Added MD5 hashing and extensive testing documentation for future attempts
at supporting strict Warden servers like Warmane.
Enhancements:
- Added MD5 hash support to Crypto class (OpenSSL-based)
- Tested 6 different module ACK response formats against Warmane
- Analyzed module packet structure (37 bytes: opcode + seed + trailing)
- Enhanced debug logging for plaintext and encrypted Warden data
Documentation:
- WARDEN_IMPLEMENTATION.md: Complete implementation guide with all attempts
- WARDEN_QUICK_REFERENCE.md: Quick troubleshooting and testing guide
Test Results (Warmane):
- Empty ACK (0 bytes): Server silent
- XOR/MD5 checksum (18 bytes): Server silent
- Single byte (1 byte): Server disconnects (rejected)
- Echo trailing (20 bytes): Server silent
- Result + SHA1 (21 bytes): Server silent
Conclusion:
- Current implementation works with permissive/disabled Warden servers
- Warmane requires module execution or undocumented response format
- Full documentation provided for future reverse engineering attempts
Next steps documented:
1. Capture packets from real WoW client (protocol analysis)
2. Implement module execution engine (months of work)
3. Test with local AzerothCore server
Save SHA1(UPPER(user):UPPER(pass)) hash to login.cfg instead of the
plaintext password. On subsequent logins, use the stored hash directly
with a new authenticateWithHash() method that bypasses password hashing.
The password field shows a placeholder when using a stored hash.
Three critical bugs fixed:
- LOGON_CHALLENGE request: set protocol byte to 0x03 (was 0x00) and
reverse FourCC strings (game/platform/os/locale) to match real client
- Response parsers: remove double-read of opcode byte that shifted all
field reads by one, preventing successful auth with real servers
- LOGON_PROOF response sizes: success=32 bytes, failure=4 bytes to match
TrinityCore/AzerothCore format
Also adds missing auth result codes (0x13-0x20, 0xFF) including
IGR_WITHOUT_BNET (0x17) which Warmane was returning.
