Guardian for CWE-428

Me, myself & IT

Guardian for CWE-428

Purpose
Download
Authenticity and Integrity
Installation: Automatic online installation; Manual offline installation
Deinstallation

Purpose

The batch script GUARDIAN.CMD creates empty files ‹filename›.EXE next to some or all subdirectories which contain a space in their name it finds in the root directory of Windows’ system drive %SystemDrive%\, underneath the directories %SystemRoot%\, "%ProgramFiles%\" and (if it exists) "%ProgramFiles(x86)%\" as well as "%USERPROFILE%\" to let execution of these DLLs and applications due to the well-known weaknesses listed as CWE-426: Untrusted Search Path, CWE-427: Uncontrolled Search Path Element and CWE-428: Unquoted Search Path or Element in the CWE^™ fail.

Download

The batch script GUARDIAN.CMD is packaged in the (compressed and digitally signed) cabinet file GUARDIAN.CAB.

Authenticity and Integrity

GUARDIAN.CAB is digitally signed using an X.509 certificate issued by WEB.DE TrustCenter E-Mail Certification Authority.

Serial number of the certificate: 0x04605052 = 73420882
Fingerprint of the certificate: MD5: e5 0b 01 66 ce 2e 7a 03 f4 98 39 37 f6 f9 9f ba; SHA-1: 79 05 5d 63 2f 03 31 83 04 e2 ff 3b 25 b9 cc b6 70 ad ec 31

Download and install the CA and root X.509 certificates of WEB.DE to validate and verify the digital signature.

Note: unfortunately WEB.DE abandoned their trust center in 2018 and removed all pages and download links in 2019; fortunately the Wayback Machine archived the TrustCenter page, the CA and the root certificate.

Note: due to its counter signature alias timestamp the digital signature remains valid past the X.509 certificates expiration date!

Installation

Installation requires administrative privileges and access rights.

Automatic online installation

When visited with Internet Explorer, this web page will prompt to install (the contents of) the package using Internet Component Download.

Manual offline installation

Download the package GUARDIAN.CAB and verify its digital signature, then open it in Windows Explorer, extract its contents and call the extracted batch script GUARDIAN.CMD to run the installation.

Deinstallation

Not provided.

Contact and Feedback

If you miss anything here, have additions, comments, corrections, criticism or questions, want to give feedback, hints or tipps, report broken links, bugs, deficiencies, errors, inaccuracies, misrepresentations, omissions, shortcomings, vulnerabilities or weaknesses, …: don’t hesitate to contact me and feel free to ask, comment, criticise, flame, notify or report!

Use the X.509 certificate to send S/MIME encrypted mail.

Note: email in weird format and without a proper sender name is likely to be discarded!

I dislike HTML (and even weirder formats too) in email, I prefer to receive plain text.
I also expect to see your full (real) name as sender, not your nickname.
I abhor top posts and expect inline quotes in replies.

Terms and Conditions

By using this site, you signify your agreement to these terms and conditions. If you do not agree to these terms and conditions, do not use this site!

The software and the documentation on this site are provided as is without any warranty, neither express nor implied.
In no event will the author be held liable for any damage(s) arising from the use of the software or the documentation.
Permission is granted to use the current version of the software and the current version of the documentation solely for personal private and non-commercial purposes.
An individuals use of the software or the documentation in his or her capacity or function as an agent, (independent) contractor, employee, member or officer of a business, corporation or organisation (commercial or non-commercial) does not qualify as personal private and non-commercial purpose.
Without written approval from the author the software or the documentation must not be used for a business, for commercial, corporate, governmental, military or organisational purposes of any kind, or in a commercial, corporate, governmental, military or organisational environment of any kind.
Redistribution of the software and the documentation is allowed only in unmodified form of its current version and free of charge.

Data Protection Declaration

This web page records no (personal) data and stores no cookies in the web browser.

The web service is operated and provided by

Telekom Deutschland GmbH
Business Center
D-64306 Darmstadt
Germany
<‍hosting‍@‍telekom‍.‍de‍>
+49 800 5252033

The web service provider stores a session cookie in the web browser and records every visit of this web site with the following data in an access log on their server(s):

the (pseudonymised) IP address;
the date and time of the request;
the URL of the requested web page or file;
the Referer and User-Agent HTTP headers sent by the web browser;
the result (success or failure) of the request;
the amount of data received and sent.