Silent Word Exploit CVE-2017-8759 – Silent ExploitFebruary 6, 2018
Deepdotmy original: Remote Administration Tool – GuideFebruary 6, 2018
Bypass UAC & SmartScreen – Exploit
Code Signing to bypass UAC & SmartScreen
Why do I need to sign my files?
Avoid UAC warnings
Pass SmartScreen filter (For EV certs its immediately, For regular certs after they gain a positive rep in SmartScreen)
Pass browser filters like “malicious file” or “not commonly downloaded” (for EV certs – immediately)
Pass some AV filters, which are blocking any unsigned executable
Make your software more trusted
What files can i sign?
– 32 and 64-bit applications .exe, .cab, .dll, .ocx, .msi, .xpi and .xap
– Java applications
– Apple applications
– VBA objects, scripts and macros for Microsoft Office .doc, .xls, and .ppt files
– Regular code signing certificate: you’ll get the archive with PFX and a password.
Regular certs should gain a reputation before they pass SmartScreen filter (contact us for details)
– EV Code Signing certificate: you’ll get a USB token with pre-installed certificate via mail or the link to installation page if you have your own hardware token
Advantages of using EV certificate
– EV certificates are the only type that you can use for signing drivers for Win10
– Immediately removes SmartScreen warnings
– Immediately removes “malicious file” and “not commonly downloaded” browser warnings
3 free re-issue if your file becomes detected by AV’s then $100 for each re-issue