[V] Script/Native Documentation and Research

[outlier 29]

Some of the posts I see are all about console modding , not the research The forum rules are very straight regarding pirated stuff including consoles , you will get such topics/posts removed very fast if posted in the popular forum sections above , mods just don't look at what's happening here .

Consoles are all that we have at this point in time. I am not sure how you expect people to obtain complete natives, I am not aware of a PC release as of Sept. 21st, 2014. There is also no piracy associated with our dicussion. I bought the CE of the game and I own 3 MS consoles. I am free to do what I will with them as I own them outright. I am certainly not breaking any laws... I don't terrorize on LIVE, I don't go on there at all out of ethical consideration for others...

 

I would love to be able to contribute full natives with args and return values to this thread. For me to be able to do this, I need to understand ppc. There have been 2 recent posts in here that have helped me so much to be able to do so. Clutch and sasuke, thank you once again. This will be my last post in here. Out of due respect for the continuity of this thread, I am not going to let this become another 7sins fiasco.

[Alexander Blade 1,430]

When you say rgh/jb/etc it leads to what it means - piracy , thats it .

Edited September 21, 2014 by Alexander Blade

[sasuke78200 176]

Guys let's continue our researches without mentioning any platform.

[AdamSelene 1]

Guys let's continue our researches without mentioning any platform.

 

So agree, the "platform" is RAGE, mentioning other platforms is at best relevant to 50% of readers.

[XeClutch 33]

When you say rgh/jb/etc it leads to what it means - piracy , thats it .

Actually, both the JTAG and Jailbreak exploits were not designed for piracy, they were created to run 3rd party applications. It is the 3rd party applications and software modifications that allow piracy and to define the JTAG/RGH/R-JTAG/Jailbreak exploits as pirating software is incorrect.

[Harsh IV 0]

This is very helpful forum.

[sasuke78200 176]

Here is the last version of AddNative and the structure where are stored the natives, that I made.

 

The last one I did was wrong.

// size 0x40struct Native{		struct Native* 	pLastNativesTable;			// + 0x00	unsigned int 	uiNativeFunctions[7];		// + 0x04	unsigned int 	uiNativeCount;				// + 0x20	unsigned int 	uiNativeHashes[7];			// + 0x24	};// Address : 0x1DB8230 (PS3 v1.16)struct Native* g_Natives[256];void AddNative(unsigned int a_uiNativeHash, unsigned int a_uiNativeFunction){	unsigned int 		l_uiTableIndex;	struct Native*		l_pNative;	unsigned int 		l_uiIndex;		l_uiTableIndex = a_uiNativeHash & 0xFF;	l_pNative = g_Natives[l_uiTableIndex];		if(l_pNative == 0 || l_pNative->uiNativeCount == 7)	{		l_pNative = (struct Native*)malloc(sizeof(struct Native));		memset(l_pNative, 0x00, sizeof(struct Native));				l_pNative->pLastNativesTable = g_Natives[l_uiTableIndex];		g_Natives[l_uiTableIndex] = l_pNative;	}		l_uiIndex = l_pNative->uiNativeCount;		l_pNative->uiNativeFunctions[l_uiIndex]		= a_uiNativeFunction;	l_pNative->uiNativeHashes[l_uiIndex]		= a_uiNativeHash;	l_pNative->uiNativeCount++;}

Edited September 26, 2014 by sasuke78200

[AdamSelene 1]

Here is the last version of AddNative and the structure where are stored the natives, that I made.

 

The last one I did was wrong.

l_pNative->uiNativeFunctions[l_uiIndex]		= a_uiNativeHash;l_pNative->uiNativeHashes[l_uiIndex]		= a_uiNativeFunction;

So the hash is stored in the functions array, and the function in the hashes array?

[sasuke78200 176]

Nope, I did bad. Sorry.

[maro_hannover 128]

what means

ENTITY

[XeClutch 33]

what means

ENTITY

An entity can be a ped, object, vehicle, or anything physical. An entity cannot present a player id though.

