SSHOW - Implementation (cont.) Login password length if (session->state == 1 && now - get_history(session, 2)->timestamp >= CLK_TCK && session->protocol == 1 && (session->history.directions & 7) == 5 && plain_range->min == 0 && get_history(session, 1)->plain_range.min > 4 && get_history(session, 2)->plain_range.min == 0) Output: - 127.0.0.1:41264 -> 127.0.0.1:2022: DATA (17 bytes, 10.16 seconds) - 127.0.0.1:41264 <- 127.0.0.1:2022: DATA (0 bytes, 10.16 seconds) + 127.0.0.1:41264 -> 127.0.0.1:2022: GUESS: Password authentication, password length is 13