Note that all offsets thus posted have been confirmed for GTA San Andreas (GTA_SA.EXE) version 1.0. This is not for Function-Memadresses, for these look into Function Memory Addresses (SA).

Base Memory adresses

No category yet

• 0xA49960 - Start of SCM block (0xA49960 + (4 * varnumber) is that particular variable.)
• 0xA49D54 - Count-up timer for driving/flying missions ([dword] in ms)
• 0xA51974 - Count-up timer for boat/bike missions ([dword] in ms)
• 0xB6F5F0 - Player pointer (player_ptr)
• 0xB6F3B8 - Car pointer
• 0xB7CE50 - Money
• 0xBAA420 - Wanted Level
• 0xB70153 - Current Hour
• 0xB70152 - Current Minute
• 0xB700F0 - Current Car ID (from vehicle.ide) - 32 bytes in size
• 0x863984 - Gravity
• 0xB7CB84 - A global timer in ms [dword]
• 0xB70158 - Timer related to weather and time in ms [dword]
• 0xB7015C - Defines how many ms = 1 second... default 1000, set to 1 for a headache (number of ms per sec) [dword]4

Stats

• 0xB793D4 - Fat stat [float]
• 0xB793D8 - Stamina stat [float]
• 0xB793DC - Muscle stat [float]
• 0xB793E0 - Health stat [float]
• 0xB793E4 - Sex Appeal stat [float]
• 0xB79496 - Pistol stat [float]
• 0xB79498 - Silenced pistol stat [float]
• 0xB7949C - Desert eagle stat [float]
• 0xB794A0 - Shotgun stat [float]
• 0xB794A4 - Sawn-off shotgun stat [float]
• 0xB794A8 - Combat shotgun stat [float]
• 0xB794AC - Machine pistol stat [float]
• 0xB794B0 - SMG stat [float]
• 0xB794B4 - AK47 stat [float]
• 0xB794B8 - M4 stat [float]

Cheats

NaodW29-HTMLCommentStrip40be25d123b648bd00000001

[byte] Can be either on (1) or off (0)

• 0x969130 - Weapon Set 1
• 0x969131 - Weapon Set 2
• 0x969132 - Weapon Set 3
• 0x969133 - Health+Armor+250K
• 0x969134 - Increase Wanted Level 2 Stars
• 0x969135 - Clear Wanted Level
• 0x969136 - Sunny Weather
• 0x969137 - Very Sunny Weather
• 0x969138 - Overcast Weather
• 0x969139 - Rainy Weather
• 0x96913A - Foggy Weather
• 0x96913B - Faster Clock
• 0x96913C - Faster Gameplay
• 0x96913D - Slower Gameplay
• 0x96913E - Peds Attack Eachother with Golfclub
• 0x96913F - Have Bounty on Head
• 0x969140 - Everyone is Armed
• 0x969141 - Spawn Rhino (Not Tested!)
• 0x969142 - Spawn Bloodring Banger (Not Tested!)
• 0x969143 - Spawn Rancher (Not Tested!)
• 0x969144 - Spawn Racecar A (Not Tested!)
• 0x969145 - Spawn Racecar B (Not Tested!)
• 0x969146 - Spawn Romero (Not Tested!)
• 0x969147 - Spawn Stretch (Not Tested!)

sadasdasd)

