Authenticator Prompt in 2.4.3 and Server Injected Code menu
Follow us:

Shout-Out

User Tag List

Results 1 to 4 of 4
  1. 10-06-2013 #1
    error4o3's Avatar
    error4o3
    error4o3 is offline
    Private
    Reputation
    1
    Join Date
    Jun 2013
    Posts
    2
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Authenticator Prompt in 2.4.3 and Server Injected Code

    Hi there,
    I've been searching on these forums for a couple hours for an answer to my question, but I've had no luck. I'm curious if anyone knows how authenticators were implemented in 2.4.3? I'm not finding "security code" as a string in IDA and looking up some history it seems that authenticator support was added without an official patch (or at least it was earlier on and not noted). This leads me to believe that perhaps the authenticator prompt was code injected by the server (like Warden is), but I'm not familiar enough with code distributed by the servers to say for sure.

    For a while I thought that 2.4.3 was too early for authenticator support, but then I found this:



    And recall that back then it used to prompt you every time you logged in, suggesting it could have been implemented without a patch.

    Some may wonder why I'm bothering with this... my team is looking at options for security in our upcoming private server and while other options exist, I wanted to investigate this solution a bit more. Not exactly WoW Memory Editing in the sense of client-on-client, but hopefully you'll see how I made the connection.

    Thanks all
    Reply With Quote Reply With Quote
    Authenticator Prompt in 2.4.3 and Server Injected Code
  2. 10-07-2013 #2
    TOM_RUS's Avatar
    TOM_RUS
    TOM_RUS is offline
    Legendary
    Reputation
    914
    Join Date
    May 2008
    Posts
    699
    Thanks G/R
    0/52
    Trade Feedback
    0 (0%)
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by error4o3 View Post
    I'm not finding "security code" as a string in IDA
    Check Interface\GlueXML\GlueStrings.lua? Or DBC. If client displays a string, it should be somewhere, not necessary in game binary.
    Reply With Quote Reply With Quote
  3. 10-07-2013 #3
    error4o3's Avatar
    error4o3
    error4o3 is offline
    Private
    Reputation
    1
    Join Date
    Jun 2013
    Posts
    2
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by TOM_RUS View Post
    Check Interface\GlueXML\GlueStrings.lua? Or DBC. If client displays a string, it should be somewhere, not necessary in game binary.
    Indeed after much searching I found it in GlueStrings.lua from patch.mpq. Thanks for that tip. (Didn't realize even the first few screens were written in LUA too)

    That being said, does anyone know the opcodes and/or other bytes to trigger the client to prompt for this and the rest of the authentication steps? I don't see it documented in a few of the more common servers.
    Reply With Quote Reply With Quote
  4. 10-07-2013 #4
    TOM_RUS's Avatar
    TOM_RUS
    TOM_RUS is offline
    Legendary
    Reputation
    914
    Join Date
    May 2008
    Posts
    699
    Thanks G/R
    0/52
    Trade Feedback
    0 (0%)
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Have you even looked at emu sources? Pretty sure mangos has some things documented AuthSocket.cpp (securityFlags).
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. WTT 68 human mage US FOR only 1 month of gametime and server transfer!
    By Nolixz in forum Members Only Accounts And CD Keys Buy Sell
    Replies: 3
    Last Post: 03-03-2008, 10:33 AM
  2. [Authentication / unable to connect] The most horrific server mess EVER
    By Ghosthopper in forum World of Warcraft Emulator Servers
    Replies: 15
    Last Post: 02-03-2008, 01:24 AM
  3. Question about gold and server transer
    By Chadgar in forum World of Warcraft General
    Replies: 1
    Last Post: 01-14-2008, 09:02 PM
  4. Need help with website and server
    By Ukrajinc in forum World of Warcraft Emulator Servers
    Replies: 0
    Last Post: 12-26-2007, 08:41 PM
  5. [Question] Model Editing and Server Hosting
    By DJRehab in forum WoW ME Questions and Requests
    Replies: 0
    Last Post: 11-16-2007, 11:17 AM
All times are GMT -5. The time now is 04:58 PM. Powered by vBulletin® Version 4.2.3
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Google Authenticator verification provided by Two-Factor Authentication (Free) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search