get the car mass from "Car Pointer + $124" but I don't seem to get it from there, I get it from "Car Pointer + $B8".

 

Here is what I get from your block:

 

user posted image

 

Try this, download my GTA:LC Trainer, and tell me if the "Car Mass" in the "Car Stats" page works with you.

Share this post


Link to post
Share on other sites
Stretchnutter

ahem.. you have it set for 2 bytes... its suppose to be 4 bytes and it gives you a pointer which you can view with the hex editor in tsearch..

 

 

it seems they are constant anyway... all the cars handling blocks are lined up one after another.

 

 

0x978f48 for example is the start of a handling block **

they are 218 bytes per car

 

 

heres a snippet how i would load mass into a variable

 

pOffset = GetLong(&H7E49C0)curHandle.h_Mass = GetFloat(GetLong(pOffset + &H120) + &H4)

 

 

Also I forgot to mention that the special handling data for boats/helis/bikes have been documented 100% aswell...

 

Also the weapons can be edited at runtime too (firing rate, damage, etc.)

 

I've documented everything with lithjoes memory editor. Its all in one simple file... buyt he hasn't released the tool for public yet sad.gif

Edited by Stretchnutter

Share this post


Link to post
Share on other sites
JernejL
ahem.. you have it set for 2 bytes... its suppose to be 4 bytes and it gives you a pointer which you can view with the hex editor in tsearch..

 

 

it seems they are constant anyway... all the cars handling blocks are lined up one after another.

 

 

0x978f48 for example is the start of a handling block **

they are 218 bytes per car

 

 

heres a snippet how i would load mass into a variable

 

pOffset = GetLong(&H7E49C0)curHandle.h_Mass = GetFloat(GetLong(pOffset + &H120) + &H4)

 

 

Also I forgot to mention that the special handling data for boats/helis/bikes have been documented 100% aswell...

 

Also the weapons can be edited at runtime too (firing rate, damage, etc.)

 

I've documented everything with lithjoes memory editor. Its all in one simple file... buyt he hasn't released the tool for public yet sad.gif

add my default.ide data blocks editor, i am too lame to make real editor for them.

 

Share this post


Link to post
Share on other sites
oetlul

 

I've documented everything with lithjoes memory editor. Its all in one simple file... buyt he hasn't released the tool for public yet

 

If you want to, I'd like to have the file, I also have MSE (memory structure explorer). I'm finally understanding the basics of mem-hacking, thanks to lithjoe's tool smile.gif

Edited by oetlul

Share this post


Link to post
Share on other sites
random_download

How do I use UNICODE with Delphi? I think that the variable type is WideChar and WideString, but doing something like:

varabc: WideString;beginabc:= 'text';end;

 

Just crashes Vice City when I write abc to the address $939028 (9670696) sad.gif The only way I can write successfully is to use Artmoney, put the text I want into any address in Unicode format, then change the type to 8-byte integer so it converts it for me. Then I can write that integer value using Int64, but it only allows 4 characters to be written sad.gif

Edited by random_download

Share this post


Link to post
Share on other sites
James Caldwell

random already found this code, but he couldn't get it to work, he used "@text" when he should have used "pointer(text)"

 

 

function TTrainerMain.StringToWideString(const s: AnsiString; codePage: Word): WideString;var l: integer;beginif s = '' thenResult := ''elsebeginl := MultiByteToWideChar(codePage, MB_PRECOMPOSED, PChar(@s[1]), - 1, nil, 0);SetLength(Result, l - 1);if l > 1 thenMultiByteToWideChar(CodePage, MB_PRECOMPOSED, PChar(@s[1]),- 1, PWideChar(@Result[1]), l - 1);end;end;//exampleprocedure TTrainerMain.Button1Click(Sender: TObject);var text: widestring;begintext := StringToWideString('ModelingMan', 2);WriteProcessMemory(HandleWindow, Pointer(9670696), pointer(text), SizeOf(text) * 2, write);end;//example

 

Share this post


Link to post
Share on other sites
Hammer83

What version of Delphi do you use? In the more recent ones, most string conversions can be done by typecasting. I didn't test this, but I think it should work.

