Code signing didn't complain when I changed an exe file?
https://stackoverflow.com/questions/1801565
-
05-07-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I purchased a code signing certificate and all looks well. When tested inside a clean Virtual PC OS I no longer get the "The Publisher could not be verified" message.
So just for grins, using a hex editor, I change a few constants in the VB6 exe which I see on a form. And the VB 6 exe still runs wihout any error message.
I thought the code signing certificate would tell you if the file had been changed in any way?
Solution
Yes, Authenticode will indicate that the signature is invalid if the file is modified.
However, running a program from your local disk won't typically check the signature; right-click on the EXE, choose Properties and choose Digital Signatures to see a signature error message.
OTHER TIPS
If an evil-doer can gain enough access to your machine to change bytes in a file then you are already pwnded. The Signature is there mainly to verify files before you install them. You could of course write your own program to scan your files and recheck their signatures for trust, but the evildoer would just change the bytes in your scanner as well.
