Zip Bomb (Zip of Death)
Table of Contents
This comprehensive guide will explain in detail what Zip Bomb is, how it works, its history and simple steps to create it on Windows and Linux.
What is a Zip Bomb?
Zip Bomb, also known as Decompression Bomb or Zip of Death, is a type of compressed archive file that is specifically designed to deceive and overwhelm compression and decompression software. These files may appear harmless on the surface but can contain an intricate web of nested archives.
When the victim attempts to decompress the Zip Bomb, it unleashes a cascading series of nested archives, each containing progressively larger files. As a result, the victim's system resources are quickly exhausted, leading to system crashes or slowdowns.
History of Zip Bombs
They have been in existence for many decades, and have evolved along with advances in technology and cybersecurity. The concept can be traced back to the early days of compression algorithms and archive file formats, such as ZIP, RAR, and 7z.
One of the earliest examples of a Zip bomb was the 42.zip file, created in the late 1990s. It was a relatively small archive file that, when decompressed, expanded into an enormous 4.5 petabytes of data. At the time, this was an impractical joke rather than a serious threat since storage and processing power were limited. However, as technology advanced, so did the potential for decompression bombs to become more disruptive.
How Does a Zip Bomb Work?
To understand how Zip bombs work, it's essential to comprehend the principles behind compression algorithms and archive file formats. The most common archive format targeted by Zip bombs is the ZIP format, but similar principles can apply to other compression formats like RAR or 7z.
Compression algorithms aim to reduce file sizes by identifying recurring patterns and redundancies in data. These patterns are replaced with shorter references or codes. During decompression, the original data is reconstructed by reversing these transformations.
A Zip bomb exploits the recursive nature of compression algorithms. Here's a simplified step-by-step explanation of how it operates:
- The attacker creates a ZIP archive containing several nested layers of compressed files.
- Each nested layer is compressed to a slightly smaller size than the previous one, encouraging decompression software to continue expanding the archive.
- When the victim opens or decompresses the Zip bomb, the decompression process begins. As the nested layers are sequentially unpacked, the archive's apparent size increases exponentially.
- Eventually, the decompression process consumes an overwhelming amount of memory and system resources, causing system instability, crashes, or slowdowns.
Zip bombs are designed to be relatively small files at first glance, making them attractive for victims to open or decompress. However, their real danger lies in their ability to increase in size during the decompression process, so they are also known as decompression bombs.
How to Make a Zip Bomb?
Here are the simple steps:
Step-1: Open any text editor and type Space (' ') and save the file as 'a.txt'
Step-2: Copy and paste spaces (' ') as many times as possible until the file is of significant size (2 to 3MB). Then save the file.
Step-3: Make 100+ copies of 'a.txt' in the same folder.
Step-4: Open command prompt in the same folder and enter the command below to combine all the text files into one and save it as 'b.txt'. copy /b *.txt b.txt
Step-5: Repeat steps 3 and 4 to create an even larger text file of 2 to 3 GB and save it as 'c.txt'.
Step-7: Make several copies of 'smallbomb.zip' then add them all into one final archive and save it as 'bomb.zip' and your Zip Bomb is ready.
Make sure not to open it later 😉
Create Zip Bomb Command in Linux
You can always create a Zip Bomb (Zip of Death) from the command line on Linux using the command below: dd if=/dev/zero/ bs=1000 count=1000000 | gzip > zipbomb.gz
Zip bombs can be like hidden troublemakers in files, causing computer problems when you least expect them. To stay safe, use good antivirus software, be cautious with big files, and only open files from sources you trust.
When using archive files, keep track of compression, use passwords when needed, and stay organized with clear file names. With these precautions, you can protect yourself from Zip of Death and other sneaky threats in the digital world.