-
Member
Handle auth session - stuck on server response
Hello, guys !
I'm writing wow core from scratch and stuck on server response.
Currently I've passed login challenge, proof and realmlist requests, sent auth_seed (4 bytes) to client with opcode SMSG_AUTH_CHALLENGE (0x1EC) and can't understand what I need to send from server to client else.
I've debugged another wow core with wireshark and noted server sent packet with length 200. But I can't understand how to generate this packet.
Please, help me! What I need to send ? (In other words, what I need to send after client sent request for SMSG_AUTH_CHALLENGE response from server ?)
ADDITIONAL:
On auth_seed sending client sends response with opcode CMSG_AUTH_SESSION (0x1ED) and packet size equals to 278.
ADDITIONAL:
I'm writing server emulator for TBC (2.4.3)
Last edited by /dev/not/null; 10-28-2018 at 11:04 AM.
-
Member
[Bash] 0000 00 00 03 04 00 06 00 00 00 00 00 00 00 00 08 00 ................ 0010 - Pastebin.com (dump of packet, that another wow core sends after CMSG_AUTH_SESSION)
Wireshark show packet content starting from 0040, bytes 04-08 (62 75 36 e7)
Last edited by /dev/not/null; 10-28-2018 at 12:06 PM.
-
Contributor
Reply with `SMSG_AUTH_RESPONSE`:
Code:
/* SMSG_AUTH_RESPONSE */
/*
Header {
uint16 packetSize
uint16 packetID
}
Data {
uint8 authStatus, //0x0c -> AUTH_OK, mangos
uint32 billingTimeRemaining
uint8 billingPlanFlags
uint32 billingTimeRested
uint8 expansionNumber //( 0 -> Vanilla, 1 -> TBC, ...)
}
*/
The packet header must be encrypted.
Last edited by Glusk; 10-31-2018 at 04:52 AM.
Reason: Header was wrong
-
Post Thanks / Like - 2 Thanks
-
Member
Originally Posted by
Glusk
Reply with `SMSG_AUTH_RESPONSE`:
Code:
/* SMSG_AUTH_RESPONSE */
/*
Header {
uint16 packetSize
uint16 packetID
uint32 unknown
}
Data {
uint8 authStatus, //0x0c -> AUTH_OK, mangos
uint32 billingTimeRemaining
uint8 billingPlanFlags
uint32 billingTimeRested
uint8 expansionNumber //( 0 -> Vanilla, 1 -> TBC, ...)
}
*/
The packet header must be encrypted.
1. packetID is opcode like SMSG_AUTH_RESPONSE, isn't it ?
2. OK, as I can see, header in your code example takes 8 bytes, isn't it ? Can you please tell me, my AuthCrypt class is correct or no ?
Code:
class AuthCrypt(object):
''' Using for encrypt/decrypt of world packet headers '''
ENCRYPT_HEADER_SIZE = 4
DECRYPT_HEADER_SIZE = 6
def __init__(self, session_key):
self.session_key = session_key
self.send_i = 0
self.send_j = 0
self.recv_i = 0
self.recv_j = 0
def encrypt(self, data):
assert len(data) >= self.ENCRYPT_HEADER_SIZE
encrypted_header = [0] * self.ENCRYPT_HEADER_SIZE
for index in range(self.ENCRYPT_HEADER_SIZE):
enc = (data[index] ^ self.session_key[self.send_i]) + self.send_j
enc %= 0x100
encrypted_header[index] = self.send_j = enc
self.send_i = (self.send_i + 1) % len(self.session_key)
return bytes(encrypted_header) + data[self.ENCRYPT_HEADER_SIZE:]
def decrypt(self, data):
assert len(data) >= self.DECRYPT_HEADER_SIZE
decrypted_header = [0] * self.DECRYPT_HEADER_SIZE
for index in range(self.DECRYPT_HEADER_SIZE):
dec = (data[index] - self.recv_j) ^ self.session_key[self.recv_i]
dec %= 0x100
decrypted_header[index] = dec
self.recv_j = data[index]
self.recv_i = (self.recv_i + 1) % len(self.session_key)
return bytes(decrypted_header) + data[self.DECRYPT_HEADER_SIZE:]
I asking because currently client is hanging on "Connected" after SMSG_AUTH_RESPONSE was sent.
Last edited by /dev/not/null; 10-30-2018 at 05:17 PM.
-
Contributor
1. packetID is opcode like SMSG_AUTH_RESPONSE, isn't it ?
Yes.
2. OK, as I can see, header in your code example takes 8 bytes, isn't it ?
No, it is in fact 4 bytes - my mistake. I've corrected it.
Can you please tell me, my AuthCrypt class is correct or no ?
No, it isn't. Check out this python project for reference:
pywowd/header_encrypt.py at master . fotcorn/pywowd . GitHub
-
Post Thanks / Like - 2 Thanks
-
Member
After sending SMSG_AUTH_RESPONSE, encrypted with algorithm above client still hanging on 'Connected'
Maybe I need to send anything else ?
EDITED
SURE! I need to send SMSG_ADDON_INFO before response! But I can't understand packet structure. Can you please help me ?
I debugged OregonCore and noticed in wireshark this packet, but only today I found the opcode for it.
After sending client still hanging on Connected...
Last edited by /dev/not/null; 10-31-2018 at 05:30 PM.
-
Contributor
Maybe I need to send anything else ?
Yes, you need to send SMSG_ACCOUNT_DATA_TIMES.
Last edited by Glusk; 11-01-2018 at 04:29 AM.
Reason: typo
-
Post Thanks / Like - 2 Thanks
-
Member
But client not responding after SMSG_AUTH_RESPONSE, does it normal? Am I need to send SMSG_ACCOUNT_DATA_TIMES without waiting for client response?
ADDITIONAL QUESTION: Maybe auth_seed I sent is incorrect ? what I need to send as SMSG_AUTH_CHALLENGE ? Currently I sends 4 random bytes. And client respond with CMSG_AUTH_SESSION.
ADDITIONAL: I tried to send SMSG_ACCOUNT_DATA_TIMES, but no luck. As II can see for another core (OregonCore) in wireshark - after SMSG_AUTH_RESPONSE client respond with packet. But in my case client not respond. I think something wrong with encrypting packet to send. Have no idea about another reason/
Last edited by /dev/not/null; 11-02-2018 at 02:48 AM.
Reason: +additional
-
Member
Well... After a lot of experiments I have found something interesting. I noticed in wireshark that client reconnecting to Login Server after CMSG_AUTH_SESSION response. So I tried to return realmlist response in infinite loop and got error 'Unable to connect to realmlist server' but after closing this window I got access to char screen.
So, it seems my Login Server working incorrect. Can anybody help me to realize, what behavior should be on Login Server after responding with REALMLIST response on LOGIN CHALLENGE step ?
---------------------
Returning realmlist packet in infinite loop is overkill. A lot of packets with length 65k causing memory leak error in wow client.