GTA SA Android SCM Write memory address value

[OrionSR]

I won't provide any answers to off-topic questions. I don't have any useful info anyway.

Conduct a search for appropriate topics and if you don't find anything then create a new one. Don't expect to find anything useful though as anything mobile related usually gets merged with one of the catch-all mobile topics where it can they can easily be ignored and won't clutter the rest of the forum. GTAF is not very friendly to mobile modding. Perhaps you can find a more supportive community somewhere else.

[Nesthor]

1 hour ago, OrionSR said:

I won't provide any answers to off-topic questions. I don't have any useful info anyway.

Conduct a search for appropriate topics and if you don't find anything then create a new one. Don't expect to find anything useful though as anything mobile related usually gets merged with one of the catch-all mobile topics where it can they can easily be ignored and won't clutter the rest of the forum. GTAF is not very friendly to mobile modding. Perhaps you can find a more supportive community somewhere else.

I'm sorry, I thought that since there is a memory value for the drawn distance, the loading distance of vehicles and peds would also be some direction.

 

thanks

[OrionSR]

41 minutes ago, Nesthor said:

I'm sorry

I'm sorry, too. I think my comments sounded more harsh than intended. I'm cranking at you for posting off-topic as a mentor. I think you'll have much more success on these forums if you follow the expected protocols. For example, quoting is a useful strategy for notifying someone of a response but it is unnecessary to quote an entire post that can be read in full in the previous comment. Limit your quote to something specific to your response.

Oops. I was cranking about being off-topic... There is little chance that anyone with the info you need will see your question in this topic. There might be experts that browse the mobile modding topics; I wouldn't know, I never check them unless a google search just happens to lead me there anyway. If you decide to create a new topic be sure to include the critical details necessary to catch the attention of people with answers - it's an ad, or headline. And if you find good answers, the good title will catch the attention of anyone else searching for this data. This interaction leads to a nice little feed-back loop where useful information can accumulate.

But mostly I'm disappointed with how GTAF manages mobile modding topics. My comment about looking somewhere else was an expression of this frustration. I wish you could find what you need in these forums, but you might be better off at another site.

[Nesthor]

I understand the "discrimination" towards GTA SA mobile, sometimes I ask a question and when I put that it is for Android almost automatically I am ignored lol but I will look for information.

 

Sometimes I prefer to omit that it is for GTA SA mobile, most of the cleos I have done work for both the PC and Android versions.

 

Even though I have found very little about saaexten, which includes functions that I suppose are editions of  memory address  Anyway, I thank you very much

Edited January 22, 2020 by Nesthor

[RK03]

hey bro can u please help me

is there any way that we can get the various bone coords of player in CleoA 

 

as we can do it in CLEO 4 using 0A96 opcode

 

please help

[OrionSR]

Probably, but you are probably better off starting a new topic unless all you need is the pointer from 0A96. 

0A96: $ActorStruct = actor $PLAYER_ACTOR struct

A quick test of 0A96: provided the same results as: 0xB7CD98 - Player pointer, direct offset to the ped pool start (CPed)

 

Since $PLAYER_ACTOR is usually 0, this address added to the size of the record (1988 on PC) multiplied by the handle of the actor, should be able to provide you with similar functionality as opcode 0A96. 

 

It looks like the pointer from 0xB7CD98 can be found at label _ZN6CWorld7PlayersE using CleoA strategies.

Some notes in this topic on using label strings in CleoA to find addresses.

 

I don't know about bones. A well named topic would be more likely to draw attention from someone that might know more.

 

0x5E4280; _ZN4CPed15GetBonePositionER5RwV3djb

Edited May 13, 2020 by OrionSR

[RK03]

15 hours ago, OrionSR said:

Probably, but you are probably better off starting a new topic unless all you need is the pointer from 0A96. 

0A96: $ActorStruct = actor $PLAYER_ACTOR struct

A quick test of 0A96: provided the same results as: 0xB7CD98 - Player pointer, direct offset to the ped pool start (CPed)

 

Since $PLAYER_ACTOR is usually 0, this address added to the size of the record (1988 on PC) multiplied by the handle of the actor, should be able to provide you with similar functionality as opcode 0A96. 

 

It looks like the pointer from 0xB7CD98 can be found at label _ZN6CWorld7PlayersE using CleoA strategies.

Some notes in this topic on using label strings in CleoA to find addresses.

 

I don't know about bones. A well named topic would be more likely to draw attention from someone that might know more.

thnxs for the help

but can you specify with the help of this pointer what data can we get 

 

and if possible pls help me with the offsets to those

Edited May 13, 2020 by RK03

[RK03]

In pc I am using the 0AA6 opcode together with  the memory address 5E4280 and actor struct to get the bone id 

 

Edited May 13, 2020 by RK03

[OrionSR]

23 hours ago, OrionSR said:

you are probably better off starting a new topic

 

23 hours ago, OrionSR said:

I don't know about bones. A well named topic would be more likely to draw attention from someone that might know more.

Don't put "Android" in your topic title. That will almost guarantee that no one with useful information on bones will read your topic. Or it'll get merged with that stupid catch-all mobile topic that I never bother to read.

[RK03]

thnxs bro 

 

so I got a list of memory addresses in this discussion 

aren't there any more other than those

[RK03]

Hey bro I have to again come back here so I saw lot of and oid modders using ini file to store some data how they are doing it as far as I know there is no opcode which supports using ini files in android 

Plss help

[OrionSR]

6 hours ago, RK03 said:

and oid modders using ini file to store some data

how they are doing it

I don't know, but I might know someone who does. I remember reading a comment from someone that published the strategy but was disappointed that so many Android coders tried to use tricks to "lock" their scripts to make them harder for Sanny to decompile. You might have a hard time figuring it out by examining the source scripts.

 

If you can't find a topic specific to this issue then create a new one and I'll try to point the more experienced coder in your direction.

Edited August 15, 2020 by OrionSR

[RK03]

7 hours ago, OrionSR said:

I don't know, but I might know someone who does. I remember reading a comment from someone that published the strategy but was disappointed that so many Android coders tried to use tricks to "lock" their scripts to make them harder for Sanny to decompile. You might have a hard time figuring it out by examining the source scripts.

 

If you can't find a topic specific to this issue then create a new one and I'll try to point the more experienced coder in your direction.

Well okay 

thank you again

[Alex NB]

On 14/3/2019 at 20:12, Junior_Djjr said:

Empecé a aprender CLEO para Android hoy, y casualmente me encontré con este tema con información tan interesante.  

 

Es bueno saber que hay personas en este foro que todavía están trabajando en trucos móviles.

 

I have been learning for myself for 4 months to create mods for android gta sa. And I want to tell you that I like your pc mods. Thanks to them I have learned.
Very good mods are yours

[Raskul]

Good afternoon. In the mobile version of GTA SA, there are many references in the code to features that were present in other versions of this game, but were cut out in the mobile version, for example: graininess, blur, etc. I would like to find out (judging by the topic, there are knowledgeable people sitting here) and probably even ask for help: is it possible to use Cleo to return these functions to the game? I will say this: I understand Cleo, but in the case of working with memory addresses, I get lost and practically do not understand anything about it. Please respond to those people who want to help me with this.

 

P.S. I use a translator, as I am not strong in English.

[Alex NB]

On 12/3/2019 at 12:37, OrionSR said:

A topic for documenting SA Android addresses is a good idea. Version 1.08 has been quite stable for a long time so the information is liable to remain valid for much longer than when I was doing research on earlier versions.  If I create the new topic there's a better chance that the moderators won't merge it with the catch-all mobile modding topic where it's impossible to use as reference. Would you be willing to collect and organize the addresses in the second post?

 

Idea for complete reference:

 

Columns for a Description, String, Pointer, offset, add_ib 0, add_ib 1, and ADMA

 

Description: Start of SCM, Start of Radar struct, etc.

String: Search string used to find address in any version

Pointer: Fixed address that point directly to a structure or variable; used often for dynamic memory

Offset: + or - relative to string, pointer, start of struct

Addresses discovered using one addressing scheme converted for use with add_ib 0, add_ib 1, and ADMA

 

My experience with IDA Pro is quite limited. But I think I may have learned enough to adapt the String method mentioned above to find any-version addresses with IDA Pro - maybe. 

 

These codes early in my teleport script identify the address I need to find the map marker and Radar struct. It is my understanding that IDA Pro is used to find the string and offsets but I have not applied this strategy to something new. 

// Markuza97's any-version address codes - read once
0DD0: [email protected] = get_label_addr @_ZN6CRadar13ms_RadarTraceE
0DD1: [email protected] = get_func_addr_by_cstr_name [email protected] // start of marker structure
0DD0: [email protected] = get_label_addr @gMobileMenu   
0DD1: [email protected] = get_func_addr_by_cstr_name [email protected] // start of... menu data?
000A: [email protected] += 0x48 // offset to marker index

These codes use these "magic" (because I don't understand) hex codes at the end of the script.

// Markuza97's magic hex codes
:gMobileMenu
hex
"gMobileMenu" 00
end

:_ZN6CRadar13ms_RadarTraceE
hex
"_ZN6CRadar13ms_RadarTraceE" 00
end

To get the add_ib 0 address of the radar struct I replaced [email protected] with $9765 and read the value from the save file. So, if we find scripts that use this strategy we have a method for recording the 1.08 address. If we had a better understanding of how this method works we could discover new information using IDA.

 

My methods are much more crude, and rely heavily on hex editors. For reference, my preferred tools are the HxD Editor, a free tool with good memory management, a nice data inspection tool, and a very handy tool for copying offsets. But my primary editor is 010. The binary template feature provide a method to parse and organize data in the save and display and edit data using a defined formats or enumeration. This proprietary tool limits what I can share, but 010 does have a decent trial period.

 

My expertise is in save editing. Almost everything I know about memory is associated with saved data. I've learned to manipulate game saves to seed unique data into the game to make it easier to find with a hex editor. On PC I can access active game memory. For PS2 I was able to use save states from an emulator to map game memory. On Android I was relying on memory dumps created by other players. If I recall correctly they were using a "Cheat" program, a tool that requires root access. My old phone with this tool has long since died, but I remember functions that would search for data that changed as you performed certain actions or executed cleo scripts. Eventually it could whittle down the changing values to isolate the specific data in memory.

However, I recently developed a new strategy to use game saves to capture game memory on Android . The data begins at the Start of SCM so I'm missing the block that includes your limits. Now that I have a better idea of the addressing scheme I think I can copy that data to the global variable space and splice the missing data together in a series of saves.

The extra large save dumps are breaking my template, so I'm having problems confirming the integrity of the data. I deleted the beginning of the game save and now have a file that aligns with the start of SCM. I need to craft a save with unique data but I expect I'll be able to make rapid progress on documenting the addresses of familiar (saved) structures and variables.

with this I can teleport to the marker?
How do I accommodate it since this is new to me :c

I need help with this

Edited January 4, 2021 by Alex NB

[OrionSR]

5 hours ago, Alex NB said:

with this I can teleport to the marker?
How do I accommodate it since this is new to me :c

I need help with this

The information in this topic is not very useful to people learning to write scripts.

1. The main subject is about how to read from and write to memory without the use of CLEO. If you are not trying to implement cleo-like commands in main.scm then the strategies described here are much more complicated than necessary. 
2. The addresses described in this topic are specific to SA Android v1.08. These values are not appropriate for modern 2.x versions.

If you create a new topic specific to your project I'll see if I can find a cleo version of Teleport to Marker that you can build upon.

[Alex NB]

56 minutes ago, OrionSR said:

La información de este tema no es muy útil para las personas que están aprendiendo a escribir guiones.

1. El tema principal es cómo leer y escribir en la memoria sin el uso de CLEO. Si no está intentando implementar comandos tipo cleo en main.scm, las estrategias descritas aquí son mucho más complicadas de lo necesario. 
2. Las direcciones descritas en este tema son específicas de SA Android v1.08. Estos valores no son adecuados para las versiones 2.x modernas.

Si crea un nuevo tema específico para su proyecto, veré si puedo encontrar una versión clara de Teleport to Marker sobre la que pueda construir.

Oh thanks. I thought that this information could be used to make the teleport mod to the marker.
thanks

[Raskul]

In this topic, memory addresses for editing Render Distance were mentioned earlier, and I don't quite understand what values in the code they need to be written in order for them to work correctly in the game. My script looks like this:
{$CLEO .csa}

0000: NOP

thread "Distance"
wait 0
0DD9: write_mem_addr 0x402584 value 8000000.0 size 4 add_ib 0 protect 1
0DD9: write_mem_addr 0x3B26A8 value 1500.0 size 4 add_ib 0 protect 1
0DD9: write_mem_addr 0x3B319C value 1500.0 size 4 add_ib 0 protect 1
end_thread

This version of the script causes a crash, and I would like to ask you for help on this topic:)

[OrionSR]

8 hours ago, Raskul said:

0DD9: write_mem_addr 0x402584 value 8000000.0 size 4 add_ib 0 protect 1
0DD9: write_mem_addr 0x3B26A8 value 1500.0 size 4 add_ib 0 protect 1
0DD9: write_mem_addr 0x3B319C value 1500.0 size 4 add_ib 0 protect 1

Try using add_ib 1 instead of add_ib 0.

[Raskul]

12 hours ago, OrionSR said:

Try using add_ib 1 instead of add_ib 0.

Thank you for your help! Although I don't really know what I changed in the script, but it stopped causing the game to crash:/ By the way, what exactly do these memory addresses affect? As I understand it, they should increase the render distance, but I didn't notice any changes in the game...

[OrionSR]

On 3/14/2019 at 12:33 PM, MegaFox said:

0x402584 - CollisionRenderDistanceLimit //8000000.0 and more
0x3B26A8 - VisibleRenderDistanceLimit //1500.0 only
0x3B319C - FOWRenderDistanceLimit //1500.0 only

These were the descriptions offered by MegaFox. As I recall, they were part of his original goal of writing to memory using SCM strategies (i.e. without cleo), but I never really understood what he was doing with these addresses, and also never figured out how to write to protected memory without cleo.

