Documentation for TDS 7.0 login sequence

Header
------
Bytes	Value	Desc
1	0x10	TDS 7.0 Login Packet Type
1	1	Final indicator
2	0	Packet size
4	0010	not sure...used in rpc 

Payload
-------
Bytes	Value	Desc
2	##	Payload size
5	0's	unknown
1	0x70	version number?
	(new odbc use 0x71)
7	0's	unknown
21	0x06
	(new odbc use 0x7)
	0x83 0xF2 0xF8 0xFF
	(new odbc fill this with pid of process)
	0x00 0x00 0x00 0x00 
	0xE0 0x03 0x00 0x00 
	(bit flags? if 0xE0 0x83 use authentication)
	0x88 0xFF 0xFF 0xFF
	(new odbc use 0xC4 0xFF 0xFF 0xFF)
	0x36 0x04 0x00 0x00
	(new odbc use 0x10 0x04)
		unknown
2	##	position of hostname (of client)
2	##	length of hostname
2	##	position of username
2	##	length of username
2	##	position of password
2	##	length of password
2	##	position of app name
2	##	length of app name
2	##	position of server name
2	##	length of server name
4	0's	unknown
2	##	position of library name
2	##	length of library name
2	##	position of language
                (for italian "Italiano" coded UCS2)
2	##	length of language
2	##	position of database
2	##	length of database
6	0x00 0x40 0x33 0x9a 
	0x6b 0x50
		MAC address of client
2	##	position of auth portion
1	0x30	length of auth portion
2	##	size of payload (same as first two bytes)
                (perhaps some other part)
2       0's	unknown
n		hostname
n		user name
n		password
n		app name
n		server name
n		library name
n		language
n		database name
7	NTLMSSP	auth method
41	0x00 0x01 0x00 0x00 
	0x00 0x06 0x82
	(22 0x00's)
	0x30 0x00 0x00 0x00
	0x00 0x00 0x00 0x00
	0x30 0x00 0x00 0x00
		unknown (see ntlm authentication for IIS)

