Quantcast
Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
    1. Welcome to GTAForums!

    1. Red Dead Redemption 2

      1. PC
      2. Gameplay
      3. Missions
      4. Help & Support
    2. Red Dead Online

      1. Gameplay
      2. Find Lobbies & Outlaws
      3. Help & Support
      4. Frontier Pursuits
    1. Crews & Posses

      1. Recruitment
    2. Events

    1. GTA Online

      1. Diamond Casino & Resort
      2. DLC
      3. Find Lobbies & Players
      4. Guides & Strategies
      5. Vehicles
      6. Content Creator
      7. Help & Support
    2. Grand Theft Auto Series

    3. GTA 6

    4. GTA V

      1. PC
      2. Guides & Strategies
      3. Help & Support
    5. GTA IV

      1. Episodes from Liberty City
      2. Multiplayer
      3. Guides & Strategies
      4. Help & Support
      5. GTA IV Mods
    6. GTA Chinatown Wars

    7. GTA Vice City Stories

    8. GTA Liberty City Stories

    9. GTA San Andreas

      1. Guides & Strategies
      2. Help & Support
      3. GTA SA Mods
    10. GTA Vice City

      1. Guides & Strategies
      2. Help & Support
      3. GTA VC Mods
    11. GTA III

      1. Guides & Strategies
      2. Help & Support
      3. GTA III Mods
    12. Top Down Games

      1. GTA Advance
      2. GTA 2
      3. GTA
    13. Wiki

      1. Merchandising
    1. GTA Modding

      1. GTA V
      2. GTA IV
      3. GTA III, VC & SA
      4. Tutorials
    2. Mod Showroom

      1. Scripts & Plugins
      2. Maps
      3. Total Conversions
      4. Vehicles
      5. Textures
      6. Characters
      7. Tools
      8. Other
      9. Workshop
    3. Featured Mods

      1. DYOM
      2. OpenIV
      3. GTA: Underground
      4. GTA: Liberty City
      5. GTA: State of Liberty
    1. Red Dead Redemption

    2. Rockstar Games

    1. Off-Topic

      1. General Chat
      2. Gaming
      3. Technology
      4. Programming
      5. Movies & TV
      6. Music
      7. Sports
      8. Vehicles
    2. Expression

      1. Graphics / Visual Arts
      2. GFX Requests & Tutorials
      3. Writers' Discussion
      4. Debates & Discussion
    1. News

    2. Forum Support

    3. Site Suggestions

JernejL

Documenting GTA3/VC memory addresses

Recommended Posts

JernejL

 

Well, Someones cranky...

 

w00t go delfi open up a can of whoopass on someone who just wants help... way to go. This kind of stuff isn't exactly easy for everyone to grasp the concept of you know...

 

-Jax

but i am telling him for last 2-3 pages that pointers are 4-byte types, and he still uses one-byte and complains that it doesn't work.

 

Share this post


Link to post
Share on other sites
random_download

Sorry, I'm such an idiot, I thought that if:

 

ReadProcessMemory(hProc, Ptr($7E4B8C), @Buffer, Size, nbr);

 

Size was 4, then it would read 4 bytes. I realise now that I have to set Buffer to be a longword type. Thanks, it works now.

Share this post


Link to post
Share on other sites
Cowpat

a few more addresses. some effects posted before but at different addresses. shout up if any have been published before.

 

6844987 1byte to 00; all ped cars spawned as accidents

 

6847622 1byte to 00; no peds or vehicles. buses + parked vehicles exist

 

6860334 1 or 2byte; camera distance from player on foot. set first byte to values lower than 80. set 2byte to 0000 to sit camera atop player's head.

 

6860394 2byte; to 0000 rotates camera thru 90 degrees in image plane. to 00DF to rotate 180*. smaller rotations with smaller changes. angle changes as player vehicle turns tight corners.

 

6860410 2byte to 0000; kerrrazy camera in vehicle.

 

6860442 2byte; serious pop-up.

 

6860482 2byte; draw distance thing.

 

6860491 1byte to 00; no vehicles, peds spawned at maximum distance.

 

6860819 1byte to 7F; on foot, rotate camera up and over Player's head and a primitive first person view is obtained. shoot revolver in this view.

 

6878683 1byte to 00; touched vehicles sink to ground.

 

6901426 no peds, only vehicles.

2byte to 0000

 

6901438 1byte to 00; peds spawned only behind camera.

6901439 1byte to 00; no peds.

 

6916751 1byte to FF/00; all peds, vehicles, etc are black

Edited by Cowpat

Share this post


Link to post
Share on other sites
JernejL
Sorry, I'm such an idiot, I thought that if:

 

ReadProcessMemory(hProc, Ptr($7E4B8C), @Buffer, Size, nbr);

 

Size was 4, then it would read 4 bytes. I realise now that I have to set Buffer to be a longword type. Thanks, it works now.

ofcourse it reads 4 bytes but into what memory? it probably reads alingment padding to 4 bytes of the 1-byte type, but if data alingment would be off in delphi it could read over anything..

 

cowpat: i gotta try those that operate the camera.. sounds nice but probably nothing beats vc camhack..

 

 

Share this post


Link to post
Share on other sites
random_download

OK, I think that this is the ammo that is loaded for the magnum (and mabye the colt 45 too):

 

Player pointer + 458 (hex) or

Player pointer + 1112 (decimal)

 

VC v1.0.

Share this post


Link to post
Share on other sites
Cowpat

 

cowpat: i gotta try those that operate the camera.. sounds nice but probably nothing beats vc camhack..

no, you're right, they won't hold a candle to vc camera hack.....speaking of which, one thing I noticed when looking at the player pointer block was that from about byte 6 or 8 there are two blocks of eight bytes which I think may change with camera rotation. the two blocks are mirror images of each other - except for one or two bytes. this is suggestive of rotation about a point.

 

may just be wishful thinking though.

Edited by Cowpat

Share this post


Link to post
Share on other sites
JernejL
OK, I think that this is the ammo that is loaded for the magnum (and mabye the colt 45 too):

 

Player pointer + 458 (hex) or

Player pointer + 1112 (decimal)

 

VC v1.0.

stretchnutter posted a lot better method for dealing with weapons and ammo, here is now i use it for dev-console command that reloads your selected gun to max ammo:

 

 

varweapon_index: byte;ammo: integer;begin// read indextrainer.readProcess(blockpointer(ped) + 1284, weapon_index, 1);trainer.readProcess(blockpointer(ped) + 1032 + weapon_index * 24, ammo, 4);ammo:= 10500; // max - for minigun that wears 500 bullets in clip.trainer.writeProcess(blockpointer(ped) + 1032 + weapon_index * 24 + 12, ammo, 4);

 

 

Share this post


Link to post
Share on other sites
JernejL

the active pointers stuff that stretchnutter or someone else (can't remember right now)

starts at #7927340 and they are:

 

150 * 40 bytes records, first dword number is pointer to object, you can manipulate

them all, planes are in the list too.

Edited by Delfi

Share this post


Link to post
Share on other sites
DexX
the active pointers stuff that stretchnutter or someone else (can't remember right now)

starts at #7927340 and they are:

 

150 * 40 bytes records, first dword number is pointer to object, you can manipulate

them all, planes are in the list too.

Im gonna look into this. but manipulate them.....how? the only object attributes are position, rotation and scale arent they? or a lighting effect? damage? what kind of objects are we talking about?

Share this post


Link to post
Share on other sites
JernejL
the active pointers stuff that stretchnutter or someone else (can't remember right now)

starts at #7927340 and they are:

 

150 * 40 bytes records, first dword number is pointer to object, you can manipulate

them all, planes are in the list too.

Im gonna look into this. but manipulate them.....how? the only object attributes are position, rotation and scale arent they? or a lighting effect? damage? what kind of objects are we talking about?

eerm.. that 250 pointers contain references only to:

 

- all pedesterians nearby

- all cars in the world

- planes and probably helicopters too

- the player actor

 

the map objects and lights are stored differently, no idea about them.

 

Share this post


Link to post
Share on other sites
ThuGie

Hi i'm new to game hacking so i just have to ask how do i send

9670696 > text

8207936 > text

to the game in visual basic confused.gif i tryed but is it the value or address and what sould i put on value if it is address or wat sould i put on address if it is the value plz help sad.gif

Share this post


Link to post
Share on other sites
ThE_cHeEsE

1st of all those addresses are in decimal u want them in hexadecimal here's the addresses in hexadecimal

 

9670696 > text = hex: 939028 > text

8207936 > text = hex: 7D3E40 > text

 

How new r u to vb because if ure quite new maybe u shouldnt be doing this kinda coding first.

Edited by ThE_cHeEsE

Share this post


Link to post
Share on other sites
James Caldwell

i tryed but is it the value or address and what sould i put on value if it is address or wat sould i put on address if it is the value plz help

Almost done in my brain when trying to understand that tounge.gif

 

0 - 9 = $30 - $39

A - Z = $41 - $5A

a - z = $63 - $7C

Share this post


Link to post
Share on other sites
ThuGie

i'm not new to vb just new to vb memory hacking tounge.gif

i know vb just fine smile.gif

 

[edit]

uhm sorry but i'm like 100% new to memory hacking tounge.gif

i only know that i need this

Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long

 

WriteProcessMemory "somting", address, Value, 1, 0&

so could you give me a full example :$ thnx

 

and sorry for my bad english tounge.gif.

[/edit]

Edited by ThuGie

Share this post


Link to post
Share on other sites
ThE_cHeEsE

In Game text there u go:

 

   Dim bString() As Byte   Dim dwMaxLen As Long: dwMaxLen = 200   Dim GTAText As String   Dim l As Long   GTAText = "Hello World!" & Chr(0)   bString = GTAText   ReDim Preserve bString(dwMaxLen - 1)   For l = LBound(bString) To UBound(bString)   WriteProcessMemory pHandle, &H939028 + l, bString(l), 1, 0   Next l

 

 

O u also need to get gtavc's handle, hwnd & pId just put this in a module:

 

 

Public hwnd As LongPublic pId As LongPublic pHandle As LongPublic Function InitGame() As Boolean   '//FIND GAME HWND   hwnd = findwindow(vbNullString, "GTA: Vice City")          If (hwnd = 0) Then           InitGame = False           Exit Function       End If          '//GET PROCESS ID   GetWindowThreadProcessId hwnd, pId   '//GET PROCESS HANDLE   pHandle = OpenProcess(PROCESS_ALL_ACCESS, 0, pId)          If (pHandle = 0) Then           InitGame = False           Exit Function       End If          '//RETURN TRUE   InitGame = TrueEnd Function

 

 

Just like to say the above code which is a module is smithers' but i think he said its okay 4 me 2 use it.

Edited by ThE_cHeEsE

Share this post


Link to post
Share on other sites
ThuGie

thnx this is helping me alot i'm gone test it right now smile.gif.

[edit]

stuck again tounge.gif

it are things like this

68f5f0 - Gravity (Float)

i want to set it to a 2 but just crash i tryed divernt ways but still noting or just back screen :S

and i see alot of codes but witout a value wat sould i put there :S

thnx again smile.gif

[/edit]

 

Edited by ThuGie

Share this post


Link to post
Share on other sites
random_download

A float or a floating-point, real value etc. are numbers with decimal points, eg. 1.084367. If you set it to an integer such as 2 it will not work.

I don't use Vb, but it looks like you should change this bit

Dim GTAText As String

To

Dim GTAText As Float

Then store a float in the variable instead of a string or integer.