[XeClutch 33]

Looks like 1.17 just went live and a few pieces of clothing, new vehicles, and new weapons have been added. Once I get the new .xex I will see about getting the names/hashes to you guys.

[AdamSelene 1]

Looks like 1.17 just went live and a few pieces of clothing, new vehicles, and new weapons have been added. Once I get the new .xex I will see about getting the names/hashes to you guys.

vehicles:

44C4E977,innovat

4B6C568A,hakuchou

BF1691E0,furoregt

 

weapons:

3AABBBAA,weapon_heavyshotgun

C734385A,weapon_marksmanrifle

[XeClutch 33]

 

Looks like 1.17 just went live and a few pieces of clothing, new vehicles, and new weapons have been added. Once I get the new .xex I will see about getting the names/hashes to you guys.

vehicles:

44C4E977,innovat

4B6C568A,hakuchou

BF1691E0,furoregt

 

weapons:

3AABBBAA,weapon_heavyshotgun

C734385A,weapon_marksmanrifle

 

Thanks, I couldn't find it in the .xex, where were they?

[XeClutch 33]

@XeClutch

For The Last Time THIS IS PC! NOT CONSOLE sh*t!

PC Gamer > Console Gamer

* facepalm *

Okay, so where in the PC version of the game did you find it? Exactly.

The .xex and the eboot are all we can look through right now (with the exception of the .rpf's and whatnot).

[Tez2 44,211]

It looks like update.rpf and dlc rpf's are crc-checked now .

They added new function "CCheckCRCs" to 1.17 .

[XeClutch 33]

Got word from someone that the method used to call natives w/ the VM has been patched in 1.17. Anybody able to confirm or shoot this down? I have updated my offsets but my menu is still on 1.16 because I am working on some networking stuff.

[sasuke78200 176]

My method works correctly with 1.16 and 1.17, don't know if they patched it.

 

 

edit : link removed.

Edited October 9, 2014 by sasuke78200

[emiL 0]

EDIT:Nevermind, made a mistake when searching.

 

btw @sasuke78200, your method "n'existe pas"

Edited October 9, 2014 by emiL

[Alexander Blade 1,430]

Well we have modding section rebrending , looks kinda strange since Discussion & Support should be the same as Modding Lab

Edited October 9, 2014 by Alexander Blade

[XeClutch 33]

Here is a ton of scripts I wrote in C++. Nothing crazy but it works for the most part.

 

Give All Weapons

// Give Player All Weapons (to give it to yourself just pass PLAYER_ID() as the first param)VOID GiveWeapons(INT Client){    UINT Weapons[] = { 0x99B507EA, 0x678B81B1, 0x4E875F73, 0x958A4A8F, 0x440E4788, 0x84BD7BFD, 0x1B06D571, 0x5EF9FEC4, 0x22D8FE39, 0x99AEEB3B, 0x13532244, 0x2BE6766B, 0xEFE7E2DF, 0xBFEFFF6D, 0x83BF0278, 0xAF113F99, 0x9D07F764, 0x7FD62962, 0x1D073A89, 0x7846A318, 0xE284C527, 0x9D61E50F, 0x3656C8C1, 0x05FC3C11, 0x0C472FE2, 0x33058E22, 0xA284510B, 0x4DD2DC56, 0xB1CA77B1, 0x687652CE, 0x42BF8A85, 0x93E220BD, 0x2C3731D9, 0xFDBC8A50, 0x24B17070, 0x060EC506, 0x34A67B97, 0xFDBADCED, 0x23C9F95C, 0x497FACC3, 0xF9E6AA4B, 0x61012683, 0xC0A3098D, 0xD205520E, 0xBFD21232, 0x7F229F94, 0x92A27487, 0x083839C4, 0x7F7497E5, 0xA89CB99E, 0x3AABBBAA, 0xC734385A };    for (int i = 0; i < (sizeof(Weapons) / 4); i++)        GIVE_DELAYED_WEAPON_TO_PED(GET_PLAYER_PED(Client), Weapons[i], 9999, 1);}

