Guardian for CWE-428 Valid HTML 4.01 Transitional Valid CSS Valid SVG 1.0

Me, myself & IT

Guardian for CWE-428

Purpose

The batch script GUARDIAN.CMD creates empty files ‹filename›.EXE next to some or all subdirectories which contain a space in their name it finds in the root directory of Windows' system drive %SystemDrive%, underneath the directories %SystemRoot%\, "%ProgramFiles%\" and (if it exists) "%ProgramFiles(x86)%\" as well as "%USERPROFILE%\" to let execution of these DLLs and applications due to the well-known weaknesses listed as CWE-426: Untrusted Search Path, CWE-427: Uncontrolled Search Path Element and CWE-428: Unquoted Search Path or Element in the CWE fail.

Download

The batch script GUARDIAN.CMD is packaged in the (compressed and digitally signed) cabinet file GUARDIAN.CAB.

Code authenticity and integrity

GUARDIAN.CAB is digitally signed using an X.509 certificate issued by WEB.DE TrustCenter E-Mail Certification Authority.
Serial number
73420882
0x04605052
Fingerprint
MD5: e5 0b 01 66 ce 2e 7a 03 f4 98 39 37 f6 f9 9f ba
SHA-1: 79 05 5d 63 2f 03 31 83 04 e2 ff 3b 25 b9 cc b6 70 ad ec 31
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAwoDvctTIkyz5KyHlms35ue9lm7I2yPVqZbRjGL26OKxei/R9APYKA47yoJQu
QZvr0husZPI/XQEGDicmBH1Gw/T821Y/E3pwUrumhw2dRI83Vn3wqO1OaAfkcOxjtNthr04r
YT+8f1SJtZabDP0Fv7dF4ltrUSwvy+lxV4jLLU2y7qtJ6XawLHEIBZAurozEGUVlgF93nsIZ
ydcHLxQzUEbSSsegkeY+aaaC/pGFE9Q3P3c4Nn5kOwK8ElwPwbHFMiK4t8RT3DSPXX0XQl2M
yoB3XAhZj6VOC9JyHC4COVSTnbFz3mmDkxYL/qyKFkDH/V5JWZhEv+T0Rl2Bebh91wIDAQAB
-----END RSA PUBLIC KEY-----
Download and install the CA and root X.509 certificates of WEB.DE to validate and verify the digital signature.

Note: due to its counter signature alias timestamp the digital signature remains valid past the X.509 certificates expiration date!

Installation

The installation requires administrative privileges.

Automatic online installation

If visited with Internet Explorer, this web page will prompt to install (the contents of) the package using Internet Component Download.

Manual offline installation

Download the package GUARDIAN.CAB and verify its digital signature, then open it in Windows Explorer, extract its contents and call the extracted batch script GUARDIAN.CMD to run the installation.

Deinstallation

Not provided.

Contact

If you miss anything here, have additions, comments, corrections, criticism or questions, want to give feedback, hints or tipps, report broken links, bugs, errors, inaccuracies, omissions, vulnerabilities or weaknesses, …:
don't hesitate to contact me and feel free to ask, comment, criticise, flame, notify or report!

Use the X.509 certificate to send S/MIME encrypted mail.

Notes: I dislike HTML (and even weirder formats too) in email, I prefer to receive plain text.
I also expect to see a full (real) name as sender, not a nickname!
Emails in weird formats and without a proper sender name are likely to be discarded.
I abhor top posts and expect inline quotes in replies.

Terms and conditions

By using this site, you signify your agreement to these terms and conditions. If you do not agree to these terms and conditions, do not use this site!
Copyright © 1995-2017 • Stefan Kanthak • <‍skanthak‍@‍nexgo‍.‍de‍>