Edited by random_download

Share this post


Link to post
Share on other sites
ThuGie

Can i be that float is in vb long ?

Share this post


Link to post
Share on other sites
JernejL

omg!! vb invasion!! *runs*

 

'single' means a IEEE 32-byte floating point number = 4 bytes floating point number, look at your VB manual.

 

Share this post


Link to post
Share on other sites
DexX

Delfi, your tool has some invaluable pointer tools in it. Using your "car pointers" (vars / entities) ive gotten some information out of them.

 

first 4 bytes of the block the address is pointing too, looks like its the pointer type:

cop - e4 1c 69 00

ped - ac 1b 69 00

jumbo jet - f8 c3 69 00

boat - b4 b0 69 00

car / empty path node? - dc 85 68 00

car - 90 ad 69 00

bike - 34 7b 6d 00

heli - *knew i forgot something!* nervous.gif

 

i dunno how much, if any of that pointer stuff is covered in here, i took a quick look and didnt see much of anything. otherwise, i have a ton of stuff on it now, once i figure out how the hell to post it.

 

some requests i have for your Developers console would be to 1, have your pointers display the data type, as i just posted (car, bike, etc) 2, make the pointer address copy / paste-able (i have to re-type it in my memory editor), and 3, display the current co-ordinates of the object too, so i don't warp halfway across the city by accident, and lose the object im looking for.

Share this post


Link to post
Share on other sites
JernejL

 

Delfi, your tool has some invaluable pointer tools in it. Using your "car pointers" (vars / entities) ive gotten some information out of them.

 

first 4 bytes of the block the address is pointing too, looks like its the pointer type:

cop - e4 1c 69 00

ped - ac 1b 69 00

jumbo jet - f8 c3 69 00

boat - b4 b0 69 00

car  / empty path node? - dc 85 68 00

car  - 90 ad 69 00

bike - 34 7b 6d 00

heli - *knew i forgot something!* nervous.gif

 

i dunno how much, if any of that pointer stuff is covered in here, i took a quick look and didnt see much of anything. otherwise, i have a ton of stuff on it now, once i figure out how the hell to post it.

 

some requests i have for your Developers console would be to 1, have your pointers display the data type, as i just posted (car, bike, etc) 2, make the pointer address copy / paste-able (i have to re-type it in my memory editor), and 3, display the current co-ordinates of the object too, so i don't warp halfway across the city by accident, and lose the object im looking for.

yeah the first is pointer, but which bytes are those that must match to identify entity type?

i'll add the identifiying pointer stuff to dev-console when i know how to.

 

also, anyone knows what the first entry is for??

 

btw, the empty car nodes are probably destroyed cars by the game and reconstruct to another car later..

Share this post


Link to post
Share on other sites
DexX

Right, here's how i got what im talking about. For example right now in my dev console (by delfi), i have "Car 15 Pointer: 190588228", 190588228 in hex is B5C2544. So i go to that address in memory. The first 4 bytes of info @ B5C2544, are 90 AD 69 00. EVERY car in traffic has this, b4 b0 69 00 for a ped, etc etc. they're listed as the first thing, it only makes sense that its some sort of identifier.

 

So using that as a guide, here's what else ive found. along with the pointer info, ill post my current address, so its easier to understand.

Car pointer + 0 bytes (b5c2544- identifier

Car pointer + 68 bytes (b5c2588) - dword - not sure what exactly its function is. but if you make it all zero, the collision and lighting are detached from the DFF clump. you can drive the car and shadow, without the model moving..

Car pointer + 76 bytes (b5c2590) - 8 bytes long - car / ped, animation / moving / action state? examples listed at the *

 

Car pointer + 280 bytes (b5c265e) - car gravity / mass? change it to 0 and watch your vehicle or ped float away! JUST THAT ped / car!

