1.1.2.4125
It's worth noting that, for this build, the client automatically disconnect after a successful login challenge and proof exchange and sends a reconnect packet right away instead of asking for the realm list.
Some enums first:
Opcodes
Name
|
Value
|
LOGIN_CHALL |
0x00
|
LOGIN_PROOF |
0x01
|
RECON_CHALL |
0x02
|
RECON_PROOF |
0x03
|
REALMLIST |
0x10
|
XFER_INITIATE |
0x30
|
XFER_DATA |
0x31
|
Error codes
Name
|
Value
|
LOGIN_OK |
0x00
|
LOGIN_FAILED |
0x01
|
LOGIN_FAILED2 |
0x02
|
LOGIN_BANNED |
0x03
|
LOGIN_UNKNOWN_ACCOUNT |
0x04
|
LOGIN_UNKNOWN_ACCOUNT3 |
0x05
|
LOGIN_ALREADYONLINE |
0x06
|
LOGIN_NOTIME |
0x07
|
LOGIN_DBBUSY |
0x08
|
LOGIN_BADVERSION |
0x09
|
LOGIN_DOWNLOAD_FILE |
0x0A
|
LOGIN_FAILED3 |
0x0B
|
LOGIN_SUSPENDED |
0x0C
|
LOGIN_FAILED4 |
0x0D
|
LOGIN_CONNECTED |
0x0E
|
LOGIN_PARENTALCONTROL |
0x0F
|
LOGIN_LOCKED_ENFORCED |
0x10
|
Challenge packets:
AuthLogonChallenge_Client
Offset
|
Type
|
Name
|
Description
|
0x0 |
uint8 |
command |
0x0
|
0x1 |
uint8 |
error
|
0x2 |
uint16 |
size
|
0x4 |
char[4] |
gamename |
'WoW'
|
0x8 |
uint8[3] |
version |
0x01 0x01 0x02
|
0xB |
uint16 |
build |
4125, aka Revision
|
0xD |
char[4] |
platform |
eg 'x86'
|
0x11 |
char[4] |
os |
eg 'Win'
|
0x15 |
char[4] |
country |
eg 'enUS'
|
0x19 |
uint32 |
worldregion_bias |
?
|
0x1D |
uint32 |
ip |
client_ip
|
0x21 |
uint8 |
account_name_len
|
0x22 |
char[account_name_len] |
account_name
|
AuthLogonChallenge_Server
Offset
|
Type
|
Name
|
Description
|
0x1 |
uint8 |
command |
0x0
|
0x2 |
uint8 |
unk
|
0x3 |
uint8 |
err
|
0x4 |
char[32] |
B |
SRP public server ephemeral
|
0x24 |
uint8 |
g_len |
SRP generator length
|
0x25 |
uint8 |
g |
SRP generator
|
0x26 |
uint8 |
n_len |
SRP modulus length
|
0x27 |
char[32] |
n |
SRP modulus
|
0x47 |
char[32] |
srp_salt |
SRP user's salt
|
0x47 |
char[16] |
crc_salt |
A salt to be used in AuthLogonProof_Client.crc_hash
|
Proof packets:
AuthLogonProof_Client
Offset
|
Type
|
Name
|
Description
|
0x0 |
uint8 |
command |
0x1
|
0x1 |
uint8[32] |
a
|
0x21 |
uint8[20] |
m1
|
0x35 |
uint8[20] |
crc_hash
|
0x49 |
uint8 |
num_keys
|
AuthLogonProof_Server
Offset
|
Type
|
Name
|
Description
|
0x0 |
uint8 |
command |
0x1
|
0x1 |
uint8 |
error
|
0x2 |
uint8[20] |
m2
|
0x16 |
uint32 |
unk
|
Reconnection challenge packets:
AuthReconnectionChallenge_Client has the same structure as AuthLogonChallenge_Client, except that the command is 0x2.
AuthReconnectionChallenge_Server
Offset
|
Type
|
Name
|
Description
|
0x0 |
uint8 |
command |
0x2
|
0x1 |
uint8 |
error
|
0x2 |
char[16] |
challenge_data |
random data, used as a challenge
|
0x12 |
uint64 |
unk1
|
0x1A |
uint64 |
unk2
|
Reconnection proof packets:
AuthReconnectionProof_Client
Offset
|
Type
|
Name
|
Description
|
0x0 |
uint8 |
command |
0x3
|
0x1 |
char[16] |
proof_data
|
0x11 |
char[20] |
client_proof
|
0x25 |
char[20] |
unk_hash
|
0x39 |
uint8 |
unk
|
To check if the client proof is correct, the server must calculate SHA1(account_name | proof_data | challenge_data | session_key) and compare it to client_proof.
AuthReconnectionProof_Server
Offset
|
Type
|
Name
|
Description
|
0x0 |
uint8 |
command |
0x3
|
0x1 |
uint8 |
error
|
Realm list packets:
RealmList_Client
Offset
|
Type
|
Name
|
Description
|
0x0 |
uint8 |
cmd |
REALMLIST
|
0x1 |
uint32 |
unknown |
null
|
The server answers with a packet composed of a RealmHeader_Server, as many
RealmInfo_Server as specified and a RealmFooter_Server.
RealmHeader_Server
Offset
|
Type
|
Name
|
Description
|
0x0 |
uint8 |
cmd |
REALMLIST
|
0x1 |
uint16 |
size |
size of the rest of packet, without these 3 first bytes
|
0x3 |
uint32 |
unknown |
null
|
0x7 |
uint8 |
num_realms |
Number of RealmInfo_Server
|
The size value can be computed with the part of the header taken into account
plus the footer (5+2 bytes) and the size of every RealmInfo_Server which is
variable.
RealmInfo_Server
Offset
|
Type
|
Name
|
Description
|
0x0 |
uint32 |
type |
realm type? 0 is normal, 1 is PVP
|
0x4 |
uint8 |
flags |
see below
|
0x5 |
char[] |
name |
Zero terminated string; name of the Realm
|
|
char[] |
addr_port |
Zero terminated string; address of the Realm ("ip:port")
|
|
float |
population |
Population value. 0 is low, 1 is medium, 2 is high.
|
|
uint8 |
num_chars |
The number of chars you have on that server
|
|
uint8 |
time_zone |
really?
|
|
uint8 |
unknown
|
Flags Meaning
0x01 Color the realm name in red (can't create char?)
0x02 Realm is offline
RealmFooter_Server
Offset
|
Type
|
Name
|
Description
|
0x0 |
uint16 |
unk
|