Hi David. Thank you for nice and detailed answer . just another reason to pre-order that nice book ;) All I`ve to do now is , to analyze auth. packet and code a module to extract AUTH_SESSKEY ,and rip and use your code for next step , shamelessly :p once again thanks for providing details , and all of your efforts on DB Sec. regards Hamid.