Take All Weapons

VOID TakeWeapons(INT Client){    REMOVE_ALL_PED_WEAPONS(GET_PLAYER_PED(Client));}

Unlimited Ammo

BOOL UnlAmmo = FALSE;VOID ToggleUnlimitedAmmo(){    UnlAmmo = !UnlAmmo;    SET_PED_INFINITE_AMMO(PLAYER_PED_ID(), UnlAmmo);    SET_PED_INFINITE_AMMO_CLIP(PLAYER_PED_ID(), UnlAmmo);}

Toggle No Cops

VOID ToggleNoCops(){    if (GET_MAX_WANTED_LEVEL() > 0)        SET_MAX_WANTED_LEVEL(0);    else        SET_MAX_WANTED_LEVEL(5);}

Set Model

VOID SetModel(PCHAR Model){    UITN hash = GET_HASH_KEY(Model);    if (IS_MODEL_IN_CDIMAGE(hash))    {        REQUEST_MODEL(hash);        while (!HAS_MODEL_LOADED(hash)) WAIT(0);        SET_PLAYER_MODEL(PLAYER_ID(), hash);        SET_MODEL_AS_NO_LONGER_NEEDED(hash);    }}

Drop Cash

VOID DropCash(INT Player, INT Amount){    Vector3 v = GET_ENTITY_COORDS(GET_PLAYER_PED(Player));    CREATE_AMBIENT_PICKUP(0xFE18F3AF, v.x, v.y, v.z, 0, Amount, 1, 0, 1);}

Toggle Invincibility

VOID ToggleInvincibility(){    SET_PLAYER_INVINCIBLE(PLAYER_ID(), !GET_PLAYER_INVINCIBLE(PLAYER_ID());}

Toggle Invisibility

VOID ToggleInvisibility(){    SET_ENTITY_VISIBLE(PLAYER_PED_ID(), !IS_ENTITY_VISIBLE(PLAYER_PED_ID());}

Teleport

VOID Teleport(Vector3 coords){    UINT handle = PLAYER_PED_ID();    if (IS_PED_IN_ANY_VEHICLE(handle, 0))        handle = GET_VEHICLE_PED_IS_IN(handle, 0);    SET_ENTITY_COORDS(handle, coords.x, coords.y, coords.z, 0, 0, 0, 1);}

Fix & Wash Vehicle

// If using your own vehicle pass GET_VEHICLE_PED_IS_USING(PLAYER_PED_ID(), 0) as the param..// If using someone else's vehicle pass GET_VEHICLE_PED_IS_USING(GET_PLAYER_PED(client), 0) as the param and replace 'client' with the player's ID..VOID FixWashVehicle(UINT Vehicle){    SET_VEHICLE_FIXED(Vehicle);    SET_VEHICLE_DEFORMATION_FIXED(Vehicle);    SET_VEHICLE_DIRT_LEVEL(Vehicle, 0f);}

Invincible Vehicle

UINT Vehicle = GET_VEHICLE_PED_IS_USING(PLAYER_PED_ID(), 0);VOID InvincibleVehicle(){    while (true) // for (;        FixWashVehicle(Vehicle); // use function above^}

Vehicle Nitrous

VOID Nitrous(){    while (true) // for (;        if (!IS_PED_ON_FOOT(PLAYER_PED_ID()))            if (IS_PLAYER_PRESSING_HORN(PLAYER_ID()))                SET_VEHICLE_BOOST_ACTIVE(GET_VEHICLE_PED_IS_IN(PLAYER_PED_ID(), 0), TRUE);            else                SET_VEHICLE_BOOST_ACTIVE(GET_VEHICLE_PED_IS_IN(PLAYER_PED_ID(), 0), FALSE);        else            SET_VEHICLE_BOOST_ACTIVE(GET_VEHICLE_PED_IS_IN(PLAYER_PED_ID(), 0), FALSE);}

Get Clients

PCHAR* GetClients(){    PCHAR Clients[16];    for (INT i = 0; i < 16; i++)        Clients[i] = GET_PLAYER_NAME(i);    return Clients;}

[fOmey 20]

Hey guys,

 

Recently I've been attempting to dig up some information to further explain "set_bit" & "clear_bit"..

