Saturday, November 22, 2008

UNIX Fork Bomb :(){ :|:& };:

Whatever you do, please do NOT enter this code in your Unix terminal:
:(){ :|:& };:
This is one of the most elegant examples of a fork bomb, which works by creating a large number of processes very quickly in order to saturate the operating system's process table. Each process uses up CPU time and memory and so the system becomes unresponsive and is quickly brought to its knees! This is a form of denial-of-service attack.

So how does this command work? It might be easier to understand if I re-wrote it like this instead:

bomb()
{
   bomb | bomb &
}
bomb
You declare a function called bomb which calls itself recursively and pipes the output to another call of itself. The & puts the function call in the background so that the new child processes can never die. The semi-colon marks the end of the function and the final "bomb" launches the attack (by calling the function the first time).

You can only stop a fork bomb by destroying all instances of it. It is a difficult task to use another program to kill it because that would mean creating another process which the system may not have enough space for. The only guaranteed way of curing a fork bomb is to reboot.

Windows Fork bomb Example

:s
start %0
%0|%0
goto :s

1 comment:

  1. You - my friend - have been tagged! Check my blog ;-)

    ReplyDelete

Note: Only a member of this blog may post a comment.