Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,739,676 Members 51,434 Now Online
XDA Developers Android and Mobile Development Forum

delcert - Sign strip tool

Tip us?
 
deepred
Old
#1  
Junior Member - OP
Thanks Meter 3
Posts: 7
Join Date: Jan 2006
Talking delcert - Sign strip tool

Hi,

here is a small tool that strips (removes) digital sign (Authenticode) from PE executable files like *.exe, *.dll, *.mui, etc. On error HRESULT is returned, i.e. 0x00000005 means that file is readonly.
Code:
Select Code
C:\[snip]>delcert.exe OEM\OEMOpera\OperaWM.exe

Target file(s): OEM\OEMOpera\OperaWM.exe

Stripping file: C:\[snip]\OEM\OEMOpera\OperaWM.exe.
Succeeded.

C:\[snip]>delcert.exe OEM\OEM_Lang_0409\*.mui

Target file(s): OEM_Lang_0409\*.mui

Stripping file: C:\[snip]\OEM\OEM_Lang_0409\aboutprop.dll.0409.mui.
Succeeded.

Stripping file: C:\[snip]\OEM\OEM_Lang_0409\BKLBrightness.dll.0409.mui.
Succeeded.
Source is included. You may need to install Visual Studio 2008 C++ Runtime before running.
Attached Files
File Type: zip delcert.zip - [Click for QR Code] (10.2 KB, 2536 views)
The Following 3 Users Say Thank You to deepred For This Useful Post: [ Click to Expand ]
 
Da_G
Old
#2  
Da_G's Avatar
Moderator Emeritus / Senior Recognized Developer
Thanks Meter 1513
Posts: 3,275
Join Date: Aug 2007
Location: Riverside, CA

 
DONATE TO ME
I can't believe no one posted thanks for this :P I just used it recently and it worked a charm! So, thanks! Appreciate your work.
Support my work! The more phones I can get my hands on the more ROM goodness I can churn out. Like BUTTAH

 
cmylxgo
Old
#3  
cmylxgo's Avatar
Senior Member
Thanks Meter 2024
Posts: 1,667
Join Date: Feb 2007
Quote:
Originally Posted by deepred View Post
Hi,

here is a small tool that strips (removes) digital sign (Authenticode) from PE executable files like *.exe, *.dll, *.mui, etc. On error HRESULT is returned, i.e. 0x00000005 means that file is readonly.
Code:
Select Code
C:\[snip]>delcert.exe OEM\OEMOpera\OperaWM.exe

Target file(s): OEM\OEMOpera\OperaWM.exe

Stripping file: C:\[snip]\OEM\OEMOpera\OperaWM.exe.
Succeeded.

C:\[snip]>delcert.exe OEM\OEM_Lang_0409\*.mui

Target file(s): OEM_Lang_0409\*.mui

Stripping file: C:\[snip]\OEM\OEM_Lang_0409\aboutprop.dll.0409.mui.
Succeeded.

Stripping file: C:\[snip]\OEM\OEM_Lang_0409\BKLBrightness.dll.0409.mui.
Succeeded.
Source is included. You may need to install Visual Studio 2008 C++ Runtime before running.
Thanks for this...it fixed and issue I had when trying to remove a cert with another tool.
 
chetstriker
Old
#4  
Senior Member
Thanks Meter 81
Posts: 560
Join Date: Mar 2008
Location: Brattleboro, VT

 
DONATE TO ME
This sounds really interesting, however I was wondering what it can be used for? the certificates usully just provide authentication. Can this be used to bypass protection methods, or what are some real world examples of usage?
 
deepred
Old
#5  
Junior Member - OP
Thanks Meter 3
Posts: 7
Join Date: Jan 2006
You're right, authenticode provides input data for Windows Mobile (originally Windows CE) policy mechanism which decides then if it is allowed to run the file or not. I used it to strip authenticode from OEM files taken from HTC devices before signing them with my own certificate (I usually sign files in my cooked ROMs). I.e. if file is already signed you can't sign it with another certificate until old one is removed.
Due to the fact that certificates are asymmetric you can sign files only with private certificates. That's why I use my own certificates.
To bypass the protection you need to get some how the private part and sign you file with it. Or you can just disable the security policy that enforces file origin check.
 
ute_arbeit
Old
#6  
Junior Member
Thanks Meter 0
Posts: 1
Join Date: Oct 2010
Thanks a lot for your work! Your neat little tool is just what I was looking for to be able to sign a Flash projector with my own certificate.
 
researchermd
Old
#7  
Member
Thanks Meter 0
Posts: 34
Join Date: Aug 2006
Default Thanks

Works beautifully when other tools didn't.
 
WarlockW
Old
#8  
WarlockW's Avatar
Recognized Contributor
Thanks Meter 608
Posts: 1,222
Join Date: Dec 2007
Location: Minnesota
Red face Works beautifully when other tools didn't ! Is Right !

Works beautifully when other tools didn't ! Is Right !

Worked Great Thanks - Just What I was Looking For !!!!!


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


XDA PORTAL POSTS

Change the Alarm Icon in the Status Bar with Xposed

It’s hard to find a more hated object than your alarm clock. They wake us up nearly … more

Return to Outer Space Outer Space with Ship Up Game

Since the release of Flappy Birds, we’ve had the “fortune” to see … more

Device Review: OnePlus One

Seemingly every day, there are a bunch of new devices being released. Some are budget devices and some are … more

Browse the Internet with the Innovative Atlas Web Browser

For the most part, Chrome, Firefox, and Dolphin Browser have no real rivals among … more