In 2001 reports about Zip Bombs or Zip of Death attacks made the round on the Internet and I thought it would be nice to write about one shiny harmless example of that technique. On first glance the file 42.zip is a normal compressed file with the size of 42 Kilobytes. Many users who run a virus scanner will probably run into troubles downloading that file to their computer.
It still looks like a normal 42 Kilobyte archive after the download but the surprise begins when the user tries to unpack that file. What they did was basically pack a 4.3 Gigabyte file consisting only of zeros. That packed file was replicated 16 times and packed again, and again, and again, and again. Or, to use their own words:
The file contains 16 zipped files, which again contains 16 zipped files, which again contains 16 zipped files, which again contains 16 zipped, which again contains 16 zipped files, which contain 1 file, with the size of 4.3GB.
You could basically unpack the 42 Kilobyte file into 4.5 Petabyte of uncompressed data if your hard drive storage space would be enough to do that.
Related posts:
Ask the Readers: Software to extract archives in multiple foldersAuto Zip Attachments for Thunderbird
Zip File Recovery with Object Fix Zip
Hide Information in Files
Flash Cookies explained
19 Responses to “42 Kilobytes Unzipped Make 4.5 Petabytes”
Trackbacks/Pingbacks
-
[...] Clever hack: a 42 kb .zip file that decompresses unto your hearts’ content. [...]
-
[...] 来源: unforgettable.dk via ghacks.net [...]
-
[...] days back, I read a post about how 42 Kilobytes Unzipped Make 4.5 Petabytes. I was amazed to know how this 42 kilobytes of file resulted in a 4.5 Petabytes of [...]
-
[...] Some days back, I read a post about how 42 Kilobytes Unzipped Make 4.5 Petabytes. I was amazed to know how this 42 kilobytes of file resulted in a 4.5 Petabytes of [...]
This is an very old hack, it has been used in the past to take down old Microsoft Exchange 5.5 servers.
It’s even more fun when that is not joke but seriously unoptimized program. I had encountered app once that had some extra data packed in 10Kb zips… Which unpacked to 100+Mb each.
Decompression bombs have been around for a while. A lot of anti-virus programs wouldn’t recognize what it was, and if you tried to scan it, they would actually freeze up.
At least I’d hope it would lock up an AV scan. Anything that crowbars my scanner is not something even I’d be dumb enough open.
The latest news is always in gHacks, really! The best of bleeding-edge technology.
eh … so … Gigabytes or Petabytes ?!?
I would love to see home PC capable of storing 4 Petabytes (or at least one).
This is Madness!!!
TTHHISS is… Size Attack. :p
Never heard of such things before… Thanks for the info…
A lot of people will actually use hex editors, to edit the file AFTER it has been zipped up, this helps keep the filesize small when you’re creating it.
http://en.wikipedia.org/wiki/Run-length_encoding
That should be of an interested further reading for people who would like to.
A simple concept, but interesting.
Instructions for Unzipper
1. Write a 1.
2. Write a billion billion billion 0s
3. Write another 1.
4. Rinse and repeat
Pure genius.
When clicking on the 42.zip link, Avast warns me that it is an Multi:ArchiveBomb :)
@rhmelis: That’s actually pretty awesome. I wasn’t sure if a lot of major Anti-Virus programs actually did catch them or not.
I just tried to download it. McAfee did not catch it. Avira did.
“I just tried to download it. McAfee did not catch it.”
Not a surprise there — I’m sure most of their budget goes to advertising and scare tactics, rather than actual development.
When I was testing them a few months ago, neither did Norton and CA