So it's pretty easy to get your session key from a combination of ClientZoneEntryStruct which is in cleartext and the ServerZoneEntryStruct which contains the player name with the XOR encryption. However, if the player's name is not 10 characters long or longer you don't get the entire 10 byte key.