What is a decompression bomb.
Decompression bomb is a file which is compressed that apparently looks very small file but when it decompressed it becomes a huge file which will eat your disk space and memory to copy. It may be freeze your machine or corrupt files and may be damage to OS.What is the technique behind this.
The technique is compression. ZIP TAR RAR ...etc. These compression tools get the files' bits and match the patterns. For these patterns they adds certain bits to identify at the decompression. Advantage of this use to make a decompression bomb.Let's make it.
I will introduce here you 2 ways to make a Decompression bomb your self.Using Linux
Get terminal and type as follow
dd if=/dev/zero bs=1024 count=1000000 | zip bomb.zip -
/dev/zero is a device file which is null. This will create a 1gig null file and zip it as bomb.zip. bs is for Block Size and as count you can specify the size of the bomb. Remember to put the Dash at the end.
In this method I've tested it created 1Gb file into 1Mb zip.
Using Notepad in windows.
Using notepad also we can create a Decompression bomb. We can write a null file using Alt+255.
Open notepad, turn on num and hold Alt , type 255 with Alt. Then you can see null (zero) block written. Type this for several times , select all , copy it and paste it. Paste several times and select all again and then you can copy a big block. Like that you can create a huge txt file with zeros.
After you've create the txt you can see the size of your file. This may be 500mb or may be few Gbs. Copy the txt and make several copies of this txt in the same folder. Open the cmd in the same directory and type copy /b *.txt bomb.txt
This will be create a one file called bomb.txt including all copies that you created. Make a zip file by this bomb.txt.
In this method i tested it created a 4Gb txt into 8Mb zip
No comments:
Post a Comment