BNETDocs
C>S 0x3A SID_LOGONRESPONSE2
Message Id:0x3A
Message Name:SID_LOGONRESPONSE2
Direction:Client to Server
Used By:Starcraft Original, Starcraft Broodwar
Diablo II, Diablo II Lord of Destruction
Format:

(UINT32)     Client Token
(UINT32)     Server Token
 (UINT8)[20] Password Hash
(STRING)     Username

Remarks

Contains Client's username and hashed password. This message is the same as C>S 0x29 0xSID_LOGONRESPONSE, but has additional response codes.

Battle.net password hashes are hashed twice using XSHA-1. First, the password is hashed by itself, then the following data is hashed again and sent to Battle.net:

  1. (UINT32) Client Token
  2. (UINT32) Server Token
  3. (UINT8)[20] First password hash

Passwords should be converted to lowercase before hashing, for compatibility with Blizzard games.

| Edited:
Comments

no one has commented yet.