The 2012 Pwnie Nominee For Most Innovative Research

Injecting Custom Payloads Into Signed Windows Executables

Igor Glucksmann

Incomplete Code Signing attacks are not only useful for iOS jailbreaks, they can also be used to add a few more features to signed PE executables (i.e. software installers, updates, etc) without invalidating the Authenticode signatures. But why would anyone want to do that?

Injecting Custom Payloads Into Signed Windows Executables