[ COLLECTION 0.3z OFFSETS ]

0x_ · Jan 16, 2014

SAMP_CHAT_INFO_OFFSET - Tested (0.3z-RC1) (0x688)

Code:

"samp.dll"+0x211A44

25GHz · Jan 16, 2014

i think that this is just useless, since we still are in RC versions...

Code:

SAMP_CMP_03ZRC		"CCCC6AFF687B95EC0164"	//by 25GHz

..anyway, i'm bored again.

0x_ · Jan 16, 2014

Code:
i think that this is just useless, since we still are in RC versions...

Code:

SAMP_CMP_03ZRC "CCCC6AFF687B95EC0164" //by 25GHz

..anyway, i'm bored again.

But it is a new branch, so even if not actively we can use the Offset's too see how the new things work and have them then prepared at full Release.

25GHz · Jan 17, 2014

But it is a new branch, so even if not actively we can use the Offset's too see how the new things work and have them then prepared at full Release.

hmmm... it makes some sense(interesting nazi logic).

25GHz · Jan 19, 2014

Some 0.3z RC2 offsets that i've just traced(tested and working):

Anti Crasher offsets(in case you don't know what to do, just NOP the both):

Code:

uint32_t ErrHandler[] = {0x5A9B9, 0x5A9BC};	//by 25GHz

Version Compare:

Code:

SAMP_CMP_03ZRC2		"CCCC6AFF689B96EC0164"	//by 25GHz

Anti Cheat:

Code:

//0.3z(RC2) AC.	by 25GHz
						if(memcmp_safe((uint32_t *)(g_dwSAMP_Addr + 0x612A0), "x8Bx54x24x08", 4))
								memset_safe((uint32_t *)(g_dwSAMP_Addr + 0x612A0), 0xC3, 1);

Open connection packet:

Code:

6969	//or: 0x1B39	//huehuehue yep, haven't changed yet.

0x_ · Jan 19, 2014

R2 SAMP_INFO_OFFSET

Code:

samp.dll+0x212A70

SA:MP Gamestate (values didnt change since 0.3x)

Code:

(samp.dll+0x212A70)+0x022E

Some untested things:

Code:

(samp.dll+0x212A70)+0x0252 == SA:MP Settings ?
(samp.dll+0x212A70)+0x024E == RakClientInterface Ptr ?

Some interesting things for sniffing P: !

Code:

RakClientInterface::Receive = samp.dll+0x2E1F0
RakClientInterface::Send = samp.dll+0x2E210

Have fun sniffing that new SA:MP things ;')

bigben07 · Jan 19, 2014

I have no idea what all this shit is but it looks good lol.

25GHz · Jan 19, 2014

I have no idea what all this shit is but it looks good lol.

latter, when samp 0.3z become oficial, "this shit" is what will make all the mod sobeit projects work.

bigben07 · Jan 19, 2014

[quote author="bigben07"]I have no idea what all this shit is but it looks good lol.

latter, when samp 0.3z become oficial, "this shit" is what will make all the mod sobeit projects work.[/quote]
Oh alright thanks.

25GHz · Jan 22, 2014

some 0.3z RC3(to make basics of the most basic with all the basicness mode work):

Code:

#define SAMP_CMP_03ZRC3		"CCCC6AFF68DB98EC0164"   //by 25GHz

Code:

uint32_t ErrHandler[] =    //by 25GHz
{
   0x5A9A9, 
   0x5A9AC
};

Code:

#define OPEN_CONNECTION	6969/*0x1B39*/

Code:

//0.3z(RC3) AC by 25GHz
                  if(memcmp_safe((uint32_t *)(g_dwSAMP_Addr + 0x61290), "x8Bx54x24x08", 4))
                        memset_safe((uint32_t *)(g_dwSAMP_Addr + 0x61290), 0xC3, 1);

25GHz · Jan 27, 2014

some 0.3z RC4(to make basics of the most basic with all the basicness mode work):

Code:

#define SAMP_CMP_03ZRC4		"C1F8036A004050518D4C"   //by 25GHz

Code:

//0.3z(RC4) AC by 25GHz
                  if(memcmp_safe((uint32_t *)(g_dwSAMP_Addr + 0x61330), "x8Bx54x24x08", 4))
                        memset_safe((uint32_t *)(g_dwSAMP_Addr + 0x61330), 0xC3, 1);

Code:

uint32_t ErrorHandler[] =    //by 25GHz
{
   0x5AA39, 
   0x5AA3C
};

25GHz · Jan 28, 2014

What is the ErrorHandler addresses? samp.dll + those offsets = functions that call and print exceptions into the chat?

yep, samp dll module + each address.
and no, it's not the print.
because if you just patch the print you'll crash without even receive a previous warning.
the warnings you still gonna see, but if you're interested on patch the warning spam to, let me know, i can give the memo address.

