Crash Google Chrome

How to Crash Google Chrome Web Browser with Simple URL

Eager to learn how to crash the latest version of Google Chrome web browser instantly? If, yes then this post is for you. A bug in Google’s Chrome allows you to crash the web browser when clicking on or hovering the mouse cursor over a 16-charcter text string placed on a web page.

The simple URL bug in Chromium engine was discovered by Andris Atteka, a security researcher from Latvia, and reported to Google. Placing the null characters, in this case, %%30%30 or similar at the end of the URL causes Google Chrome to choke instantly through a series of attempts to rationalize the web address.

Below are the two forms of the offending URL – we won’t put them in this article as-is because they will crash your opened tab or entire web browser. And that’ll not be nice.

How to Crash Google Chrome

Entering the above string into the address bar and pressing Enter, causes either the current Chrome tab to crash or the whole web browser.

What’s Actually Happens:

Crash Google Chrome

  • The %%300 at the end of the URL is converted into %00 (0x30 is the ASCII code for ‘0’. The %%300becomes this string of characters: the original ‘%’, the converted ‘0’, and the original ‘0’. Combined, that’s ‘%00’.) This sticks a NULL byte at the end of the web address.
  • This URL is passed to GURLToDatabaseURL() which calls ReplaceComponents().
  • This causes the URL to be processed again, hitting the NULL byte. It figures that shouldn’t be there and marks the URL as invalid.
  • The code path returns to GURLToDatabaseURL() which expects the URL to be still valid and callsspec() on it.
  • But the URL is invalid, which is unexpected, and so the function hits a DCHECK() that causes the software to bail out – even on the release build.
  • When hovering the mouse cursor over the URL, the web address, which is marked as invalid, is sent to another part of the web browser that expects valid-only addresses – causing the tab to be blown away.

We’ve tested it on Google Chrome 45.0.2454.93 on both Windows 10 and OS X El Capitan in Mac, and both flavors of the browser are venerable.

Did this simple hack help you to crash Google Chrome Web Browser? Do let us know in the comments below.

Leave a Reply

Your email address will not be published. Required fields are marked *