Fork Bomb

:(){ :|: & };:
These may look like some randomly written symbols.
However, this is a very creative way of creating a denial-of-service attack on Linux machines. A denial of service attack on operating systems is when a process continually replicates itself to deplete available system resources, slowing down or crashing the system due to resource starvation.
Executing this attack is as simple as copying and pasting the above symbols to a shell prompt. But what are these symbols and how they work?

First, let us split them into small pieces:
:(){
: | :
&
};
:
In the first line we are defining a function called “:” which takes no parameters () and the { is the start of its block.
In the function’s body we are calling the function recursively : and piping its output to itself : (overall command : | : )
The & symbols is an indicator to let this function executes in the background (In order to be hidden).
The } is simply the end of the function’s block.
The ; is simply the command separator e.g. ls ; cal means: execute ls then execute cal.
The final : is the method call which triggers the execution of our bomb.
So we can rewrite our bomb and follows: bomb(){ bomb | bomb & }; bomb
Attack countermeasures:
 On Linux, this can be achieved by using the ulimit utility.
 For example, the command ulimit -u 30 would limit the affected user to a maximum of thirty owned processes.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s