The Most Clever 'Zip Bomb' Ever Made Explodes a 46MB File To 4.5 Petabytes (vice.com) 102
Programmer and engineer David Fifield has unveiled a brand-new Zip bomb that explodes a 46-megabyte file to 4.5 petabytes of data. Fifield's new type of "Zip bomb" or "compression bomb" is particularly novel because he "figured out how to 'overlap' files inside of a Zip archive, allowing for compression rates far beyond those of a traditional archive," reports Motherboard. From the report: In an email interview, Fifield noted that, while 42.zip (which has a 106 billion-to-one compression ratio and has been hosted on the same single-serving website for at least 15 years) gets much of the attention, he finds later attempts more technically interesting. "eI find 42.zip inspiring on an aesthetic level -- not so much the file itself but the circumstances around it," Fifield said. "It's like folklore. There must have been many examples of the same basic idea, but for whatever reason 42.zip is the one that had staying power."
Fifield noted that part of what makes his process possible was by coming up with ways to handle cyclic redundancy checks, or CRCs, a basic error-correction functionality baked into Zip, PNG, Ethernet, and numerous other technical standards. Messing around with CRC -- 32 checksums, as they're called, was where Fifield said he learned the most. Fifield, who will present his findings at the USENIX Workshop on Offensive Technologies (WOOT) conference next month, noted that while the work itself adds to a history of research and likely will be superseded in the future, its benefit from an awareness standpoint is important.
Fifield noted that part of what makes his process possible was by coming up with ways to handle cyclic redundancy checks, or CRCs, a basic error-correction functionality baked into Zip, PNG, Ethernet, and numerous other technical standards. Messing around with CRC -- 32 checksums, as they're called, was where Fifield said he learned the most. Fifield, who will present his findings at the USENIX Workshop on Offensive Technologies (WOOT) conference next month, noted that while the work itself adds to a history of research and likely will be superseded in the future, its benefit from an awareness standpoint is important.
Re: Very clever (Score:2, Funny)
42.zip is more likely to contain the answer
In other news.... (Score:5, Insightful)
... someone discovered that if you have a 4.5 petabyte file filled with the same character everywhere you can shrink it down to a few bytes using run length encoding.
Re: (Score:2)
Insofar as it is a game you have to play by the rules of existing .zip programs.
Re:In other news.... (Score:5, Informative)
Also, this story isn't exactly new.
I thought I had that zip on my disk somewhere but I must have lost it.
As TFA pointed out it has been on the same page for 15 years. Why someone suddenly found the need to write about it I don't know.
Actually this is new. The one you mention has been around for 15 years is a zip file that contains zip files, which in turn contain zip files, and so on until the innermost zip which holds a single 4GB file. If your software supports automatic decompression of nested zips, only then will it all expand to the 4.5 PB.
Whats new about the zip in this submission is that there is no nesting of zips inside of zips inside of zips. It's a single zip file (ie: not recursive) which contains all of the destination files. Whereas the 15 year old version will only do the full expansion when decompressed by a very small number of zip utilities, this new one should fully expand with nearly every zip utility out there.
Re: (Score:2)
Also, this story isn't exactly new. I thought I had that zip on my disk somewhere but I must have lost it. As TFA pointed out it has been on the same page for 15 years. Why someone suddenly found the need to write about it I don't know.
Actually this is new. The one you mention has been around for 15 years is a zip file that contains zip files, which in turn contain zip files, and so on until the innermost zip which holds a single 4GB file. If your software supports automatic decompression of nested zips, only then will it all expand to the 4.5 PB.
Whats new about the zip in this submission is that there is no nesting of zips inside of zips inside of zips. It's a single zip file (ie: not recursive) which contains all of the destination files. Whereas the 15 year old version will only do the full expansion when decompressed by a very small number of zip utilities, this new one should fully expand with nearly every zip utility out there.
If you try to compress a compressed zip file, in most cases, the compressor will end up expanding it. The result will be larger than the original. Nested compressions mostly don't work at all.
Re: (Score:2)
Re: (Score:2)
C:\
Re: (Score:2)
C:\
No, no, no.. The proper command is "format c:" and making sure you agree to all prompts..
Re: (Score:2)
In even more news, CRC32 is an error-correction algorithm.
Re: (Score:3)
...in the sense that a CRC error forces the user to get a non broken copy.
Re:In other news.... (Score:4, Interesting)
I did that (In gigabyte size) down to a zip file of a few K. Mainly as part of a tool to test new Disk interfaces in Disk Arrays about a 18 years ago.
I had a small zip file, which I could put that with a shells script on a floppy disk (which were still common at the time) Then the script found all the mapped drives it then preceded to unzip the file onto different disks, and then it would zip the file up and uncompressed it to the next disk, then compress it. Logging the time it took when it goes full circle. I just compare all the newly formed zip files, and they should be equal. It tested the Read and Write with large data sets on the disk and spotted any problems.
I never knew it had a name, or it was considered a novel approach.
Re: (Score:2)
... someone discovered that if you have a 4.5 petabyte file filled with the same character everywhere you can shrink it down to a few bytes using run length encoding.
Zip doesn't use RLE.
LZ77 with distance 1 (Score:4, Interesting)
Zip and Gzip use DEFLATE, which incorporates LZ77 and Huffman layers. LZ77 with distance 1 behaves as RLE.
Re: (Score:2)
zip actually includes support for a number of different compression algorithms in the specification - it's just that no-one ever uses any of them apart from DEFLATE, because there's no guarantee that the decompressing software will support any of the others.
Theoretically (Score:2)
If you are just talking about pure algorithms, you're right.
The trick is getting the implementation that ZIP uses to get it to work, as there are built-in limitations on file size, various issues with CRC sizing, etc..
This is new to me (Score:3, Interesting)
I've never heard of 42.zip.
But I have heard of the gzipped googolplex [selenic.com].
Much smaller download, too...
Re: This is new to me (Score:1)
So our first message to aliens crashes their spam blocker and brings down the mothership?
Re: (Score:2)
Re:This is new to me (Score:5, Funny)
Re:This is new to me (Score:4, Interesting)
Much smaller download, too...
Yep. The fact that a 46Mb zip file can expand to something big doesn't really strike me as newsworthy.
Re: (Score:2)
Much smaller download, too...
Yep. The fact that a 46Mb zip file can expand to something big doesn't really strike me as newsworthy.
Can you create a zip file with a larger expansion factor?
Re: (Score:2)
How many zeros can you fit in a 46 MB compressed ZIP file?
Re: (Score:2)
How many zeros can you fit in a 46 MB compressed ZIP file?
Far, far, less than 2^52.
Re: (Score:2)
Re: (Score:2)
Why would you when you can just whip up a perl or python script that is smaller and does it? Or better yet, why do it at all?
Re: (Score:1)
To crash anti-virus systems which unzip archives in order to examine them for nefarious gubbins. It was a nice way to take down a mail server about twenty years ago until the server programs got wise and limited the maximum memory for threat detection.
It's pure malice.
Comment removed (Score:5, Insightful)
Re: (Score:1)
and most programmers make assumptions there are reasonable limits to how big such files will be.
There's no reason to need assumptions. Just do an 'unzip -l' on the file and it will tell you how big the uncompressed files will be. For example, unzipping 42.zip will result in 16 files that are 34902 bytes long. For any working unzip, that is. Any unzip that is automatically recursive is broken.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
â"The major standalone archivers (winzip, winrar, 7zip, etc) should code their stuff to be able to detect hacks like this (much like the famous bash forkbomb) and refuse to extract the archive, or at least pop up a warning.
Re: (Score:2)
Both for malicious purposes, and to test software against those who do have malicious purposes. Zip bombs can be used to break things like antivirus scanners, file-browser previewers, any website that accepts files bundled in zip as submissions, document management systems - any software which will automatically decompress zips, really. Unless the programmer specifically thought of this possibility, it might be possible to not just crash the software by exhausting memory or disk space, but the OS as well.
Th
Re: (Score:2)
Python? Perl? Do you even dd /dev/null?
Re: (Score:2)
Especially when it's compression ratio isn't even 100 million to one, let alone the 106 billion to one for 42.zip
To be fair: 42.zip is compressed files inside compressed files inside compressed files inside compressed files...
This new one is a single compression, that's the news.
How do you test it? (Score:2)
Re: (Score:2)
Might we be using 'Zip Bomb' as slang for hyperbole or such in the future?
'Zip Bomb': Taking something of little to no consequence and blowing it up to major crisis levels.
DISK FULL; SHUTTING DOWN....
Re: (Score:2)
If only someone had thought to describe it as some form of destructive weapon that starts small and explodes out over a large expanse.
They could've called it a zip grenade!
But is it? (Score:2)
Wasn't there an ZIP bomb that was only a few 10s of KB that unzipped indefinitely until a HDD was full without end? Or in the case of FAT32 until you hit 4GB?
Re: (Score:3)
I don't know about you, but I don't have a 4.6 PB hard disk myself.
Re: (Score:2)
Re: (Score:2)
I don't know about you, but I don't have a 4.6 PB hard disk myself.
Why? Don't tell me you're still watching 1080p porn like some commoner. I thought 5K VR porn was standard now. How could you not store that on a 4.6PB HDD?
Re: (Score:2)
Re: (Score:1, Funny)
dont u dare say bad thing about trump ,it hurts my feeling:(
Re: (Score:1)
dont u dare say bad thing about trump ,it hurts my feeling:(
Hey is that you, Don?
Re: (Score:2)
whatever reason 42.zip ... had staying power (Score:2)
but for whatever reason 42.zip is the one that had staying power."
Really? REALLY? You just lost half your "Programmer and engineer" creds there. I suggest you take some time off and enjoy some Vogon poetry.
Save it for the 4th of July (Score:2)
It's like a digital snake pellet: light it and stand the hell back, and do mind the cleanup afterward.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
only 120GB of it's actually used. Naturally, only 128GB gets backed up. That "zip bomb" could inflate the entire VM disk to the maximum possible
Is your backup tool expanding ZIP files? None of the standard unix backup tools (rsync, zfs send, tar, even dump) do this.
Re: (Score:2)
Keanu Reeves unavailable for comment (Score:2)
Bonus points if you get that reference.
Re: (Score:2)
Swallowing the Red Pill... Where do I claim my points? And, what are these "points" good for?
Re: (Score:2)
Bill and Ted's Excellent Adventure?
Of course I figure you mean Johnny Mnemonic.
Could be Parenthood, maybe (the grad racing).
Chain Reaction was good in my opinion.
Re: (Score:2)
Chain Reaction was good in my opinion.
A letter under "fart", please.
4.5 petabytes (Score:3)
4.5 petabytes. Must be Kardashian porn.
Makes sense it'd shrink to almost nothing.
The meaning of life (Score:2)
It's no wonder the file is so big!