Quantcast
Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
    1. Welcome to GTAForums!   (93,064 visits to this link)

    2. News

    1. GTA Online

      1. Find Lobbies & Players
      2. Guides & Strategies
      3. Vehicles
      4. Content Creator
      5. Help & Support
    2. Crews

      1. Events
      2. Recruitment
    1. Grand Theft Auto Series

    2. GTA Next

    3. GTA V

      1. PC
      2. Guides & Strategies
      3. Help & Support
    4. GTA IV

      1. Episodes from Liberty City
      2. Multiplayer
      3. Guides & Strategies
      4. Help & Support
      5. GTA Mods
    5. GTA Chinatown Wars

    6. GTA Vice City Stories

    7. GTA Liberty City Stories

    8. GTA San Andreas

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    9. GTA Vice City

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    10. GTA III

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    11. Top Down Games

      1. GTA Advance
      2. GTA 2
      3. GTA
    12. Wiki

      1. Merchandising
    1. GTA Modding

      1. GTA V
      2. GTA IV
      3. GTA III, VC & SA
      4. Tutorials
    2. Mod Showroom

      1. Scripts & Plugins
      2. Maps
      3. Total Conversions
      4. Vehicles
      5. Textures
      6. Characters
      7. Tools
      8. Other
      9. Workshop
    3. Featured Mods

      1. DYOM
      2. OpenIV
      3. GTA: Underground
      4. GTA: Liberty City
      5. GTA: State of Liberty
    1. Red Dead Redemption 2

    2. Red Dead Redemption

    3. Rockstar Games

    1. Off-Topic

      1. General Chat
      2. Gaming
      3. Technology
      4. Programming
      5. Movies & TV
      6. Music
      7. Sports
      8. Vehicles
    2. Expression

      1. Graphics / Visual Arts
      2. GFX Requests & Tutorials
      3. Writers' Discussion
      4. Debates & Discussion
    1. Forum Support

    2. Site Suggestions

JernejL

Documenting GTA-SA memory addresses

Recommended Posts

J-Fox.GEMM

Hi guys thx for the actor pointer...

 

My issues in SA:

 

- Actor isn't moving smooth but he is synced 1 ms looped

- I can just copy the position

- Gravity settings will not work

- No of ur posted anim adresses works :: just zeros confused.gif

- Found out the difference between UK and other EU file: The text files will be loaded in a different order

- Can't set Actor pos. while he is in car sarcasm.gif

- Damn forgot the other issues sneaky2.gif

 

ph34r.gif Fox

 

 

Share this post


Link to post
Share on other sites
jacob.

 

- Actor isn't moving smooth but he is synced 1 ms looped

Is it synced locally or remotely? What language is it coded in and what was your frame rate?

 

 

- No of ur posted anim adresses works :: just zeros  confused.gif

Draco posted one that I know for a fact works - CPed + 1332.

This address gets automatically reset though and you'll have to figure out what to NOP. wink.gif

 

 

- Can't set Actor pos. while he is in car  sarcasm.gif

I haven't tried this, but isn't this common sense? Don't move the actor, move the car. The car's position structure is identical to an actor's, the only thing different is finding its pointer.

Share this post


Link to post
Share on other sites
copini

 

04FBD4F8 & 04FBD538 - closest car to player, may be zero if there are no cars in world or you are inside a shop or other interior or no car that hasn't been wrecked is near you (max searching distance is around 50 meters i think), these are not fixed address, i once found them on this offset but they vary, the memory was probably in player actor's memory block.

has anyone found out how to calculate these addresses yet?

I've tried to run through the code in IDA (I can't do any debugging in w32dasm or OllyDbg, the game hangs when I try), but it's just to complicated...

I know the program first calculates a base address, the two pointers are +0x0C and +0x4C from this address. but I can't figure out how to get it.

it would be nice to automaticly unlock a locked vehicle you try to enter, and I think using these addresses is the best way.

 

 

btw: 0xA4EC20 is the score for the dancing minigames, maybe for other minigames as well

Share this post


Link to post
Share on other sites
saracoglu

Here is a HOT offset to player adresse:

 

CPed + 66 (Byte) this is the BP/EP/FP/DP status of the player as follows:

 

(values are in decimal, add them up as needed and assign byte value to CPed+66)

1 Makes Ped soft (ie. can move through walls and everything)

2 Freezes Ped (ie. ped cannot walk)

4 Bullet-proof

8 Flame-proof

16 ?

32 ?

64 Damage-proof (from collisions etc)

128 Explosion-proof

 

Assigning 1 enables ped to move thru obstacles, yet the ground itself is also an obstacle. So if you flip the first bit, player sinks below ground level

 

happy coding,

 

Alper

Share this post


Link to post
Share on other sites
DracoBlue

I updated the gtadb, and completed the description of the WeaponSlot-structure.

 

Please look at the 3 unknown parts of the structure, but the rest should be complete.

 

WeaponSlot-Type

 

See you,

Share this post


Link to post
Share on other sites
DracoBlue

 

also, someone that knows please answer my previous question:

"are these disk file management functions or IMG functions? and which interface do they use?"

Those are for all loaded files .dat .img etc.

 

See you,

Share this post


Link to post
Share on other sites
JernejL

btw, it seems specific cars now have 4 colors, just look at the carcols.dat, so that are probably 2 bytes after first car colors in memory..

 

more:

 

#12234816 - insane stunt bonus and school instructions ansi-text - it stays onscreen as long as first char is non-zero

 

#12232608 - #399 bytes ANSI text-box in left top corner (12231808 and 12232208 are read only duplicates )

 

$00866C94 - money text formatting string, by default '$%08d'

#5829832 - pointer to money formatting string, there is some empty space at #4195145 that you can use..

Share this post


Link to post
Share on other sites
Cowpat

Forgive me if these have been posted earlier

 

Current Car + 0x460 - Pointer to CPed (Player)

 

CPed + 0x58C - Pointer to or ID of current car. I parked two cars beside each other and hopped between each of them to confirm the numbers remained the same.

Share this post


Link to post
Share on other sites
[KFC]Nutz

Found one way to change/disable the annoying solid clouds above 220 meters:

 

0x716642 (float)

0x716655 (float)

 

Both values default to 200 (00 00 48 43). If you change one of them to 100,000 (00 50 c3 47)

you get very few clouds, a much nicer effect. If you change both of them to 100,000

you never get the clouds.

 

It appears that betwen 200m and 500m StrClp (haze) gradually reduces from whatever

is in timecyc.dat (if greater than 800) to 800. I'm still looking for how to disable this.

 

Also, someone pointed out that when the height limit for aircraft is raised to 100,000m

you fall off bikes and motorcycles the instant you touch anything (!) Why the two

would be related is a mystery. Reducing the height limit to 2000m (still more

than double the default) seems to make it normal, though I don't do much biking

so it's hard to tell for sure.

Edited by [KFC]Nutz

Share this post


Link to post
Share on other sites
SeBsZ

Hello guys,

 

I found these addresses:

 

0CB61120

0CB61124

0CB61128

 

which probably are the XYZ locations of the player. However, my values seem a little strange. When I start a new game, these are the tree values in those addresses:

 

-4263047608997904106

4708509432283569353

39519932217031777

 

Is that normal? The values seem to be read-only. I think these are the XYZ of the player because they only change when I move the character.

 

I know that stretchnutter posted this on the first page of this topic:

 

DWORD(CPed+0x14) + 0x30 = XPos

DWORD(CPed+0x14) + 0x34 = YPos

DWORD(CPed+0x14) + 0x38 = ZPos

 

but I don't understand how to put those values into a program like ArtMoney. Can someone help me here, I want the non-readonly values of the player location.

 

Thanks,

 

SeBsZ

Share this post


Link to post
Share on other sites
JernejL

SeBsZ: thats because those structures are at dynamic locations, you need pointers.

 

Share this post


Link to post
Share on other sites
DracoBlue

 

Hello guys,

 

I know that stretchnutter posted this on the first page of this topic:

 

DWORD(CPed+0x14) + 0x30 = XPos

DWORD(CPed+0x14) + 0x34 = YPos

DWORD(CPed+0x14) + 0x38 = ZPos

 

but I don't understand how to put those values into a program like ArtMoney. Can someone help me here, I want the non-readonly values of the player location.

 

Thanks,

 

SeBsZ

 

More about that can be found here.

 

With Artmoney you need to read the 4-integer at your (CPed-Address+0x14).

This values is your pointer to the tPosition-Structure.

If you add 0x30 to this value, you can read the XPos as float, same goes for Y and Z Pos.

 

See you,

Share this post


Link to post
Share on other sites
SeBsZ

Wow, thanks for your quick replies.

 

Okay, let me explain what I'm doing.

 

On page 1 of this topic, someone said that the player pointer is 00B6F5F0

 

You said that another pointer is at (playerpointer + 14).

 

In Artmoney, I read what 4-integer is at Address 00B6F5F0+14 and I get 213258160. For some reason, it doesn't matter if I do +14 or + 0 the value stays the same, which indicates to me that I'm doing something wrong. If that 213258160 is correct, then I still don't know what to do with that.

 

Help is appreciated... thanks

Share this post


Link to post
Share on other sites
ThE_cHeEsE

hey, first of all read this address 00B6F5F0, then with the value that it returned read it again but add + 14 to the value that 00B6F5F0 gave you.

 

Then just read as a float the value that 00B6F5F0 + 14 retreived and + 30 for XPos, 34 for YPos and 38 for ZPos

Edited by ThE_cHeEsE

Share this post


Link to post
Share on other sites
SeBsZ

FANTASTIC! It works perfectly. Thank you so much!

Share this post


Link to post
Share on other sites
SeBsZ

Does anyone know where all the vehicle names are stored? The vehicles.ide file does not contain the full names. For example, in that file the Ambulance is "ambulan" because they are the model names. I want to find out if there is a place containing all the vehicle IDs with the full vehicle name behind it. Anyone knows?

Edited by SeBsZ

Share this post


Link to post
Share on other sites
Opius

Vehicles.ide holds as the sixth value per line, the GXT key used for the full name.

 

But surely it isn't THAT hard to figure out what each vehicle is by what they're referred to by their shortened names?

 

Share this post


Link to post
Share on other sites
SeBsZ

Opius, I'm talking about the vehicle names that appear when you enter a vehicle in the game. The sixth value in the vehicles.ide file is still a shortened version, for example "BFINJC" instead of "BF Injection"

Share this post


Link to post
Share on other sites
Opius

If you looked in an un-CRC'd GXT, the key "BFINJC" would contain the text "BF Injection".

Share this post


Link to post
Share on other sites
JernejL
un-CRC'd GXT

what are you talking about?

 

Share this post


Link to post
Share on other sites
Opius

The GXT key names are CRC'd, as I understand.

Share this post


Link to post
Share on other sites
SeBsZ

How can I turn the american.gxt file into a readable text file?

 

EDIT:

Also, does someone know how the coordinate system in San Andreas works? I don't get it... I found that an X value of -985820256 is on the left of the map. However, an X value of 985820256 is NOT the right of the map, but in the middle. ALso, when X:0 and Y:0, I am in the middle of the map. It really confuses me. If someone could give me an explanation on how the coordinate system works in SA, that would be great.

 

Thanks

Edited by SeBsZ

Share this post


Link to post
Share on other sites
JernejL
The GXT key names are CRC'd, as I understand.

ah i just misunderstood your statement that a unchecksumed gxt exists for san andreas..

 

Share this post


Link to post
Share on other sites
mattyboy_96

SeBsZ, Try reading the coords as Floats instead of Dwords

Share this post


Link to post
Share on other sites
jacob.

004640DE    8B90 6099A400   MOV EDX,DWORD PTR DS:[EAX+A49960]

 

this seems to get called every time a new opcode is being executed.. so erm..

0xA43C78 = latest opcode called? (in 4 byte dword, convert to hex for opcode form)

 

could be completely off on this, i was just looking at opcode execution in the dissasembly and noticed this.

Share this post


Link to post
Share on other sites
SeBsZ
SeBsZ, Try reading the coords as Floats instead of Dwords

Alright, I still think I'm doing something wrong. I am reading from memory to Visual Basic 6's double data type, which I think is like a float. However, these are the XYZ values I get:

 

pX: 5.69851892038368E-315

pY: 1.63255589500922E-314

pZ: 5.43760953752311E-315

 

They look weird and unusable to me. THis is the vb6 code i'm using:

 

ReadProcessMemory ProcessHandle, MemoryLocation, MyVariable, 4, 0&

where MyVariable is of the "double" data type. The "4" is how many bytes have to be read from that memory location.

 

If anyone could help me out here, thanks.

Share this post


Link to post
Share on other sites
jacob.

Alright, I still think I'm doing something wrong. I am reading from memory to Visual Basic 6's double data type

Well there's your problem. Read it as a Single if you're using Visual Basic.

Share this post


Link to post
Share on other sites
SeBsZ

Thanks, I figured it out myself and wanted to modify my post but then saw yours. So thanks anyway.

Share this post


Link to post
Share on other sites
jacob.

I was looking for the actual entity list and stumbled upon something interesting..

0x969084 = first vehicle you got into

0x969088 = second vehicle you got into

0x96908C = third vehicle you get into

.. and so on, increasing by 4 after each vehicle. they are 0 if you haven't entered a first/second/third/etc car yet.

 

user posted image

edit: i just realized these addresses were only working on my stripped & slightly modified SCM, so this definatly isn't the exact beginning of the entity list.. but it's somewhere 'round here. smile.gif

Edited by jacob.

Share this post


Link to post
Share on other sites
SeBsZ

Does someone know how to move the car the player is currently in to another location?

 

Also, the memory address that keeps track of the current car ID does not keep track of when you enter a plane. Anyone know how to do that as well?

 

The wanted level seems to be read-only. I try to change it and it resets itself when I get back into the game...

 

Thanks

Edited by SeBsZ

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

By using GTAForums.com, you agree to our Terms of Use and Privacy Policy.