How To Crash Google Chrome With Simple URL String

July 1, 2022 Nikhil Agrawal
How To Crash Google Chrome With Simple URL String


Eager to learn how to crash the latest version of Google Chrome web browser instantly? If, yes then this post is for you. A bug in Google’s Chrome allows you to crash the web browser when clicking on or hovering the mouse cursor over a 16-charcter text string placed on a web page.

The simple URL bug in Chromium engine was discovered by Andris Atteka, a security researcher from Latvia, and reported to Google. Placing the null characters, in this case, %%30%30 or similar at the end of the URL causes Google Chrome to choke instantly through a series of attempts to rationalize the web address.

Below are the two forms of the offending URL – we won’t put them in this article as-is because they will crash your opened tab or entire web browser. And that’ll not be nice.

Entering the above string into the address bar and pressing Enter, causes either the current Chrome tab to crash or the whole web browser.

What Actually Happens

  • The %%300 at the end of the URL is converted into %00 (0x30 is the ASCII code for ‘0’. The %%300becomes this string of characters: the original ‘%’, the converted ‘0’, and the original ‘0’. Combined, that’s ‘%00’.) This sticks a NULL byte at the end of the web address.
  • This URL is passed to GURLToDatabaseURL() which calls ReplaceComponents().
  • This causes the URL to be processed again, hitting the NULL byte. It figures that shouldn’t be there and marks the URL as invalid.
  • The code path returns to GURLToDatabaseURL() which expects the URL to be still valid and callsspec() on it.
  • But the URL is invalid, which is unexpected, and so the function hits a DCHECK() that causes the software to bail out – even on the release build.
  • When hovering the mouse cursor over the URL, the web address, which is marked as invalid, is sent to another part of the web browser that expects valid-only addresses – causing the tab to be blown away.

We’ve tested it on Google Chrome 45.0.2454.93 on both Windows 10 and OS X El Capitan in Mac, and both flavors of the browser are venerable.

Did this simple hack help you to crash Google Chrome Web Browser? Do let us know in the comments below.

Editor’s Recommendation:

Frequently Asked Questions (FAQ)

How do I crash a URL in Chrome?

If you use Google Chrome Web browser, it turns out there is a simpler way to crash it. Just enter in a specific 16-character string in the address bar of Chrome and it will disappear as if it saw a ghost. Entering in the following 16-character link “http://a/%%30%30” (without the quotes) crashes Chrome.

How do I crash someone’s Chromebook?

Due to a bug in Chromium engine, you can crash someone’s Google Chrome browser just by adding a NULL char in the URL string. The bug was discovered by Andris Atteka and he has explained in his blog. He demonstrated the bug using 26 characters length string, but you crash Google Chrome using just 16 characters.

Why does Google crash when I type a URL?

If it crashes, then there is something wrong with your Chrome installation. Try updating it or uninstalling and reinstalling a fresh copy. If it does not crash, then the problem is with your user profile. In that case, you can consider deleting your old profile (probably undesirable) and using the new one.

Was this article helpful?
YesNo
Avatar of Nikhil Agrawal
About Nikhil Agrawal 143 Articles
Nikhil is an avid reader, technology enthusiast, web geek, and solo entrepreneur who loves making things on the Internet. He has been a tech blogger since before the word was invented, and will never log off.
Facebook Instagram Twitter YouTube

Related Articles

Be the first to comment

Leave a Reply

Your email address will not be published.


*