View Full Version : .net process loader patcher?

May 30th, 2011, 04:35
i was wondering if it is possible to preform a process memory patcher for .net application to by pass the issue of signed exe/dll...
sometimes application have so much DLLs and the depandacy is too big that removing the signature could be a pain...

so what do you say, is it possible ?


May 30th, 2011, 05:53
It's possible.

other solutions include :

1- disabling the strong name signature on the machine using a registry hack

2- Adding the application to the exclusion list of signature checking.

I once saw a tutor where dup tool was used to create a Loader for a .Net process in

order to bypass the strong name check problem.

you can use also a tool called "Strong name helper" which can patch all dependencies

to match the new signature of the main signed Application.

May 30th, 2011, 06:29
[QUOTE][Originally Posted by Kurapica;90394]It's possible.

other solutions include :

this is interesting.. can you share what is that registry hack ?
and what was the tut for patching .net signed file ?


May 30th, 2011, 10:02
How to: Disable the Strong-Name Bypass Feature


{SA} Loader with dup


May 31st, 2011, 00:15
thank you !

i will try to do the registry thing first since the target i have is a Visual Studio plug-in and it's a DLL so i don't think that dUP will help me with creating a process patcher for this type of issue.

i will let you know if the registry done the trick..


May 31st, 2011, 23:49
well the registry trick didn't work since it is only a feature of how to not do a bypass...

so i'm still working on finding a solution... maybe we could patch the .net framework itself to never support sign verification.. this will require patching every .net version so it will fit to all but maybe it is the same thing all the time..


June 1st, 2011, 11:18
Patching the entire framework is kinda radical.

this is a code snippet by CodeRipper which disables checking for strongName signature.

you should call it from the New Process


byte[] lpBuffer = new byte[1];
int lpNumberOfBytesWritten = 0;
IntPtr procAddress = GetProcAddress(GetModuleHandle("advapi32.dll", "CryptVerifySignatureA";
if (procAddress != IntPtr.Zero)
byte[] buffer2 = new byte[] { 51, 192, 64, 194, 24, 0 };
WriteProcessMemory(-1, procAddress, buffer2, buffer2.Length, ref lpNumberOfBytesWritten);