Overview
Syllabus
Intro
Black Hat Sound Bytes
Disclaimer
The infamous TLS Handshake
Perfect Forward Secrecy
Schannel & CNG
Schannel Prefered Cipher Suites
Microsoft's TLS/SSL Docs
Schannel Ops
CNG Key Isolation
Background Summary
What are we trying to accomplish?
The keys? What do they get us?
Session Keys
The Norypt SSL Provider (ncryptsslp.dll)
Pre-Master Secret (PMS)
Master Secret Mapped to Unique Identifier
Ephemeral & Persistent Private keys
9 Ephemeral Private Key
1 Persistent Private key
7 Decrypting Persistent Key - DPAPI
Session Ticket key
Decrypting Session Tickets
Inherent Metadata TLS Provides
Schannel Caching Parameters
This is your Schannel Cache (x64)
Limitations
Taught by
Black Hat