HOME

TheInfoList



Click Here for Items Related To - zip bomb
OR:
zip bomb on:   [Wikipedia]   [Google]   [Amazon]

In computing, a zip bomb, also known as a decompression bomb or zip of death (ZOD), is a malicious
archive file In computing, an archive file stores the content of one or more files, possibly compressed, with associated metadata such as file name, directory structure, error detection and correction information, commentary, compressed data archives, sto ...
designed to crash or render useless the program or system reading it. The older the system or program, the less likely it is that the zip bomb will be detected. It is often employed to disable
antivirus software Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name ...
, in order to create an opening for more traditional
malware Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to caus ...
. A zip bomb allows a program to function normally, but, instead of hijacking the program's operation, it creates an archive that requires an excessive amount of time, disk space, computational power, or memory to unpack. Most modern antivirus programs can detect zip bombs and prevent the user from extracting anything from it.


Details and use

A zip bomb is usually a small file for ease of transport and to avoid suspicion. However, when the file is unpacked, its contents are more than the system can handle. A famous example of a zip bomb is titled ''42.zip'', which is a
zip file ZIP is an archive file format that supports lossless data compression. A ZIP file may contain one or more files or directories that may have been compressed. The ZIP file format permits a number of compression algorithms, though DEFLATE is t ...
of unknown authorship consisting of 42
kilobyte The kilobyte is a multiple of the unit byte for Computer data storage, digital information. The International System of Units (SI) defines the prefix ''kilo-, kilo'' as a multiplication factor of 1000 (103); therefore, one kilobyte is 1000&nbs ...
s of compressed data, containing five layers of nested zip files in sets of 16, each bottom-layer archive containing a 4.3-
gigabyte The gigabyte () is a multiple of the unit byte for digital information. The SI prefix, prefix ''giga-, giga'' means 109 in the International System of Units (SI). Therefore, one gigabyte is one billion bytes. The unit symbol for the gigabyte i ...
(; − ) file for a total of (; − ) of uncompressed data. In many anti-virus scanners, only a few layers of
recursion Recursion occurs when the definition of a concept or process depends on a simpler or previous version of itself. Recursion is used in a variety of disciplines ranging from linguistics to logic. The most common application of recursion is in m ...
are performed on archives to help prevent attacks that would cause a buffer overflow, an
out-of-memory Out of memory (OOM) is an often undesired state of computer operation where no additional memory can be allocated for use by programs or the operating system. Such a system will be unable to load any additional programs, and since many programs ...
condition, or exceed an acceptable amount of program execution time. Zip bombs often rely on repetition of identical files to achieve their extreme compression ratios. Dynamic programming methods can be employed to limit traversal of such files, so that only one file is followed recursively at each level, effectively converting their exponential growth to linear.


See also

* Billion laughs attack, a similar attack on XML parsers *
Black fax A black fax is a prank fax transmission consisting of one or more pages entirely filled with a uniform black tone. The sender's intention is generally to use up as much of the recipient's fax ink, toner, or thermal paper as possible, thus costi ...
*
Busy beaver In theoretical computer science, the busy beaver game aims to find a terminating Computer program, program of a given size that (depending on definition) either produces the most output possible, or runs for the longest number of steps. Since an ...
, a program that produces the maximum possible output before terminating * Email bomb *
Fork bomb In computing, a fork bomb (also called rabbit virus) is a denial-of-service (DoS) attack wherein a process continually replicates itself to deplete available system resources, slowing down or crashing the system due to resource starvation. ...
* Logic bomb *
Online algorithm In computer science, an online algorithm is one that can process its input piece-by-piece in a serial fashion, i.e., in the order that the input is fed to the algorithm, without having the entire input available from the start. In contrast, an of ...
, limit discovered rather than declared


References

{{DEFAULTSORT:Zip Bomb Algorithmic complexity attacks Computer archives Denial-of-service attacks Types of malware