Jump to content

zip bombs with zip64 not detected


Recommended Posts

Because of this article I have downloaded the three Zip archives:

https://www.bamsoftware.com/hacks/zipbomb/

Only zblg.zip was detected as a zip bomb by Eset after the download and therefore deleted. zbsm.zip was probably too small, but zbxl.zip was probably not recognized because of zip64. 7-zip can do zip64, but of course I won't open it and don't have the courage to do a context scan with Eset.

Edited by 100
Link to comment
Share on other sites

3 hours ago, 100 said:

but zbxl.zip was probably not recognized because of zip64. 7-zip can do zip64, but of course I won't open it and don't have the courage to do a context scan with Eset.

Someone will have to run it on a lab test device or in a VM and see what happens.

Link to comment
Share on other sites

Yes, I can confirm the detection. I also use Firefox, but inside Sandboxie and the SSL/TLS filter no longer works if Firefox is inside Sandboxie.

https://community.sophos.com/products/sandboxie/f/sandboxie-forum/113772/ssl-filtering-with-eset-doesn-t-work-with-firefox-67-0-x-in-sandboxie

But the file was detected and deleted during the download. :-)

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...