This page looks best with JavaScript enabled

Self Signed Certification

 ·  β˜• 1 min read  ·  🐱 thik

αžαžΎαž˜αžΆαž“αžœαž·αž’αžΈαž’αŸ’αžœαžΈαžŠαŸ‚αž›αž’αžΆαž…αž’αŸ’αžœαžΎ Code Signing αž‘αŸ…αž›αžΎ Payload αžŠαŸ‚αž›αž™αžΎαž„αž”αžΆαž“αž”αž„αŸ’αž€αžΎαžαž‘αžΎαž„αžŠαŸ„αž™αžαŸ’αž›αž½αž“αž―αž„αžšαž½αž…?

αžαžΆαž„αž€αŸ’αžšαŸ„αž˜αž“αŸαŸ‡αž‚αžΊαž‡αžΆαžœαž·αž’αžΈαžŠαŸαž›αŸ’αž’αž˜αž½αž™αžŸαž˜αŸ’αžšαžΆαž”αŸ‹αž…αž˜αŸ’αž›αžΎαž™αž“αŸƒαžŸαŸ†αž“αž½αžšαžαžΆαž„αž›αžΎαŸ–

Generate the Key

1
2

# Make sure you run as Administrator
New-SelfSignedCertificate -DnsName email@yourdomain.com -Type CodeSigning -CertStoreLocation cert:\CurrentUser\My

Export Certification Without Private Key

1

Export-Certificate -Cert (Get-ChildItem Cert:\CurrentUser\My -CodeSigningCert)[0] -FilePath code_signing.crt

αž…αŸ†αž–αŸ„αŸ‡αž›αŸαž [0] αž‚αžΊαžŸαž˜αŸ’αžšαžΆαž”αŸ‹αž€αžšαžŽαžΈαž“αŸ…αž–αŸαž›αžŠαŸ‚αž›αž™αžΎαž„αž˜αžΆαž“ Certificate αž…αŸ’αžšαžΎαž“αž‡αžΆαž„αž˜αž½αž™αŸ”

Import as Trusted Publisher

1

Import-Certificate -FilePath .\code_signing.crt -Cert Cert:\CurrentUser\TrustedPublisher

Import as Root Certificate Authority

1

Import-Certificate -FilePath .\code_signing.crt -Cert Cert:\CurrentUser\Root

Signing Application

1

Set-AuthenticodeSignature .\app.exe -Certificate (Get-ChildItem Cert:\CurrentUser\My -CodeSigningCert)

αž‚αž½αžšαž…αŸ†αžŽαžΆαŸ†αž•αž„αžŠαŸ‚αžšαžαžΆ αž“αŸ…αž–αŸαž›αžŠαŸ‚αž›αž™αžΎαž„αž”αžΆαž“αžŠαŸ†αž‘αžΎαž„αžŸαŸ„αžšαž“αŸαŸ‡αžšαž½αž…αžšαžΆαž›αŸ‹αž αžΎαž™ αž™αžΎαž„αž€αŸαž’αžΆαž…αž…αž»αŸ‡αž αžαŸ’αžαž›αŸαžαžΆ αž‘αŸ…αž²αŸ’αž™αžŸαŸ’αž‚αŸ’αžšαžΈαž”αž•αŸ’αžŸαŸαž„αž‘αŸ€αžαž‡αžΆαž˜αž½αž™αžœαžΆαž”αžΆαž“αž•αž„αžŠαŸ‚αžšαŸ”

αž”αŸ’αžšαž—αž–αŸ– stackoverflow
αž’αžαŸ’αžαž”αž‘αž‘αžΆαž€αŸ‹αž‘αž„αŸ– sid-500.com

Share on
Thik
WRITTEN BY
thik
Security Researcher