Exetools  

Go Back   Exetools > General > Source Code
Reload this Page have fun with it
Register Forum Rules FAQ Calendar

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 02-28-2018, 09:42
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
  
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 295
Rept. Given: 106
Rept. Rcvd 93 Times in 44 Posts
Thanks Given: 203
Thanks Rcvd at 397 Times in 130 Posts
Fyyre Reputation: 93
Have fun (free kcms...)
this is not source but... expires soon.

have fun with the free kernel mode signing certificate.

example usage:

Code:
"C:\Program Files (x86)\Windows Kits\8.0\bin\x64\signtool.exe" sign C17761DD3B2FCCB2AF39A7A6D888AE6E646637F1 /ac C:\Certs\thawte.cer /ph /fd SHA256 /v /tr http://sha256timestamp.ws.symantec.com/sha256/timestamp
__________________
Pax in vultu, bellum in corde.

--

https://github.com/Fyyre
Last edited by Fyyre; 03-01-2018 at 11:20.
Reply With Quote
The Following 4 Users Say Thank You to Fyyre For This Useful Post:
bongos_man (02-28-2018), vic4key (03-04-2018), zeffy (02-28-2018)
  #2  
Old 02-28-2018, 20:04
Kerlingen Kerlingen is offline
VIP
  
Join Date: Feb 2011
Posts: 338
Rept. Given: 0
Rept. Rcvd 278 Times in 100 Posts
Thanks Given: 0
Thanks Rcvd at 358 Times in 110 Posts
Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299
This is a code signing certificate, no kernel mode signing certificate.

Code:
signtool sign /ac thawte.cer /ph /fd SHA256 /v /tr http://sha256timestamp.ws.symantec.com/sha256/timestamp driver.sys
The following certificate was selected:
    Issued to: YD Online Corp.
    Issued by: thawte SHA256 Code Signing CA
    Expires:   Tue May 15 00:59:59 2018
    SHA1 hash: C17761DD3B2FCCB2AF39A7A6D888AE6E646637F1

Cross certificate chain (using machine store):
    Issued to: Microsoft Code Verification Root
    Issued by: Microsoft Code Verification Root
    Expires:   Sat Nov 01 14:54:03 2025
    SHA1 hash: 8FBE4D070EF8AB1BCCAF2A9D5CCAE7282A2C66B3

        Issued to: thawte Primary Root CA
        Issued by: Microsoft Code Verification Root
        Expires:   Mon Feb 22 20:41:57 2021
        SHA1 hash: 5538E9FEC14030B740152349E115A1165D29074A

            Issued to: thawte SHA256 Code Signing CA
            Issued by: thawte Primary Root CA
            Expires:   Sun Dec 10 00:59:59 2023
            SHA1 hash: D00CFDBF46C98A838BC10DC4E097AE0152C461BC

                Issued to: YD Online Corp.
                Issued by: thawte SHA256 Code Signing CA
                Expires:   Tue May 15 00:59:59 2018
                SHA1 hash: C17761DD3B2FCCB2AF39A7A6D888AE6E646637F1

Done Adding Additional Store
Successfully signed: driver.sys

Number of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0
Normal:
Code:
signtool verify driver.sys
Successfully verified: driver.sys
Authenticode:
Code:
signtool verify /pa driver.sys
Successfully verified: driver.sys
Kernel-mode:
Code:
signtool verify /kp driver.sys
SignTool Error: The signing certificate is not valid for the requested usage.
Test:
Code:
net start driver
System error 577 has occurred.
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Reply With Quote
The Following User Says Thank You to Kerlingen For This Useful Post:
vic4key (03-04-2018)
  #3  
Old 03-01-2018, 09:49
chants chants is offline
VIP
  
Join Date: Jul 2016
Posts: 826
Rept. Given: 47
Rept. Rcvd 50 Times in 31 Posts
Thanks Given: 737
Thanks Rcvd at 1,140 Times in 529 Posts
chants Reputation: 51
Code signing certificates are not so hard to obtain. But authenticode/kernel driver signing certificates require a bit of paperwork and checks.
Reply With Quote
  #4  
Old 03-01-2018, 11:18
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
  
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 295
Rept. Given: 106
Rept. Rcvd 93 Times in 44 Posts
Thanks Given: 203
Thanks Rcvd at 397 Times in 130 Posts
Fyyre Reputation: 93
Odd. Loads the drivers I signed with it just fine.

Quote:
Originally Posted by Kerlingen View Post
This is a code signing certificate, no kernel mode signing certificate.
[/code]
Quote:
Originally Posted by chants View Post
Code signing certificates are not so hard to obtain. But authenticode/kernel driver signing certificates require a bit of paperwork and checks.
Is why you steal them....
__________________
Pax in vultu, bellum in corde.

--

https://github.com/Fyyre
Reply With Quote
  #5  
Old 03-05-2018, 22:05
devwhatsapp
 
Posts: n/a
Certificate only available to VIP ?
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is On


All times are GMT +8. The time now is 07:38.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )