Solved Trove Player Array Problems

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Yothri

Jr.Coder
Full Member
Nobleman
Sep 12, 2013
107
823
4
Hello all together,

at first i want to thank Rake for helping me already a lot.
I was able to find my own player object + a pointer address pointing to it and i myself found sth. like the GameContext which has sth. like a PlayerManager object in it containing the number of players that are currently in my game instance and ofc the player array.
Now you guys maybe already guess, i want to iterate all those players to read all of their player information.

I am accessing the array like this:

PlayerManager = GameContext + 0xD8
playersConnected = PlayerManager + 0x2C
PlayerArray = PlayerManager + 0x20


So in my cheat engine it looks like that: https://puu.sh/kHymb/de3e4dea03.png

The first offset is player manager
second offset player array
third offset is then i guess the player index (which i come later for)
fourth offset is health structure or sth. like that, dunno exactly yet.
fifth health offset

My problem is the third offset because i dont know in which intervals the next player object comes, and as i realized that, this differs. For now i can only search by increasing with that arrow there allways by 4 and when i have luck i will find a correct one which points to a player object. Yesterday i found 3 of them, so i calculated the difference between them so i thought by adding this to the last one i get next one but its not like that. the third one i found was more far away than first to second one. So this is different.

What can i do now? I just dont know how to iterate the players now because the index size is different all the time.
Either there is an algorithm or i am anyway using completely wrong offsets which would be strange because with those i am still able to find 2-3 players of at least 30 players connected. Andi am sure when clicking the hell of increasing this offset i am sure i can find more than 2-3 players.

I hope you guys know what i mean.
Thanks in advance.
 

ranseier

Jr.Coder
Full Member
Nobleman
Sep 26, 2015
53
303
3
Good question. I would like to know the same.

In a different game, also a MMO, I had the same problem. I didn't find all players in the player array. I solved this by scanning for another player array which contained ALL the players and all other entities in the game. Now I have to determine which entity is a player, which one is a npc, etc.
In my case there are gaps between the player addresses too. My solution is a simple trial and error. I am interested in coordinates of the player. I simply iterate trough the player array and try to get valid coordinates. if this fail, this can't be a player - check next entry.

maybe there is a more elegant solution. i think MMOs are a bit different than shooters where you know that a game can hold up to 32 players.
 

Yothri

Jr.Coder
Full Member
Nobleman
Sep 12, 2013
107
823
4
Hello thanks for your fast response,

well this probably might be the reason, so you think i should go and look for another array.
I will do this for now, but yes in shooters this might be some different because for me its also usual to have an array which its index is changed by 4 bytes or such, thats why i am so confused.
If any other guys here have some solutions for this, please let me/us know.

Thank you ranseier.

Edit: You sir are genius, you are fkn correct with your thought. I just found a second array which i can iterate by incrementing 4 bytes. AWESOME.
It works perfectly now! Thank you!
 
Last edited:

ranseier

Jr.Coder
Full Member
Nobleman
Sep 26, 2015
53
303
3
I would go for a different player array. It helped in my case.
Another tip would be to actually find an "enemy" and not your own player. For me it was a lot easier to find the player array when pointer scanning for an enemy.
For this situations I am running a virtual machine with a second game instance to get an "enemy" to scan for.

how did you find the static addresses at all? pointer scanner?

Edit: You sir are genius, you are fkn correct with your thought. I just found a second array which i can iterate by incrementing 4 bytes. AWESOME.
It works perfectly now! Thank you!
great :)
 

Yothri

Jr.Coder
Full Member
Nobleman
Sep 12, 2013
107
823
4
how did you find the static addresses at all? pointer scanner?
Yes, i got my laptop here right next to me and logged in with anoter character and scanned its health, then taking a armor part off to modify the health and yes, basically that was the start.
What was also great, i knew that the last two offsets of the health are 0x3C and 0x168 which narrowed the scan extremely. Also i knew the BaseAddress which gave the final result of only 2 pointer. The one was the one i already had which didnt work and the second was the new one, just 20 bytes before that other one which worked.
LEL xD
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,104
78,998
2,374
Dude! Awesome progress! Sometimes you just need a little push in the right direction. I'm so glad to see someone actually learning. Take a hint new members:
Make an educated post
Receive an educated response
Profit!
 

Yothri

Jr.Coder
Full Member
Nobleman
Sep 12, 2013
107
823
4
Rake;37172 said:
Dude! Awesome progress! Sometimes you just need a little push in the right direction. I'm so glad to see someone actually learning. Take a hint new members:
Make an educated post
Receive an educated response
Profit!
True!
I am making much progress here, just found the new Pointer addresses again after the fkn update xD

And i already released a first small tool which extends the Camera Zoom of the Player, if someone needs it you can find it here.
 

Yothri

Jr.Coder
Full Member
Nobleman
Sep 12, 2013
107
823
4
An AOB sigscan will help here. it's not hard to implement.
Yes i also thought about that, but i am still unsure if i can just go to memory browser of cheat engine to GameContext BaseAddress there and copy the bytes (with game restarts ofc.)

Edit: I made a signature now, but this signature points ofc. to a dynamic address, i mean like this: Before i accessed the gamecontext like : trove.exe+DEADBEEF which points to an address. Now with sigscan i get the address the pointer actually points to. But i would like more to get the Pointer DEADBEEF instead of the dyn. address where the pointer points at. Possible by signature scanning?
 