 

I have seen these two natives popup numerous times throughout source and there seems to be very little information on them..

 

I would love to be able to spawn pegasus vehicles on demand, the goal is to modify the spawned vehicle using natives.. any information would be appreciated.

[Tez2 44,211]

Here is a ton of scripts I wrote in C++. Nothing crazy but it works for the most part.

 

Vehicle Nitrous

VOID Nitrous(){    while (true) // for (;        if (!IS_PED_ON_FOOT(PLAYER_PED_ID()))            if (IS_PLAYER_PRESSING_HORN(PLAYER_ID()))                SET_VEHICLE_BOOST_ACTIVE(GET_VEHICLE_PED_IS_IN(PLAYER_PED_ID(), 0), TRUE);            else                SET_VEHICLE_BOOST_ACTIVE(GET_VEHICLE_PED_IS_IN(PLAYER_PED_ID(), 0), FALSE);        else            SET_VEHICLE_BOOST_ACTIVE(GET_VEHICLE_PED_IS_IN(PLAYER_PED_ID(), 0), FALSE);}

 

You also use apply_force_to_entity for vehicle nitrous .

[sasuke78200 176]

Hey guys,

 

Recently I've been attempting to dig up some information to further explain "set_bit" & "clear_bit"..

 

I have seen these two natives popup numerous times throughout source and there seems to be very little information on them..

 

I would love to be able to spawn pegasus vehicles on demand, the goal is to modify the spawned vehicle using natives.. any information would be appreciated.

 

Nothing interesting it just set a specific bit to 1 for 'set_bit'.

void set_bit(int* a_iVar, int a_iBit){	if(a_iBit >= 0 && a_iBit <= 31)	{		*a_iVar |= (1 << a_iBit);	}}

And clear_bit does the inverse.

void clear_bit(int* a_iVar, int a_iBit){	if(a_iBit >= 0 && a_iBit <= 31)	{		*a_iVar &= ~(1 << a_iBit);	}}

Edited October 20, 2014 by sasuke78200

[Eaqz 0]

 

const uint mp0_char_creator_stamina = 0x53c49a79,        mp1_char_creator_stamina = 0xc56abf4a,        mp2_char_creator_stamina = 0x435d8d03,        mp3_char_creator_stamina = 0x5ecadc12,        mp4_char_creator_stamina = 0x22d65166,        mp5_char_creator_stamina = 0x48c46e8a,        mp0_char_creator_shooting = 0x3363cc06,        mp1_char_creator_shooting = 0x92130b82,        mp2_char_creator_shooting = 0x4c18f3c4,        mp3_char_creator_shooting = 0xa2c88d72,        mp4_char_creator_shooting = 0xf54141c0,        mp5_char_creator_shooting = 0x8e9895b2,        mp0_char_creator_strength = 0x6a9721fb,        mp1_char_creator_strength = 0x7d9a5285,        mp2_char_creator_strength = 0x1e5a2fa2,        mp3_char_creator_strength = 0xc45cd34c,        mp4_char_creator_strength = 0xf6e826e4,        mp5_char_creator_strength = 0x822c3a08,        mp0_char_creator_stealth = 0x36b01f9,        mp1_char_creator_stealth = 0x434e90e6,        mp2_char_creator_stealth = 0xc4501370,        mp3_char_creator_stealth = 0x9a5b4a07,        mp4_char_creator_stealth = 0xa6ac5db3,        mp5_char_creator_stealth = 0xc6d22ef4,        mp0_char_creator_flying = 0x6c0fd0c6,        mp1_char_creator_flying = 0x19338114,        mp2_char_creator_flying = 0x323aaf73,        mp3_char_creator_flying = 0x402e6dab,        mp4_char_creator_flying = 0x4b68e3dc,        mp5_char_creator_flying = 0x8d9107da,        mp0_char_creator_bike = 0xd7d4b6ae,        mp1_char_creator_bike = 0x577e93af,        mp2_char_creator_bike = 0xded50ca1,        mp3_char_creator_bike = 0x564c120,        mp4_char_creator_bike = 0x2268c53a,        mp5_char_creator_bike = 0x8bb2ebac,        mp0_char_creator_lung = 0xf82220ed,        mp1_char_creator_lung = 0xd0bb06d6,        mp2_char_creator_lung = 0xf016e495,        mp3_char_creator_lung = 0x94f3e59e,        mp4_char_creator_lung = 0x36a565f1,        mp5_char_creator_lung = 0xf442f10a;

These are usefull STATS too probably

 

Great work !

