Jump to content

Recommended Posts

Posted (edited)

Because of this article I have downloaded the three Zip archives:

https://www.bamsoftware.com/hacks/zipbomb/

Only zblg.zip was detected as a zip bomb by Eset after the download and therefore deleted. zbsm.zip was probably too small, but zbxl.zip was probably not recognized because of zip64. 7-zip can do zip64, but of course I won't open it and don't have the courage to do a context scan with Eset.

Edited by 100

Share this post


Link to post
Share on other sites
3 hours ago, 100 said:

but zbxl.zip was probably not recognized because of zip64. 7-zip can do zip64, but of course I won't open it and don't have the courage to do a context scan with Eset.

Someone will have to run it on a lab test device or in a VM and see what happens.

Share this post


Link to post
Share on other sites

Yes, the Eset lab could do it. ;-)

Share this post


Link to post
Share on other sites
On 7/11/2019 at 12:52 PM, 100 said:

but zbxl.zip was probably not recognized

It's detected now:

Eset_Zipbomb.png.ebb558a59b333e3b106643fac3a43886.png

 

Share this post


Link to post
Share on other sites

Yes, I can confirm the detection. I also use Firefox, but inside Sandboxie and the SSL/TLS filter no longer works if Firefox is inside Sandboxie.

https://community.sophos.com/products/sandboxie/f/sandboxie-forum/113772/ssl-filtering-with-eset-doesn-t-work-with-firefox-67-0-x-in-sandboxie

But the file was detected and deleted during the download. :-)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...