Shulou(Shulou.com)06/01 Report--

This article focuses on "how to use Limelighter to generate forged code signatures". Interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn how to use Limelighter to generate forged code signatures.

About Limelighter

Limelighter is a powerful tool that can help us create forged code signature certificates and code signatures, in addition, it can also help us create DLL files to achieve EDR product bypass and so on. Limelighter can also use a valid code signing certificate to sign files. Of course, Limelighter can also use a fully qualified and valid domain name like acme.com.

Contribute code & tool installation

Limelighter is based on Golang development. Please make sure that the following packages are installed on your operating system:

Opensslosslsigncode

The first step is to clone the project code locally, but before compiling Limelighter, we must install the relevant dependent components by running the following command:

Go get github.com/fatih/color

Next, clone the project code base and run the project build command:

The git clone https://github.com/Tylous/Limelighter.gitgo build LimeLighter.go tool uses. / LimeLighter-h. _ | | | _ / | _ _ | / _\ | / _ | |\ _ / _\ | | _ | Y\ _ / | | _ | / / _ / > Y\ |\ _ _ _ / | |\ / | _ | / / _ > _ |\ / _ > _ |\ / _ _ /\ / \ / @ Tyl0us [*] A Tool for Code Signing... Real and fakeUsage of. / LimeLighter:-Domain string needs to create a forged code signature domain name-I string file name to be signed-O string signature file name-password for Password string real certificate-Real string valid .pfx certificate file path-Verify string verification of a file code signature certificate-debug print debug message tool to use

To sign a file, we need to use the "Domain" command option to generate a forged code signing certificate:

To sign a file with a valid code signing certificate, you can use the "Real" and "Password" command options.

Use the "verify" command to verify a signed file:

The result of signature verification is shown below:

Project address

Limelighter: https://github.com/Tylous/Limelighter

At this point, I believe you have a deeper understanding of "how to use Limelighter to generate forged code signatures". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.