 

*vehicle action states*

bike wheelie - 08 ee 71 01 - 02 c1 0c 00

bike lean toward ground (turn) - 48 e9 7101 - 02 c9 0c 00

bike in air (after a jump) - 48 e9 71 01 - 02 c1 04 00

bike still /parked - 48 e9 7101 - 02 c1 0c 00

jumbo jet flying (big white planes) - 18 e1 71 01 - 22 40 44 00

car driving normal - 18 e4 71 01 - 1a c1 0c 00

car driving fast (psycho) - 18 e2 71 01 - 1a c1 0c 00

"scared away" driving (when shot at) - 58 e4 71 01 - 22 c1 0c 00

car accident cars (with dead peds in front of them) - 98 ee 71 01 - 22 c1 0c 00

 

you can try swapping them around if you dare, but i think im missing part of it. the only actions i could successfully swap out EACH and EVERY time, without the game crashing, is the bike. I can be driving or pull a wheelie, and change the action state to airborne, in which case you lose all control over the bike until it "lands" (hits something).

I also have a similar list for ped actions, but not enough time to type them up. There is serious potential for anarchy here though, say your being chased by the army and OOPS! the tanks dont have any gravity anymore! ahahaha..

personally, im gonna try and get the gang / police barricade actions, then you could have some real interesting setups..

Share this post


Link to post
Share on other sites
Cowpat

 

Car pointer + 68 bytes (b5c2588) - dword - not sure what exactly its function is. but if you make it all zero, the collision and lighting are detached from the DFF clump. you can drive the car and shadow, without the model moving...

brilliant stuff. i'd discovered the car and shadow thing at the weekend as well as the pointer to the present/last vehicle - but this is christmas come early.

 

w00t!

 

Edit:"Car pointer + 68 bytes (b5c2588) - dword - not sure what exactly its function is" - the same can be found at Player ptr + 70, where the player dff is detached.

Edited by Cowpat

Share this post


Link to post
Share on other sites
HippieCommunist

hey you geniuses!!! you can do all that, but how bout changing the draw distance of the spawn of Peds\Cars so that they wont disappear unless they are relly close.?

 

that would be great....

 

sick of everything disappearing around me.... confused.gif

 

anyone?

Share this post


Link to post
Share on other sites
Kryptos

The problem which you are speaking of, which isn't a problem whatsoever, is Vice City's site obscurity. Anything that is not within the player's line of site is not loaded to maintain faster gameplay as well as lower poly counts, loading everything within a certain area of the player is inefficient for obvious reasons. That is why objects that were originally behind you will disappear if you turn for a moment and then glance back. Draw distances are how far into the distance objects are loaded. And I don't believe coming into this topic with a sarcastic attitude will help you.

 

Ciao,

Kryptos

Share this post


Link to post
Share on other sites
JernejL

seems like very productive day today, here is my list:

 

i reverse engineered the gta vc ultimate cheater tire

modifier a bit, to this level so you could enter any

number for wheel radius so you could directly preview

wheel size and test them to get optimal size, but it

seems i hit something even better, the whole car ide data..

btw, above this data it is also weapon data for

default.ide and above that there is object.dat stuff,

look there yourself.

 

ide entries for cars it start at 7678606, there you should see a uint16 - landstalker's car ID 105

*newer info: the number seems to be alaways 105 for all cars.. WTF??

 

i'll make a better picture

 

car's data offset is: 7678606 + (car_ide - 105) * 375 //note that first car - landstal is car #0 so it needs -105

 

- car dff/txd name, null terminated, it is VIERD that it only specifies DFF model, NO txd that is specified in default.ide disk file

- it is interesting that the data for dummies is moved from dff files here

 

+64 tire stuff

+72 - word - level

 

+2 - 22 bytes - car dff/txd name, null terminated

+48 - 14 bytes GXT entry

+62 - single - wheel radius

+72 - word - level

 

+78- front left light XYZ vertex (right light is mirrored)

+90 - rear left light, same rule apply as for front

+102 - ped_frontseat dummy

+114 - ped_backseat dummy

following this data there must be other dummies, including wheels.

