Limelighter – A Tool For Generating Fake Code Signing Certificates Or Signing Real Ones

[*]

A tool which creates a spoof code signing certificates and sign binaries and DLL files to help evade EDR products and avoid MSS and sock scruitney. LimeLighter can also use valid code signing certificates to sign files. Limelighter can use a fully qualified domain name such as acme.com.

Contributing

LimeLighter was developed in golang.

Make sure that the following are installed on your OS

openssl
osslsigncode

The first step as always is to clone the repo. Before you compile LimeLighter you’ll need to install the dependencies. To install them, run following commands:

go get github.com/fatih/color

Then build it

go build Limelighter.go

Usage

./LimeLighter -h       

.____ .__ .____ .__ .__ __
| | |__| _____ ____ | | |__| ____ | |___/ |_ ___________
| | | |/ _/ __ | | | |/ ___| | __/ __ _ __
| |___| | Y Y ___/| |___| / /_/ > Y | ___/| | /
|_______ __|__|_| /___ >_______ _____ /|___| /__| ___ >__|
/ / / / /_____/ / /
@Tyl0us


[*] A Tool for Code Signing... Real and fake
Usage of ./LimeLighter:
-Domain string
Domain you want to create a fake code sign for
-I string
Unsiged file name to be signed
-O string
Signed file name
-Password string
Password for real certificate
-Real string
Path to a valid .pfx certificate file
-Verify string
Verifies a file's code sign certificate
-debug
Print debug statements

To sign a file you can use the command option Domain to generate a fake code signing certificate.

AVvXsEjZj9xeUnx46TGfKrmMQjeqc1CsFDbPT7g9XnhXw5NdUAtj3kk3 0Yz8mWOxpzmQXcbyp4Y7jUPCQXdhb4a82Gc7DJbhHgnj8c9Dp8p5y f 7BdJuoEq4pJuroraGwD89f9xdb8PxTPRipw7XfnpD4Gvt6nXokj06FfxU3gg 5mGZHV96COi0VQ ORV2Q=w640 h284 

to sign a file with a valid code signing certificate use the Real and Password to sign a file with a valid code signing certificate.

To verify a signed file use the verify command.

AVvXsEh0HJyn7Z AX48HYyMfR 0tudMiW2Cw1EGRgYH8GSOKtEB68nBjgxPDIttgHaTtNDUHOTIpvXWfo2FZsHl9lpMzqfvefZbvltn3ayYISFDeGnblIeEOgyT0h4qRd2KWXJjiMFVw759X96cE2b4Fqt5gnLJaw6Dahs9RGfgViS UAB1Zd6CHfwA3YGOR5A=w640 h604

AVvXsEhYlVHZrvL7TfxT1GLOxuRqsd t5oHiRgtvQtdjw3XFMK1E r3N8jtltsAByZ64NDxH 7A Q0lqIwI8hP3uP4c6S7yTEqOYvnGhh fUi vwuRyTkLnL5D9nG8BqUxwEwnFfE6nYxZe AD bStdcmnAHa szyaT4T8Xs 5qPSNj9Wc Vm3Y7FIOpdpiVg=w510 h640

J9jpNvhhI4M

[*]click here to read full Article

[*]Read More on Pentesting Tools

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: