I use Zip Bombs to Protect my Server
I use Zip Bombs to Protect my Server
idiallo.com
I use Zip Bombs to Protect my Server
The one-liner:
dd if=/dev/zero bs=1G count=10 | gzip -c > 10GB.gz
This is brilliant.
84 comments
-
let me try..
-
Looks fine to me. Only 1 CPU core I think was 100%.
10+0 records in 10+0 records out 10737418240 bytes (11 GB, 10 GiB) copied, 28,0695 s, 383 MB/s
-
ow.. now the idea is to unzip it right?
nice idea:
if (ipIsBlackListed() || isMalicious()) { header("Content-Encoding: deflate, gzip"); header("Content-Length: "+ filesize(ZIP_BOMB_FILE_10G)); // 10 MB readfile(ZIP_BOMB_FILE_10G); exit; }-
Might need some
if (ob_get_level()) ob_end_clean();
before the
readfile. 😉
-
-
-
84 comments