search

Ylianst / MeshCentralAssistant

Tray icon tool for the MeshCentral Agent. It displays the state of the agent, you can start and stop the agent and request help.
https://meshcentral.com
Apache License 2.0
36 stars 26 forks source link

Signing a customised assistant makes it unusable #35

Open rosch100 opened 1 year ago

rosch100 commented 1 year ago

When code-signing a customised assistant, the newly signed exe does not recognise the (embedded) msh file anymore and thus cannot connect to my server.

Debug output:

17:13:.7140: ***** Starting MeshCentral Assistant *****
17:13:.7172: Version 0.1.8175.21599
17:13:.7182: Set TLS 1.2
17:13:.7196: InitializeComponent()
17:13:.7961: Checking for embedded MSH file
17:13:.8266: Check for built-in agent
17:13:.8306: Get list of background agents
17:13:.8612: MainForm_Load()
17:13:.9161: connectToAgent 
17:13:.9230: Agent: ConnectPipe()
17:13:.9262: Agent: ConnectPipe() - failed
17:13:.9176: Agent: ConnectPipe()
17:13:.9199: Agent: ConnectPipe() - failed

It kind of works with an external msh file, but since I could only find an agent msh file, the assistant now lost the custom icon and name and is residing in the tray.

elmar69 commented 8 months ago

By (re)signing the executable appended MSH file is stripped of.

On adding MSH data there is some Modification to signature record done (in exeHandler.js).

I did try to place an executable with my signature into MeshCentral (at path /opt/meshcentral/meshcentral/agents/MeshCentralAssistant.exe).

After download it does contain MSH data but signature is do longer displayed in file.explorer.

There seems to be some trick required.

elmar69 commented 8 months ago

Just found an Solution to handle that.

Patching config-Data into signed executable is not the best idea. Therefore I added an Option to Embedd config as an Asembly-Resource.

The Modification required in Assistant is in PullRequest "Optional loading MSH File from Resource".

To Add your config to exe you can use this minimal C#-Program. Invocation as AddRes.exe OLD_EXE MSF_FILE NEW_EXE:

using System; using System.IO; using Mono.Cecil;

namespace AddRes { internal class Program { static void Main(string[] args) { Console.WriteLine("{0} + {1} => {2}",args[0],args[1],args[2]); AssemblyDefinition asdDefinition = AssemblyDefinition.ReadAssembly(args[0]); EmbeddedResource erTemp = new EmbeddedResource("msh", ManifestResourceAttributes.Public,File.ReadAllBytes(args[1])); asdDefinition.MainModule.Resources.Add(erTemp); asdDefinition.Write(args[2]); } } }