m00str

Hey guys. First please excuse my possible bad or gramatically wrong english, im from germany Im falling into the MaNGOS source code now for 3 Days and every new Page I see confuses me more and more My largest Problem is that no where is documented what the parts of the source are doing (maybe i just didnt find them). Also i am wondering how the authentication works. I've read through many websites about the wow encryption and most of them are talking over 4 bytes which are encrypted with a 40-byte Key which is generated at the session start and those 4 bytes are containing the length of the single commands in a package. But i am wondering how multiple byte-offsets can be stored in only 4 bytes! And I dont understand in which line the session key is created and submitted to the client. I hope someone can help a noob^^ P.S: i think i will go crazy greetings m00str EDIT: Maybe it could help to write how i think the auth works... First, the Client sends his Data (AUTH_LOGON_CHALLENGE 0x00, WOW, 3.1.3, build 9947 and so on), Then the Server replies 3 strange codes (seems to be the SRP6 stuff, but splitted in 3 Parts?) after that the client calculates some sort of CRC-hash (the Patch version?) and the encoded Password, i think and if the AUTH_LOGON_PROOF was correct the server answeres a SRP M2 (another SRP part?) but as you see, i have no idea how steps 2,3 and 4 are created and proved. I'd love to get some help here