Hello, all. This post is about zip bomb and it’s working. You will also get a gist of how petabytes of files are converted into smaller files of a kilo or megabytes. Now I will take you through some things that will really intrigue you. Let’s get started straight away.

P.S. If you want to start a profitable blog/website from scratch check this out GrowingMetrics

What’s zip bomb?

A zip bomb, also known as the zip of death or decompression bomb, is a malicious archive file designed to crash or render useless the program or system reading it. It is openly employed to disable antivirus software in order to create opening for traditional types of viruses.

Rather than highjacking the normal operation of a program, the zip bomb allows a program to work as intended, the archive is carefully crafted so that unpacking it i.e if an antivirus scans the zip file for viruses, will require an inordinate amount of time, disk space or memory.

But as everything, it has certain limitations of course. This zip file is a very tiny zip file most of them are measured in Kilobytes.

Now, you may have lots of questions like

1) Why is it so tiny?

2) Why call it a zip BOMB when it’s so tiny?

3) How is it so small?

4) How does it work?

So here are your answers:

1) Why is it so tiny?

Zip bomb is a tiny zip file. Now it is made so tiny to avoid suspicion. It’s obvious ain’t it? You don’t want to tell the police you are a thief, you make it look different. It is made tiny because of compression of huge amount of data and the reason it being tiny makes using it a “pure hacker like mentality”

2) Why call it a zip BOMB when it’s so tiny?

Never underestimate smaller ones. It is called zip bomb or zip of death because it contains up to terabytes, petabytes or even exabytes of data.That’s the key to clear out malware and hence blocking every obstacle in its path leaving a straight Asphalt. Now you will certainly want to know, how is it possible to complete such large a files into a zip file of such small size. Don’t worry you will get your answers further. A simple example of a zip bomb is the file 42.zip, which is a zip file consisting of 42 kilobytes of compressed data, containing five layers of nested zip files in sets of 16, each bottom layer archive containing a 4.3-gigabyte (4 294 967 295 bytes; ~ 3.99 GiB) file for a total of 4.5 petabytes (4 503 599 626 321 920 bytes; ~ 3.99 PiB) of uncompressed data. This file is still available for download on various websites across the Internet. In many anti-virus scanners, only a few layers of recursion are performed on archives to help prevent attacks that would cause a buffer overflow, an out-of-memory condition, or exceed an acceptable amount of program execution time. Zip bombs often (if not always) rely on repetition of identical files to achieve their extreme compression ratios. Dynamic programming methods can be employed to limit traversal of such files, so that only one file is followed recursively at each level, effectively converting their exponential growth to linear. There are also zip files that, when uncompressed, yield identical copies of themselves.

Here’s the download link for ready made zip file link

3) How is it so small?

Nowadays various compression tools make use of the term called “lossless compression algorithm”. As the name suggests this algorithm strives to compress files without any loss of information, which is very important of course. We don’t want to lose any information while we compress files. To show how this zip file works, let me tell about its simple principle. The computer only understands binary language i.e 0’s and 1’s. So every file in order to be understood by a computer must in binary i.e 0,1 format. If we take a binary number “0 1 0 0 0 1 1 1” and let’s say we have a tool to compress it to a number like “0 1 3 0 3 1”? The same logic applies here. In the initial binary number, there were 3 o’s and 3 1’s starting from 3rd digit. we just replaced it with 30 and 31. Now, this might not be the exact logic that governs the compression but corrects up to a certain extent. Thus the zip bomb which will contain only 0’s and 1’s will work in this way making copies of some files again and again and compressing them into a single zip file resulting it to throw up data of about terabytes, petabyte or exabytes.

Make a text file with only 0’s and 1’s. Make a copy of it.

Type upto 1000 zeros and just do “Ctrl+a”, “Ctrl+c”,”Ctrl+v”.

Do it until the text file begins to lag.

The size should be more than 1 Gigabyte.

Then compress it and see the magic. The compressed file will be arond 1 Megabyte.

4) How does it work?

Zip bomb contains about petabytes of data, this if an antivirus tries to scan it, it will start to decompress it first. But just imagine what will happen if a file of about a kilobyte is decompressed and we get a file of about a few or more petabytes. The answers simple, before the zip file is completely scanned the antivirus will crash, creating a loophole for attackers.

That’s all. Thanks as always for reading this post.