Thread: GTA 5 source code leaked
View Single Post
  #54  
Old 11-24-2024, 12:27
wx69wx2023 wx69wx2023 is offline
Family
  
Join Date: Sep 2023
Posts: 316
Rept. Given: 48
Rept. Rcvd 59 Times in 34 Posts
Thanks Given: 586
Thanks Rcvd at 877 Times in 230 Posts
wx69wx2023 Reputation: 59
Steps:

1. Determine whether the file is 32-bit or 64-bit based on the magic number. (010B or 020B)

2. Locate the Security Directory in the PE HEADER using its RVA and size, and remove the corresponding signature content from the file. ( The signature content is at the end of the file. )

3. Clear the RVA and size fields of the Security Directory.

4. Recalculate the checksum and update it.

You could handle the sys file with tools, e.g. winhex +lordpe.

I have made the python file to do this.

Attachment is the python file and the sys file (already remove the sign)
Attached Files
File Type: 7z remove_signature.7z (1.18 MB, 12 views)
Last edited by wx69wx2023; 11-24-2024 at 13:08.
Reply With Quote
The Following User Gave Reputation+1 to wx69wx2023 For This Useful Post:
niculaita (11-24-2024)
The Following 3 Users Say Thank You to wx69wx2023 For This Useful Post:
besoeso (11-24-2024), niculaita (11-24-2024), uranus64 (11-24-2024)