 

 

var Text: WideString;begin Text := 'ModellingMan'; WriteProcessMemory(HandleWindow, Ptr(9670696), PWideChar(Text), Length(Text) * SizeOf(WideChar), write);end;

 

Share this post


Link to post
Share on other sites
random_download

I use version 7. In this bit:

WriteProcessMemory(HandleWindow, Ptr(9670696), PWideChar(Text), Length(Text) * SizeOf(WideChar), write);

 

I was using:

WriteProcessMemory(HandleWindow, Ptr(9670696), @text, SizeOf(text), write);

It works now using pointer(text) instead of @text.

Share this post


Link to post
Share on other sites
James Caldwell

I use this:

 

procedure TTrainerMain.WMHotKey(var Msg: TWMHotKey);begin...CaptureScreen.Picture.SaveToFile(Bitmap);IngameMsg(Bitmap + ' saved');...end;procedure TTrainerMain.IngameMsg(const s:string);var text: widestring;begintext := StringToWideString(s, 2);WriteProcessMemory(HandleWindow, Pointer(9670696), pointer(text), Length(text) * 2, write);end;

 

One problem is that the text (e.g. 'screen1.bmp saved') doesn't go away until the game itself brings up text.

 

[EDIT]

 

 

outputing text on the left - up display

9670696 > text

8207936 > text

- 2 copies, so the game sees one has changed and if so then updates it to that one..

the text fades out by itself.

8207936 isn't writable, changing the value of this address will view the last shown text without any modification.

Edited by ModelingMan

Share this post


Link to post
Share on other sites
Hammer83

Problem in my code: It should be (Length(Text) + 1) * SizeOf(WideChar). Stupid null terminator.

Share this post


Link to post
Share on other sites
Specialfighter

_a

Edited by Specialfighter

Share this post


Link to post
Share on other sites
Cowpat
Does anyone know the adresses of following ingame:

 

-> Adresses of the texts of the radio station names

-> Adress which contains the currently active radio station

 

I need this because i want a costum menu for my ingame mp3 player. smile.gif

 

I need the 1.0 adresses at least.

Have found the text strings of the radio stn names once, can't remember where. A search of the exe might produce them.

 

Don't know where the addr for current station is, but I did find an address which constantly cycled the stations. Will look it up and see if it fits the bill.

Share this post


Link to post
Share on other sites
oetlul

I have a question about actors in vice city. How are they handled by the memory? Are they stored in random adresses? Is there a maximum of actors that can walk around at the same time? Or: let's say that the maximum is 64 peds at the same time, are there 64 adresses then?

 

I really have no clue, if someone could help me out here, I would appreciate it.

Share this post


Link to post
Share on other sites
grovespaz

Well, some pages back someone discovered the actor block.

 

Just check it out, page by page, im to lazy. the block was starting with an 7, i thought.. ;p

Share this post


Link to post
Share on other sites
TwoZero

I have a question about actors in vice city. How are they handled by the memory? Are they stored in random adresses? Is there a maximum of actors that can walk around at the same time? Or: let's say that the maximum is 64 peds at the same time, are there 64 adresses then?

 

I really have no clue, if someone could help me out here, I would appreciate it.

I tested out the limit and it's crashed with 139 actors when there were no peds around, so inlcuding the player the max is 140, and yes they all have a pointer.

Share this post


Link to post
Share on other sites
oetlul

Ok, so there are 139 or 140 pointers? That has to be a huge block then.

Anyone has a pointer to this block (or one of them)?

Share this post


Link to post
Share on other sites
TwoZero
Ok, so there are 139 or 140 pointers? That has to be a huge block then.

Anyone has a pointer to this block (or one of them)?

There are 139 actors pointers, if there are 139 actors, the pointers don't stay the same I think, they do stay the same if you spawn the actors with the SCM and you don't edit the scm.

I have no idea about ped pointers.

Share this post


Link to post
Share on other sites
JernejL
Ok, so there are 139 or 140 pointers? That has to be a huge block then.

