So I was looking around on the internet...(Don't Unleash the bomb plz)

[werto165]

And I found the ZIP BOMB!!!!!

 

just some information for you: 

 

A zip bomb is usually a small file for ease of transport and to avoid suspicion. However, when the file is unpacked its contents are more than the system can handle. The technique was used on dialup bulletin board systems in the past

 

The file 42.zip which is a zip file consisting of 42 kilobytes of compressed data, containing five layers of nested zip files in sets of 16, each bottom layer archive containing a 4.3 gigabyte (4 294 967 295 bytes; ~ 3.99 GiB) file for a total of 4.5 petabytes (4 503 599 626 321 920 bytes; ~ 3.99 PiB) of uncompressed data.

 

http://en.wikipedia.org/wiki/Zip_bomb

 

Just found this super interesting(so I thought you might too), how such a small innocuous file can have such a large impact. Do any of you guys have any links to any other interesting malware(not the distribution, just information about them)

[Decon]

And I found the ZIP BOMB!!!!!

 

just some information for you: 

 

A zip bomb is usually a small file for ease of transport and to avoid suspicion. However, when the file is unpacked its contents are more than the system can handle. The technique was used on dialup bulletin board systems in the past

 

The file 42.zip which is a zip file consisting of 42 kilobytes of compressed data, containing five layers of nested zip files in sets of 16, each bottom layer archive containing a 4.3 gigabyte (4 294 967 295 bytes; ~ 3.99 GiB) file for a total of 4.5 petabytes (4 503 599 626 321 920 bytes; ~ 3.99 PiB) of uncompressed data.

 

http://en.wikipedia.org/wiki/Zip_bomb

 

Just found this super interesting(so I thought you might too), how such a small innocuous file can have such a large impact. Do any of you guys have any links to any other interesting malware(not the distribution, just information about them)

cool stuff; I'll have to try this out this weekend 

[DtrollMC]

SO what would this do to a computer? Wouldn't the OS just refuse to open it? I'm sure 7-Zip and other archiving software have been updated to prevent things like this as well. Still a neat concept.

[ReadyToGame]

cool stuff; I'll have to try this out this weekend 

What do you mean try this? You DON'T want to try this. This will fack up your computer.

[werto165]

SO what would this do to a computer? Wouldn't the OS just refuse to open it? I'm sure 7-Zip and other archiving software have been updated to prevent things like this as well. Still a neat concept.

Probably just wouldn't open it, I'm sure there would still be a way(probably a lot of effort to do, which is a good thing), I would just not bother trying it as it sounds horrendous. 

[ReadyToGame]

SO what would this do to a computer? Wouldn't the OS just refuse to open it? I'm sure 7-Zip and other archiving software have been updated to prevent things like this as well. Still a neat concept.

No. That's the point of it, un-suspecting users are looking for something else, and they download the said zipfile, unzip it, and R.I.P computer. This catches PC noobs by surprise, and can ruin your computer fun for a while.

[DtrollMC]

Probably just wouldn't open it, I'm sure there would still be a way, I would just not bother trying it as it sounds horrendous. 

Would be funny to give it to someone and tell them not to open it though...  <_<

[ReadyToGame]

Probably just wouldn't open it, I'm sure there would still be a way(probably a lot of effort to do, which is a good thing), I would just not bother trying it as it sounds horrendous. 

There really isn't a way to "prevent it" You just need to be careful with what you download, things can go really bad if you con't pay attention to what you're doing, or if you don't know what you're doing.

[ReadyToGame]

Would be funny to give it to someone and tell them not to open it though...  <_<

They'd hate you for the rest of eternity. They'd basically lose anything of value on the computer.

[werto165]

Would be funny to give it to someone and tell them not to open it though...  <_<

You could set up a VM on their machine, such that their actual PC would be fine. But if you want a fun one: 

 

 

or you could program one: 

 

https://www.youtube.com/watch?v=48k9eyVsC-M

[DtrollMC]

They'd hate you for the rest of eternity. They'd basically lose anything of value on the computer.

