CMD AUTH LOGON CHALLENGE Client
CMD AUTH LOGON CHALLENGE Client is a Login Packet initially sent by the client to start the Login process. The server will then reply with a CMD_AUTH_LOGON_CHALLENGE_Server packet.
CMD_AUTH_LOGON_CHALLENGE and CMD_AUTH_RECONNECT_CHALLENGE have the same client packet.
Packet Layout
This packet does not change at all between versions.
| Offset | Size / Endianness | Type | Name | Description |
|---|---|---|---|---|
| 0x00 | 1 / - | uint8 | opcode | 0x00 for CMD_AUTH_LOGON_CHALLENGE, 0x02 for CMD_AUTH_RECONNECT_CHALLENGE |
| 0x01 | 1 / - | uint8 | protocol_version | Exact purpose unknown. See table in #Protocol Versions. |
| 0x02 | 2 / Little | uint16 | size | Length of package minus the size of the command, protocol_version and size fields. See #Field. |
| 0x04 | 4 / Big | uint8[4] | game_name | Always null terminated 'WoW\0' string. |
| 0x08 | 3 / - | uint8[3] | version | [0x01, 0x01, 0x02] for 1.1.2. [0x01, 0x0C, 0x01] for 1.12.1. |
| 0x0B | 2 / Little | uint16 | build | 4125, aka Revision |
| 0x0D | 4 / Little | uint8[4] | platform | eg '\0x86'. Has a leading zero for 'x86'. |
| 0x11 | 4 / Little | uint8[4] | os | eg '\0Win'. Has a leading zero for 'Win'. |
| 0x15 | 4 / Little | uint8[4] | locale | eg 'enUS' |
| 0x19 | 4 / Little | uint32 | worldregion_bias | Offset in minutes from UTC time, eg. 180 means 180 minutes |
| 0x1D | 4 / Big | uint32 | ip | client_ip |
| 0x21 | 1 / - | uint8 | account_name_length | Length of the account_name field in bytes. The client can only send 16 characters, but this can still be more than 16 bytes if non-ASCII characters are used. |
| 0x22 | account_name_length / Big | uint8[account_name_len] | account_name | UTF-8 encoded uppercase string of the username. Not all unicode characters are uppercased correctly. |
Size
Entire packet
The only variable field is account_name_length which is limited to 16 UTF-8 characters by the client. ASCII characters take up one byte, and UTF-8 characters are limited to a maximum of 4 bytes per character which means that the theoretical maximum is:
- 34 + 16 = 50 bytes, for a well behaved client if only ASCII characters are accepted.
- 34 + (16 * 4) = 98 bytes, for a well behaved client if all UTF-8 characters are accepted.
- 34 + 255 = 289 bytes, for the absolute theoretical maximum since account_name_length is an unsigned byte limited to 255.
Field
The value of the size field can be calculated as 30 + account_name_length. This field is calculated without the opcode, protocol_version and size fields.
The maximum values of the account_name_length field are:
- 16, if only ASCII characters from a well behaving client are allowed.
- 16 * 4 = 64, if only valid UTF-8 characters from a well behaving client are allowed.
- 255, since it is the maximum value of an unsigned byte.
Protocol Versions
Below is a table of verified protocol version for specific patches.
| Game Version | Connect Protocol Version | Reconnect Protocol Version | Notes |
|---|---|---|---|
 (1.1.2.4125) |
2 | 2 | |
| (1.12.1.5875) |
3 | 2 | |
 (2.0.0.6080) |
3 | 2 | |
| (2.0.1.6180) |
3 | 2 | |
| (2.0.3.6299) |
5 | 5 | |
| (2.0.5.6320) |
6 | 6 | There are likely differences between this version of protocol 6 and 2.0.7s version of protocol 6 due to the authentication issues with the patch. |
| (2.0.6.6337) |
5 | 5 | This is a lower protocol version than previously, likely due to authentication issues with patch 2.0.5 |
| (2.0.7.6383) |
6 | 6 | |
| (2.0.8.6403) |
6 | 6 | |
| (2.0.10.6448) |
6 | 6 | |
| (2.0.12.6546) |
6 | 6 | |
| (2.1.0.6692) |
6 | 6 | |
| (2.1.0.6729) |
6 | 6 | |
| (2.1.1.6739) |
6 | 6 | |
| (2.1.2.6803) |
6 | 6 | |
| (2.1.3.6898) |
6 | 6 | |
| (2.2.0.7272) |
6 | 6 | |
| (2.2.2.7318) |
6 | 6 | |
| (2.2.3.7359) |
6 | 6 | |
| (2.3.0.7561) |
7 | 7 | |
| (2.3.2.7741) |
7 | 7 | |
| (2.3.3.7799) |
7 | 7 | |
| (2.4.0.8089) |
8 | 8 | |
| (2.4.1.8125) |
8 | 8 | |
| (2.4.2.8278) |
8 | 8 | |
| (2.4.3.8606) |
8 | 8 | |
 (3.3.5.12340) |
8 | 8 |
Game Name
The value is always "WOW\0", or [87, 111, 87, 0] in bytes, so there is no reason to parse or store this value. It is speculated that the login system was intended for games other than WoW, but this was never the case.
Platform
For (1.12.1.5875) this can only be either "\0x86" or "\0PPC".
OS
For (1.12.1.5875) this can only be either "\0xWin" or "\0OSX".
Locale
For (1.12.1.5875) the only values this can be are:
| Value | Description |
|---|---|
| enGB | English, Great Britain. |
| enUS | English, United States. |
| esMX | Spanish, Mexico. |
| ptBR | Portuguese, Brazil. |
| frFR | French, France. |
| deDE | German, Germany. |
| esES | Spanish, Spain. |
| ptPT | Portuguese, Portugal. |
| itIT | Italian, Italy. |
| ruRU | Russian, Russia. |
| koKR | Korean, Korea. |
| zhTW | Chinese, Taiwan. |
| enTW | English, Taiwan. |
| enCN | English, Cantonese. |
Example Packet
Below is complete packet sent from a (1.12.1.5875) client. The values are explained as comments. This can be used for verifying packet parser implementations.
char[] bytes =
{
0, // Opcode: CMD_AUTH_LOGON_CHALLENGE
3, // Protocol Version: 3
31, 0, // Packet Size: 31
87, 111, 87, 0, // Game Name: "WOW\0"
1, 12, 1, // Version: 1.12.1
243, 22, // Build: 5875
54, 56, 120, 0, // Platform: "\0x86" (literal bytes are "68x\0")
110, 105, 87, 0, // Os: "\0Win" (literal bytes are "niW\0")
66, 71, 110, 101, // Locale: "enGB" (literal bytes are "BGne")
60, 0, 0, 0, // Timezone Bias: 60 (UTC+1)
127, 0, 0, 1, // Client IP: 127.0.0.1
1, // Username length: 1
65 // Username: "A"
};