What Is The Fork Bomb? How Does It Work?
Рет қаралды 99,232
Күн бұрын
@mk72v2oq 2 жыл бұрын
1) You can protect from fork bombs by limiting the max process count. E.g. using 'ulimit -u' command. It is a generally good hardening practice to set limits for your system. 2) If your system hang (because of OOM or whatever), you don't actually need to physically reset it. Linux has "Magic SysRq keys" using which you can always send commands directly to the kernel. E.g. if you suffer from the fork bomb, *Alt+SysRq+E* will save you by gracefully exiting all userspace processes, so you most likely will not lose any data. If you suffer from OOM hang, *Alt+SysRq+F* will save you. All Linux users should learn magic *REISUB* combination. Knowing this hotkeys makes your system practically unkillable (if it is not a hardware failure). Good topic for its own video btw.
@webcaptcha 2 жыл бұрын
What is the number of processes you recommend to set for ordinary Linux user?
@mk72v2oq 2 жыл бұрын
@@webcaptcha well, it is not so straightforward to recommend some particular number, because it depends. Also there are "soft" and "hard" limits exist. Generally lower soft limit proposed for desktops is 1024. But for me it appears too low, because it actually limits not the process count, but *threads* count. So I personally end up with 4096 soft limit. It is a fairly solid amount, but still not nearly enough to hang the system by fork bomb.
@guilherme5094 2 жыл бұрын
Thanks👍
@johnathanmcdoe 2 жыл бұрын
It should be mentioned that this is not guaranteed to work, depending on the distro/environment. Check /proc/sys/kernel/sysrq to find out if it's enabled and if so, which features. This can be modified, look up what the values mean. Also some kernels do not have SysRq compiled in at all, but that's rare. Another tip, if you go for the full REISUB sequence, give every command a couple seconds or it might fail unexpectedly. edit:typo
@mk72v2oq 2 жыл бұрын
@@johnathanmcdoe yes. I'd even recommend people to read some article about it for details and possible combinations.
@sunriseleatherco.6587 2 жыл бұрын
and then you're completely forked.
@LunyaTheGay 2 жыл бұрын
U got ur king and queen forked
@gdmathguy 2 жыл бұрын
@@LunyaTheGay Royal fork oh no
@Just_Ants 2 жыл бұрын
Gettttttttt forked
@LunyaTheGay 2 жыл бұрын
@@gdmathguy oh yes
@WarhavenSC 2 жыл бұрын
Forked right up the colon...
@timseguine2 2 жыл бұрын
With respect to the "rm -rf /" command: I always teach people to never type "-rf" (or even "-r") before typing the path they want to delete. The flags can also come at the end, and if you accidentally hit the enter key when typing the path it will do a lot less damage (likely none) if you wait until after you type the path to add the flags.
@yash1152 2 жыл бұрын
thanks, nice tip
@fanoflogic87 Жыл бұрын
Or even better, alias rm as rm -i, it will prompt you if you want to delete.
@timseguine2 Жыл бұрын
@@fanoflogic87 I tend to dislike alias solutions like this since they encourage bad habits. But if it is effective for you, by all means.
@fanoflogic87 Жыл бұрын
@@timseguine2 I don't agree that they encourage bad habits but to each his own taste I guess. Cheers.
@timseguine2 Жыл бұрын
@@fanoflogic87 The reasoning is this: if you are relying on the existence of an alias for safety, what happens when you are on a vm or a system that doesn't have the alias? That's easy: your muscle memory will cause you to type the unsafe command instead of the safe command most of the time.
@Not-THAT-ChrisPratt 2 жыл бұрын
One of the reasons I love DT's videos is that you explain things like this. Ask the question, "how does the fork bomb work?" In most Linux forums, you're labeled a noob and never want to go back. Here you explain such things without talking down to us. Thank you.
@kuwandak 2 жыл бұрын
There's a reason they do that. They're loser, and having some knowledge about linux is all they have going for them -- in their own little minds, that is. So they have to protect their knowledge, otherwise they left with nothing, but the hard reality of being a human equivalent of a worm.
@martin.1976 Жыл бұрын
A long, long time ago - like late 90’s - it was a bit of a “sport” to type “make -j” it the root directory of a large and complex project - such as for instance the Linux Kernel or the GNU C Compiler. What this does is to recursively build the project, without limits on recursion depth. It is a “fork bomb” in a way - but it does not keep forking indefinitely - but on the flip side all of those forked processes will be quite resource hungry. Immense bragging rights were awarded if your computer could actually handle it and successfully compile the project! If it survived both the Linux Kernel and the GNU C Compiler - both building via “make -j” - then your computer hardware was amazingly good! One would typically run this on University servers than one had root access on - because no consumer PC came even close!
@zacharyherl8080 2 жыл бұрын
Randomly had this video recommended to me by KZbin. I wanted to thank you for explaining everything so clearly without preloading all of the howdy-do that's so common on the platform nowadays. Excellent video.