• 0x96914A - Blow up All Cars
• 0x96914B - Wheels Only (Invisible Cars)
• 0x96914C - Perfect Handling
• 0x96914D - Suicide
• 0x96914E - All Green Lights
• 0x96914F - Aggressive Drivers
• 0x969150 - Pink Traffic
• 0x969151 - Black Traffic
• 0x969153 - Boats Can Fly
• 0x969154 - CJ is Fat
• 0x969155 - Max Muscle
• 0x969156 - CJ is Skinny
• 0x969157 - Elvis Everywhere
• 0x969158 - Peds attack with rockets
• 0x969159 - Beach Theme
• 0x96915A - Gang Members everywhere
• 0x96915B - Gangs control the streets
• 0x96915C - Ninja Theme
• 0x96915D - Slut Magnet
• 0x96915E - Traffic is Cheap Cars
• 0x96915F - Traffic is Fast Cars
• 0x969160 - Cars can Fly
• 0x969161 - Huge Bunny Hop
• 0x969162 - Spawn Hydra (Not Tested!)
• 0x969163 - Spawn Vortex Hovercraft (Not Tested!)
• 0x969164 - Tank Mode / Smash'n Boom
• 0x969165 - All cars have nitro
• 0x969166 - Cars Float Away when hit
• 0x969167 - Always Midnight
• 0x969168 - Stop Game Clock - Orange Sky
• 0x969169 - Thunderstorm
• 0x96916A - Sandstorm
• 0x96916C - Mega Jump
• 0x96916D - Infinite Health
• 0x96916E - Infinite Oxygen
• 0x96916F - Get Parachute
• 0x969170 - Get Jetpack
• 0x969171 - Never Wanted
• 0x969172 - Six Star Wanted Level
• 0x969173 - Mega Punch
• 0x969174 - Never get Hungry
• 0x969175 - Peds Riot (Chaos Mode)
• 0x969176 - Funhouse Theme
• 0x969177 - Slower Gameplay
• 0x969178 - Infinite Ammo, No Reload
• 0x969179 - Full Weapon Aiming while driving
• 0x96917A - Decreased Traffic
• 0x96917B - Traffic is Country vehicles
• 0x96917C - Recruit Anyone (9mm)
• 0x96917D - Country Theme
• 0x96917E - Recruit Anyone (Rockets)
• 0x96917F - Max Respect
• 0x969180 - Max Sex Appeal
• 0x969181 - Max Stamina
• 0x969183 - Hitman in All Weapons
• 0x969184 - Spawn Hunter (Not Tested!)
• 0x969185 - Spawn Quad (Not Tested!)
• 0x969186 - Spawn Tanker Truck (Not Tested!)
• 0x969187 - Spawn Dozer (Not Tested!)
• 0x969188 - Spawn Stunt Plane (Not Tested!)
• 0x969189 - Spawn Monster (Not Tested!)

[dword]

• 0x96918C - Has ever Cheated or not
• 0xBAA472 - Has now Cheated or not
• 0xB79044 - Cheated Count

Display Settings

• 0xBA6784 - Brightness [long]
• 0xBA6792 - Legend [byte]
• 0xBA676C - Radar Mode [byte]
• 0xBA6769 - Hud Mode [byte]
• 0xBA678C - Subtitles [byte]
• 0xBA6830 - Store gallery photos [byte]
• 0xBA6788 - Draw Distance [long]
• 0xBA6794 - Frame limiter [byte]
• 0xBA6793 - Widescreen [byte]
• 0xA9AE54 - Visual FX Quality [byte]
• 0xBA680C - Mip Mapping [byte]
• 0xBA6814 - Antialiasing [byte] values:
  • 1 = 0x (off)
  • 2 = 1x
  • 3 = 2x
  • 4 = 3x
• 0xBA6820 - Resolution [byte] values:
  • 11 = 640x480
  • 12 = 800x400
  • 13 = 800x600
  • 15 = 1024x768

(Depends on the graphic driver/hardware.)

Sound Configuration

• 0xBA6798 - Radio Volume [0 through 64] [byte]
• 0xBA6797 - SFX Volume [0 through 64] [byte]
• 0xBA6799 - Radio Equalizer [byte]
• 0xBA6795 - Radio Auto-tune [byte]
• 0xBA67F8 - Usertrack/Play mode [byte] values:
  • 0 = Radio
  • 1 = Random
• 0xBA680D - Usertrack/Automatic Media Scan [byte]
• 0xBA679A - Radio Station ID [byte] values:
  • 0 to 11 = Normal radio (do we know which IDs are which station?)
  • 12 = User's MP3 tracks

Controller Configuration

• 0xBA6818 - Controller Configuration [byte] values:
  • 0 = Mouse+Keys
  • 1 = Joypad
• 0xB6EC1C - Mouse sensivity [float]
• 0xC1CC02 - Steer with mouse [byte]
• 0xC1CC03 - Invert mouse vertically [byte]

Other Dynamic Memory Addresses (non-static)

Pedestrians

General

In most cases, you can use even the DWord of playeraddress as CPed value.

• CPed +0x14 - Pointer to XYZ position structure (and rotation)
• DWORD(CPed+0x14) +0x0 to +0x2C is the rotation matrix
• DWORD(CPed+0x14) +0x30 = XPos
• DWORD(CPed+0x14) +0x34 = YPos
• DWORD(CPed+0x14) +0x38 = ZPos
• CPed +66 (Byte) is the BP/EP/FP/DP status of the player as follows:
  Add these values, and write the sum into +66
  • 1 = Makes Ped soft (ie. can move through walls and everything) (NOCLIP in other words)
  • 2 = Freezes Ped (ie. ped cannot walk)
  • 4 = Bullet-proof
  • 8 = Flame-proof
  • 16 = ?
  • 32 = ?
  • 64 = Damage-proof (from collisions etc)
  • 128 = Explosion-proof
• CPed +0x530 State (dword)
  • 0 = Leaving a car, falling down from a bike or something like this.
  • 1 = Normal case
  • 50 = Driving
  • 55 = Wasted
  • 63 = Busted
  • 12 = Targeting (hmm problem, if I get into 12, it doesn't change back?)
• CPed + 0x534 = Runningstate
  • 0 = while driving,
  • 1 = standing still
  • 4 = start to run
  • 6 = running
  • 7 = running fast (sprinting) by pressing sprint key
• CPed +0x540 = Health [float]
• CPed +0x544 = Max health [float]
• CPed +0x548 = Armor [float]
• CPed +0x558 = Z angle [float]
• CPed +0x58C = Last or Current Driven Car
• CPed +0x5A0 = Start of weapon data. Each slot has 28 bytes. (See structures: WeaponSlot)
• CPed +0x718 = Current weapon slot (1 byte)
• CPed +0x740 = Current Weapon ID (from default.dat)

Structures

WeaponSlot                 // Total 28Bytes
 DWORD       type          // + 0
 DWORD       state         // + 4 (0 idle, 1 firing, 2 reloading)
 DWORD       AmmoInClip    // + 8
 DWORD       AmmoRemaining // +12
 FLOAT       unknown       // +16 (Hmm, increases each time you fire your weapon, 0 when weapon not active?)
 UNKNOWN     0..7 Bytes    // +20...+27

WeaponSlot.type
  (Slot0: No Weapon)                    (Slot2: Handguns)
  0 - Fist                               22 - Pistol
  1 - Brass Knuckles                     23 - Silenced Pistol
  (Slot1: Melee)                         24 - Desert Eagle
  2 - Golf Club --not tested             (Slot3: Shotguns)
  3 - Nitestick                          25 - Shotgun
  4 - Knife                              26 - Sawn-Off Shotgun
  5 - Baseball Bat                       27 - SPAS-12
  6 - Shovel --not tested                (Slot4: Sub-Machineguns)
  8 - Katana                             28 - Micro Uzi 
  7 - Pool Cue --not tested              29 - MP5
  9 - Chainsaw                           32 - TEC-9
-
  (Slot5: Machineguns)                   (Slot10: Gifts)
  30 - AK47                              14 - Flowers
  31 - M4                                (Slot9:Special1)
  (Slot6: Rifles)                        42 - Fire Extinguisher
  33 - Country Rifle                     43 - Camera 
  34 - Sniper Rifle                      (Slot11:Special2)
  (Slot7: Heavy Weapons)                 44 - NV Goggles
  35 - Rocket Launcher                   45 - IR Goggles
  36 - Heat Seaking RPG                  46 - Parachute
  37 - Flame Thrower                     (Slot12:Detonators?)
  38 - Minigun                            40 - Detonator(for remote explosives)
  (Slot8: Projectiles)
  16 - Grenade
  18 - Molotov Cocktail
  39 - Remote Explosives