 

basicly, now i can add knight rider light option for dev-console LMAO!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!11

 

i am also disassembling the exe a bit, i found very unusual proc at

00401000 which is yet another debug output routine but even more complex

i'll hook up this one late with vcdbg too.

 

Share this post


Link to post
Share on other sites
HippieCommunist

 

The problem which you are speaking of, which isn't a problem whatsoever, is Vice City's site obscurity. Anything that is not within the player's line of site is not loaded to maintain faster gameplay as well as lower poly counts, loading everything within a certain area of the player is inefficient for obvious reasons. That is why objects that were originally behind you will disappear if you turn for a moment and then glance back. Draw distances are how far into the distance objects are loaded. And I don't believe coming into this topic with a sarcastic attitude will help you.

 

Ciao,

    Kryptos

"Wachu' talkin' bout' Kryptos?!?"

 

biggrin.gif

 

i wasnt sarcastic... im really serius, i think its great thing your achived there, i was just hoping that all the stuff you can do can allow you to make me play Vice again, but this line of sight thing is quiet low for me, no sarcasm here i sweer music.gif

 

i love hacking inlove.gif

 

HEX rules! sigh.gif

Share this post


Link to post
Share on other sites
HippieCommunist

oh and another thing, i think its stupid that the game loads everything again and again depending on where your looking, i think it would be wiser if the gamme load them once just not alot of PEDS\CARS, that way you have more FPS and real gameplay expirience

 

to be frank i honestly dont understand why it dosnt bother anyone? i mean even R* mentioned San Andreas would spawn objects six time further than vice coz of public complains...

 

rahkstar2.gif

 

good guys may i say... rolleyes.gif

Share this post


Link to post
Share on other sites
JernejL

 

i was just hoping that all the stuff you can do can allow you to make me play Vice again, but this line of sight thing is quiet low for me, no sarcasm here i sweer  music.gif

so basicly only thing that will make you play gtavc again is to have people all over the city..??

 

well do it yourself, you like hacking, right? or install gta:lc or even better - myrad islands or some other city mod..

 

HC, don't double post, edit old post instead,

we are perfectly happy with ped spawning range in gtavc,

i don't need the peds to spawn kilometers around me, i rather have a good gameplay on P2 500.

 

loading all at once? ARE YOU STUPID?? the game is 850 MB and that is WITHOUT audio

and when game processes the stuff it expands to gigabytes, there is 400mb of ram for

windows, not to mention graphical card .. you would need 3GB of ram for that to work

and 100 silicon graphics cpu's in a workstation frame for it to work and you would need

to rewrite windows to work on SGI cpu's.

 

GO BUY YORSELF A PS2 or XBOX

 

and one thing: we are not offical gta-vc coders or anything, we just hack for fun

and to break some hard coded stuff of gtavc that is actualy useful. we don't have

to do this, and if we don't want to do this do it yourself.

 

go play half-life..

 

Share this post


Link to post
Share on other sites
HippieCommunist

wow.gif

 

i never said load everything at once, i ment expand the radius of spawning around you... its probably a value that you change, save and publish for ppl with GOOD pc's (kinna like in mafia)(and what Half Life got to do with anything?!)

 

talk bout' hostile enviermrnt sad.gif

 

you people are not nice... dontgetit.gif i was only asking for help, believe me if i could improve anything, i wouldnt ask some non-social computer freak...

 

genius non-social computer freak...

 

you probably american or something, so damn violent...

 

i wouldnt bother you majesty again. sly.gif

 

btw

Xbox and Ps2? confused.gif

 

me thinks not....

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • 2 Users Currently Viewing
    0 members, 0 Anonymous, 2 Guests

×
×
  • Create New...

Important Information

By using GTAForums.com, you agree to our Terms of Use and Privacy Policy.