How to send a ZIP bomb to someone who is invading your website and repel them

A large number of suspicious accesses are made to websites every day to find servers with insufficient security. A blog summarizes how to repel such access by sending a 'ZIP bomb' that expands in size when unzipped.

How to defend your website with ZIP bombs

https://blog.haschek.at/2017/how-to-defend-your-website-with-zip-bombs.html

A ZIP bomb is a large file packed into a small ZIP file by making full use of the ZIP compression algorithm. For example, in the article below, there is a ZIP bomb that becomes 281TB when unzipping a 10MB ZIP file.

'Non-recursive ZIP bomb' expands a 10MB file to 281TB - GIGAZINE

When a server is connected to the Internet with SSH enabled, many login attempts are made from IPs in China, Russia, etc.

In addition to SSH, access is also routinely performed to check for holes in the security of WordPress, the world's most popular CMS.

Christian, an engineer who runs a company in Texas, was fed up with the hackers' scans filling up gigabytes of logs, so he decided to fight back with a ZIP bomb. Browsers cannot handle ZIP, but they can handle GZIP , which has the same algorithm. So, Christian compressed the 10GB zero-filled file with GZIP and created a 10MB file.

Then write the code to distribute the GZIP file. General browsers are set to automatically decompress GZIP files, so when you open a page with this GZIP bomb installed, a 10GB file will suddenly be expanded.

When Christian tried running it on major browsers, he got the following results.

・Chrome
Memory usage goes up and then errors occur

・Edge
Memory usage rises, then suddenly decreases, and never finishes loading.

・Safari
Crash after memory usage rises and page reloads

The link to the page where this ZIP bomb is installed is located at the bottom of the original blog under 'Try it yourself'. If you would like to experiment with how it works on your own device, please give it a try.