Full Disclosure mailing list archives
RE: BZIP2 bomb question
From: Steve Wray <steve.wray () paradise net nz>
Date: Tue, 13 Jan 2004 16:59:56 +1300
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of Gregh
Please note I am not a good programmer here but here goes:
Hey, I'm not a programmer at all! (by choice; I like my wrists :)
I am wondering why, for those who HAVE to auto unpack, a script cannot be written which, upon receipt of an archive of any
sort,
inspects it for, as an example, 100K of the same character repeated
(keeping in
mind that the NULL character, chr$(7) etc have all been used for
compressed
bombs) and if there *IS* such a file, move the file to some safe
location You mean like... unpack it to sdtout, passing this through a filter, eg. involving head, grep, wc (maybe even perl) and then send the final stdout to /dev/null? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- BZIP2 bomb question Gregh (Jan 12)
- RE: BZIP2 bomb question Alexander Veit (Jan 12)
- Re: BZIP2 bomb question Alex Shipp (Jan 12)
- Re: BZIP2 bomb question Gregh (Jan 13)
- RE: BZIP2 bomb question Steve Wray (Jan 12)
- Re: BZIP2 bomb question Dr. Peter Bieringer (Jan 13)