如何使用cli从Linux下的Windows `cli‘文件中提取签名数据
如果您转到虚拟总链路,有一个名为file info的选项卡(我想,我的选项卡是荷兰的)。您将看到一个名为
"Authenticode signature block and FileVersionInfo properties"我想使用Linux提取标题下的数据。示例:
签名验证签名文件,验证签名日期7:43 AM 11/4/2014签名签名日期为7:43 + Microsoft Windows + Microsoft Windows Production 2011 + Microsoft根证书颁发机构2010年计数器签名人+ Microsoft Time- Service + Microsoft Time- PCA 2010 + Microsoft根证书管理局
我在Windows 10中使用了Camera.exe,以某种方式提取数据。
我提取了.exe文件,并在其中找到了一个CERTIFICATE文件,其中有很多不可读的数据,但也有一些文本,我可以读取,也就是说--大致相同--与上面的输出相同。
如何使用cli从Linux下的.exe文件中提取签名
回答 2
Unix & Linux用户
发布于 2016-03-15 11:58:22
在Linux上有一个名为osslsigncode的工具,它可以处理Windows签名。验证二进制签名会产生类似于示例中显示的输出;在vcredist_x86.exe上,我必须得到:
$ osslsigncode verify vcredist_x86.exe
Current PE checksum : 004136A1
Calculated PE checksum: 004136A1
Message digest algorithm : SHA1
Current message digest : 0A9F10FB285BA0064B5537023F8BC9E06E173801
Calculated message digest : 0A9F10FB285BA0064B5537023F8BC9E06E173801
Signature verification: ok
Number of signers: 1
Signer #0:
Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Corporation
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Signing PCA
Number of certificates: 7
Cert #0:
Subject: /OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority
Issuer : /OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority
Cert #1:
Subject: /OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority
Issuer : /OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority
Cert #2:
Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Signing PCA
Issuer : /OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority
Cert #3:
Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Corporation
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Signing PCA
Cert #4:
Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=nCipher DSE ESN:D8A9-CFCC-579C/CN=Microsoft Timestamping Service
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Timestamping PCA
Cert #5:
Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=nCipher DSE ESN:10D8-5847-CBF8/CN=Microsoft Timestamping Service
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Timestamping PCA
Cert #6:
Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Timestamping PCA
Issuer : /OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority
Succeeded您还可以提取签名:
osslsigncode extract-signature vcredist_x86.exe vcredist_x86.sigUnix & Linux用户
发布于 2017-09-16 17:13:03
您还可以查看https://github.com/msdhedhi/VerifyWinFileDigitalSignature
这是我编写的java代码,它提取并验证了一个windows PE文件( 32位和64位)的数字签名。
https://unix.stackexchange.com/questions/269906
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号