iMaddy · Feb 3, 2014

Many offsets (not all tested) :

Code:

#define SAMP_CHAT_INFO_OFFSET 0x212A6C//by povargek 0.3z RC-4 
#define SAMP_CHAT_INPUT_INFO_OFFSET 0x212A70//by povargek 0.3z RC-4 
#define SAMP_KILL_INFO_OFFSET 0x212A74//by povargek 0.3z RC-4 
#define SAMP_INFO_OFFSET 0x212A80//by povargek 0.3z RC-4 
#define SAMP_COLOR_OFFSET 0x1FA378//by povargek 0.3z RC-4 

#define SAMP_CHAT_INFO_OFFSET 0x211A44//by povargek 0.3z-RC1 
#define SAMP_CHAT_INPUT_INFO_OFFSET 0x211A48//by povargek 0.3z-RC1 
#define SAMP_KILL_INFO_OFFSET 0x211A4C//by povargek 0.3z-RC1 
#define SAMP_INFO_OFFSET 0x211A58//by povargek 0.3z-RC1 

#define SAMP_COLOR_OFFSET 0x1F9358//by povargek 0.3z-RC1 

#define SAMP_COLOR_OFFSET 0xFB1D0 // by iMaddy 0.3z-RC3 
#define SAMP_HOOKENTER_HANDLE_RPC 0x34E7D // by iMaddy 0.3z-RC3 
#define SAMP_HOOKENTER_HANDLE_RPC2 0x34E09 // by iMaddy 0.3z-RC3 
#define SAMP_NOPSCOREBOARDTOGGLEON 0x80A80 // by iMaddy 0.3z-RC3 
#define SAMP_NOPSCOREBOARDTOGGLEONKEYLOCK 0x80D40 // by iMaddy 0.3z-RC3 
#define FUNC_TOGGLECURSOR 0x63C50 // by iMaddy 0.3z-RC3 
#define FUNC_CURSORUNLOCKACTORCAM 0x63B30 // by iMaddy 0.3z-RC3 
#define SAMP_HOOKEXIT_HANDLE_RPC 0x34E83 // by iMaddy 0.3z-RC3 
#define SAMP_HOOKEXIT_HANDLE_RPC2 0x34E91 // by iMaddy 0.3z-RC3 
#define FUNC_SENDINTERIOR 0x4D10 // by iMaddy 0.3z-RC3 
#define FUNC_SETSPECIALACTION 0x2C70 // by iMaddy 0.3z-RC3 
#define FUNC_GAMETEXT 0x641E0 // by iMaddy 0.3z-RC3 
#define FUNC_SPAWN 0x37A0 // by iMaddy 0.3z-RC3 
#define FUNC_REQUEST_SPAWN 0x36F0 // by iMaddy 0.3z-RC3 
#define SAMP_FUNC_NAMECHANGE 0xA550 // by iMaddy 0.3z-RC3 
#define FUNC_ADDCLIENTCMD 0x7B950 // by iMaddy 0.3z-RC3 
#define FUNC_ADDTOCHATWND 0x7A200 // by iMaddy 0.3z-RC3 
#define FUNC_RESTARTGAME 0x92E0 // by iMaddy 0.3z-RC3 

#define FUNC_DEATH 0xC110 // 0.3z-RC3 by iMaddy
#define SAMP_CHATINPUTADJUST_Y				0x7A1D6 // 0.3z-RC3 by iMaddy
#define SAMP_CHATINPUTADJUST_X				0x7B6F5 // 0.3z-RC3 by iMaddy
#define SAMP_SKIPSENDINTERIOR 0x6AA4 // 0.3z-RC3 by iMaddy
#define SAMP_DISABLE_NAMETAGS		0x86450 // 0.3z-RC3 by iMaddy
#define SAMP_DISABLE_NAMETAGS_HP	0x85360 // 0.3z-RC3 by iMaddy
#define SAMP_HOOKPOS_ServerMessage			0x7A7CA // 0.3z-RC3 by iMaddy
#define SAMP_HOOKPOS_ClientMessage 			0xDEDA // 0.3z-RC3 by iMaddy
#define SAMP_HOOK_STATECHANGE				0x111F8 // 0.3z-RC3 by iMaddy
#define SAMP_HOOK_StreamedOutInfo			0xF74B // 0.3z-RC3 by iMaddy
#define SAMP_HOOKENTER_HANDLE_RPC			0x34E7D // 0.3z-RC3 by iMaddy
#define SAMP_HOOKENTER_HANDLE_RPC2			0x34E09 // 0.3z-RC3 by iMaddy
#define HOOK_CALL_STREAMEDOUTINFO	0x64260 // 0.3z-RC3 by iMaddy
#define HOOK_EXIT_CLIENTMESSAGE_HOOK	0xDF37 // 0.3z-RC3 by iMaddy
#define HOOK_EXIT_SERVERMESSAGE_HOOK	0x7A7DC // 0.3z-RC3 by iMaddy
#define HOOK_EXIT_ANTICARJACKED_HOOK	0x11209 // 0.3z-RC3 by iMaddy

