Hacking Grand Theft Auto IV: Part II

One of the features the Games For Windows API provides is protected buffers. These buffers can be allocated by games that use the API, and data can be copied back and forth from them. GTA IV uses this for a bunch of the game memory, for example, your current cash.

The following functions (thanks, xlive.pdb!), are what provide this feature to games:

  • int XLivePBufferAllocate(int size, XLiveProtectedBuffer **pbuffer)
  • int XLivePBufferGetByte(XLiveProtectedBuffer *pbuffer, int offset, unsigned char *value)
  • int XLivePBufferGetDWORD(XLiveProtectedBuffer *pbuffer, int offset, unsigned int *value)
  • int XLivePBufferGetByteArray(XLiveProtectedBuffer *pbuffer, int offset, void *destination, int size)
  • int XLivePBufferSetByte(XLiveProtectedBuffer *pbuffer, int offset, unsigned char value)
  • int XLivePBufferSetDWORD(XLiveProtectedBuffer *pbuffer, int offset, unsigned int value)
  • int XLivePBufferSetByteArray(XLiveProtectedBuffer *pbuffer, int offset, void *source, int size)
  • int XLivePBufferFree(XLiveProtectedBuffer *pbuffer)

By creating a fake xlive.dll which wraps the real xlive.dll, we can serve ‘unprotected’ versions of these 8 functions. In doing this, we can now freely modify at runtime the data that the game wants to be protected, including your current cash.

XLive Wrapper for GTA IV 1.0.0.1

Drop this into your GTA IV game directory (where GTAIV.exe resides), start the game, viola, unprotected memory!

(The first time you run the game, the wrapper will prompt you if it is OK to copy the original xlive.dll/xlive.dll.CAT unmodified to another location with a new name)

If you encounter any issues with the wrapper aside from the UI issue, please let me know!

The only side effect that I’ve seen so far is that the in-game UI for Games For Windows no longer appears, although the game continues to function normally (including multiplayer).

Part III will talk about save validation and include version 1.1.0.0 of the wrapper with this disabled :).

Tags: ,

109 Responses to “Hacking Grand Theft Auto IV: Part II”

  1. Francois says:

    Hi,
    i want to put a save gta4 on pc vista directory , or not work !!
    i see what you say about xlive and i test !
    i put xlive.dll in gta4 directory , but game doesn’t launch !
    what can i do ??

    thanks

    francois

  2. snoboddy says:

    I have a problem with the xlive.dll
    I copy this to the GTA4 directory.
    Now i can’t start GTA.. 🙁
    When i delet the xlive.dll the game starts normal.

    What is the problem?
    I have GTA4 Patch 1.0.0.4 + Crack by razor1911

  3. Alam says:

    where i can find gta 4’s directory on my system having windows xpsp2

  4. Skarma says:

    Rick, do you remember what game the debug database file was released with or what version of xlive it was? Thanks

  5. Sergio says:

    Hello..
    I am a brazilian.. (sorry my inglish) 😀
    It’s arquive is only to version 1.0.0.1 ?
    My version is 1.0.0.0 ..
    thanks..

  6. Steve says:

    I am curious tto find out what blog platform you’re utilizing?
    I’m having sme minor security problems with my latest blog aand I wouuld
    like to finhd something more secure. Do you have any recommendations?

  7. ELIAS says:

    when i uploaded the file to game directory , the wont start anymore

  8. Leanna says:

    Hey there! Your website is loading slow , this went on like a minute or two
    to finally load up, I actually dont know whether it’s just me
    or maybe your blog on the other hand facebook performed acceptable for me.
    Anyway, Thank you for posting such a beautiful article.
    Everyone who actually visited this great site must have noticed
    this informative article literally valuable. I really hope I will be able to find
    further remarkable content and I also should really complement simply by saying you have carried out remarkable job.

    To obtain more information through posts which you write-up, I have saved this url.