Windows如何在 Linux 下使用 cli 從 Windows
如何在 Linux 下使用 cli 從 Windows exe 文件中提取簽名數據
如果您轉到VirusTotal 連結,有一個名為文件資訊的選項卡(我認為;我的是荷蘭語)。你會看到一個名為
"Authenticode signature block and FileVersionInfo properties"我想使用 Linux cli 提取標題下的數據。例子:
Signature verification Signed file, verified signature Signing date 7:43 AM 11/4/2014 Signers [+] Microsoft Windows [+] Microsoft Windows Production PCA 2011 [+] Microsoft Root Certificate Authority 2010 Counter signers [+] Microsoft Time-Stamp Service [+] Microsoft Time-Stamp PCA 2010 [+] Microsoft Root Certificate Authority 2010我
Camera.exe在 Windows 10 中使用了以某種方式提取數據。我把
.exe文件解壓出來,發現裡面有一個CERTIFICATE文件,裡面有很多不可讀的數據,還有一些文字,我能看懂,就是——大致——和上面的輸出一樣。如何
.exe在 Linux 下使用 cli 從 Windows 文件中提取簽名
在 Linux 上,有一個名為的工具
osslsigncode可以處理 Windows Authenticode 簽名。驗證二進製文件的簽名會產生類似於您在範例中顯示的輸出;在vcredist_x86.exe我必須手上,我得到:$ osslsigncode verify vcredist_x86.exe Current PE checksum : 004136A1 Calculated PE checksum: 004136A1 Message digest algorithm : SHA1 Current message digest : 0A9F10FB285BA0064B5537023F8BC9E06E173801 Calculated message digest : 0A9F10FB285BA0064B5537023F8BC9E06E173801 Signature verification: ok Number of signers: 1 Signer #0: Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Corporation Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Signing PCA Number of certificates: 7 Cert #0: Subject: /OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority Issuer : /OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority Cert #1: Subject: /OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority Issuer : /OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority Cert #2: Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Signing PCA Issuer : /OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority Cert #3: Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Corporation Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Signing PCA Cert #4: Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=nCipher DSE ESN:D8A9-CFCC-579C/CN=Microsoft Timestamping Service Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Timestamping PCA Cert #5: Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=nCipher DSE ESN:10D8-5847-CBF8/CN=Microsoft Timestamping Service Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Timestamping PCA Cert #6: Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Timestamping PCA Issuer : /OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority Succeeded您還可以提取簽名:
osslsigncode extract-signature vcredist_x86.exe vcredist_x86.sig