What Is The Fork Bomb? How Does It Work?
Вставка
- Опубліковано 10 чер 2024
- A fork bomb is a piece of code that, if run via a script or entered into the terminal, will create a process that continually forks itself until the computer completely runs out of memory and locks up. Essentially, it is a denial of service (DoS) attack. You often see the "shell fork bomb" posted on Linux forums and chat rooms. It looks like a random string of characters. What do those characters actually do?
REFERENCED:
► github.com/aaronryank/fork-bomb
WANT TO SUPPORT THE CHANNEL?
💰 Patreon: / distrotube
💳 Paypal: ua-cam.com/users/redirect?even...
🛍️ Amazon: amzn.to/2RotFFi
👕 Teespring: teespring.com/stores/distrotube
DONATE CRYPTO:
💰 Bitcoin: 1Mp6ebz5bNcjNFW7XWHVht36SkiLoxPKoX
🐶 Dogecoin: D5fpRD1JRoBFPDXSBocRTp8W9uKzfwLFAu
📕 LBC: bMfA2c3zmcLxPCpyPcrykLvMhZ7A5mQuhJ
DT ON THE WEB:
🕸️ Website: distrotube.com/
📁 GitLab: gitlab.com/dwt1
🗨️ Mastodon: fosstodon.org/@distrotube
👫 Reddit: / distrotube
📽️ LBRY/Odysee: odysee.com/@DistroTube:2
FREE AND OPEN SOURCE SOFTWARE THAT I USE:
🌐 Brave Browser - brave.com/dis872
📽️ Open Broadcaster Software: obsproject.com/
🎬 Kdenlive: kdenlive.org
🎨 GIMP: www.gimp.org/
🎵 Tenacity: github.com/tenacityteam/tenacity
💻 VirtualBox: www.virtualbox.org/
🗒️ Doom Emacs: github.com/hlissner/doom-emacs
Your support is very much appreciated. Thanks, guys! - Наука та технологія
and then you're completely forked.
U got ur king and queen forked
@@LunyaTheGay Royal fork oh no
Gettttttttt forked
@@gdmathguy oh yes
Forked right up the colon...
I prefer the term "pipe bomb," because this particular fork bomb uses the pipe operator to create an infinite pipeline of forked processes. Fork bombs do not need to use the pipe operator, but since this does, this specific fork bomb attack is a "pipe bomb."
calling it a pipe bomb might get you visited by 3 letter agencies
"there is a pipe bomb in your mailbox"
Which one sounds scarier:
"Guys! i made a fork bomb!"
Or
"Guys! I made a pipe bomb!"
@@DigitalHandle forks are way sharper than pipes my guy idk what you’re thinking up in that cranium but it is NOT it
with all due respect
1) You can protect from fork bombs by limiting the max process count. E.g. using 'ulimit -u' command. It is a generally good hardening practice to set limits for your system.
2) If your system hang (because of OOM or whatever), you don't actually need to physically reset it. Linux has "Magic SysRq keys" using which you can always send commands directly to the kernel. E.g. if you suffer from the fork bomb, *Alt+SysRq+E* will save you by gracefully exiting all userspace processes, so you most likely will not lose any data. If you suffer from OOM hang, *Alt+SysRq+F* will save you.
All Linux users should learn magic *REISUB* combination. Knowing this hotkeys makes your system practically unkillable (if it is not a hardware failure). Good topic for its own video btw.
What is the number of processes you recommend to set for ordinary Linux user?
@@webcaptcha well, it is not so straightforward to recommend some particular number, because it depends. Also there are "soft" and "hard" limits exist.
Generally lower soft limit proposed for desktops is 1024. But for me it appears too low, because it actually limits not the process count, but *threads* count. So I personally end up with 4096 soft limit. It is a fairly solid amount, but still not nearly enough to hang the system by fork bomb.
Thanks👍
It should be mentioned that this is not guaranteed to work, depending on the distro/environment. Check /proc/sys/kernel/sysrq to find out if it's enabled and if so, which features. This can be modified, look up what the values mean. Also some kernels do not have SysRq compiled in at all, but that's rare. Another tip, if you go for the full REISUB sequence, give every command a couple seconds or it might fail unexpectedly. edit:typo
@@johnathanmcdoe yes. I'd even recommend people to read some article about it for details and possible combinations.
