In Simutrans they know the hash of your password, and hence know your password.
That is not the same. Hashing is a non-reversible function, which is the whole point when using it for storing user passwords. Knowing the hashed password will not allow you to impersonate that user, because that should require knowing the plain-text password.
Using a modified Simutrans they could inject your password hash directly to another server, where if you used the same password they would then login. Or at least that is what it looked like to me.
If Simutrans uses the already hashed password over the wire, then the hash is
the password. Whatever the user typed is just an easier-to-remember seed to generate it. It will allow someone with access to the server to impersonate that users, but they can do that by setting another password anyway. They will not be able to use that password to log onto their mail accounts or whatever, unless they also take passwords in using exactly the same hashing algorithm.
Naturally, if the unhashed password is sent to the server, a server administrator will have the ability to snatch it in-flight from RAM. I think there are some solutions to that as well, but given how heartbleed supposedly gave access to passwords, I guess it is quite normal for servers to take unhashed passwords when authenticating users even if they hash passwords for storage.