bzip2 Archive Inflating to 1,400,000x its Size aka Decompression Bomb

Подписаться 537 тыс.

Просмотров 49 тыс.

50% 1

Bombs away! 1.4MB becomes 10TB with this crazy efficient compression algorithm involving repeating null bytes.
Hope you enjoyed the video!
Check out this code here:
github.com/eng...
Join my Discord server to chat with me:
engineerman.or...
Check out some code on my GitHub:
github.com/ebr...
Tweet me something funny on Twitter:
/ _engineerman
Say hi over at Facebook:
/ engineermanyt
Sincerely,
Engineer Man

Опубликовано:

29 сен 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 124

@sanferrera 6 лет назад

tar is not a compression algorithm, it's just for gathering together many files in one. That's why the file size didn't shrink.

@bool2max 5 лет назад

Yeah and it's commonly combined with gzip: - tar multiple files into one archive file - gzip that archive file to compress it

@turun_ambartanen 4 года назад

@Rex Butt They aren't. Or do you mean .tar.gz, .tgz, .txz files? Those are all a single tar file that is compressed with another algorithm.

@user-sw1wq8lh2w 2 года назад

hey "tarball" vs archive

@r.savage1283 5 лет назад

Would be great having an ascii kitten. Lots of them. :) great video.

@betoian 5 лет назад

/\**/\ ( o_o )_) ,(u u ,), {}{}{}{}{}{}

@roadtrain_ 5 лет назад

Oooooh. That sounds like a fun thing to do to the school computers.

@JoeDaStink 3 года назад

Also fry it as soon as you extract the files

@cleazy3752 3 года назад

@@JoeDaStink lol my school computers are all on server, can fry the whone system, but i need some tricks to get into it

@darkmoon556 3 года назад

@@cleazy3752 Did you tried to do it or not? wanna know

@Serendipityy. 3 года назад

@@darkmoon556 i wanan kniow

@cleazy3752 3 года назад

@@darkmoon556 no, im on vacation, i'll try the sooner i can, but with all of those crappy switches idk if it'l work

@ShivamSingh-bx5lg 6 лет назад

3 pied Piper employees disliked the video

@Alexmagno7 6 лет назад

Silicon Valley good show

@harrysb3002 4 года назад

my school's IT guy watching me unload a 4000 terabyte zip bomb onto the school's network

@r4ptor-g4ming34 4 года назад

iHarrySB haha, I saw that meme too 😎 have a great day, king!

@maxs7539 4 года назад

I just saw this meme as well. i wish you two an nice day!😜

@Preinstallable 4 года назад

Normie alert

@Preinstallable 4 года назад

jorgeskatefast _ shut up, i enjoy all types of memes.

@gegego1337 6 лет назад

Thank you so much for pointing out the "watch" command °_°

@kiwifrogg 6 лет назад

This very method was used to crash bulletin boards back in pre internet days. As the BBS would auto unzip to virus scan the file, it would full the hard drive and crash the BBS. Back in the day it was called a ascii bomb, they were easy to create because of stacker.

@mrbrianc 6 лет назад

I remember running stacker on a hard drive to make it 32 meg vice 16

@Programentalist 5 лет назад

@@mrbrianc Same here, but either my 286 CPU or my harddrive really struggled with disk i/o after that so I ended up reformatting without Stacker because it was slowing things down too much.

@pv6596 6 лет назад

NULLS are NOT DATA!!! Why the surprise? If data is all the same, you only need to save one sample of data and how many of them are...

@klbm9999 6 лет назад

I just totally love your videos, short, enough detailed and to the point most importantly great content. Thanks!

@ZeeLegend 6 лет назад

Awesome. the Like button has been inflating to over 200 times its original size.

@faradaysage9892 5 лет назад

i almost died lol

@RuggedRoughneck 6 лет назад

Please send to India, Tech support guys

@ShivamSingh-bx5lg 6 лет назад

Ron White as an Indian I agree ,those scammers deserve to rot in hell

@thegreatgatsby8180 6 лет назад

No need... They are already put I. Jail by the Indian authorities.

@VishalSharma-gt1hy 4 года назад

@@ShivamSingh-bx5lg I am an Indian and I couldn't agree more

@maxsilvester1327 5 лет назад

you can shrink 10gb to 400 bytes and 100gb to 924 bytes if you use something like this: dd if=/dev/zero bs=2G count=5 | zip -q9 | bzip2 -cq9 > 10GB.zip.bz2

@EngineerMan 5 лет назад

Huh, how about that. Even better!

@maxsilvester1327 5 лет назад

1 Terrabyte is 6288 bytes @@EngineerMan

@EngineerMan 5 лет назад

That's insane.

@electricow1 4 года назад

Please do a playlist on Bash Tutorial for Beginners, because I'm starting to feel like I should be migrating to Linux really soon

@adamdeane4675 6 лет назад

never trust internet kittens

@EngineerMan 6 лет назад

No matter how cute or innocent they may appear.

@tzokke 6 лет назад

Could you write the "bomb" by hand instead of waiting for the 6 hours to produce it by actually compressing data?

@EngineerMan 6 лет назад

I'm thinking you probably could. There must be a way to craft it quicker.

@t20kdc 6 лет назад

It's probably really simple if you have the specification on-hand and a way to edit the bitstream, but with the modern "layers upon layers" compression techniques... (EDIT: I'm specifically talking about the 'Some bit-level compression, and then a byte-level compression within that' combos these tend to use)

@BinaryAdventure 4 года назад

yeah just have Engineer-Man send you the file. :D

@evanosburn718 6 лет назад

This is pretty much the digital version of the Spring Snake in a Can gag. As soon as you open it...

@lagomoof 6 лет назад

You could probably pipe through bzip2 _more than once_ since the data is so redundant. That generally doesn't work with more complex data. As someone else says, you could look into the bzip2 file format to see how to create an archive of zeros without having to use /dev/zero (Or use it and then hack the number to be bigger in the bzip2 file). Also, you might interested in lzma / xz and lrzip for heavy compression. (I have a 270 byte file that expands to 2.75GiB from combining these). Finally, look into archives that have been constructed to contain themselves. You read that right. Or two copies of themselves.

@paulstelian97 5 лет назад

Oh, the quine archives are the most genius thing ever.

@FabioManganiello 6 лет назад

"Apparently this has been a known vulnerability for the last 12 years" what's exactly the vulnerability in this case? The compression algorithm is too efficient? :)

@EngineerMan 6 лет назад

Heh. Need less efficient algorithms over here!!!!

@gijsleemrijse8122 6 лет назад

Less modern anti virus software would try to decompress the file to scan it. This would however take up so much time (and the AV didn't do parallel scans) that viruses could be installed without being checked by the AV.

@maxsilvester1327 5 лет назад

you can shrink 10gb to 400 bytes and 100gb to 924 bytes if you use something like this: dd if=/dev/zero bs=2G count=5 | zip -q9 | bzip2 -cq9 > 10GB.zip.bz2 @@EngineerMan

@philjones6278 3 года назад

Would decompressing to a separate partition, i.e. /tmp, help prevent the rest of the system crashing?

@chedatomasz 6 лет назад

Have you tried editing the bzip2 manually?

@wijaksanapanji 6 лет назад

Fortunately it's a kitten, I'll be in danger if its a pupper

@EightyS3v3n 6 лет назад

You can background a running command?! Am I the only one who didn't know that??

@EngineerMan 6 лет назад

Ctrl+Z then type bg and hit enter. You can put it back in the foreground with fg.

@BobBeatski71 6 лет назад

Me neither !

@DoorThief 4 года назад

You can also use "screen" to switch between terminal windows essentially. A bit more verbose than backgrounding a job

@asdfasdf-vp9up 4 года назад

@@DoorThief imma have to say tmux is better if you have a good conf fjle

@sgt.lazytuber3144 3 года назад

I installed a bomb file yesterday, that shit installed also malware, 30 other programs and fake antivirus. I am lucky that I am skilled with conputers and stopped the shit, cleaned the malware out the computer in less than an hour

@aspiechan420 2 года назад

I made a zip bomb that’s 80 ish mb when compressed and becomes 37 GB when extracted.

@piratevv 5 лет назад

can you give us a practical video on virtual file system and virtual memory in linux..

@zigaudrey 3 года назад

It says Zip is the oldest file type. No wonder why misuse of compression exist. Why they didn't tell not to compress when there is a zip file in a file?

@rjbradlow 3 года назад

Seriously bad idea to share this or any nefarious how to. Shame on the mess.

@JoraTheGoat 3 года назад

online school shooters watching this video like

@JonahsEpicYT 3 года назад

made a 64KB zip bomb which is 41GB uncompressed. It has 40GB.zip with 10 folders , each with 17 250MB .txt files, each compressed to 232B.

@JonahsEpicYT 3 года назад

i made a 232B compressed file that becomes 250MB when uncompressed. I did this by pasting like too many zeroes into notepad and wating too long for it to respond.

@jabu1482 6 лет назад

You made a large file with the same character. Depending on the algorithm compression and how it recognizes a 'seed' string, all those procedures should compress to a single character. Since it didn't , there must be additional parameters to make these things work. Consider, if a Huffman scheme was properly and scholastically used, all files should have collapsed to a single character. Since it didn't there must be something else going on. Great video! Keep doing it!

@klbm9999 6 лет назад

The decoding table also takes space in buff man scheme, so I guess most of the compressed file is just those tables.

@WillplaysFort 3 года назад

i have a 10 exobyte zip bomb

5 лет назад

I could watch you type Unix commands all day, very efficient and clever.

@catlord69 4 года назад

avast tagged quite some files on my pc as decompression bombs (even tho many look legit)

@Davesoft 6 лет назад

Yeah, but why?

@AdamPoniatowski 6 лет назад

bzip2 with just null/zero characters would be a nice prank... but to do a real test, is to use /dev/urandom

@novaardent4528 6 лет назад

Bzip2 uses what is called the Burrows-Wheeler algorithm. This algorithm compresses trailing 0's and 1's extremely well, while random 1's and 0's might be much less effective.

@drtidrow 6 лет назад

A file of random data from /dev/urandom shouldn't compress at all with any algorithm... compression algorithms exploit redundancies in the data that allows (grossly simplified) it to predict what a subsequent series of bits will be from a particular sequence of bits. With purely random data, the state of each bit is completely independent of the state of previous bits, so no bit is redundant - in fact, the compressed file will nearly always be _larger_ than the original, to account for the compression scheme's overhead.

@AdamPoniatowski 6 лет назад

okay... I still don't get your point. As a prank, bzip'ping a zero'ed out file and sending it to someone to fill their pc, or using it to bomb a server (if hard/soft limits were removed, for some stupid reason). But for proper testing, random data would be a good start, as at least it would show how well it can compress, if at all... if you know how long it takes to zip lfs and send it to another site for further development and/or qa, you'd understand my point

@novaardent4528 6 лет назад

We were saying there isn't much point in testing it

@James-ur3zv 4 года назад

I would fall for cute kittens every time

@andyoohhh2061 6 лет назад

Great video. Thanks for sharing!

@facu5563 6 лет назад

Wow, fantastic really, keep the videos coming engineer man Cheers from Argentina

@EngineerMan 6 лет назад

Thanks!

@agentNirmites 4 года назад

One more thing. Make a python program, that is a while loop. Inside loop make strings of size 100000 (length). Append that to a list. With each iteration of the loop, write that list into a file. I mean 10TB is not a small size. But as the above program will generate file of infinity size as time goes.

@ME0WMERE Год назад

How would the program be run?

@matteo-vv1jq 3 года назад

what do you code with?

@fishyRh 6 лет назад

i love your shit

@thebestnerd4444 6 лет назад

I made a bat file that is only 16.0 KB but it can create a text file that is 2 exabytes (2048 petabytes) in size exactly, and any size in between.

@nico26061998 6 лет назад

wow

@burke3gd 6 лет назад

So what? You could probably do this with any scripting language in a few lines of code. Engineer man did the same thing with a shell one-liner in the video.

@ancom161-m3b 6 лет назад

How do you need 2^14 characters for that lol (assuming extended ascii, that is)

@HumbleHuman-k7g 6 лет назад

what you used distribution ?

@SapphFire 5 лет назад

I think it's Xubuntu

@hugogomes6471 6 лет назад

This is awesome!

@turner7777 6 лет назад

wow

@0xssff 3 года назад

@Preinstallable 4 года назад

Im not really a linux guy so can someone tell me how to do this on windows? edit: already found out how

@n8style 4 года назад

sure, just need to delete system32 and install a proper OS like debian ;)

@Preinstallable 4 года назад

@@n8style shut up

@n8style 4 года назад

@@Preinstallable lol which OS did you install?

@Preinstallable 4 года назад

@@n8style Windows

@n8style 4 года назад

@@PreinstallableI thought you'd uninstalled that steaming pile for a proper OS?

@nmkh4608 2 года назад

I tryed the same bzip2 command to compress a 826 MB iso file, however it only shark 2 MB , now it is 824 MB , how do I make it work? bzip2 is not working as shown in the video. Please help #Engineer_Man # Make a video on how to compress any kind of file with bzip2 that will compress any big files into couple of MB or KB, that would be very helpful.