Description: 开始,运行输入 sigverif
通过检查数字签名就知道是不是ms的了。
主要使用Win32API实现验证应用或驱动程
WinVerifyTrust API。如果该API被Hook有没有其他方法验证应用或驱动程序是否通过微软签名?如果仅仅是被挂钩了IAT,那么可以直接通过函数指针调用。
如果是像Detours那样用jmp改写了函数头,可以通过读取WinTrust.dll中WinVerifyTrust的实现位置,恢复函数头的机器码。
不知道使用CryptoAPI,再使用指定的Microsoft证书
是不是更好一点,不容易被欺骗
怕调api被hook的话,自己将验证的代码写出来,用openssl应该容易点。-Start, Run enter sigverif by checking the digital signature is not on the know of the ms. Win32API realize the main use of the application or driver to verify WinVerifyTrust API. If the API was Hook has no other way to verify whether the application or driver through Microsoft Signed? If merely being linked to the IAT, you can call directly through the function pointer. If it is used as the Detours as to alter the function jmp head, can be read in WinVerifyTrust Wintrust.dll realize the location, the restoration of function of the binary header. Do not know the use of CryptoAPI, and then use the specified certificate is not Microsoft a little better, not easy to be deceived by fear api tune hook, then he would write the code to verify, using openssl should be easy points. Platform: |
Size: 200704 |
Author:齐欢乐 |
Hits:
Description: 这是一个delphi程序,演示的是读取数字证书公钥。需要安装用微软件的CSP。-This is a delphi procedure, demonstration is to read a public key digital certificate. Need to install software to use micro-CSP. Platform: |
Size: 289792 |
Author:qian |
Hits:
Description: 给可执行程序添加数字签名。DELPHI版本的。希望大家喜欢。-Executable program to add a digital signature. DELPHI version. I hope you like. Platform: |
Size: 4096 |
Author:bbc9527 |
Hits:
Description: 调用了CNPACK的MD5加密单元 MD5文件数字签名实例代码,使用delphi写的,可以直接拿来用的-MD5 -Call of the MD5 encryption unit CNPACK document digital signature MD5 code example, use delphi write, can be directly used with the-MD5 Platform: |
Size: 410624 |
Author:weiny |
Hits:
Description: 一款可以给程序添加数字签名的软件,用Delphi写的。-A digital signature can be added to the program of software written using Delphi. Platform: |
Size: 181248 |
Author:王俊 |
Hits:
Description: delphi 验证文件的数字签名,并获取签名方名称,会用到三方控件jwaapi.代码来自网上,做了部分更改-delphi verify the digital signature file and obtain the signature' s name, will use third party controls jwaapi. code from the Internet, made some changes Platform: |
Size: 2048 |
Author:chinyeh |
Hits: