Full Disclosure mailing list archives
BZIP2 bomb question
From: "Gregh" <chows () ozemail com au>
Date: Tue, 13 Jan 2004 07:35:06 +1100
Please note I am not a good programmer here but here goes: I am wondering why, for those who HAVE to auto unpack, a script cannot be written which, upon receipt of an archive of any sort, inspects it for, as an example, 100K of the same character repeated (keeping in mind that the NULL character, chr$(7) etc have all been used for compressed bombs) and if there *IS* such a file, move the file to some safe location for later manual inspection and if not, allow automatic unpacking etc. Surely this would be a 5 minute script for SOMEONE who knows how to do it well? Even if it wont work on receipt of compressed archives, it could be a timed even to happen, say 10 minutes before the actual auto unpacking is to occur if that is done at a particular time. I used to be a "dabbler" programmer on a machine back in the 80s where we used to have this same sort of problem and because the services provided could not be interrupted, the above was how I got around it. Greg. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- BZIP2 bomb question Gregh (Jan 12)
- RE: BZIP2 bomb question Alexander Veit (Jan 12)
- Re: BZIP2 bomb question Alex Shipp (Jan 12)
- Re: BZIP2 bomb question Gregh (Jan 13)
- RE: BZIP2 bomb question Steve Wray (Jan 12)
- Re: BZIP2 bomb question Dr. Peter Bieringer (Jan 13)