Thread: Patching in your own kernel signing certificate
View Single Post
  #1  
Old 09-25-2024, 09:48
tame_mpeg tame_mpeg is offline
Friend
  
Join Date: Oct 2023
Posts: 21
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 8
Thanks Rcvd at 22 Times in 10 Posts
tame_mpeg Reputation: 1
Patching in your own kernel signing certificate
I need a signing certificate which is completely trusted by an up to date version of windows.
Test signing is an option for some purposes, but many applications don't like it being enabled. I’m also aware of tools to disable PatchGuard and DSE.
There are leaked certificates and timestamp spoofing tools but they don't play well with up to date versions of windows and kernel driver signing.

I came across this writeup which describes a process of patching bootmgfw.efi to replace the signature of an unimportant Microsoft Test signing certificate with your own certificate. The final result of doing this is you get your own certificate which can sign drivers without compromising the security or stability of Windows.
The writeup:
https://github.com/Avery3R/re-writeups/blob/master/windows-ci/part1_on_disk_patching.md

The writeup doesn't go into much detail and I don't know if I could figure out how to try it myself.
Has anyone else done something like this? Do you think it would still work?
Anyone have links to any other resources or tools which could help do the things in that writeup?
Reply With Quote