parent
789034a06c
commit
667cc5bcca
|
@ -78,7 +78,7 @@ module Msf::Payload::Android
|
|||
cert.public_key = key.public_key
|
||||
|
||||
# Some time within the last 3 years
|
||||
cert.not_before = Time.now - rand(3600*24*365*3)
|
||||
cert.not_before = Time.now - rand(3600 * 24 * 365 * 3)
|
||||
|
||||
# From http://developer.android.com/tools/publishing/app-signing.html
|
||||
# """
|
||||
|
@ -89,7 +89,16 @@ module Msf::Payload::Android
|
|||
# requirement. You cannot upload an application if it is signed
|
||||
# with a key whose validity expires before that date.
|
||||
# """
|
||||
cert.not_after = cert.not_before + 3600*24*365*20 # 20 years
|
||||
#
|
||||
# 32-bit Ruby (and 64-bit Ruby on Windows) cannot deal with
|
||||
# certificate not_after times later than Jan 1st 2038, since long is 32-bit.
|
||||
# Set not_after to a random time 2~ years before the first bad date.
|
||||
#
|
||||
# FIXME: this will break again randomly starting in late 2033, hopefully
|
||||
# all 32-bit systems will be dead by then...
|
||||
#
|
||||
# The timestamp 0x78045d81 equates to 2033-10-22 00:00:01 UTC
|
||||
cert.not_after = Time.at(0x78045d81 + rand(0x7fffffff - 0x78045d81))
|
||||
|
||||
# If this line is left out, signature verification fails on OSX.
|
||||
cert.sign(key, OpenSSL::Digest::SHA1.new)
|
||||
|
|
|
@ -216,7 +216,8 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
@cert.issuer = x509_name
|
||||
@cert.public_key = @key.public_key
|
||||
@cert.not_before = Time.now
|
||||
@cert.not_after = @cert.not_before + 3600*24*365*3 # 3 years
|
||||
# FIXME: this will break in the year 2037 on 32-bit systems
|
||||
@cert.not_after = @cert.not_before + 3600 * 24 * 365 # 1 year
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue