Hacking Grand Theft Auto IV: Part II

One of the features the Games For Windows API provides is protected buffers. These buffers can be allocated by games that use the API, and data can be copied back and forth from them. GTA IV uses this for a bunch of the game memory, for example, your current cash.

The following functions (thanks, xlive.pdb!), are what provide this feature to games:

  • int XLivePBufferAllocate(int size, XLiveProtectedBuffer **pbuffer)
  • int XLivePBufferGetByte(XLiveProtectedBuffer *pbuffer, int offset, unsigned char *value)
  • int XLivePBufferGetDWORD(XLiveProtectedBuffer *pbuffer, int offset, unsigned int *value)
  • int XLivePBufferGetByteArray(XLiveProtectedBuffer *pbuffer, int offset, void *destination, int size)
  • int XLivePBufferSetByte(XLiveProtectedBuffer *pbuffer, int offset, unsigned char value)
  • int XLivePBufferSetDWORD(XLiveProtectedBuffer *pbuffer, int offset, unsigned int value)
  • int XLivePBufferSetByteArray(XLiveProtectedBuffer *pbuffer, int offset, void *source, int size)
  • int XLivePBufferFree(XLiveProtectedBuffer *pbuffer)

By creating a fake xlive.dll which wraps the real xlive.dll, we can serve ‘unprotected’ versions of these 8 functions. In doing this, we can now freely modify at runtime the data that the game wants to be protected, including your current cash.

XLive Wrapper for GTA IV 1.0.0.1

Drop this into your GTA IV game directory (where GTAIV.exe resides), start the game, viola, unprotected memory!

(The first time you run the game, the wrapper will prompt you if it is OK to copy the original xlive.dll/xlive.dll.CAT unmodified to another location with a new name)

If you encounter any issues with the wrapper aside from the UI issue, please let me know!

The only side effect that I’ve seen so far is that the in-game UI for Games For Windows no longer appears, although the game continues to function normally (including multiplayer).

Part III will talk about save validation and include version 1.1.0.0 of the wrapper with this disabled :).

Tags: ,

109 Responses to “Hacking Grand Theft Auto IV: Part II”

  1. ape says:

    nice work, rick 😀

  2. zerox says:

    Yeah, nice work. *Waiting for part III :)*

  3. pandoy says:

    thanks for the xlive wrapper rick!!! coupled with a memory editor, i can now be a millionaire (in the game, at least) 😀

  4. JamHamster says:

    Finally, there’s a light at the end of the tunnel (and this time it’s not a train!) I’ll have a play with it tonight and let you know how it goes. this is a truly awesome achievement and I’ll finally be able to start hacking – well done! if you could find time to get part III up and running that would be brilliant, I’ll keep checking back! Thank you! 😉 Jam

  5. thieves says:

    cheathappen is using your hard work and making money off of it without giving you credit.

  6. Rick says:

    I’m not sure why you think that?

  7. thieves says:

    Don’t post part 3 or provide download for 1.1.0.0 xlive wrapper dll. Else CH going to make more money off of you.

  8. facepalm says:

    Cheathappens did NOT use this dll.

    They used their own method to circumvent the memory check, this is evident from the fact that theirs crashes occasionally as windows LIVE scans memory.

    Also theirs replaces no files.

    Get your fucking facts straight before you accuse….

  9. Ben says:

    I am not sure how to get it to play multiplayer. When I go to multiplayer and choose live it says i need to be connected.

  10. thieves says:

    facepalm works for cheathappens

  11. Rick says:

    Ben: were you logged in to xlive already before using the wrapper?
    thieves: drop it, I have the trainer they made and do not see anything that uses my work.

  12. Ben says:

    No I was not, am I supose to do that?

  13. Ben says:

    Is there a way you can make a list of steps to take?

  14. Rick says:

    XLive will be in the state that you left it before using the wrapper, so if you want to be logged in, set it so that you automatically log in, before using the wrapper, then you will automatically log in using the wrapper. I’m not sure why the UI for xlive doesn’t show up yet.

  15. Ben says:

    I get the message saying “you must be connected to games for windows – live to Access Multiplayer.

  16. Ben says:

    It says my product code is invalid

  17. Rick says:

    Did you actually buy the game? :rolleyes:

  18. Ben says:

    yes off steam

  19. Rick says:

    Well in order to log into Games For Windows you have to register your GTAIV serial # with it; Steam usually provides this code in a popup dialog.

  20. Vyse says:

    So, would this in essence work with all Game For Windows Live games?

  21. Rick says:

    Presumably, it’s not designed to be used with any others at this time though.

  22. Ben says:

    Ok I got everything working now, does the cheathappen trainer make the game crash occasionally? thats what i’ve been reading

  23. facepalm says:

    Yeah sometimes, its not very often though.

    The next version of this DLL might fix that

  24. Rick says:

    Fix what? I have no intention of making my wrapper compatible with the CheatHappens trainer. Edit your health or cash yourself with my wrapper, it’s not hard.

  25. facepalm says:

    No, I simply meant that if the DLL was used in conjunction with the trainer its possible the occasional crashes may stop.

  26. InvertedHavok says:

    Yay, it works!
    But still I can get killed by falling from great heights or blown up, at least I’m bulletproof. 🙂

    Thanks Rick for the great .dll!

  27. David says:

    D: i dont get how to make myself bulletproof !! or how to get money ?? help ?

  28. Matri says:

    Rick, it doesn’t look like this whole “ripping you off” trolling is going to go away until you make a formal announcement. They are very determined to “prove” you were ripped off and aren’t going to listen to anyone but themselves. The trolls have been stirring each other up into a feeding frenzy over at the GameFAQs message board.

    Nevermind the fact that the CH trainer only works with the original, protected xlive.dll and NOT with your modified, protected file.

  29. InvertedHavok says:

    I’m sorry that my thread over at GameFaqs caused such a stirrup, it was not my intention.

  30. LinkZ says:

    Bulletproof:
    Search for 3 addresses (float, 4 bytes).
    Max health value is “200.00”.

  31. Tom says:

    Rick, does the game must not be patched for it to work?

  32. Rick says:

    The wrapper should work for both 1.0.0.0 and 1.0.1.0 version of GTA IV, but there is no reason not to be using the latest patch for GTA IV.

  33. David says:

    LinkZ or Rick. What should a search for with Tsearch and what should i do with it to get bulletproof ?

  34. David says:

    *a = I 😛

  35. TomAlek says:

    Hi Rick, can u tell me how to get unlimited health?

  36. Kontra says:

    I might be a noob at this but i added it to my directory and i am not bullet proof

  37. Vyse says:

    Hey Rick, I haven’t been able to get this to work, so I thought I’d bring it to your attention, maybe I found an unforeseen problem. The following crash-error occurs upon opening the game as long as your DLL is in the GTA directory. I take it out and the game runs just fine. I’m using Vista 64. Let me know if you need any other information.

    GTAIV has stopped working.

    Description:
    Critical runtime problem

    Problem signature:
    Problem Event Name: APPLICATION CRASH
    System RAM: -1757184
    Available RAM: 1536708608
    Number of CPUs: 4
    Video Card Manufacturer: NVIDIA
    Video Card Description: NVIDIA GeForce 8800 GT
    Video Card Driver Version: 7.15.0011.8084
    OS Version: 6.0.6001.2.1.0.256.1
    Locale ID: 1033

  38. Rick says:

    Kontra: this wrapper does not do any cheats, it simply makes the memory accessible
    Vyse: are you on a 64-bit system? etc? I can’t think of why it would crash.

  39. Vyse says:

    Yessir, I’m using Vista Ultimate 64.

  40. Stevvo says:

    Could you extend the functionality of this to make it possible to actually hex edit the gtaiv.exe? I get the “GTA IV FATAL ERROR: XNetStartup failed – Please re-boot your system and/or re-install the game”
    When i play with a version of the exe i have modified.
    Excellent work btw.

  41. saracoglu says:

    Excellent work Rick. You saved my day.
    cheers

  42. Rick says:

    Vyse: I can’t think of what would be wrong unless it’s failing to copy xlive.dll/xlive.dll.CAT somehow, but it should be prompting you with an error dialog if that’s the case. Hmm.
    Stevvo: No, you can’t do that without completely killing Games For Windows (xlive).

  43. TomAlek says:

    Well what i have to do with this. Ok i copy it and what now, what I can get with this?

  44. Rick says:

    It will allow you to edit any memory that GTAIV thinks is protected (your money, your health, etc).

  45. ninjapan says:

    is there a tutorial available on how to edit health memory?

  46. Rick says:

    200.0, float, is your max health, so, heal up, search 200.0 float, get hurt, search decreased, etc, until you have a small amount of values.

  47. x3x says:

    err how u hack your money ? with this ?

  48. TomAlek says:

    But how i can change it? Where?
    In .txt? By ~ pressing in game?

  49. Kontra says:

    What program would i need to edit the hex? So that i can be almost invincible? and rich?

  50. x3x says:

    got the money work, but health is a little bit hard. Hey rick when u said search for decrease in health what do u mean by that, cuz in gta 4 they didnt show how much health u got left.