Disitool is a small Python program to manipulate embedded digital signatures.
- delete a signature: disitool.py delete signed-file unsigned-file
- copy a signature: disitool.py copy signed-source-file unsigned-file signed-file
- extract a signature: disitool.py extract signed-file signature
- add a signature: disitool.py add signature unsigned-file signed-file
It is not a tool to digitally sign executables, use signtool for this. When you add or copy a signature from one file to another file, the signature will not be valid.
disitool uses pefile, you’ll need to install this first. This new version (V0.2) will update the PE header checksum.
Download:
MD5: 4C7196F5AD581275B8B8CBC4930FF338
SHA256: 075CED9FDD633A6D0A11029107206F845AF055AFC3872E7D82801A1D83AED64F
[...] latest version of pefile has extra methods to handle the checksum of the PE header. My new disitool version uses these methods to correct the checksum when the signature is changed by [...]
Pingback by Update: Disitool V0.2 « Didier Stevens — Tuesday 15 April 2008 @ 8:25