PureBasic Forums - English

I haven't the slightest clue where to begin with something like this. I know how to do it with certmgr (ECM Certificate Manager), makecert (ECM MakeCert), and signtool (Authenticode signing and verifying tool)... but how would one digitally sign an executable programmatically in PureBasic? Has anyone ever attempted such a thing?

You mean, As a Kind of copyprotection, that you can identify the Customer or person you've delivered it to?

No, more like creating an X509 certificate programmatically and adding it to a certificate store in Windows. If I were to do it manually, I'd first use makecert to make the .cer file and then certmgr to add the certificate to a system store, then I'd use signtool to sign the file using the certificate in the store. How would this be done in PureBasic without these tools?

My first reaction would be to say: not But seriously, what for?

I wanted to tweak a setting in an executable that needs to be signed in order to run properly.

Which still begs the question 'why' but nevertheless... I don't think you can do this easily from within PureBasic, unless you either call those programs, or code all those routines yourself. There's no such thing I guess as a quick and dirty API that does it for you.

Be aware that certs are (if I recall correctly) handled quite differently on the different Windoze flavours, so one solution may not work on all.

Still interested in this: why would you ever need this?!?

blueznl wrote:Still interested in this: why would you ever need this?!?

He is a hacker cracker!

(no offense meant btw)

Okay then, thanks for answering my question. I'll just use the Microsoft apps for handling it.

Would you mind if I'd pry a little further? It's rather... strange you won't explain what you need it for... You might raise an undeserved suspicion with other users. As for me, I feel rather reluctant to help you with anything, as it seems you're planning to do things which are, well, not smiled upon in the community.

If you're into writing malware please don't. If you're not, please show us. You're not leaving a good impression, to be honest.

I promise I'm not making any sort of malware. That kind of activity is reserved for the scum of the earth. I've been on the receiving end of viruses that destroyed all the data on my backup external drive, so I would never even think about doing anything like that.

I don't mean to leave a bad impression. Recently I uninstalled (or attempted to uninstall) Acronis True Image because it wasn't working properly for me. Anyway, it didn't completely uninstall, so I was trying to finish up manually from the registry, but there was one key that just would not let go (HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ACRONISDEVICES). I tried several different things, like changing the ACL's of the keys (before trying to delete them in regedit), using the Windows Installer Clean Up utility, deleting the keys in safe mode, recovery console, etc. but nothing worked.

So I was telling one of my friends about it and he told me about a tweak you could make to a system file which might allow me to delete this stubborn registry key. It involved replacing some hex, turning on test mode, and signing the file. Then after having the freedom to delete the key, I could restore the original system file from a backup. So while I was learning about this stuff, I thought I may as well learn how I would perform the same tasks programmatically. I didn't know that asking about how to sign a file would raise red flags, since I myself am still not sure what signing a file actually is for... lol

In the back of my mind, I guess I was also imagining someday sharing the finished product (if it worked) so other people in my situation could completely uninstall Acronis True Image and other stubborn applications. In reality, 95% of what I make never gets seen by anyone but me, but it's amusing to pretend that the things I make will one day help others.

I'll try to refrain from asking questions that might get people suspicious (if i realize it might come across that way).

** UPDATE **
I just figured it out. For anyone trying to delete a stubborn registry key, if you can't do it manually in safe mode or in the recovery console, then it's either something you shouldn't touch, or it's connected to a device driver. So the only safe way to delete it is to remove it from the Device Manager itself. I didn't even think to look there, but I'm happy the idea popped up.

wallgod wrote:I'll try to refrain from asking questions that might get people suspicious (if i realize it might come across that way).

Please don't be afraid of asking any questions.
Why some people get suspicious is because we had a problem with some Chinese people (I think) in this forum asking help on how to make malware basically... And several anti-virus applications started giving warning on stuff made with PureBasic (probably because someone used it to make malware).

Joakim Christiansen wrote:

wallgod wrote:I'll try to refrain from asking questions that might get people suspicious (if i realize it might come across that way).

Please don't be afraid of asking any questions.
Why some people get suspicious is because we had a problem with some Chinese people (I think) in this forum asking help on how to make malware basically... And several anti-virus applications started giving warning on stuff made with PureBasic (probably because someone used it to make malware).

Oh wow, that's sad. What makes you think they were Chinese people? If it helps my case, I'm not Chinese. lol

> What makes you think they were Chinese people?

The word "China" that was next to "Location" in their profile.

PB wrote:> What makes you think they were Chinese people?

The word "China" that was next to "Location" in their profile.

Yep, that would make sense then.

Have fun with this: http://www.purebasic.fr/english/viewtop ... 17&t=29187