Help [AHK] UDF & SAMP Addresses

Rat · Sep 1, 2015

i've got several questions on how to add a function for specific addresses.

variable prefixes:

hGTA, hThread
dwSAMP, dwFunc
pParam1
iRefreshScoreboard
oScoreboardData
nZone, nCity
bInitZaC
wString
aParams

correct me if i'm wrong. i'm assuming

Code:

dw

stands for DWORD

Code:

stands for ?array?
what are

Code:

h, p, i, o, n, b, w

sample function:

Code:

getSkinId()

Code:

getSkinId()
{
    if(!checkHandles())
        return -1

 	dwCPedPtr := readDWORD(hGTA, ADDR_CPED_PTR)
    if(ErrorLevel) {
        ErrorLevel := ERROR_READ_MEMORY
        return -1
    }
 
	if(!dwCPedPtr)
		return -1
	 
	dwVal := readMem(hGTA, dwCPedPtr + 0x22, 2, "UShort")
	if(ErrorLevel) {
	    ErrorLevel := ERROR_READ_MEMORY
	    return -1
	}
	
	return dwVal
}

what does PTR mean on some addresses such as this one?
where did 0x22 come from? why is it the value that is needed to be added to dwCPedPtr to get the id?

0B36 · Sep 1, 2015

PTR is an ACRONYM for "Pointer"

You add 0x22 to CPEDPtr's base address which specifically points to its skin.

So 0x22 here is the pointer to the skin, and it's from sa-mp.

Rat · Sep 2, 2015

Ä±llÄ±llÄ± 0Î²36 Ä±llÄ±llÄ± link said:
PTR is an ACRONYM for "Pointer"

You add 0x22 to CPEDPtr's base address which specifically points to its skin.

So 0x22 here is the pointer to the skin, and it's from sa-mp.

can i have a link to pointers such as this one?
:trollface:

Rat · Sep 2, 2015

given these memory functions:

Code:

readDWORD(hProcess, dwAddress)
readMem(hProcess, dwAddress, dwLen=4, type="UInt")
writeRaw(hProcess, dwAddress, pBuffer, dwLen)
callWithParams(hProcess, dwFunc, aParams, bCleanupStack = true)

Code:

readDWORD(hProcess, dwAddress) {
    if(!hProcess) {
        ErrorLevel := ERROR_INVALID_HANDLE
        return 0
    }
    
    VarSetCapacity(dwRead, 4)    ; DWORD = 4
    dwRet := DllCall(    "ReadProcessMemory"
                        , "UInt",  hProcess
                        , "UInt",  dwAddress
                        , "Str",   dwRead
                        , "UInt",  4
                        , "UInt*", 0)
    if(dwRet == 0) {
        ErrorLevel := ERROR_READ_MEMORY
        return 0
    }
    
    ErrorLevel := ERROR_OK
    return NumGet(dwRead, 0, "UInt")
}

readMem(hProcess, dwAddress, dwLen=4, type="UInt") {
    if(!hProcess) {
        ErrorLevel := ERROR_INVALID_HANDLE
        return 0
    }
    
    VarSetCapacity(dwRead, dwLen)
    dwRet := DllCall(    "ReadProcessMemory"
                        , "UInt",  hProcess
                        , "UInt",  dwAddress
                        , "Str",   dwRead
                        , "UInt",  dwLen
                        , "UInt*", 0)
    if(dwRet == 0) {
        ErrorLevel := ERROR_READ_MEMORY
        return 0
    }
    
    ErrorLevel := ERROR_OK
    return NumGet(dwRead, 0, type)
}

writeRaw(hProcess, dwAddress, pBuffer, dwLen) {
    if(!hProcess) {
        ErrorLevel := ERROR_INVALID_HANDLE
        return false
    }
    
    dwRet := DllCall(    "WriteProcessMemory"
                        , "UInt", hProcess
                        , "UInt", dwAddress
                        , "UInt", pBuffer
                        , "UInt", dwLen
                        , "UInt", 0
                        , "UInt")
    if(dwRet == 0) {
        ErrorLEvel := ERROR_WRITE_MEMORY
        return false
    }
    
    ErrorLevel := ERROR_OK
    return true
}

callWithParams(hProcess, dwFunc, aParams, bCleanupStack = true) {
    if(!hProcess) {
        ErrorLevel := ERROR_INVALID_HANDLE
        return false
    }
    validParams := 0
    
    i := aParams.MaxIndex()
    
    ;         i * PUSH + CALL + RETN
    dwLen := i * 5    + 5    + 1
    if(bCleanupStack)
        dwLen += 3
    VarSetCapacity(injectData, i * 5    + 5       + 3       + 1, 0)
    
    i_ := 1
    while(i > 0) {
        if(aParams[i][1] != "") {
            dwMemAddress := 0x0
            if(aParams[i][1] == "p") {
                dwMemAddress := aParams[i][2]
            } else if(aParams[i][1] == "s") {
                if(i_>3)
                    return false
                dwMemAddress := pParam%i_%
                writeString(hProcess, dwMemAddress, aParams[i][2])
                if(ErrorLevel)
                    return false
                i_ += 1
            } else if(aParams[i][1] == "i") {
                dwMemAddress := aParams[i][2]
            } else {
                return false
            }
            NumPut(0x68, injectData, validParams * 5, "UChar")
            NumPut(dwMemAddress, injectData, validParams * 5 + 1, "UInt")
            validParams += 1
        }
        i -= 1
    }
    
    offset := dwFunc - ( pInjectFunc + validParams * 5 + 5 )
    NumPut(0xE8, injectData, validParams * 5, "UChar")
    NumPut(offset, injectData, validParams * 5 + 1, "Int")
    
    if(bCleanupStack) {
        NumPut(0xC483, injectData, validParams * 5 + 5, "UShort")
        NumPut(validParams*4, injectData, validParams * 5 + 7, "UChar")
        
        NumPut(0xC3, injectData, validParams * 5 + 8, "UChar")
    } else {
        NumPut(0xC3, injectData, validParams * 5 + 5, "UChar")
    }
    
    writeRaw(hGTA, pInjectFunc, &injectData, dwLen)
    if(ErrorLevel)
        return false
    
    hThread := createRemoteThread(hGTA, 0, 0, pInjectFunc, 0, 0, 0)
    if(ErrorLevel)
        return false
    
    waitForSingleObject(hThread, 0xFFFFFFFF)
    
    closeProcess(hThread)
    
    return true
}

i want to make a function for this address:

Code:

global FUNC_SAMP_CLEARPLAYERANIMATION		:= 0x155C0

Code:

disableAnimation()
{
    if(!checkHandles())
        return false

    dwFunc := dwSAMP + FUNC_SAMP_CLEARPLAYERANIMATION
    ; ... ;

    return true
}

which memory function(s) would be needed?
what exactly does callWithParams(hProcess, dwFunc, aParams, bCleanupStack = true) do, and when should i use it?

democrazy · Sep 2, 2015

1. callwthparams
2. callwthparams calls a samp function, it injects code into samp memory and use createRemoteThread

byt the way:
0x155C0 is 0.3z address, right?

found here in the forum for 0.3.7
SetPlayerAnimation = 0x16FA0

0B36 · Sep 2, 2015

All addresses found so far are listed in Notes and Snippets, check them out at your own will.

Yes democrazy, I have listed all sa-mp patches I have found so far.

democrazy · Sep 2, 2015

about variables names:
dont always trust them :trollface:
but yeah, you can use prefix "dw" for DWORD etc.

Rat · Sep 2, 2015

democrazy link said:
1. callwthparams
2. callwthparams calls a samp function, it injects code into samp memory and use createRemoteThread

byt the way:
0x155C0 is 0.3z address, right?

found here in the forum for 0.3.7
SetPlayerAnimation = 0x16FA0

oops.. i got that from luxdav's ahk samp trainer
i'm going to use ClearAnimation=0x14C70 then

now my code looks like:

Code:

global FUNC_SAMP_CLEARPLAYERANIMATION    := 0x14C70
global hGTA                                     := 0x0

clearPlayerAnimation()
{
    if(!checkHandles())
        return false

    dwFunc := dwSAMP + FUNC_SAMP_CLEARPLAYERANIMATION
    callWithParams(hGTA, dwFunc, ???, false)

    return true
}

i'm totally clueless on what to pass on aParams :computer_guy:
i'm guessing bCleanupStack should be set to false. or should it be true? when should bCleanupStack be set to true or false?
am i missing anything else? :dont_care:
thanks for bearing with me. :yesyes:

democrazy · Sep 2, 2015

you need to do some research about this function
- how many parameters
- calling convention

then i can tell you what to do

Help [AHK] UDF & SAMP Addresses

Rat

Active member

0B36

Expert

Rat

Active member

Rat

Active member

democrazy

Active member

0B36

Expert

democrazy

Active member

Rat

Active member

democrazy

Active member