使用数字证书签署程序集或exe是否可以防止篡改攻击?
[英]Does signing an assembly or an exe with a digital certificate makes it secure against tampering attacks?
问题描述
I tried creating a temporary certificate using makecert and creating a spc from the certificate using cert2spc. 
我尝试使用makecert创建临时证书,并使用cert2spc从证书创建spc。 I signed some exe with the generated spc. 我用生成的spc签了一些exe。 I then use the binary editor in VS 2008 to flip some bits (tampered it) in the exe. 然后我使用VS 2008中的二进制编辑器在exe中翻转一些位(篡改它)。 To my surprise I was able to execute the application. 令我惊讶的是,我能够执行该应用程序。
I was expecting that the system will detect the tampering and will complain. 我原以为系统会检测到篡改并抱怨。 Hence the question. 因此问题。
Any guidance would be appreciated. 任何指导将不胜感激。
1 个解决方案
解决方案1
1 2010-02-10 18:15:58
No, because any code in the binary to check the signature can also be tampered with. 不,因为检查签名的二进制文件中的任何代码也可以被篡改。
I recommend obtaining a copy of IDA Pro and disassembling one of your binaries. 我建议您获取IDA Pro的副本并拆卸其中一个二进制文件。 After you have the raw assembler you can edit specific opcodes using a hex editor. 拥有原始汇编程序后,您可以使用十六进制编辑器编辑特定的操作码。 In short, this is the tactic that the cracker community uses. 简而言之,这是破解者社区使用的策略。 I don't believe that there will ever be a way to stop this, the ps3 and xbox360 both use digital signatures to protect their binaries, but this doesn't stop piracy. 我不相信会有办法阻止这种情况,ps3和xbox360都使用数字签名来保护他们的二进制文件,但这并不能阻止盗版。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.