Jump to content

Manipulating SA game memory for fun and profit


Xieîn

Recommended Posts

Here is definitely a new thing, that i think can essentially expand opportunities of mission coding.

 

Link: http://xieon.by.ru/mempatch.rar

 

Note that this tool i made a one month ago from zero (i did not release it owing to my absence)

and it hasn't any relation to the neighbour topic (and to any other eariler topic), i am surprised by it smile.gif.

 

The program inside archive represents a special patch for GTA:SA that literally adds to

the game three new opcodes, replacing with itself some NOPs:

 

 

00C3: read_mem_address [ ] type [ ] value_to [ ]

 

 

This new opcode reads value of specified mem address (with new 0181 - any game address) and

writes it to the global or local variable. You may specify how much to read - 8 bit value (byte),

16 bit (word) or 32 bit (dword).

 

 

00C4: write_mem_address [ ] type [ ] value [ ]

 

 

This opcode same as previous except that it writes memory but not reads.

 

 

0181: virtual_protect_change_at [ ] size [ ] new_protect [ ]

 

 

And this opcode is maybe most unstandard. It allows to call VirtualProtect WinAPI

function directly from SCM, as you know it can unlock any address, which cause

AccessViolation exception (or game crash in SA) when accessing to it. So all reasonable

game memory can get in your hands.

 

All other information and why the CyQ's mem-technique for VC became impossible in SA

in the readme.

 

--- Advantages

 

- Easiest to use and absence of necessity to use variables, to do any actions

and to write any mission code for make this focus working.

- Flexibility - you can specify size of value when accessing to the memory and

write real address, what it is anywhere (one action - convertion from HEX to INT, but

in new SB it will be possible to specify hex and other numeric formats for values).

- Presentation of the mnemonics of the opcodes.

- Very small size of the patch (~14 kb without docs).

 

--- Disadvantages

 

- Without patch it doesn't work, but i can add to the next version opcode, by means of

which it will be possible to check up its presence and avoid game crash.

 

Most likely in new SB also will be built-in functions based on this tool for works with memory.

 

***

I very much wait for any wishes or criticism from you, and forgive me for my dreadful grammar smile.gif

In theory, by similar approach it is possible to carry out calls to other API functions (just present the opening opportunities) and to make, for example, full working MP3 player, operated by the SCM opcodes, and many many other.

 

Have fun with it.

Cheers, Xieon.

Edited by Xieîn
Link to comment
Share on other sites

All other information and why the CyQ mem-technique for VC became impossible in SA in the readme.
Actually, documentation of an all natural method of doind exactly that has begun unfolding here.

 

 

You may specify how much to read - 8 bit value (byte), 16 bit (word) or 32 bit (dword).
Okay, NOW you have my UNDIVIDED attention wink.gif That's fabulous.

 

Question. How independent is this patch? There must be a dozen different EXE's out there. For example, I run the Hoodlum no-DVD EXE, modified to bypass the opening splash screens. Will this patch work with that EXE? Can you document various EXE supports so that as we begin to author SCM's requiring this patch, we can forward the documentation to our users?

Link to comment
Share on other sites

 

I can't download the file, it just comes up as pure text, not a rar download.

Just right-click the eventual download link and choose "Save As" and you should be able to download it properly; worked for me.

 

@Xieon: Wow. This is brilliant. Ran the gravity change in the readme as a quick test and it worked flawlessly. If this patch will work on all the different SA versions, it's unbelievably useful considering the hoops we have to go through to change memory via the stat opcodes and the limits there. Also, have you considered supplying a "loader" in addition to the patch? There's no good reason for that request aside from the fact that some are more comfortable with that method.

Link to comment
Share on other sites

Wow! This is my dream come true! I didn't see any way to access the lower (not to mention protected) memaddresses with the recent stat opcode discovery, but your patch solves this!

Thank you so much!

Now I can recreate edisoncarter's PS2 gravity code. If I could only figure out the NESW directional gravity...

 

PS: Hello, I'm new smile.gif

Link to comment
Share on other sites

  • 1 year later...

maybe somebody can tell me adress in memory of:

 

scm block(main) limit and object ides limit??

Link to comment
Share on other sites

  • 1 year later...
Could someone reupload the program?

You don't need it. It's implemented with CLEO Library. Just use the new opcodes.

Link to comment
Share on other sites

I never did this stuff before so I have no idea how to add opcodes, I need to add those 2 to gta_sa.exe

Enable Multiple SA Windows:

0x7468E0 : (func) CheckForOtherSA(void)

0x74872D : (asm) call CheckForOtherSA (NOP this in the exe)

 

Could you tell me how to do it please?

Link to comment
Share on other sites

I never did this stuff before so I have no idea how to add opcodes, I need to add those 2 to gta_sa.exe

Enable Multiple SA Windows:

0x7468E0 : (func) CheckForOtherSA(void)

0x74872D : (asm) call CheckForOtherSA (NOP this in the exe)

 

Could you tell me how to do it please?

Mmm, I think this might work?

 

 

0A8C: write_memory 0x7468E0 size 1 value 0 virtual_protect 0

 

 

You might have to mess with the size and virtual_portect values, though wink.gif

Link to comment
Share on other sites

Could you please tell me how to apply this? I'm a complete newbie to this stuff.

Btw. I have found those 2 memory addresses I in program called HIEW32, but when I edit those values I dunno what to type

Maybe could you please make an exe like that for me? Im using the 1.0 Hoodlum exe

Edited by Lancast
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • 1 User Currently Viewing
    0 members, 0 Anonymous, 1 Guest

×
×
  • Create New...

Important Information

By using GTAForums.com, you agree to our Terms of Use and Privacy Policy.