AC Patch 0.3z-RC3 (Tested):

Code:

				struct patch_set fuckAC =
				{
					 "Anticheat patch", 0, 0,
					 {
						 { 1, (void *)( g_dwSAMP_Addr + 0x61290 ), NULL, (uint8_t *)"xC3", 0 }, // 0.3z-RC3 by iMaddy
						 { 1, (void *)( g_dwSAMP_Addr + 0x5B4EB ), NULL, (uint8_t *)"xEB", 0 }, // 0.3z-RC3 by iMaddy
						 { 1, (void *)( g_dwSAMP_Addr + 0x7054A ), NULL, (uint8_t *)"xEB", 0 } // 0.3z-RC3 by iMaddy
					 }
 patcher_install( &fuckAC );

AC Patch 0.3z-RC4 (Not tested):

Code:

				struct patch_set fuckAC = 
       { 
         "Anticheat patch", 0, 0, 
         { 
          { 1, (void *)( g_dwSAMP_Addr + 0x61380 ), NULL, (uint8_t *)"xC3", 0 }, // 0.3z-RC4 
          { 1, (void *)( g_dwSAMP_Addr + 0x5B5DB ), NULL, (uint8_t *)"xEB", 0 }, // 0.3z-RC4 
          { 1, (void *)( g_dwSAMP_Addr + 0x6FDF8 ), NULL, (uint8_t *)"xEB", 0 } // 0.3z-RC4 
         } 
       }; 
       patcher_install( &fuckAC );

25GHz · Feb 3, 2014

AC Patch 0.3z-RC4 (Not tested):

Code:

				struct patch_set fuckAC = 
       { 
         "Anticheat patch", 0, 0, 
         { 
          { 1, (void *)( g_dwSAMP_Addr + 0x61380 ), NULL, (uint8_t *)"xC3", 0 }, // 0.3z-RC4 
          { 1, (void *)( g_dwSAMP_Addr + 0x5B5DB ), NULL, (uint8_t *)"xEB", 0 }, // 0.3z-RC4 
          { 1, (void *)( g_dwSAMP_Addr + 0x6FDF8 ), NULL, (uint8_t *)"xEB", 0 } // 0.3z-RC4 
         } 
       }; 
       patcher_install( &fuckAC );

about the AC patch offsets, unfortunately they are wrong.

povargek · Feb 9, 2014

samp.dll+0x212A80+0x413 = g_Players (RC4, No tested)
Does anyone have offset to g_Vehicle?

0x_ · Feb 9, 2014

povargek link said:
samp.dll+0x212A80+0x413 = g_Players (RC4, No tested)
Does anyone have offset to g_Vehicle?

It changed the Position completely ?

0x_ · Feb 13, 2014

0.3z:

SAMP_INFO_OFFSET:

Code:

"samp.dll"+0x212A80

SAMP_INFO_OFFSET+1C4 = IP
SAMP_INFO_OFFSET+2C6 = Hostname

RakClientInterface::Send = samp.dll+0x2E450

0x_ · Feb 19, 2014

Not an offset but usefule Information:

Packet ID 224:
Bullet Sync, have fun P:

Code:

#pragma pack(1)
typedef struct _BULLET_SYNC_DATA {
 BYTE bHitType;
 unsigned short iHitID;
 float fHitOrigin[3];
 float fHitTarget[3];
 float fCenterOfHit[3];
} BULLET_SYNC_DATA; // by 0x688

Offsets(ffs)

Code:

SAMP_INFO_OFFSET+0x190 = Gamestate
SAMP_INFO_OFFSET+0x3D5 = SA:MP Settings // Nametag Distance = +0x27 || Show Nametags = +0x38 || Line Of Sight Check = +0x2F
SAMP_INFO_OFFSET+0x3D1 = RakClientInterface PTR

CHAT INFO OFFSET:

Code:

samp.dll+0x212A6C

AddToChatWnd

Code:

samp.dll+0x7A4F0

kurta999 · Feb 19, 2014

Are you want to update the sobeit to 0.3z with source code also?

http://code.google.com/p/mod-s0beit-sa/source/list

[ COLLECTION 0.3z OFFSETS ]

0x_

Wtf I'm not new....

25GHz

Active member

0x_

Wtf I'm not new....

25GHz

Active member

25GHz

Active member

0x_

Wtf I'm not new....

bigben07

Active member

25GHz

Active member

bigben07

Active member

25GHz

Active member

25GHz

Active member

25GHz

Active member

iMaddy

Member

25GHz

Active member

povargek

Member

0x_

Wtf I'm not new....

0x_

Wtf I'm not new....

0x_

Wtf I'm not new....

kurta999

Member