Transport Layer:Transmission Control Protocol (TCP)
Application Layer:Battle.net v1 TCP Messages (SID)
Message Id:0x31
Direction:Client to Server
Used By:Starcraft Original, Starcraft Broodwar
Starcraft Shareware, Starcraft Japanese
Diablo Retail, Diablo Shareware
Diablo II, Diablo II Lord of Destruction
Warcraft II BNE
Message Format:
(does not include protocol header)
(UINT32) Client Token
(UINT32) Server Token
(UINT32) [5] Old password hash
(UINT32) [5] New password hash
(STRING) Account name


Changes Battle.net account password. This message must be sent before you logon.

The old password is hashed twice using XSHA-1. First, the password is hashed by itself, then the following data is hashed again and sent to Battle.net:

  1. (UINT32) Client Token
  2. (UINT32) Server Token
  3. (UINT8)[20] First password hash

The new password should be XSHA-1 hashed once, without the tokens.

Passwords should be converted to lowercase before hashing, for compatibility with Blizzard games.

| Edited: Anonymous



(DWORD) [5] Old password hash

This is completely wrong. It is not password hash, but DoubleHashPassword()

DWORD) [5] New password hash
is real password hash.

This relies to old logon system (before WAR3).