With respect to the "rm -rf /" command: I always teach people to never type "-rf" (or even "-r") before typing the path they want to delete. The flags can also come at the end, and if you accidentally hit the enter key when typing the path it will do a lot less damage (likely none) if you wait until after you type the path to add the flags.
thanks, nice tip
Or even better, alias rm as rm -i, it will prompt you if you want to delete.
@@fanoflogic87 I tend to dislike alias solutions like this since they encourage bad habits. But if it is effective for you, by all means.
@@timseguine2 I don't agree that they encourage bad habits but to each his own taste I guess. Cheers.
@@fanoflogic87 The reasoning is this: if you are relying on the existence of an alias for safety, what happens when you are on a vm or a system that doesn't have the alias? That's easy: your muscle memory will cause you to type the unsafe command instead of the safe command most of the time.
One of the reasons I love DT's videos is that you explain things like this. Ask the question, "how does the fork bomb work?" In most Linux forums, you're labeled a noob and never want to go back. Here you explain such things without talking down to us. Thank you.
There's a reason they do that. They're loser, and having some knowledge about linux is all they have going for them -- in their own little minds, that is. So they have to protect their knowledge, otherwise they left with nothing, but the hard reality of being a human equivalent of a worm.
Randomly had this video recommended to me by UA-cam. I wanted to thank you for explaining everything so clearly without preloading all of the howdy-do that's so common on the platform nowadays. Excellent video.
After so many years, I understood it as soon as you separated it nicely. I didn't realise a function with an empty name worked until you formatted things that way.
It helps to rename the function: a() { a|a&; }; a;
It is even nicer, as : is the null command in bash. Therefore, by redefining it, you turn the 'do nothing' command into a 'do a lot' command. 😀Not bad at all.
Not to mention that some scripts actually use : as a convenient placeholder, so it is conceivable to overwrite it before executing an otherwise innocent script... boom.
I got hit with an accidental fork bomb.
It was from a program's error reporting process. The error process is hard codded to use Outlook, assuming that Outlook is properly configured with a proper outbound E-mail server. I never use Outlook, and never configured it.
So, the program generate an error. Summon Outlook to send the error. Outlook return an error about not being able to connect to the outbound E-mail server, that the error reporting process intercept. The error reporting process then attempt to sent the original error report again PLUS another error report for the failed sending of the original error report. Enter infinite loop hell.
I remember the ZIP bomb of old. I think it even still worked on debian 3.0 woody back in the days.
"Hi i am a zip file, please unpack my data, it is 2^32 zero bytes"
Lots of fun was had with those stupid bloated anti virus snake oils that perform scans on zip file contents. :D
I was a system administrator when the Email Worm took down most of Internet back in the end of 80-ths. Came to work and internet worked slowly. We had a non VAX machine running Unix. We had an Pr1me 750 running Primos.
Love that Haskell's code is basically "forever fork process 'forkBomb'"
A long, long time ago - like late 90’s - it was a bit of a “sport” to type “make -j” it the root directory of a large and complex project - such as for instance the Linux Kernel or the GNU C Compiler.
What this does is to recursively build the project, without limits on recursion depth. It is a “fork bomb” in a way - but it does not keep forking indefinitely - but on the flip side all of those forked processes will be quite resource hungry.
Immense bragging rights were awarded if your computer could actually handle it and successfully compile the project!
If it survived both the Linux Kernel and the GNU C Compiler - both building via “make -j” - then your computer hardware was amazingly good! One would typically run this on University servers than one had root access on - because no consumer PC came even close!
Plugging the Rust example into the Rust Playground creates a rather interesting result - bunch of panicking threads in the output. Great way to know what it would do without compromising your own machine.
I remember making batch scripts on school computers that basically did this. It would run notepad, just as a to run, then run itself, which would then run notepad, then itself, and so on and so forth. It wasn't really a fork, it just made an infinite number of notepad applications. It was very good at crashing old slow school computers.
yeah i did that too its so powerful in old computers. tho i was made it open other apps too
Real story, I work as a dev on many web microservices, and they have a bunch of dependencies; we have a script at my company that puts them in a `./lib/` directory of the current project. Sometimes things go badly with the environment, and we have to delete this folder and run the generate script again. One day I missed the `.` at the start of the `rm` command. Luckily I have a timeshift and a daily offsite backup. I was back and running in less than an hour.
