8:23 PM
Unknown
A zip bomb, also known as a Zip of Death or decompression bomb, is a malicious archive file designed to crash or render useless the program or system reading it. It is often employed to disable antivirus software, so that a more traditional virus sent afterwards could get through undetected.
Rather than hijacking the normal operation of the program, a zip bomb allows the program to work as intended, but the archive is carefully crafted so that unpacking it (e.g. by a virus scanner in order to scan for viruses) requires inordinate amounts of time, disk space or memory.
A zip bomb is usually a small file (up to a few hundred kilobytes) for ease of transport and to avoid suspicion. However, when the file is unpacked its contents are more than the system can handle.
The technique has been used on dialup bulletin board systems at least as long as compressing data archive programs have been around.
Today, most antivirus programs can detect whether a file is a zip bomb and so avoid unpacking it.
One example of a Zip bomb was the file "42.zip" which was 42 kilobytes of compressed data, containing six layers of nested zip files in sets of 16, each bottom layer archive containing a 4.2 gigabyte file for a total of 4.5 petabytes of uncompressed data. This file is still available for download on various websites across the internet.
Download Link:
This zip is detectable by modern antivirus , u can make ur own zip bomb which is undetectable .
for this open notepad type a blank space on it , save it in a separate folder and name it 1.txt . Now in the directory copy the file using ctrl+c and now paste it using ctrl+v , now duplicate copy of the files will be created , similarly paste it so that the size of the folder becomes 50kb . now go to command prompt , change current directory to this folder then run this command
copy /b *.txt b.txt
so more files will created , repeat the command so that the size of the folder becomes 3 to 4 GB , now right click that folder and click add to archive , thus a new archive file file will be created , which will be in few hundred KB or few MB , thus 4GB file is compressed to few kb sized zip , now sent this zip file to some private mail server like
someone@example.com as attachment , the mail server tries to scan the file and if memory is not available it gets crashed .;)
u can use the command to create file size of petabytes(if u have disk space) and compress them , this would be more effective .
Posted in: general tips
1 comments:
can we use this technology to enable the transfer of large files
Post a Comment