Last edited:

ranseier

Jr.Coder
Full Member
Nobleman
Sep 26, 2015
53
303
3
Yothri, I am trying to figure out how to find the player array in Trove too. Just for fun.

I am stuck at the point re-scanning the enemies (my second account) health. I always get zero results doing the re-scan.

I am doing the following steps:
- Scan down enemy HP
- Pointer scan for this address
- Found a lot of pointers
- Restarting trove on scanning-PC for the rescan
- Scan down enemy HP again
- Pointer RE-scan for this address
= Zero results

What am I doing wrong?

EDIT: Sorry for such a basic question but I am really struggling with that - also in other games.
 
Last edited:

Yothri

Jr.Coder
Full Member
Nobleman
Sep 12, 2013
107
823
4
Also had this problem first but i think i figured out why this happens.
Because the player index offset.

To prevent the player offset changed, i made a Club World where i can be sure that only i am in the world.
Then i created a second account which i logged in using my laptop. Made the second account join in the club world so i can make sure only my player and the player of second account is in the world.

Then try all of this you did again by scanning the hp of your second account.

The trick behind that is, in the player array that i´ve found the index0 is always your local player. And since there are only 2 players in the world then the next player will always have the same index.
I dunno how you tested it before, but in order to make the scan succesful you needed to make sure the player you were scanning had the same index as the scan you did before restarting the game.
If you are in the hub world this is like impossible because:
1. you dont know the offset you scanned first.
2. and since you dont know the offset for the first scan, you cannot make sure that the offset in second scan is the same. COnfusing i know xD

I hope i explained a little bit understandable.

For the case that you are still unable to find the array here´s the pointer to gamecontext + offsets to array and player count:
All Names i gave like GameContext, PlayerManager are names that i thought of it would be, i give no warranty that the classes accessed by the following pointers and offsets have something to do with this:

GameContext: "trove.exe"+00B07D68 (as of yesterday, last patch)

If i am not completely wrong, the offset above added to trove.exe points to the GameContext -Class (The main class of the game where it begins or how to name it idk.)
The offset 0xD8 which is added to this pointer is what i call the PlayerManager which contains the NumberOfPlayersConnectedToTheWorldYouAreIn and also the PlayerArray.

Offset for NumberOfPlayersConnected is: 0x2C
Offset for PlayerArray is: 0x00

To clarify:

PlayerArray = [["trove.exe"+00B07D68]+0xD8]+0x00
PlayersConnected = [["trove.exe"+00B07D68]+0xD8]+0x2C (4 Byte Integer).

If you want to access your own player (index 0):
[[["trove.exe"+00B07D68]+0xD8]+0x00]+0x00

If you want to access next player (index 4):
[[["trove.exe"+00B07D68]+0xD8]+0x00]+0x04

If you are at a players index those next 2 offsets can be used to get the health:
[[[[["trove.exe"+00B07D68]+0xD8]+0x00]+PLAYERINDEX]+0x168]+0x3C

Energy of player is instead of 0x3C, 0x50 (4 byte integer)

What i didnt find yet is the position of other players, i cant simply find them in the near of all those addresses and thats why it makes me think that this is still not the player array i am looking for, but well yes, idk. I am not experienced enough to say what is going on here.
 

ranseier

Jr.Coder
Full Member
Nobleman
Sep 26, 2015
53
303
3
Thanks I will try it out!

I think you are right with that index-thing. In another MMO I had the same problem. Players just get shuffled around in the player array when they move on the map, die or other players join or leave the game. Not good when you want to dig these memory regions.
My problem is that I don't have the possibility to create something like a "club world" in dead frontier or other games. I mean, how did you manage to find pointers in GW2?

Maybe someone else can tell more about this "Player index shuffle" problem and has a solution for that.
 

Yothri

Jr.Coder
Full Member
Nobleman
Sep 12, 2013
107
823
4
Thanks I will try it out!

I think you are right with that index-thing. In another MMO I had the same problem. Players just get shuffled around in the player array when they move on the map, die or other players join or leave the game. Not good when you want to dig these memory regions.
My problem is that I don't have the possibility to create something like a "club world" in dead frontier or other games. I mean, how did you manage to find pointers in GW2?

Maybe someone else can tell more about this "Player index shuffle" problem and has a solution for that.
I think manually calculating the pointer by watching what accesses the address is more accurate and ia not affected by that shuffling but not sure about this.
There are some tutorials about this but this method requires more experience in my opinion.
 

Broihon

edgy 12 y/o
Escobar Tier VIP
Fleep Tier Donator
Dec 22, 2013
1,745
40,528
316
Maybe yes, woah didnt knew that pointer scanning can take so much time. I´ve never needed more than 5 minutes lol.
The pointer scanner takes a lot of CPU power and the higher the pointer level the more time it'll take ofc. That's why you should always set up the scanner settings properly ;)
But yeah, with bad settings I can make a scan that takes like an hour or more even on an octacore xD
 

Yothri

Jr.Coder
Full Member
Nobleman
Sep 12, 2013
107
823
4
Вroihon;37307 said:
The pointer scanner takes a lot of CPU power and the higher the pointer level the more time it'll take ofc. That's why you should always set up the scanner settings properly ;)
But yeah, with bad settings I can make a scan that takes like an hour or more even on an octacore xD
So manually calculating the offset is probabaly not that time efficient right. I watched fleeps tut. Multiple times for finding multi level pointer but i cant get to the same results as fleep could in this video. I am everytime stuck at where he is telling in video that this might be confusing. Well it is confusing me still after 4 times watching those whole steps.
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods