What is a zip file bomb?

Posted on : 2017-10-06 in others
By Mithun Khanna

What damage can a small zip file do to my awesome computer?

Well, in the hands of a brilliant hacker 0's and zip file became the greatest hacking tool of the past century. You might be surprised what a simple 0 can do. If so just take your notepad and write 1000 zeroes and then copy paste it ten times. You can see that your computer may feel a lag.
That is the power of 0 Now zip the file (compress) only to see how much the size is reduced (MB=>2-3KB). All that's left to do is the nested compression of the above file and voila we have our ZIP BOMB.

The zip bomb 42.zip is only 42 KB on download but actually contains 4,500,000 Gigabytes of memory

All it does is get scanned by the AV (anti virus) software, so the software will keep on decompressing the zip file to find more of such garbage data. As we don't have any malicious (virus) code in the file, antivirus software keeps on decompressing only to find the size of the file to be in gigabytes (Some even reach petabytes), which more than the memory allocated for the antivirus software. i.e if the software is allocated a memory of 1 Gigabytes but it shows somthing big than the allocated data. Ultimately antivirus software crashes giving way for the malicious code to run it's havoc.

Zip bomb actually crashes your antivirus and not your computer but ultimately the virus that may be attached to it will take care of it

But as time went by, these were identified by the antivirus company and the vulnerability was soon fixed. But at the time, when it was not detected it paved way for many malicious programs into our system. These come under the class LOGIC BOMBS. In short these are DOSers (Denial Of Service) for antivirus. If you like to test this on your own, there is a popular file called 42.zip, you can find it at 
The Password for the file is '42.



Other posts you may like