#zipbomb β Public Fediverse posts
Live and recent posts from across the Fediverse tagged #zipbomb, aggregated by home.social.
-
A IT-Sec Christmas / New Year again? π€
Is this: "Large ZIP files trigger spurious possible zip bomb errors" β https://gitlab.archlinux.org/archlinux/packaging/packages/unzip/-/issues/3
β¦this again β https://www.bamsoftware.com/hacks/zipbomb/
β¦or not or what? π¬
#zip #itsec #zipcar #itsecurity #compras #opensource #basic #ITbasics #grml #rudimental #issues #itissues #xkcd #zipbomb
-
A IT-Sec Christmas / New Year again? π€
Is this: "Large ZIP files trigger spurious possible zip bomb errors" β https://gitlab.archlinux.org/archlinux/packaging/packages/unzip/-/issues/3
β¦this again β https://www.bamsoftware.com/hacks/zipbomb/
β¦or not or what? π¬
#zip #itsec #zipcar #itsecurity #compras #opensource #basic #ITbasics #grml #rudimental #issues #itissues #xkcd #zipbomb
-
A IT-Sec Christmas / New Year again? π€
Is this: "Large ZIP files trigger spurious possible zip bomb errors" β https://gitlab.archlinux.org/archlinux/packaging/packages/unzip/-/issues/3
β¦this again β https://www.bamsoftware.com/hacks/zipbomb/
β¦or not or what? π¬
#zip #itsec #zipcar #itsecurity #compras #opensource #basic #ITbasics #grml #rudimental #issues #itissues #xkcd #zipbomb
-
A IT-Sec Christmas / New Year again? π€
Is this: "Large ZIP files trigger spurious possible zip bomb errors" β https://gitlab.archlinux.org/archlinux/packaging/packages/unzip/-/issues/3
β¦this again β https://www.bamsoftware.com/hacks/zipbomb/
β¦or not or what? π¬
#zip #itsec #zipcar #itsecurity #compras #opensource #basic #ITbasics #grml #rudimental #issues #itissues #xkcd #zipbomb
-
A IT-Sec Christmas / New Year again? π€
Is this: "Large ZIP files trigger spurious possible zip bomb errors" β https://gitlab.archlinux.org/archlinux/packaging/packages/unzip/-/issues/3
β¦this again β https://www.bamsoftware.com/hacks/zipbomb/
β¦or not or what? π¬
#zip #itsec #zipcar #itsecurity #compras #opensource #basic #ITbasics #grml #rudimental #issues #itissues #xkcd #zipbomb
-
Ok I can confirm that gzip bombs work great!
I almost crashed my PC Firefox testing my own bomb.I got inspiration from @lord 's article: https://lord.re/en/posts/139-gzip-bomb-nginx/ for the bomb
and from @robin 's article https://icewind.nl/entry/nixos-add-nginx-options/
To automate adding the bomb by default to every virtual host I have (with NixOS).
You can find the result here: https://framagit.org/ppom/nixos/-/commit/9a53e5de1df2ed6a3548d5ae94a8ac1178787248 -
A valid HTML zip bomb, https://ache.one/notes/html_zip_bomb by @ache
The article shows how to create an HTML zip bomb for AI crawlers not respecting the `robots.txt` file.
A zip bomb is a huge file (like 10Gib), that once compressed, has a reasonable size like 10Mib. An AI crawler will uncompressed it and will see all its memory being consumed, leading to a possible crash.
Thatβs an effective way to counter-attack disrespectful AI crawlers.
-
The initial problem is the aggressiveness of #LLM web #crawlers that don't respect "robots.txt". The first idea that comes to mind is IP #blocking . However, web crawlers have circumvented this restriction by using individual IPs via specialized #botnets .
Another solution is therefore to exhaust the resources of the harvesters. With a #zipbomb , we attempt to #exhaust their #RAM .
-
Sentient Beings Welcome!
Others please read this carefully.
Any attempt by bots, automated accounts and AI to follow or otherwise scrape this account despite #nobot #noai hashtag will be answered by me accordingly and then do not say you have not been warned ..
I work for sentient beings and not for machines of capitalists. Stay away! -
Another tool for our arsenal of protections against adversarial bots:
-
Hey does anyone know if there's still a working zip bomb style exploit that can be deployed on a static site/JS (or as a asset/resource)? Specifically to target web scrapers and AI bullshit? The second any server goes online now it's immediately bombarded by stupid numbers of requests.
#hacking #aislop #crawlers #webscraping #webcrawler #robots #zipbomb #zipbombing #exploit #robotstxt #server #scraper
-
Hey does anyone know if there's still a working zip bomb style exploit that can be deployed on a static site/JS (or as a asset/resource)? Specifically to target web scrapers and AI bullshit? The second any server goes online now it's immediately bombarded by stupid numbers of requests.
#hacking #aislop #crawlers #webscraping #webcrawler #robots #zipbomb #zipbombing #exploit #robotstxt #server #scraper
-
Hey does anyone know if there's still a working zip bomb style exploit that can be deployed on a static site/JS (or as a asset/resource)? Specifically to target web scrapers and AI bullshit? The second any server goes online now it's immediately bombarded by stupid numbers of requests.
#hacking #aislop #crawlers #webscraping #webcrawler #robots #zipbomb #zipbombing #exploit #robotstxt #server #scraper
-
Hey does anyone know if there's still a working zip bomb style exploit that can be deployed on a static site/JS (or as a asset/resource)? Specifically to target web scrapers and AI bullshit? The second any server goes online now it's immediately bombarded by stupid numbers of requests.
#hacking #aislop #crawlers #webscraping #webcrawler #robots #zipbomb #zipbombing #exploit #robotstxt #server #scraper
-
#SΓ©curitΓ© #ZipBomb : Γa y est, quelqu'un a rΓ©ussi Γ compresser NodeJS :troll:
« Une fois décompressé, ce fichier Zip de 46 Mo atteint⦠4500 To » sur https://www.01net.com/actualites/une-fois-decompresse-ce-fichier-zip-de-46-mo-atteint-45-po-1729093.html