Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/hackerhouse-opensource/SignToolEx
Patching "signtool.exe" to accept expired certificates for code-signing.
https://github.com/hackerhouse-opensource/SignToolEx
Last synced: about 2 months ago
JSON representation
Patching "signtool.exe" to accept expired certificates for code-signing.
- Host: GitHub
- URL: https://github.com/hackerhouse-opensource/SignToolEx
- Owner: hackerhouse-opensource
- Created: 2023-12-29T14:26:45.000Z (9 months ago)
- Default Branch: main
- Last Pushed: 2023-12-29T15:08:41.000Z (9 months ago)
- Last Synced: 2024-06-12T03:36:04.335Z (3 months ago)
- Language: C++
- Size: 446 KB
- Stars: 260
- Watchers: 8
- Forks: 40
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# SignToolEx
SignToolEx uses Microsoft Detours hooking library to hijack "signtool.exe" and modify
expired code-signing certificates to appear valid, allowing to codesign without changing
system clock. This allows expired (leaked) certificates to be used for code-signing but
does not permit spoofing Authenticode timestamps. Some versions of Windows (such as 10)
accept and load .sys device drivers when signed with expired certificates regardless.This tool is used in the same way as "signtool.exe" by simply running "SignToolEx.exe",
needs SignToolExHook.dll in the current directory and "signtool.exe" in your %PATH%.```
C:\tools\SignToolEx>SignToolEx.exe sign /v /f nvidia0.pfx /p **redacted** /fd SHA256 c:\temp\bin.exe
The following certificate was selected:
Issued to: NVIDIA Corporation
Issued by: VeriSign Class 3 Code Signing 2010 CA
Expires: Sat Jul 26 17:59:59 3000
SHA1 hash: 30632EA310114105969D0BDA28FDCE267104754FDone Adding Additional Store
Successfully signed: c:\temp\bin.exeNumber of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0```
These files are available under a Attribution-NonCommercial-NoDerivatives 4.0 International license.