Zip Bomb Education 101

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
In Technology News by FL Computer Tech

Chrome Crash

Webmasters can use so-called ZIP bombs to crash a hacker’s vulnerability and port scanner and prevent him from gaining access to their website.

The term “ZIP bomb” refers to nested ZIP archives that when unzipped are decompressed to huge files that the victim’s computer cannot process in its memory or cannot store on disk.

For example, a 4.5 petabyte file containing only zeroes can be easily compressed to 42 kilobytes because the ZIP compression system can handle repetitive data extremely well.

ZIP bombs used in the past to crash antiviruses.

ZIP bombs have been used in the past decades as a way to crash antivirus software, which is configured to scan ZIP files by decompressing the file and looking at its content.

While antivirus clients have gained protection against ZIP bombs, other software has not, such as web browsers or vulnerability scanners like Nikto, SQLMap, or others.

Austrian tech expert Christian Haschek has put together two PHP scripts that will scan for particular user-agent strings and deliver ZIP bombs to vulnerability scanners or web browsers trying to access secure or private web pages (such as admin panels, backends, or pages with login forms).

These scripts will replace the normal page hackers would expect to find with a ZIP bomb. Once their clients receive the ZIP bomb, they’ll try to process the data and crash the attacker’s software.

Most browsers and scanners will crash
Here’s a list put together by Haschek that details how some clients will behave when encountering a ZIP bomb.

Client Results

  • IE 11 Memory rises, IE crashes
  • Chrome Memory rises, error shown
  • Edge Memory rises, then dips and
  • loads forever
  • Nikto Seems to scan fine but no output is reported
  • SQLmap High memory usage until crash
  • Safari Hight memory usage then crashes and reloads, then memory rises again, etc..
  • Chrome (Android) Memory rises, error shown

 


The two sample PHP files needed to set up a ZIP bomb for vulnerability scanners are available on Haschek’s blog. FL Computer Tech’s Copy of a 4.5 Petabyte file can be downloaded here. The password is:42. A word of caution, this file is for testing and lab purposes only. You assume the risk if it locks up your computer. Here is an Infographic on what a Petabyte is in terms of data storage size. It is quite impressive.

 

What is even more impressive is that a file 4.5 Petabytes in size (see Infographic to the left) can be stored or “compressed” into a zip file on 41.8 KB in size. Using this principle it is likely that by placing Zip Bombs in a “Honey Pot” on corporate servers and web servers would yield favorable results. On the opposite side of the spectrum is a Zip Bomb were to be included or added to a compressed file in either .zip or .rar format from a popular torrent website or P2P file sharing website, it could theoretically cause some serious issues. This would only wreak possible havoc and perhaps frustration but since it would not be profitable it probably wouldn’t occur unless this applied theory was magnified greatly in which it could be used in some form of a Cyber Attack although these as only speculations.

 

So, there you have it! In comparison, I would say it’s like taking New York City and fitting it into your carry-on luggage. If you got to the hotel and decided to unpack your luggage and New York City came spilling out into your room, you see how that might pose an issue right? Think micro-miny into monstrous monstrosity!

Don’t forget to follow-us @FLComputertech!

 

Administrator

Administrator

Leave a Replay

Author's Bio

Michael Duff began working in the IT Industry in 2001.  He is the Owner and CEO for FL Computer Tech. “The one thing I’ve learned is that technology takes on a life of it’s own. Always changing and unpredictable which make it fascinating to be a part of it’s evolution.”

Recent Posts

Dynamics 365 better together with Office 365 E-book

At FL Computer Tech, we know you are the key ingredient that makes your business shine. We also know that any time you spend wading through unconnected programs or entering redundant data is time that could be spent managing your business and building relationships with your customers.

Dynamics 365 Business Central provides a robust platform that can meet the needs of growing your business from every angle. From accounting to sales and everything in between, an interconnected business management system will save you and your employees time and headache!

Read More »

How The Compliance Function Is Evolving In 2018 — Five Key Findings

The security and compliance landscape is ever changing. Therefore, it is more important than ever to ensure your organization is protected against the threats of today and prepared to handle the challenges of tomorrow.

With the cohesive structure of Microsoft 365, you can rest easy knowing that you have the right tools in place across your organization to adapt quickly to industry shifts.

It’s never too early to start looking ahead. Contact us to learn more about increasing the efficiency and effectiveness of your security and compliance functions.

Read More »

A Customer Data Platform Picks Up Where CRM Leaves Off

If you had access to all your customer data, how would you use it? That’s the question you should consider before you begin to bring your data together; then you can set your organization up for success.

With the Azure data platform, you can take advantage of the efficiency and agility of the cloud by easily migrating to the cloud without changing code. Unlock insights and make predictions faster with Azure.

FL Computer Tech and Microsoft are here to help you get the most out of your data. Contact us today to find out how we can help you transition to the data platform that IT pros trust.

Read More »

Follow Us

Video Archive

Sign up for our Newsletter

Looking for the latest in technology news? Do you like tips, tricks and shortcuts? Sign up today!