DarkBlizz

just search in you cache forlder with the string i post above without extension. This are not MPQ files, this are DDS file.

They are in the cache folder, more then that they are textures (DDS), so search for the header file. I think one of them are:

1cad2a3276935a167be41c3df9745bd1db86b38b8d9596c27157d00d3dc46e7e
5cceb329d31a3198b9cd90538c91603730360bcd5338ca6645291492b0e89ed8

Git? I thought the svn is still alive, can anyone point out the git repo?

Is the project still alive, seems like the svn hasn't been updated for a while.

off://
The MANGoS emu i believe is not currently using the BNET2.0 protocol.

Dump after successful authorization will be great

It appears to be a session key:

// Pull the session key.
// uint8 K[40];
recvData.read(K, 40);

and then starts with initialization of encryption:

_crypt.Init(K);

BigNumber BNK;
BNK.SetBinary(K, 40);
...
        Sha1Hash sha;

uint8 digest[20];
pAuthenticationPacket->read(digest, 20);
        ...
        sha.UpdateData((uint8 *)&t, 4);
sha.UpdateData((uint8 *)&mClientSeed, 4);
sha.UpdateData((uint8 *)&mSeed, 4);
sha.UpdateBigNumbers(&BNK, NULL);
sha.Finalize();
        if (memcmp(sha.GetDigest(), digest, 20))
{
// AUTH_UNKNOWN_ACCOUNT = 21
OutPacket(SMSG_AUTH_RESPONSE, 1, "\x15");
return;
}

The whole communication is in: src\arcemu-world\WorldSocket.cpp

This appears to be the authentication packet in WoW:

*recvPacket >> mClientBuild;
*recvPacket >> unk2;
*recvPacket >> account;
*recvPacket >> unk3;
*recvPacket >> mClientSeed;
*recvPacket >> unk4;

So i believe it goes like this:

void WowCrypt::Init(uint8 *K)
{
    static const uint8 s[16] = { 0xF4, 0x66, 0x31, 0x59, 0xFC, 0x83, 0x6E, 0x31, 0x31, 0x02, 0x51, 0xD5, 0x44, 0x31, 0x67, 0x98 };
    static const uint8 r[16] = { 0x22, 0xBE, 0xE5, 0xCF, 0xBB, 0x07, 0x64, 0xD9, 0x00, 0x45, 0x1B, 0xD0, 0x24, 0xB8, 0xD5, 0x45 };
    uint8 encryptHash[SHA_DIGEST_LENGTH];
    uint8 decryptHash[SHA_DIGEST_LENGTH];
    uint8 pass[1024];
    uint32 md_len;

    // generate c->s key
    HMAC(EVP_sha1(), s, 16, K, 40, decryptHash, &md_len);
    assert(md_len == SHA_DIGEST_LENGTH);

    // generate s->c key
    HMAC(EVP_sha1(), r, 16, K, 40, encryptHash, &md_len);
    assert(md_len == SHA_DIGEST_LENGTH);

    // initialize rc4 structs
    RC4_set_key(&m_clientDecrypt, SHA_DIGEST_LENGTH, decryptHash);
    RC4_set_key(&m_serverEncrypt, SHA_DIGEST_LENGTH, encryptHash);

    // initial encryption pass -- this is just to get key position,
    // the data doesn't actually have to be initialized as discovered
    // by client debugging.
    RC4(&m_serverEncrypt, 1024, pass, pass);
    RC4(&m_clientDecrypt, 1024, pass, pass);
    m_initialized = true;
}

HMAC is function from the OpenSSL project and its definition is: HMAC is a MAC (message authentication code), i.e. a keyed hash functionused for message authentication, which is based on a hash function.

All of this is from AscentEMU source in folders:
extras\arcemu-windows-libraries\VC\include\openssl
src\arcemu-shared\Auth