I know it would be a really douchey thing to do. It makes me wonder though, if servers/websites are protected from this. Seems like an easy was to do a lot of bad shit.

[ReadyToGame]

I know it would be a really douchey thing to do. It makes me wonder though, if servers/websites are protected from this. Seems like an easy was to do a lot of bad shit.

I don't get what you mean, by sites being protected by it. Sites that host the file are simply hosting it, and they are probably sites setup just to be malicious and send the file to the user without them catching on to the fact that the program/file and site is malicious.

[DtrollMC]

I don't get what you mean, by sites being protected by it. Sites that host the file are simply hosting it, and they are probably sites setup just to be malicious and send the file to the user without them catching on to the fact that the program/file and site is malicious.

I mean servers that would automatically unzip the file.

[ReadyToGame]

I mean servers that would automatically unzip the file.

Not many servers would because it wouldn't get distributed to those servers. If it did happen that would be a kick in the ass. But I just can't see that happening.  

[DtrollMC]

Not many servers would because it wouldn't get distributed to those servers. If it did happen that would be a kick in the ass. But I just can't see that happening.  

I know, this is all theoretical. Another possibility would be one man with a USB that automatically opens the bomb on the server when plugged in. Zip Bombs seem dangerous.

[Decon]

What do you mean try this? You DON'T want to try this. This will fack up your computer.

Dude I got plant of old shit rigs to screw around with >.>  I'm not an idiot lol

[Decon]

You could set up a VM on their machine, such that their actual PC would be fine. But if you want a fun one: 

 

https://www.youtube.com/watch?v=Gt4o8NN70rc

 

or you could program one: 

 

This

[ReadyToGame]

Dude I got plant of old shit rigs to screw around with >.>  I'm not an idiot lol

That would be interesting to plop on an old machine and let it go at it. 

[grayperview]

nevermind....

[Scruffy90]

You could set up a VM on their machine, such that their actual PC would be fine. But if you want a fun one: 

 

 

or you could program one: 

 

These are really mean lol

[Scruffy90]

And I found the ZIP BOMB!!!!!

 

just some information for you: 

 

A zip bomb is usually a small file for ease of transport and to avoid suspicion. However, when the file is unpacked its contents are more than the system can handle. The technique was used on dialup bulletin board systems in the past

 

The file 42.zip which is a zip file consisting of 42 kilobytes of compressed data, containing five layers of nested zip files in sets of 16, each bottom layer archive containing a 4.3 gigabyte (4 294 967 295 bytes; ~ 3.99 GiB) file for a total of 4.5 petabytes (4 503 599 626 321 920 bytes; ~ 3.99 PiB) of uncompressed data.

 

http://en.wikipedia.org/wiki/Zip_bomb

 

Just found this super interesting(so I thought you might too), how such a small innocuous file can have such a large impact. Do any of you guys have any links to any other interesting malware(not the distribution, just information about them)

This is just cruel. How are they able to compress things to such a small size.

[Kingofpants]

This is just cruel. How are they able to compress things to such a small size.

Redundent data

Its not 4.5 Petabytes of actual data. It might just be a string of 1s.

[Scruffy90]

Redundent data

Its not 4.5 Petabytes of actual data. It might just be a string of 1s.

I see. I may try this on a virtual machine just to get a better understanding of how its intended to work. Or I may just use a test subject :rolleyes:

[Kingofpants]

Reminds me of the time I made a .7z archive with 60,000 (Or 100,000) Blank text documents and it was a .7z Self extracting archive and solid, So it took up no space but if you Opened it up it spit out 100,000 files, You could do it to someones desktop and it caused your desktop to go blank ans you need to go to file explorer and Delete them all before your Icons returned.

[handymanshandle]

What you could do is if your computer supports booting from a USB and you made it a bootable USB then remove/unplug the hard drive then run a zip bomb and see what happens.