- Status
- Offline
- Joined
- Mar 3, 2026
- Messages
- 546
- Reaction score
- 7
Rockstar just pushed the b3725 update for GTA 5 and, as expected, the classic native table patterns are now toast. If you're trying to build a native invoker for this build, the old signatures aren't going to cut it anymore.
Here is the breakdown of what we know about the current structure:
The classic AOB signature
typically found in load_script_natives no longer yields results. It seems Rockstar has either refactored the reference or added significant obfuscation layers to the function.
Has anyone successfully dumped the new offset or found a more resilient AOB for the table pointer? Rockstar might have changed how load_script_natives handles the registration entirely.
Drop your findings or IDA notes below.
Here is the breakdown of what we know about the current structure:
- The table remains a hashmap consisting of 0xFF (255) buckets.
- Each bucket is a linked list of scrNativeRegistrationNode structures.
- Encryption involves XORing fields with their own memory addresses as nonces.
The classic AOB signature
Code:
48 8D 0D ? ? ? ? 48 8B 14 FA E8For those unfamiliar, the node structure usually looks something like this:
Finding the entry point in b3725 is the current hurdle. Since some menus are reportedly already functional on this build, the table core is definitely there — likely just the pointer reference that has shifted.
Code:
struct scrNativeRegistrationNode {
scrNativeRegistrationNode* next;
FARPROC handlers[7];
uint32_t count;
uint64_t hashes[7];
};Has anyone successfully dumped the new offset or found a more resilient AOB for the table pointer? Rockstar might have changed how load_script_natives handles the registration entirely.
Drop your findings or IDA notes below.
