

The BackDoor Factory: Patch win86/64 PE and linux86/64 binaries with shellcode - signa11
https://github.com/secretsquirrel/the-backdoor-factory

======
huhtenberg
On Windows this will require stripping a digital signature off the target exe
file. Microsoft did a good job conditioning people into _not_ running stuff
that is not signed, so BDF'd binaries are really no good for online
distribution. Thought I guess this may work with users who run all and
everything they download from the Internet.

~~~
onli
> Microsoft did a good job conditioning people into _not_ running stuff that
> is not signed

Maybe this changed with Windows 8, but till Windows 7, Microsoft did a good
job conditioning people _to completely ignore_ the signature.

Or at least the status of the signature, whether it is trusted or not. Is
there a further escalation if there is no signature at all I'm not aware of?

If not, there was a great article describing how much work was needed to get
the small green checkmark by getting a signature as trusted, and how this did
not have any benefit at all (because of styling and design of the dialogue,
and UAC asking anyway for confirmation). Of course I don't find that now, but
I'm pretty sure it was on HN some time ago, maybe you saw it (probably before
Windows 8).

~~~
pilif
Windows 8 is much more persistent in warning you when running unsigned
binaries. And IE under Windows 8 flat-out refuses to let you run unsigned
binaries.

Getting binaries signed isn't that hard either.