The moral of the story is 2 fold:
- be very careful about what path you are deleting
- whenever you set up a device or project, the first thing you have to do is make sure the back-ups and version control are fully configured and working; this was not the first time a good strategy saved me, and I'm sure it won't be the last.
I feel like having knowledge of this command is more dangerous than never have even heard of it. Now I feel like I'm going to jumble it up with something else next time I need to recursively remove a directory
The bash fork bomb doesn't hang my system (as such) even if I wait a while, but it does make it impossible to do anything (including shutdown, unless I use sysrq). There is a small danger in running it if you need to save anything to disk whilst it's running (which would include swap space) in that it can corrupt the FS, but generally (certainly with ext4) repairable on a reboot, and generally safe to run, if controlled, and if you are curious.
Thanks for the explaination
Nice presentation sir
Interesting video, great job.
Very original & interesting content - Stuff I never really was aware of - fork bombs! 👍
Interesting. You are correct, the more one understands how a system works the more likely one can fix it. Similar with driving a car.
now we need a video of all the fork bombs in that repo in a vm
I didn't know you could use : as a func name. I would think that char would be in the reserved set.
love your bob marley shirt!! thanx for the info. keeps us all safe.
What happens if this is added as a cronjob on startup? Freezes the machine on every startup until cleared up somehow?
Basically. Then you would need to boot from a live cd or something like that to fix it for example.
I didn’t know this, it’s very funny 😂
The system initially locks up because of high CPU utilization. OOM situation will happen eventually but it'll take some time as forking processes on modern Linux systems isn't memory-intensive at all.
shit, i know shell scripting and play in bash a ton and that fork bomb threw my head for a loop. so, mr. distrotube man... go onnnnn, im listenting!
ahhh, didnt know you could call a function ':' and was never 100% on what ':' did in bash. this is way too simple, good explanation mr. distrotube man
I did a similar thing a while ago on a windows machine where I would make an app open itself twice but it did close itself
6:51 > _"bash syntax is a li'l diff than a POSIX compliant shell"_
woah, didn't know that.
thank you, very cool :)
What utility do you use to display CPU usage, RAM usage etc on the top right corner please?
my favorite ones are the C and Lisp forkbombs
Really nice👍
In Fedora
sudo rm -rf /
rm: it is dangerous to operate recursively on '/'
rm: use--no-preserve-root to override this failsafe
The fork bomb runs but it's ability to consume system resources is limited.
bash: fork: rerty: Resource temporarily unavailable
Yep. That's the behaviour of GNU rm so almost all Linux distros will prevent you from deleting the root file system. But _sudo rm -rf /*_ will still work as it operates on sub-directories under /. (Don't try on anything important!)
As for the fork bomb, it depends on distribution-specific configuration.
What font did u use for those punctuation marks in the thumbnail?
It's pretty simple. you have a funciton : which when called calls itself twice, then you call the original function and voila you have infinite :
"The previous function will kill itself" ***thunder***
I think something like NixOS or Fedora Silverblue has protection of file system etc. against fork bomb
Isn't a colon already the noop function in Bourne compatible shells? That being the case are you sure that would actually be syntactically correct? It doesn't look right to me.
I tried running sudo rm -rf / and it didn't let me do that until I added a flag --no-preserve-root
It's amazing how fast a fork bomb works, especially if it doubles then multiplies by itself. 1X2=2, 2x2=4, 4x4=16, 16x16=256, 256x256=65,536 processes and crash!
Exponential growth, my man.
I once "rm -rf ~" myself. Just pressed enter before writing the command till the end. I canceled and restored in like 5 minutes, but that was scary.
Oh, I've made something similar before. By mistake. lol Except it kept starting new processes that _didn't_ self-replicate. So it was easy to clean up, but still a mess.
Hey DT I find your videos very very helpful as I plan to switch to Linux and only and always use it. However I'm confused by some things - I heard that Linux filesystem has a magic number - an identification added to the beginning of the file which is used to declare the file type (script, executable, text file, document etc). Why does Linux have extensions in this case? Is there a way to assign default applications for each extension? Also is there an Autoruns-like utility for Linux where you can see all programs that start automatically with the system?
almost all file formats (jpg, tar, MP3, etc..) already have to start with a magic number by design, regardless of weather you are using linux or windows, and regardless of the file system, it's just part of the format of the file.
