Stuck on AuthLogonChallenge_Server

[welpcow]

I have been tearing my hair out over this for a few weeks now and cannot find any documentation that makes it easier for me. I try not to post on forums of any kind so I ask you forgive my low rep score.

I am attempting to build a simple authentication server (target 1.12.x) using node js (net module, not socket.io). This is to help me better understand how the protocol works and expand my knowledge.

I have been able to receive and break down the initial packet the client sends that contains the client build, version, locale, username, so on.

I believe from reviewing many emu servers code (all c++) that the next step is what the wiki calls AuthLogonChallenge_Server. The server is to send a packet of data back to the client.

I can send error data back to the client easy, for example sending that the account is banned.

Building a valid packet for moving to the next step seems to be the part I cannot understand. I have searched and searched but as c++ is not my language I have not been able to understand how to translate this into js. I believe the npm module srp would help, but I am not sure how.

I am at your mercy if anyone can help.

[Glusk]

The protocol used to authenticate with and log in to the login (sometimes also called authentication or shorter auth) server is SRP-6. Furthermore, it uses an optimisation so that there is a minimal exchange of packets between the client and the server. [1]

You can sniff the packets via Wireshark, which has built-in filters for WoW login protocol called "wow". Some documentation is also available on the arcemu wiki page, though somewhat incomplete and at times inaccurate.

node-srp won't work out of the box since it implements a different version of the protocol (SRP-6a). It also assumes big-endian byte order whereas the WoW implementation uses little-endian byte order. The amount of modifications required would then defeat the purpose of a utility package.

All in all, it's a lot of tedious work. All you have to do is to carefully follow the protocol. There are a few things that you have to look out for:

• client will send and receive SRP integer variables in little-endian byte order
• Code:

                     _________
                    |         |
  Little-endian --> |  SHA-1  | --> Little-endian
                    |_________|

• most BigInteger/bignum/... objects work with big-endian representation so there will be a lot of reversing!

Here's a dump of SRP-6 variables on the server upon successful login, so that you can test your code against it:

Code:

# all integer variables are in little-endian byte order
# s, M1, M2 and K are not treated as numbers and as such have no assigned byte order

u  - 698F9038 2D1313D5 FB888B34 F8694BA9 5E4309E3
S  - 4B9AA92F C209E663 EF63E3D2 98661577 927A741E 7FCAD8E1 D6F70CD6 55FAA645
A  - EC895E04 5BB7DD62 8CCFA715 116A39CB 00C55B63 61A229FA 8DAC5B73 D638773E
b  - 86C4C539 C8BDA1F6 50CAB032 199959D4 9E53E953 9F4F9705 B2C710B2 2448D96D
B  - 7B0E4A09 8401AFF1 050A15E9 EF345342 29E57C70 B0DEC81F 2CFBCBDC 6671DA73
s  - 8598916D 316FF815 3C23AE77 CE67009C 683FD10D F8F66F6E 96050C87 0208DB16
M1 - C80C3013 11D04379 F0D00393 DF0D478A 6EEC2D00
M2 - 1EEA742C 32C30B49 EA63161E 91C38B55 25C71CA7
v  - 8DD50E4A 81132CDA 8D675687 010C852C BBD23A17 15724A35 D7E5C384 55D73F37
g  - 7
I  - TEST
P  - TEST
x  - 0D0DAF13 037A3FD6 017457D3 40F5C321 339D929A
K  - 3D41C92C 4D1F32BA DB7B2D41 3B6E67BC 1A8C483C DE6FFD0D 555F922B 28617941 D6B4E394 2842E629  # see SHA_Interleave in [2]
N  - B79B3E2A 87823CAB 8F5EBFBF 8EB10108 53500629 8B5BADBD 5B53E189 5E644B89
k  - 3

# Missing:
a  - not necessary for server side computations

If anyone's using Java, give SRP-6 Variables a go!

---

References:

• [1] http://srp.stanford.edu/srp6.ps
• [2] https://tools.ietf.org/html/rfc2945

[welpcow]

node-srp won't work out of the box since it implements a different version (SRP-6a). It also assumes big-endian byte order whereas the WoW implementation uses little-endian byte order. The amount of modifications required would then defeat the purpose of a utility package.

All in all it's a lot of tedious work. All you have to do is to carefully follow the protocol. There are a few things that you have to look out for:
client will send and receive SRP variables in little-endian byte order

Thank you so much. I had read stanford document before but maybe I am blind I had not read anywhere that it was little-endian. Also I was working on idea that srp6a was okay.

I will continue my struggle with these new ideas and thank you for help

[Glusk]

I had read stanford document before but maybe I am blind I had not read anywhere that it was little-endian.

Just to be clear: SRP-6 itself is neutral towards endiannes. It works either way and that's why there's no word about it in the Stanford docs. WoW's version is implemented using little-endian representation of numbers.

[welpcow]

I am now making packets correctly thanks to your help, but the progress does not continue. I think this is as you said because the module I am using, fast-srp does not produce in little endian.

I am hopeful that if I can correct this then my problem will be solved.