The Most Clever 'Zip Bomb' Ever Made Explodes a 46MB File to 4.5 Petabytes https://www.vice.com/en_us/article/...ver-made-explodes-a-46mb-file-to-45-petabytes
I played with that last year. Aside from the novelty of it there doesn't seem to be much asset for the foulware pushers to make use of in their bag of tricks. Fun read though and a little sad on the maker.
Now everyone is thinking file archive zip bombs. How about memory zip bombs? Yes, they exist using something called GZIP. Great to crash a web site, for example. You can read about this here: https://blog.haschek.at/post/f2fda . For the adventuresome, at the end of the article is a link that will memory zip bomb your browser. Running on Win 10 1809 using FireFox 68 w/hardware acceleration enabled with max. sandbox level, it appears this had zip impact on graphics card memory usage. Hence no visible impact on FF that I could see. However, it did rapidly consume all my virtual memory. Since I had a set a fixed page size, again no adverse impact on system operation. Now here is where it gets interesting, it appears Win 10 has a built-in diagnostic that's detects when the page file is maxing out and doesn't let that happen. This is again with a fixed page file allocation.
Appears Adguard examines php scripts. In this case, bomb.php Here's the actual code for bomb.php: https://gist.github.com/fffaraz/d219d8eefd66de70b6d3d1986da0e56f . So in reality, this is a blacklist detection and you're not protected from other like code.
BTW - as of today, only 7 vendors at VT detect this "latest and greatest" zbxl.zip bomb with Eset, Kaspersky, and ZoneAlarm, the only major vendors to do so.