Cars

• +14 contains a pointer to a Structure (84 Bytes).
  • This structure +0x30 = XPos
  • This structure +0x34 = YPos
  • This structure +0x38 = ZPos
• +66 [Byte] Special Flags:
  • 1 = EP
  • 11 = N/A
  • 111 = N/A
  • 1111 = DP
  • 11111 = FP
  • 111111 = BP
  • 1111111 = N/A
  • 11111111 = N/A
• +68 [Float] X (East-West) speed
• +72 [Float] Y (North-South) speed
• +76 [Float] Z (Up-Down) speed
• +80 [Float] X (NS) Spin
• +84 [Float] Y (EW) Spin
• +88 [Float] Z (NW) Spin

Note: The Spin angles are known to be incorrect. To get the correct rotation, use every fourth float (starting with the 0th) in the vehicle object's rotation matrix until the 36th float value. This will give you a list of 9 floats, whose meanings are:

1. XA
2. XB
3. XC
4. YA
5. YB
6. YC
7. ZA
8. ZB
9. ZC

These are the rotations on all the Axes you'll need.

(Car addresses continued:)

• +140 [Float] Mass (kg) from handling.cfg
• +144 [Float] Turn Mass from handling.cfg
• +148 [Float] Grip Divider (NaodW29-math58f2e36051deadf0000000010.1 = 10 x gGrip / 1 = 1 x gGrip / 100 = g / 100Grip</math>)
• +152 [Float] Mass-to-Grip Multiplier. Ie. G Force when flying/during suspension/driving (acceleration towards ground)
• +160 [Float] Normalized Grip Level
• +164 [Float] CoM X
• +168 [Float] CoM Y
• +172 [Float] CoM Z
• +1076 [Byte] Body Color (as in carcolors.dat, black being the 0)
• +1077 [Byte] Stripe Color (as in carcolors.dat, black being the 0)
• +1080 [DWord] modding data as in garage info
• +1084 [DWord] modding data as in garage info
• +1088 [DWord] modding data as in garage info
• +1092 [DWord] modding data as in garage info
• +1096 [DWord] modding data as in garage info
• +1100 [DWord] modding data as in garage info
• +1104 [DWord] modding data as in garage info
• +1108 [DWord] modding data as in garage info
• +1112 [Float] Car Wheel Size from vehicle.ide
• +1116 [DWord] Siren Time Left ms
• +1120 [DWord] Pointer to driver
• +1124 [DWord] Pointer to passenger
• +1172 [Float] Steer angle 1
• +1176 [Float] Steer angle 2
• +1180 [Float] Gas pedal
• +1184 [Float] Break pedal
• +1216 [Float] Health / Car Damage Left (1000: undamaged)
• +1272 [Dword] Car Door Locked State (1:open 2:locked)
• +1444 [Byte] Car Wheels Shot: (.1.1.1..=NA/RF/NA/LB/NA/LF/NA/NA) RF:RightFrontWheel 1:shot, 0:OK

Following offsets are Floats, as positions of doors and other car parts that gets detached by damage. We need to recalculate and set their locations if we warp a car from one location to another. Otherwise the car spins uncontrollably:

• +1828 Detachables1 Pos X
• +1832 Detachables1 Pos Y
• +1836 Detachables1 Pos Z
• +1872 Detachables2 Pos X
• +1876 Detachables2 Pos Y
• +1880 Detachables2 Pos Z
• +1916 Detachables3 Pos X
• +1920 Detachables3 Pos Y
• +1924 Detachables3 Pos Z
• +1960 Detachables4 Pos X
• +1964 Detachables4 Pos Y
• +1968 Detachables4 Pos Z

The locations of the detachable objects are different for cars and bikes. This is merely because bike object is actually smaller than the car object. The car object is used for all vehicles (including heli) but the bikes.