Anyone has a pointer to this block (or one of them)?

see few pages back on how to get all pointers to all ped / car blocks

 

all of them are 250, where 10 are reserved.

 

Share this post


Link to post
Share on other sites
oetlul

hmm, I have the pointer to the player/car-block, so I suppose I have to look somewhere in that area to find the next 139 blocks?

I will investigate this tomorrow,because I don't have my pc available atm.

I will let you know smile.gif

Share this post


Link to post
Share on other sites
JernejL
hmm, I have the pointer to the player/car-block, so I suppose I have to look somewhere in that area to find the next 139 blocks?

I will investigate this tomorrow,because I don't have my pc available atm.

I will let you know smile.gif

and i just told you that few pages back i posted all

about array of pointers to active cars / peds ingame..

 

are you stupid or just too lame to look?

 

Share this post


Link to post
Share on other sites
DexX

i got something that will let you toy around with the light scale a bit, not much though-

all Vice 1.0 btw

0x69a723 - should be the width of light on the police car

0x69a633 - police corona?

0x69a65c - the area around the car it affects

these are all floats.

 

There's a topic floating around in Editing / Misc, to change the colors of the police lights, check ther pinned topics there to find it.

 

Not sure if i posted these for GTA3 1.1, or not, but in any case, here they are -

Ambient lighting - 5fe734

crazy weather / sky - 95cefa

enable a police chopper (to chase you) - 95cefb

disable controls - 95cf00, 95cf10 both will do it

PS2 Message? (think its dual shock controller stuff) - 95cf0a

wheels only cheat activated - 95cf30

HUD on/off - 95cf41

stop all action in the game - 95cf43

Weird / debug cam? - 95cf4b

"safely" freeze the game (can be unfrozen as well) - 95cf69

Another dual shock controller message - 95cf70

Alt (german?) gta3 logo when you pause the game - 95ced6, change to 1

Enable / disable the black cutscene bars at will - 6fad68

Fast time cheat - 95cf73

Peds with weapons cheat - 95cf2d

Improved handling cheat - 95cf1e

 

Old news now. And dammit, why do the forums keepy messing up ONLY when i post?! mad.gif

Share this post


Link to post
Share on other sites
James Caldwell

I found a pointer to a new block while searching for the wanted level address.

 

Player Pointer + 1524 = DWord Value <- this will point you to that new block.

 

Wanted Level = New Block + 32 = DWord Value.

 

(The above values are decimal)

 

I'm going to look into this new block more, I'll post updates if I find anything interesting...

Share this post


Link to post
Share on other sites
JernejL
I found a pointer to a new block while searching for the wanted level address.

 

Player Pointer + 1524 = DWord Value <- this will point you to that new block.

 

Wanted Level = New Block + 32 = DWord Value.

 

(The above values are decimal)

 

I'm going to look into this new block more, I'll post updates if I find anything interesting...

nice find, gotta check that one smile.gif

 

Share this post


Link to post
Share on other sites
Firefly2k

hi, how can i convert these codes?

example:

on the first page there is a address of the car speed:

 

821F7C

 

thats nice but, in the spedo of spooky he uses this address:

 

0x02E3

 

his speedo is coded in c++

 

i want to add the "time" address but i dont know how to "convert"

Share this post


Link to post
Share on other sites
JernejL

his speedo is using scm to get car speed.

 

Share this post


Link to post
Share on other sites
Firefly2k

erm, k how can i find the scm of the actually time?

Share this post


Link to post
Share on other sites
JernejL
how can i find the scm of the actually time?

if you can explain what that is supposed to mean i will try to help..

 

because the sentence has no sense.

 

Share this post


Link to post
Share on other sites
Firefly2k

ok wait, i want to add a digital clock into the speedo, i already did all the grafiks, but now i need the "scm address" of the time smile.gif

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • 2 Users Currently Viewing
    0 members, 0 Anonymous, 2 Guests

×
×
  • Create New...

Important Information

By using GTAForums.com, you agree to our Terms of Use and Privacy Policy.