Using Windows Schannel for Covert Communication


Support for Secure Socket Layer (SSL) or Transport Layer Security (TLS) is provided by the Security Support Provider (SSP) Secure Channel, also referred to as Schannel. Any Windows application that requires support for SSL/TLS has the option of using Schannel, or a third-party library, such as OpenSSL. Of course, Schannel ships with windows since NT4, so it makes sense to try use it instead of a third-party library.

Unfortunately, Schannel really isn’t that straight forward to use. There’s no tls_init(), tls_send() or tls_recv() functions to conveniently initialize, send and receive encrypted data between two systems. Anyone who’s used Schannel will likely agree, it’s somewhat clumsy, and unnecessarily complicated.

The Schannel code used for the TLS enabled shell is largely based off this C++ SSPI Schannel TLS example. As for lots of detail into how the example and Schannel works, there’s also TLS with Schannel from the same author.


View sources here.

This entry was posted in cryptography, encryption, openssl, windows and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s