Hi,
i was wondering if it is possible to preform a process memory patcher for .net application to by pass the issue of signed exe/dll...
sometimes application have so much DLLs and the depandacy is too big that removing the signature could be a pain...

so what do you say, is it possible ?

Regards,
LaBBa.

It's possible.

other solutions include :

1- disabling the strong name signature on the machine using a registry hack

2- Adding the application to the exclusion list of signature checking.

I once saw a tutor where dup tool was used to create a Loader for a .Net process in

order to bypass the strong name check problem.

you can use also a tool called "Strong name helper" which can patch all dependencies

to match the new signature of the main signed Application.

[QUOTE][Originally Posted by Kurapica;90394]It's possible.

other solutions include :


this is interesting.. can you share what is that registry hack ?
and what was the tut for patching .net signed file ?

Thanks,
LaBBa

How to: Disable the Strong-Name Bypass Feature

http://msdn.microsoft.com/en-us/library/cc713694.aspx

{SA} Loader with dup

http://www.4shared.com/file/SBZudV7N/NetCrackingTutorial_Artisteer_.html

thank you !

i will try to do the registry thing first since the target i have is a Visual Studio plug-in and it's a DLL so i don't think that dUP will help me with creating a process patcher for this type of issue.

i will let you know if the registry done the trick..

LaBBa.

well the registry trick didn't work since it is only a feature of how to not do a bypass...

so i'm still working on finding a solution... maybe we could patch the .net framework itself to never support sign verification.. this will require patching every .net version so it will fit to all but maybe it is the same thing all the time..


Regards,
LaBBa

Patching the entire framework is kinda radical.

this is a code snippet by CodeRipper which disables checking for strongName signature.

you should call it from the New Process