The Login Sequence
Before the client can gain access to any information it must be authenticated with the server. Authenticating does not create an encrypted connection, it simply identifies the client to the server. This is a 7 step process:
Client ➡️ Server
Message: 1000bc0102009e04610b040189040c000000
The first message from the client to the server requests a login portal by providing the server with the client's version number.
| Enumerator | Description | Type | Length |
|---|---|---|---|
| 1000 | Message Length (in fields) | Bytes | 2 |
| -- | BC010200 |
Bytes | 4 |
| 049E | Version Number | Bytes | 4 |
| 0489 | 0C000000 |
Bytes | 4 |
Client ⬅️ Server
Message: 1600bc0103009e04610b040189040c000000190300000000
If the client's version number is valid the server will respond with its own version number. Since the game hasn't been updated since 2016, this number is always 610b0401 for both client and server.
| Enumerator | Description | Type | Length |
|---|---|---|---|
| 1600 | Message Length (in fields) | Bytes | 2 |
| -- | BC010300 |
Bytes | 4 |
| 049E | Version Number | Bytes | 4 |
| 0489 | 0C000000 |
Bytes | 4 |
| 0319 | 00000000 |
Bytes | 4 |
Client ⬅️ Server
Message: 2a00970103006406f15b0000e303--------------------------------e003000000000000000000000000
Message: 2a0097010300640668940000e303279d25592e148d42b6b7c56c5adbf9b9e003000000000000000000000000
| Enumerator | Description | Type | Length |
|---|---|---|---|
| -- | 2A00 |
Bytes | 2 |
| 0197 | 03006406 |
Bytes | 4 |
| -- | Conversation ID | Bytes | 4 |
| 03E3 | Salt | Bytes | 16 |
| 03E0 | 000000000000000000000000 |
Bytes | 12 |
Client ➡️ Server
Message: 12003a0001009e04610b04010000000000000000
| Enumerator | Description | Type | Length |
|---|---|---|---|
| -- | 1200 |
Bytes | 2 |
| 003A | 0100 |
Bytes | 2 |
| 049E | Version Number | Bytes | 4 |
| -- | 0000000000000000 |
Bytes | 8 |
Client ⬅️ Server
Message:
| Enumerator | Description | Type | Length |
|---|
Client ➡️ Server
Message:
| Enumerator | Description | Type | Length |
|---|
Client ⬅️ Server
This final step provides the result of the login attempt. There are 4 possible messages that the server can send to the client at this step:
Message:
| Enumerator | Description | Type | Length |
|---|
Message: 42003d000800420400fc024849000019020c0c1900190000000000230600000000d60500e303--------------------------------ba00ac5d00000200000000000000
After a login attempt fails the server will respond with the above message. This also resends the salt so that the client may try to submit credentials again, if perhaps the salt was incorrectly handled the first time. Although this does not seem to be used in practice by the game client.
| Enumerator | Description | Type | Length |
|---|---|---|---|
| -- | 4200 |
Bytes | 2 |
| 003D | 0800420400 |
Bytes | 5 |
| 02FC | 48490000 |
Bytes | 4 |
| 0219 | 0C0C1900 |
Bytes | 4 |
| 0019 | 00000000 |
Bytes | 4 |
| 0623 | 00000000 |
Bytes | 4 |
| 05D6 | 00 |
Bytes | 1 |
| 03E3 | Salt | Bytes | 16 |
| 00BA | AC5D0000 |
Bytes | 4 |
| -- | 0200000000000000 |
Bytes | 8 |
Message:
| Enumerator | Description | Type | Length |
|---|
Message: 47003d000900bc01010079420400fc020559000019020c0c1900190000000000230600000000d60500e303--------------------------------ba00579400000200000000000000
| Enumerator | Description | Type | Length |
|---|---|---|---|
| -- | 4700 |
Bytes | 4 |
| 003D | 0900 |
EnumBlockArray | |
| 01BC | EnumBlockArray | ||
| 0001 | 79 |
Bytes | 1 |
| 0442 | 00 |
Bytes | 1 |
| 02FC | 05590000 |
Bytes | 4 |
| 0219 | 0c0c1900 |
Bytes | 4 |
| 0019 | 00000000 |
Bytes | 4 |
| 0623 | 00000000 |
Bytes | 4 |
| 05D6 | 00 |
Bytes | 1 |
| 03E3 | Salt | Bytes | 16 |
| 00BA | Conversation ID | Bytes | 4 |
| -- |
0200000000000000 or 0200000001000000
|
Bytes | 8 |
If the account used to authenticate is a new HiRez account, the server will end the login sequence by sending the above message to the client. This tells the client to display the EULA agreement.
-
If the user selects
Decline, the game exits silently without any more communication with the server. -
If the user selects
Accept, the game prompts the user to enter a "gamer name".
- If the user selects
Quiton this prompt, the game exits silently without any more communication with the server. The user will be prompted with the EULA again on next launch. - If the user enters an invalid name (eg, a name with the word "bot" in it lol) and selects
Ok, the game client will silently restart the whole login sequence again, up to the EULA agreement. - If the user enters a valid name and selects
Ok, the game client will silently restart the whole login sequence again with the server completing the sequence with the Login Attempt Succeeded. However, the authentication message that the client sends to the server will contain the chosen "gamer name" and be structured as follows:db003a000d00560068000000d5d977feb0b5013718463a50adf7ce03a734708343fc1842a7c4a47f7dac1ce3cc5147e6a90bdebb6cf068ec1cf369cf97a6f294c301312657798801ab77161bcb6d7072d60f328d97d2e1a43c412862cca99a1e04da422daa97563a193f3d7e69b9a9ae6f2c0f939404100077696c6465727a6f6e65626f743030314a030d0077696c6465727a6f6e65303031bc0101006e7106432800007206000000007306017706c3ee58437606ae3f00007406de100000750687240000340400000000000000009e04610b04010000000000000000
- If the user selects
| Enumerator | Description | Type | Length |
|---|