On Mon, 2003-05-12 at 05:39, perat_private wrote: > * Zip-Of-Death. Make one huge (a couple of gigabytes) file and fill it with > homogenous data, for instance only the character "a". Zip it. This will > construct of a file that says "this files contains of 10(8) a:s" that is very > small. Most modern mail content systems handles this today, some older might > not. You should give a look to a file known as 42.zip : http://www.securityfocus.com/bid/3027/exploit/ "42.zip: ZIP archive, 42K, composed of nested zips (nested 6 levels deep, each level 17 wide) - produces a file 4GB in size and will reportedly crash 'most email virus checkers'" Regards, -- Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information ngregoireat_private ------[ ExaProbe ]------ http://www.exaprobe.com/ PGP KeyID:CA61B44F FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F --------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes. Download a free 15-day trial of VAM: http://www.securityfocus.com/StillSecure-pen-test ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue May 13 2003 - 09:43:02 PDT