Packets: Difference between revisions
Line 28: | Line 28: | ||
|||0x4||char[4]||GameName||'WoW' | |||0x4||char[4]||GameName||'WoW' | ||
|- | |- | ||
|||0x8||uint8[3]||Version|| | |||0x8||uint8[3]||Version||0x01 0x01 0x02 | ||
|- | |- | ||
|||0xB||uint16||Build||aka [[Rev|Revision]] | |||0xB||uint16||Build||4125, aka [[Rev|Revision]] | ||
|- | |- | ||
|||0xD||char[4]||Platform|| eg 'x86' | |||0xD||char[4]||Platform|| eg 'x86' |
Revision as of 17:27, 9 December 2015
How the thing works(WIP!): At the beginning, the WoW Client sends an Authentication Packet to the Server. Then the Server checks if the Account is banned etc. and ,if not, sends an Packet containing information for the SRP-6 algorithm.
Logon
The authentication server (and the WoW client) utilizes the SRP-protocol for secure authentication.
Build 4125 (1.1.2)
It's worth noting that, for this build, the client automatically disconnect after a successful login challenge and proof exchange and sends a reconnect packet right away instead of asking for the realm list.
AuthLogonChallenge_Client
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint8 | Command | 0x0 | |
0x1 | uint8 | Error | ||
0x2 | uint16 | Size | ||
0x4 | char[4] | GameName | 'WoW' | |
0x8 | uint8[3] | Version | 0x01 0x01 0x02 | |
0xB | uint16 | Build | 4125, aka Revision | |
0xD | char[4] | Platform | eg 'x86' | |
0x11 | char[4] | OS | eg 'Win' | |
0x15 | char[4] | Country | eg 'enUS' | |
0x19 | uint32 | WorldRegion_bias | ? | |
0x1D | uint32 | IP | Client-IP | |
0x21 | uint8 | AccountName_Length | The length of the account name | |
0x22 | char[] | AccountName |
AuthLogonChallenge_Server
Offset | Type | Name | Description | ||
---|---|---|---|---|---|
0x1 | uint8 | Command | 0x0 | ||
0x2 | uint8 | unk | |||
0x3 | uint8 | error | |||
0x4 | char[32] | B | SRP public server ephemeral | ||
0x24 | uint8 | g_len | 0x1 | ||
0x25 | uint8 | g | SRP generator | ||
0x26 | uint8 | N_len | 0x20 | ||
0x27 | char[32] | N | SRP modulus | ||
0x47 | char[32] | srp_salt | SRP user's salt | ||
0x47 | char[16] | crc_salt | A salt to be used in AuthLogonProof_Client.CRC_Hash |
AuthLogonProof_Client
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint8 | Command | 0x1 | |
0x01 | uint8[32] | A | ||
0x21 | uint8[20] | M1 | ||
0x35 | uint8[20] | CRC_Hash | ||
0x49 | uint8 | nKeys |
AuthLogonProof_Server
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint8 | Command | 0x1 | |
0x1 | uint8 | Error | ||
0x2 | uint8[20] | M2 | ||
0x16 | uint32 | unk |
AuthReconnectionChallenge_Client
It is the same structure as AuthLogonChallenge_Client, except that the command is 0x2.
AuthReconnectionChallenge_Server
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint8 | Command | 0x2 | |
0x1 | uint8 | Error | ||
0x2 | char[16] | challenge_data | random data, used as a challenge | |
0x12 | uint64 | unk1 | ||
0x1A | uint64 | unk2 |
AuthReconnectionProof_Client
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint8 | Command | 0x3 | |
0x1 | char[16] | proof_data | ||
0x11 | char[20] | client_proof | ||
0x25 | char[20] | unk_hash | ||
0x39 | uint8 | unk |
To check if the client proof is correct, the server must calculate SHA1(account_name | proof_data | challenge_data | session_key) and compare it to client_proof.
AuthReconnectionProof_Server
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint8 | Command | 0x3 | |
0x1 | uint8 | Error |
Builds 5875, 6005, 6141 (1.12.x)
Constants
AuthLogonChallenge
Client
Server
AuthLogonProof
Client
Server
RealmList
Client
Server
Builds 8606, 10505, 11159, 11403, 11723, 12340 (2.4.3 to 3.x)
Unknown build
AuthLogonChallenge_Client
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint8 | Command | ||
0x1 | uint8 | Error | ||
0x2 | uint16 | Size | ||
0x4 | char[4] | GameName | 'WoW' | |
0x8 | uint8[3] | Version | 0x00 0x08 0x00 | |
0xB | uint16 | Build | aka Revision | |
0xD | char[4] | Platform | eg 'x86' | |
0x11 | char[4] | OS | eg 'Win' | |
0x15 | char[4] | Country | eg 'enUS' | |
0x19 | uint32 | WorldRegion_bias | ? | |
0x1D | uint32 | IP | Client-IP | |
0x21 | uint8 | AccountName_Length | The Lenght of the Account-Name | |
0x22 | char[] | AccountName |
AuthLogonChallenge_Server
Offset | Type | Name | Description | ||
---|---|---|---|---|---|
0x1 | uint8 | cmd | |||
0x2 | uint8 | unk | |||
0x3 | uint8 | error | |||
0x4 | char[32] | B | Public ephemeral value(SRP) | ||
0x24 | uint8 | g_len | 0x1 | ||
0x25 | uint8 | g | A generator modulo N(SRP) | ||
0x26 | uint8 | N_len | 0x20 | ||
0x27 | char[32] | N | A large safe prime (N = 2q+1, where q is prime). All arithmetic is done modulo N.(SRP) | ||
0x47 | char[32] | s | User's salt | ||
0x67 | char[16] | unk2 |
AuthLogonProof_Client
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint8 | Command | ||
0x01 | uint8[32] | A | ||
0x21 | uint8[20] | M1 | ||
0x35 | uint8[20] | CRC_Hash | ||
0x49 | uint8 | nKeys | ||
0x4A | uint8 | unk | Added in 1.12.x client branch |
AuthLogonProof_Server
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint8 | Command | ||
0x1 | uint8 | Error | ||
0x2 | uint8[20] | M2 | ||
0x16 | uint32 | unk1 | ||
0x1A | uint32 | unk2 | ||
0x1E | uint16 | unk3 |
Logon Errors
Name | Value | |
---|---|---|
LOGIN_OK | 0x00 | |
LOGIN_FAILED | 0x01 | |
LOGIN_FAILED2 | 0x02 | |
LOGIN_BANNED | 0x03 | |
LOGIN_UNKNOWN_ACCOUNT | 0x04 | |
LOGIN_UNKNOWN_ACCOUNT3 | 0x05 | |
LOGIN_ALREADYONLINE | 0x06 | |
LOGIN_NOTIME | 0x07 | |
LOGIN_DBBUSY | 0x08 | |
LOGIN_BADVERSION | 0x09 | |
LOGIN_DOWNLOAD_FILE | 0x0A | |
LOGIN_FAILED3 | 0x0B | |
LOGIN_SUSPENDED | 0x0C | |
LOGIN_FAILED4 | 0x0D | |
LOGIN_CONNECTED | 0x0E | |
LOGIN_PARENTALCONTROL | 0x0F | |
LOGIN_LOCKED_ENFORCED | 0x10 |
Realm List
Vanilla (4125 to 5875)
RealmList_C
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint8 | cmd | OP code = CMD_REALM_LIST | |
0x1 | uint32 | unknown | 0x00 00 00 00 |
RealmHeader_S
The server answers with a packet composed of this header, as many RealmInfo_S, and a RealmFooter_S.
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint8 | cmd | OP code = CMD_REALM_LIST | |
0x1 | uint16 | size | size of the rest of packet, without these 3 first bytes | |
0x3 | uint32 | unknown | 0x00 00 00 00 | |
0x7 | uint8 | nRealm | Number of realms |
The size value can be computed with the part of the header taken into account plus the footer (5+2 bytes) and the size of every RealmInfo_S which is variable.
RealmInfo_S
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint32 | type | realm type? 0 is normal, 1 is PVP | |
0x4 | uint8 | flags | see below | |
0x5 | string | name | Zero terminated string; name of the Realm | |
0x5+name.length() | string | addr_port | Zero terminated string; address of the Realm ("ip:port") | |
0x5+name.length()+addr_port.length() | float | population | Population value. 0 is low, 1 is medium, 2 is high. | |
0x9+name.length()+addr_port.length() | uint8 | nCharacters | the Number of Chars you have on that server | |
0xA+name.length()+addr_port.length() | uint8 | TimeZone | ||
0xB+name.length()+addr_port.length() | uint8 | unknown |
Flags Meaning 0x01 Color the realm name in red (can't create char?) 0x02 Realm is offline
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint16 | unk |
Unknown build
SRealmHeader
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint8 | cmd | OP code = CMD_REALM_LIST | |
0x1 | uint16 | size | size of the rest of packet, without this part | |
0x3 | uint32 | unknown | 0x00 00 00 00 | |
0x7 | uint8 | nRealm | Number of realms |
SRealmInfo
Offset | Type | Name | Description | |
---|---|---|---|---|
0x0 | uint8 | icon | icon near realm | |
0x1 | uint8 | locked | added in 2.0.x | |
0x2 | uint8 | color | color of record | |
0x3 | string | name | Zero terminated string; name of the Realm | |
0x3+name.length() | string | addr_port | Zero terminated string;address of the Realm ("ip:port") | |
0x3+name.length()+addr_port.length() | float | population | 1.6 -> population value. lower == lower population and vice versa | |
0x7+name.length()+addr_port.length() | uint8 | nCharacters | the Number of Chars you have on that server | |
0x8+name.length()+addr_port.length() | uint8 | TimeZone | ||
0x9+name.length()+addr_port.length() | uint8 | unknown |
Char Creation
CMSG_CHAR_CREATE
Upon creating a character, the client sends CMSG_CHAR_CREATE to the server with all the details that makeup the newly created character.
Name | Type | Value | |
---|---|---|---|
Name | String | Name of the Character | |
Race | uint8 | ||
Class | uint8 | ||
Gender | uint8 | 0 - Male; 1 - Female | |
Skin | uint8 | I think it's CharSections.dbc | |
Face | uint8 | but I'm not sure about this | |
HairStyle | uint8 | ||
HairColor | uint8 | ||
FacialHair | uint8 | ||
OutfitID | uint8 |