Windows ignore the magic number, it relies on the file name extension instead, whilst Linux (the kernel) doesn't really care about magic numbers or extensions, the programs running on top of the kernel care (programs such as the file explorer): those programs are developed by people who think it's more reasonable determine the file type from the content of the file, rather than relying on what's supposed to be the "file name", so essentially it's just a mere convention between developers, it's not a rule
if you understand what I am saying so far you will see that there's no harm at all in adding an extension to the end of the file name in linux, it's just unnecessary if your file explorer can figure out the file type by it's content, the fact is everyone use extensions on linux anyways because of the influence of windows, and to make file sharing easy and to work with programs that expect file extensions (because the developer of the program doesn't care about magic numbers), most programs on linux nowdays take the file extension into account too anyways
You asked weather you can choose a default program for each file type, and the answer is yes you can
You asked about the autorun feature and the answer is also yeah it exist, it has always existed
@@goawqebt6931 Its funny, been using Linux for a month now and I have already stopped adding extensions on the end of files without even thinking about it.
@@fictitiousnightmares
The majority of Linux users don't care, the files you download from the web, the files people share with you, and the pictures and videos you take with your phone already have file extensions, there's no point in deliberately going out of your way to remove file extensions, you are just making it hard for yourself, everything around you rely on file extensions, sharing files with your friends who use windows will also be a pain
Even your Linux system use file extensions, look at `/lib`, you will find `.so` files, even the developers who care about magic numbers still write their programs in files with extensions because it's too inconvenient not to do so
Idk what situation require you to add extensions manually for you to stop doing it
The tldr is: you shouldn't care about this, just use your computer
@@goawqebt6931 I never said I went out of my way to remove them. But ok. ""Idk what situation require you to add extensions manually for you to stop doing it" I guess you have never used a text editor in Linux.
@@fictitiousnightmares the save dialog add the extension automatically if you don't type it, same in windows
This reminds me of a VERY simple C# Program I had written while learning that language. I screwed up the constructor and got the capitalization reversed. Took me a minute to figure out how in the hell a program with less than 150 lines of code would crash with an OOM error in seconds. Recursion is a fickle and cruel mistress :'D
I've never fork bombed myself, but I have OOM'd my session out of existence.
Take any sufficiently large/complex tarball, and make it with only -j, instead of providing the number of threads to use, -j4 for example, or by using -j$(nproc).
Got over a thousand files to compile? Better hope each one is tiny, you have a bunch of threads, and/or you have way too much RAM, because all files are now compiling at the same time!
Upon trying it, I forked up
dd command is the most destructive of all
can we add this code to an unavoidable system call or a kernel function that is guaranteed to run and thus make the os completely useless? can we even do that at bootloading level with asm and make the pc useless? or an essential process like mouse driver or gui? i am only curious. because this is a vulnerability. i can not believe there actually arent mechanisms to prevent this.
One of these could be really nasty if you could get it to run on startup
So, since I’m not about to run the test myself, how long does it take for this to crash a typical system? Can’t imagine it being more than milliseconds.
it'll probably take a minute or two, do you really think a single process that does nothing apart of running itself once more and just existing takes up a lot of memory?
Ah yes, the good ol' recursive fork in the colon 👁️👄👁️
so it is just recursively call itself until memory full? how it differs from infinite loop?
the rm -rf / sudo command is similar to how many dos games could ruin a system if you run the uninstaller.
early games that came on floppy and would be installed to the hard drive the uninstaller would often run what ever the dos equiv version of rm was and do it at the root level and would result in a non booting system because they would delete everything instead of just the game package.
Well, the explanations of those shell scripts were not very strict and precise, especially what "run in the background" exactly means. But it was i the ballpark.
I wonder if rm -rf will complete execution in practice. Yes, the system is loaded to the RAM, so memory-wise, it can wipe the whole hard drive uninterrupted. But remember: everything is a file, including devices. So won't this command break something crucial to its execution before it's done?
Devices can not be deleted. The command will just spit "Operation not permitted" messages on em and continue. So yes, it will complete deleting your drive content successfully.
In the past it would remove enough to break the system and delete user data. I practice most distros patched against this year's ago.
Some badly-designed UEFI firmware exposes its contents as read-write to the OS, so if you do rm -rf / under Linux, it'll happily wipe the firmware from your motherboard as well as all your drives.
@Roxor128 I am not an expert on this topic (UFEI) do you have a link or bug report on this if so I would love to read it.
The simplest one to understand is the c-version, if you wanna have a clear picture of what is going on!
In Perl:
{ fork ; redo }
From the terminal:
perl -e '{ fork ; redo }'
Don't forget the '--no-preserve-root' option lol
Interesting
The term "fork bomb" actually sounds more dangerous in real life than it is to a computer.
Is it possible to execute fork bomb without calling it's recursively because I encountered this one of the qa servers of our and I don't think colleagues of mine have this much knowledge to execute a fork bomb like this
_Can i past this near the RF id of my car and crash the RFid reader while crossing a tool gate ?_
1:49 Of course, there is a fork bomb repository! 🤦
Well fork!
DistroTube could you make a video on Helix Text editor
Didn't know it had a name, but that's exactly how I said goodbye to Windows at the start of 2020 (such great timing).
:a
start run.bat
goto a
Save those 3 lines to a file named "run.bat" and then double-click it to run. It seemed fitting that my last moments with my Windows machine ended in a crash. Plus I already had my fun doing this on display computers at Best Buy.
To be fair it looks more like a spork bomb
The first time I heard of the fork bomb was in 1988 but it was written in C.
I made a fork bomb in scratch ( first do:when flag clicked - make a clone of myself. Then do: when I start as a clone - make a clone of myself)
i tried doing a forkbomb in scratch, clones have a hard limit
Ran the fork bomb in termux. I thought the app would just crash but instead I had to restart my phone.
What happens if you do "sudo rm -rf /" in termux? I don't dare to try :D
@@gentuxable, it wipes Termux's root directory so it's safe for your phone. Unless you are root when you're doing that - then it wipes and bricks your phone.
@@GioGziro95 yeah makes total sense that on a non-rooted phone has partitions that are mounted read-only so you can't destroy them. But I imagine it would still have mounted some directories like your music, photos and stuff that would be wiped if you gave permission.
@@gentuxable, but you can not access files outside of Termux container (without rooting and launching a root shell). It's also a chroot environment (unless you're in a root shell), so _/_ refers to Termux root, not Android file system root.
@@GioGziro95 but yes you can access files outside of Termux! You can run termux-setup-storage and you will get access to some internal directories and termux's directory on your SD-card. You can use cd /storage/emulaed/0 to manipulate other internal data. BUT if you ls -la ~/storage and use the path of SD card (like /storage/ABC123) you will get full access to you SD-card as well!
I was hoping this would be an actual bomb made of forks. Oh well...
so it is a chain reaction.
Fail. Sudo -rm -ef / would also wreck havoc on mounted network storage in some cases
start start inside of a .bat file is fun trust me
neo should have done this
sudo rm -rf --no-preserve-root / ... rm has protections in place not to destroy the root filesystem
Imagine using one in scratch
On start:
{death}
Definitions:
{death}
{death}&
...if scratch was text code
i have a bit of java knowleage and i understand that was a variable, with code inside it that keeped its self runing and executing more
Dave's Garage did a similar video a while back. I find it interesting that the POSIX fork bomb runs unmodified on a Windows system. ua-cam.com/video/nB_s79lHSVs/v-deo.html
sudo rm -rf is technically not bricking your machine as a bricked machine cant be recovered at all. you can still recover to factory default/ new install by reinstalling linux. yes you do lose literally everything including your os/distro and if you dont have a nother pc to get a distro off of or the install medium then your shit out of luck untill you get to a pc. good video tho
Back in my 1st year comp sci some people thought fork bombs were real funny
why do you need to pipe it?
I thought only doing the recursion itself is sufficient
ex.
```
:(){:&};:
```
Fork Bomb? Are we coding or playing cursed Chess?
In Perl:
{ fork ; redo }
I wrote a fork bomb for cmd in school. For no reason.
Did it on termux and freeze my phone LMAO
what IS a hank bomb?
hank hank hank hank hank hank hank left square bracket right square bracket
If you were writing a kernel wouldn't you, as one of your main ideas, make sure that one process or task cannot run amok and crash the entire system? Isn't that one of the premiere goals of the kernel??
You can limit the amount of process's that a user can run with ulimit -u thus making the fork bomb limitable and killable
😈
1:08 "another common command" well, I don't think a fork bomb is a "common" command
Let's see if thi________________________
Fork me.
bro, you look like you just took the bigest bowl known to man
me, a chess player:
Repository
*I
Actshulnly glowingh