http://www.unforgettable.dk/


The file contains 16 zipped files, which again contains 16 zipped files, which again contains 16 zipped files, which again contains 16 zipped, which again contains 16 zipped files, which contain 1 file, with the size of 4.3GB.

So, if you extract all files, you will most likely run out of space :-)

I laughed when i saw it, but i also realized what a problem this could cause for antivirus software. a virus scan could take a while if it's set to scan archives. :rolleyes:

Such a simple way to marginalize something that so much r&d went into.

and it's only 42k!

Holy crap, fully unzipped it's 4,5PB! :eek:

damn- what compression ratio is that LOL

Gotta say, didn't believe it till I started unzipping 1 file from each zip... but yeah, looks true. Sizes work like this:

42.zip - 42,374 bytes
- lib 0.zip - 34,902 bytes
-- book 0.zip - 29,446 bytes
--- chapter 0 - 32,159 bytes
---- doc 0 - 165,302 bytes
----- page 0 - 4,168,226 bytes
------ 0.dll - 4,194,304,000 bytes

Way to go whoever figured out how to create a file that could compress like that.

I've found out this relatively new(to me) threat is called a decompression bomb. The wikipedia article is short, but i found a few other good articles.

http://www.aerasec.de/security/advisories/decompression-bomb-vulnerability.html

http://solitude.vkps.co.uk/Archives/2006/01/08/decompressionbombs/

yeah, I have a few of these around from the early runs of chantology. The idea beind it is simple, though. Have you ever seen a mini-image for a game that, though showing up to windows as 650mb, is actually just a few KB? The trick there is to make a file with a whole LOT of empty space inside it, even a 'blank' disk image will do it. When it's compressed, that empty space just crushes right down, even though the file appears, and consumes space like a real 4 gig file.

The point? It's to be e-mailed, so that when a server-side email virus scanner extracts everything, the disks flood.