Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How does this bash fork bomb work? [duplicate]

Tags:

bash

unix

People also ask

How does a fork bomb work?

A fork bomb (also known as a “rabbit virus”) is a denial of service (DoS) attack in which the fork system call is recursively used until all system resources execute a command. The system eventually becomes overloaded and is unable to respond to any input.

How does fork bomb work in Linux?

The fork bomb is a form of denial-of-service (DoS) attack against a Linux based system. Once a successful fork bomb has been activated in a system it may not be possible to resume normal operation without rebooting the system as the only solution to a fork bomb is to destroy all instances of it.

What causes fork bomb?

In computing, a fork bomb (also called rabbit virus or wabbit) is a denial-of-service attack wherein a process continually replicates itself to deplete available system resources, slowing down or crashing the system due to resource starvation.

Can a fork bomb destroy your computer?

A fork bomb will calls the fork function indefinitely and rapidly in no time, thus exhausting all system resources. It comes in the category of Denial of Service attack due to its nature of quickly ripping up system resources and making it unusable within a very short span of time.

Breaking it down, there are three big pieces:

:()      # Defines a function, ":". It takes no arguments.
{ ... }; # The body of the function.
:        # Invoke the function ":" that was just defined.

Inside the body, the function is invoked twice and the pipeline is backgrounded; each successive invocation on the processes spawns even more calls to ":". This leads rapidly to an explosive consumption in system resources, grinding things to a halt.

Note that invoking it once, infinitely recursing, wouldn't be good enough, since that would just lead to a stack overflow on the original process, which is messy but can be dealt with.

A more human-friendly version looks like this:

kablammo() {             # Declaration
  kablammo | kablammo&   # The problematic body.
}; kablammo              # End function definition; invoke function.

Edit: William's comment below was a better wording of what I said above, so I've edited to incorporate that suggestion.


Short answer:

The colon (":") becomes a function, so you are running the function piped to the function and putting it in the backgroun which means for every invocation of the function 2 copies of the function are invoked. Recursion takes hold.

Related questions

Running a script inside a docker container using shell script
Cron jobs and random times, within given hours
recursively add file extension to all files
Convert date time string to epoch in Bash
Check if string is neither empty nor space in shell script
Regex matching in a Bash if statement
Exit zsh, but leave running jobs open?
How do I grab an INI value within a shell script?
Bash empty array expansion with `set -u`
What is the Bash equivalent of Python's pass statement
How to use shell commands in Makefile
How to get the contents of a webpage in a shell variable?
Creating a new user and password with Ansible
How to use an environment variable inside a quoted string in Bash
Why should eval be avoided in Bash, and what should I use instead?
Determine the path of the executing BASH script [duplicate]
Why is sed not recognizing \t as a tab?
How to resolve "You need to have Ruby and Sass installed and in your PATH for this task to work" Warning?
Multiplication on command line terminal
An efficient way to transpose a file in Bash

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!