 

MegaFox included other comments about these addresses, so read through his posts in this topic. To learn more, if MegaFox properly named these constants then there's a reasonably good chance you can lookup the PC addresses in other topics or references like DK22pac's SA plugin, and use that info to search for how other people have manipulated these values.

[Raskul]

10 hours ago, OrionSR said:

Это были описания, предложенные MegaFox. Насколько я помню, они были частью его первоначальной цели - записи в память с использованием стратегий SCM (т.е. без cleo), но я никогда не понимал, что он делал с этими адресами, а также никогда не понимал, как писать в защищенную память без cleo. .

 

MegaFox включил и другие комментарии об этих адресах, поэтому прочтите его сообщения в этой теме. Чтобы узнать больше, если MegaFox правильно назвал эти константы, тогда есть достаточно хороший шанс, что вы можете найти адреса ПК в других разделах или справочниках, таких как плагин SA DK22pac, и использовать эту информацию для поиска того, как другие люди манипулировали этими значениями.

As I understand it, these memory addresses can be used through the usual Cleo entry with opcode 0DD9 (which I tried to do), but using the information from that document from Google Drive with memory addresses for version SA 1.08 and some other instructions, MegaFox wanted to use these addresses by writing through SCM.

[Alex NB]

Hi, it's me again, how can I read memory variables from gta sa android 2.0? is that I want to know what is the exhaust pipe of cars, thanks

[TheClockworkNinja]

I tried to replace the main.scm from PC to Android but the game was just stuck on "Francis INTL. Airport, Liberty City 1992" and I just gave up . But I'm not an expert like you guys I just want to experiment.

[OrionSR]

3 hours ago, TheClockworkNinja said:

I tried to replace the main.scm from PC to Android but...

Awesome idea, but the PC scripts won't work right on Android without modifications. I suspect the current issue might be related to the first major issue that came to mind: Android scripts have 40 local variables, and PC only has 32. The following two variables are the local timers. You'll need to change each occurrence of [email protected] and [email protected] on PC to [email protected] and [email protected] for Android. Fortunately this isn't as difficult as it might sound. Modern versions of Sanny will decompile [email protected] and [email protected] as TIMERA and TIMERB, and recompile to [email protected] and [email protected] when using the mobile edit mode.

 

These changes might get you past the airport cut-scene, but I suspect many more changes will be necessary before PC scripts will play properly on Android. It's an interesting question, and worthy of it's own topic and discussion. However, I would not expect writing to Android memory using SCM strategies to be necessary for your project, so please don't continue with the conversation in this topic.

Edited August 14, 2021 by OrionSR

[Jhavsen]

Sorry for reply this topic,

Does anyone have GTASA Android 2.0 Memory Address list ?

I'm not expert at finding it, also I can't use IDA launcher for open & read scm files.

Thanks before!

 

[OrionSR]

1 hour ago, Jhavsen said:

Does anyone have GTASA Android 2.0 Memory Address list ?

Probably not, because hard coded address are not the way most players code on mobile. In this topic, both the topic creator and myself had special purpose scripts that needed to run without Cleo for Android, so hard coded address and complex strategies were required. But with CleoA there's a better strategy that uses Labels with cleo opcodes 0DD0: and 0DD1: to find the address in whichever version is being played. This strategy helps make the script future proof, so is the preferred method for working with memory on mobile (and is explained elsewhere in this topic). 

A list of memory Labels would be nice, but I am unaware of any comprehensive documentation. I was working on a strategy to improve PC memory documentation in a format that use labels so the information also applied to mobile, but I didn't get very far before my gaming computer pooped out.

 

What I usually do is find the address I need as documented for PC and test everything out on that platform since the references are so much better. Then I open my "good" PC database in IDA and look for the label associated with that address. The "good" PC database, as I understand it, has been edited by experts to include the same labels as mobile. Once I find the appropriate label and offsets, I open my mobile database (created by opening your libGTASA.so mobile exe) which already includes most of the same labels. From there I can find the memory address, but usually I only need the label and just verify I can find it in mobile and assure that any offsets are still the same.

 

1 hour ago, Jhavsen said:

I can't use IDA launcher for open & read scm files.

Sanny Builder is the standard tool for working with scm files.

 

Added: I'm not sure what to suggest as far as finding a good database for PC. It doesn't seem like the sort of thing that should be shared in these forums, but otherwise I doubt a good one is too hard to find. You just need to find a place where the experts hang out.

Edited December 26, 2021 by OrionSR