Offsets for Detachables:

• +1532 BikeDetachPosAdr(0)
• +1632 BikeDetachPosAdr(1)
• +1676 BikeDetachPosAdr(2)
• +1720 BikeDetachPosAdr(3)
• +1764 BikeDetachPosAdr(4)

• +1828 CarDetachPosAdr(0)
• +1872 CarDetachPosAdr(1)
• +1916 CarDetachPosAdr(2)
• +1960 CarDetachPosAdr(3)

The trailer of the tanker is handled the same way as the vehicles. Its pointer gets set at offset:

• +0x4C8

To the car object start. When warping vehicles that has trailer, we need to warp this 'vehicle' as well. The same pointer is used also when you are towing other vehicles as well.

Garages and Parking

There are 50 Garages in the game. Each garage has:-

• Position
• Details
• Usage information
• Location in game
• Location of door
• Width
• Depth
• Height
• Direction it looks
• Coordinates of lower left corner
• Coordinates of upper right corner,
• Usable by the player
• Which property (safe house) it belongs
• Number of vehicles which can be parked inside
• The door state (closed, opening, open and closing)

These are found in the garage object of 212 bytes. The memory locations where the garages start are:

• 0x96C048 (start of first garage)
• +0xD4 (offset for second garage - offset this much again for third garage, again for fourth, etc.)
• 0x96C120 (start of final garage)

(Tested using non-patched original v1.0 German EXE with English language option selected, and original SCM file.)

Here is the known garage offsets:

• 0 [Float] X Coord of the Garage Lower Left corner
• 4 [Float] Y Coord of the Garage Lower Left corner
• 8 [Float] Z Coord of the Garage Lower Left corner
• 12 [Float] X Value of direction vector 1
• 16 [Float] Y Value of direction vector 1
• 20 [Float] X Value of direction vector 2
• 24 [Float] Y Value of direction vector 2
• 28 [Float] Top Z Coord. of the garage
• 32 [Float] Normalized Width of the garage
• 36 [Float] Normalized Depth of the garage
• 40 [Float] Left Border (X) corrdinate
• 44 [Float] Right Border (X) corrdinate
• 48 [Float] Front Border (Y) corrdinate
• 52 [Float] Back Border (Y) corrdinate
• 77 [Byte] Garage Door State values:
  • 0 = Closed
  • 1 = Open
  • 2 = Opening
  • 3 = Closing

The direction vector 3 is completely left out, I think because the garages are always even to the ground. I think that is also why the Z values of the direction vectors are also left-out.

Here are the static Adresses of the Garage Blocks, and to which garage they belong:

• 0x96C048 Commerce Region, Loading Bay Garage
• 0x96C120 Unknown Garage
• 0x96C1F8 Unknown Garage near El Corona
• 0x96C2D0 Eight Ball Autos near El Corona
• 0x96C3A8 Unknown Garage near El Corona
• 0x96C480 Player Garage: El Corona
• 0x96C558 Unknown Garage near Playe del Seville
• 0x96C630 LowRider Tuning Garage in Willowfield
• 0x96C708 Pay 'n' Spray in Idlewood
• 0x96C7E0 Player Garage: Johnson House
• 0x96C8B8 Pay 'n' Spray in Temple
• 0x96C990 Transfender in Temple
• 0x96CA68 Pay 'n' Spray in Santa Maria Beach
• 0x96CB40 Player Garage: Santa Maria Beach
• 0x96CC18 Player Garage: Mulholland
• 0x96CCF0 Wheel Archangels in Ocean Flats
• 0x96CDC8 Unknown Garage in Ocean Flats
• 0x96CEA0 Player Garage: Hashbury
• 0x96CF78 Transfender near Wang Cars in Doherty
• 0x96D050 Pay 'n' Spray near Wang Cars in Doherty
• 0x96D128 Unknown Garage, Loading Bay near Doherty
• 0x96D200 Player Garage: Doherty
• 0x96D2D8 Unknown Garage in Doherty
• 0x96D3B0 Unknown Garage in Chinatown
• 0x96D488 Michelles Pay 'n' Spray in Downtown
• 0x96D560 Player Garage: Calton Heights
• 0x96D638 Police Garage in DownTown
• 0x96D710 Pay 'n' Spray in Juniper Hollow
• 0x96D7E8 Player Garage: Paradiso
• 0x96D8C0 Unknown Garage near Emerald Isle
• 0x96D998 Airport Plane Garage in Las Venturas
• 0x96DA70 Unknown Garage near Camel's Toe
• 0x96DB48 Pay 'n' Spray near Royal Casino
• 0x96DC20 Transfender in come-a-lot
• 0x96DCF8 Player Garage: Rockshore West
• 0x96DDD0 Welding Wedding Bomb-workshop in Emerald Isle
• 0x96DEA8 Pay 'n' Spray in Redsands East
• 0x96DF80 Player Garage: Redland West
• 0x96E058 Player Garage: Prickle Pine
• 0x96E130 Player Garage: Whitewood Estates
• 0x96E208 Pay 'n' Spray in El Quebrados
• 0x96E2E0 Pay 'n' Spray in Fort Carson
• 0x96E3B8 Player Garage: Fort Carson
• 0x96E490 Player Garage: Derdant Meadows
• 0x96E568 Unknown Garage in Bone County
• 0x96E640 Airport Garage in Verdant Meadows
• 0x96E718 Unknown Garage in Angel Pine
• 0x96E7F0 Pay 'n' Spray in Dillimore
• 0x96E8C8 Player Garage: Palomino Creek
• 0x96E9A0 Player Garage: Dillimore

Menu

The following addresses have been found:

• Base address 0xBA6748
• +0x15D - [Byte] Current Menu ID
• +0x78D - [Byte] Show menu item hover
• +0x54 - [DWORD Selected menu item

• +0xE9 - [Byte] Main menu switch (startup menu/menu when playing)
• +0x84 - [DWord language
• +0x15F - [Byte] selected savegame
• +0x24 - [DWORD radar mode

• +0x64 - [Float] map zoom
• +0x68 - [Float] map x position
• +0x6C - [Float] map y position

• +0x5C - [Byte] Player in menu?

SCM related

• 0xA49960 = start of scm block
• 0x464080 = GetOpcodeParameters()
• 0xA43C78 = Where the routine above stores opcode parameters values. Max 16 paramters for an opcode it seems.

Weather Codes

0xC8131C = [DWord] Weather

• Weather Values:
• 0 to 7 = different versions of blue skies/clouds
• 08 = stormy
• 09 = cloudy and foggy
• 10 = clear blue sky (falls into 0-7 category)
• 11 = scorching hot (Los Santos heat waves)
• 12 to 15 = very dull, colorless, hazy
• 16 = dull, cloudy, rainy
• 17 to 18 = scorching hot
• 19 = sandstorm
• 20 = foggy/greenish
• 21 = very dark, gradiented skyline, purple
• 22 = very dark, gradiented skyline, green
• 23 to 26 = variations of pale orange
• 27 to 29 = variations of fresh blue
• 30 to 32 = variations of dark, cloudy, teal
• 33 = dark, cloudy, brown
• 34 = blue/purple, regular
• 35 = dull brown
• 36 to 38 = bright, foggy, orange
• 39 = extremely bright
• 40 to 42 = blue/purple cloudy
• 43 = dark toxic clouds
• 44 = black/white sky
• 45 = black/purple sky

Warning: Setting these values to anything higher will result in things like black screen, flickering, really red, etc).

Dependencies

• Car ptr = player ptr when on foot.
• CPed block size = 0x7C4 bytes.
• CVehicle block size = 0x0A18 bytes.

External Links

• Modelingman
• GTASA Memory Addresses - a topic on GTAForums.

This memory address article is a stub. You can help by expanding it.