But i'm sure mp5 doesn't exist ?

You can find all stats hashed by checking mpstatsinit.xsc

Your stats about shooting :

        mp0_char_creator_shooting = 0x3363cc06,        mp1_char_creator_shooting = 0x92130b82,        mp2_char_creator_shooting = 0x4c18f3c4,        mp3_char_creator_shooting = 0xa2c88d72,        mp4_char_creator_shooting = 0xf54141c0,        mp5_char_creator_shooting = 0x8e9895b2,

Mpstatsinit :

    setElem(0x3363CC06, 0, getElemPtr(1209, &g_2405085, 24), 4); // mp0_char_creator_shooting    setElem(0x92130B82, 1, getElemPtr(1209, &g_2405085, 24), 4); // mp1_char_creator_shooting    setElem(0x4C18F3C4, 2, getElemPtr(1209, &g_2405085, 24), 4); // mp2_char_creator_shooting    setElem(0xA2C88D72, 3, getElemPtr(1209, &g_2405085, 24), 4); // mp3_char_creator_shooting    setElem(0xF54141C0, 4, getElemPtr(1209, &g_2405085, 24), 4); // mp4_char_creator_shooting

Save time instead of putting the hash do it this way:

 

set_stat_int(get_hash_key("MP0_CHAR_XP_FM"), 2165850);

[XeClutch 33]

Save time instead of putting the hash do it this way:

set_stat_int(get_hash_key("MP0_CHAR_XP_FM"), 2165850);

And you all can save time by doing this...

 

// C#void SetStatInt(int Character, string Stat, int Value){    SET_STAT_INT(GET_HASH_KEY("MP" + Character + "_" + Stat), Value);} // C++VOID SetStatInt(INT Character, PCHAR Stat, INT Value){    SET_STAT_INT(GET_HASH_KEY(va("MP%i_%s", Character, Stat)), Value);} // Example call (works with both)SetStatInt(0, "CHAR_XP_FM", 2165850);

[NTAuthority 2,585]

 

va("MP%i_%s", Character, Stat)

 

smells like codfish in here

[fOmey 20]

 

Hey guys,

 

Recently I've been attempting to dig up some information to further explain "set_bit" & "clear_bit"..

 

I have seen these two natives popup numerous times throughout source and there seems to be very little information on them..

 

I would love to be able to spawn pegasus vehicles on demand, the goal is to modify the spawned vehicle using natives.. any information would be appreciated.

 

Nothing interesting it just set a specific bit to 1 for 'set_bit'.

void set_bit(int* a_iVar, int a_iBit){	if(a_iBit >= 0 && a_iBit <= 31)	{		*a_iVar |= (1 << a_iBit);	}}

And clear_bit does the inverse.

void clear_bit(int* a_iVar, int a_iBit){	if(a_iBit >= 0 && a_iBit <= 31)	{		*a_iVar &= ~(1 << a_iBit);	}}

I realize the purpose of the natives, although what I'm wondering is what are these bits used for exactly ?

 

Would certain bits trigger events like the spawning of a pegasus vehicle for instance ?

 

Thanks for the reply.

Edited October 22, 2014 by fOmey

[sasuke78200 176]

I don't really know, didn't read all the script.

 

But it could.

[XeClutch 33]

Just wrote a small little thing to log all of the natives when processed through my LoadNative function (just the location of the LoadNative hook) and I got a total of 4792 natives on 1.17 (TU18) on a region free copy of the game for Xbox 360.