@lua-nya 2 жыл бұрын
After so many years, I understood it as soon as you separated it nicely. I didn't realise a function with an empty name worked until you formatted things that way.
@anon_y_mousse 2 жыл бұрын
It helps to rename the function: a() { a|a&; }; a;
@kennystrawnmusic 2 жыл бұрын
Plugging the Rust example into the Rust Playground creates a rather interesting result - bunch of panicking threads in the output. Great way to know what it would do without compromising your own machine.
@Kualinar 2 жыл бұрын
I got hit with an accidental fork bomb. It was from a program's error reporting process. The error process is hard codded to use Outlook, assuming that Outlook is properly configured with a proper outbound E-mail server. I never use Outlook, and never configured it. So, the program generate an error. Summon Outlook to send the error. Outlook return an error about not being able to connect to the outbound E-mail server, that the error reporting process intercept. The error reporting process then attempt to sent the original error report again PLUS another error report for the failed sending of the original error report. Enter infinite loop hell.
@WilliametcCook 2 жыл бұрын
Love that Haskell's code is basically "forever fork process 'forkBomb'"
@AndersJackson 2 жыл бұрын
I was a system administrator when the Email Worm took down most of Internet back in the end of 80-ths. Came to work and internet worked slowly. We had a non VAX machine running Unix. We had an Pr1me 750 running Primos.
@DasIllu 2 жыл бұрын
I remember the ZIP bomb of old. I think it even still worked on debian 3.0 woody back in the days. "Hi i am a zip file, please unpack my data, it is 2^32 zero bytes" Lots of fun was had with those stupid bloated anti virus snake oils that perform scans on zip file contents. :D
@macloricott13 2 жыл бұрын
It is even nicer, as : is the null command in bash. Therefore, by redefining it, you turn the 'do nothing' command into a 'do a lot' command. 😀Not bad at all. Not to mention that some scripts actually use : as a convenient placeholder, so it is conceivable to overwrite it before executing an otherwise innocent script... boom.
@stephenhargreaves9011 2 жыл бұрын
The bash fork bomb doesn't hang my system (as such) even if I wait a while, but it does make it impossible to do anything (including shutdown, unless I use sysrq). There is a small danger in running it if you need to save anything to disk whilst it's running (which would include swap space) in that it can corrupt the FS, but generally (certainly with ext4) repairable on a reboot, and generally safe to run, if controlled, and if you are curious.
@KrisRogos 2 жыл бұрын
Real story, I work as a dev on many web microservices, and they have a bunch of dependencies; we have a script at my company that puts them in a `./lib/` directory of the current project. Sometimes things go badly with the environment, and we have to delete this folder and run the generate script again. One day I missed the `.` at the start of the `rm` command. Luckily I have a timeshift and a daily offsite backup. I was back and running in less than an hour. The moral of the story is 2 fold: - be very careful about what path you are deleting - whenever you set up a device or project, the first thing you have to do is make sure the back-ups and version control are fully configured and working; this was not the first time a good strategy saved me, and I'm sure it won't be the last.
@Sunnywastakentoo 2 жыл бұрын
I remember making batch scripts on school computers that basically did this. It would run notepad, just as a to run, then run itself, which would then run notepad, then itself, and so on and so forth. It wasn't really a fork, it just made an infinite number of notepad applications. It was very good at crashing old slow school computers.
@HAKANKOKCU Жыл бұрын
yeah i did that too its so powerful in old computers. tho i was made it open other apps too
@x1expert1x 2 жыл бұрын
I feel like having knowledge of this command is more dangerous than never have even heard of it. Now I feel like I'm going to jumble it up with something else next time I need to recursively remove a directory
@SB-qm5wg 2 жыл бұрын
I didn't know you could use : as a func name. I would think that char would be in the reserved set.
@Frogieder 2 жыл бұрын
I tried running sudo rm -rf / and it didn't let me do that until I added a flag --no-preserve-root
@yash1152 2 жыл бұрын
6:51 > _"bash syntax is a li'l diff than a POSIX compliant shell"_ woah, didn't know that.
@hungryhedgehog4201 2 жыл бұрын
Thanks for the explaination
@ezraweldegabriel9046 2 жыл бұрын
I did a similar thing a while ago on a windows machine where I would make an app open itself twice but it did close itself
@GioGziro95 2 жыл бұрын
The system initially locks up because of high CPU utilization. OOM situation will happen eventually but it'll take some time as forking processes on modern Linux systems isn't memory-intensive at all.
@bobbyfried7478 2 жыл бұрын
love your bob marley shirt!! thanx for the info. keeps us all safe.
@send2gl 2 жыл бұрын
Interesting. You are correct, the more one understands how a system works the more likely one can fix it. Similar with driving a car.
@linuxstreamer8910 2 жыл бұрын
now we need a video of all the fork bombs in that repo in a vm
@TheGodzilla2201 2 жыл бұрын
Nice presentation sir
@leopard3131 2 жыл бұрын
In Fedora sudo rm -rf / rm: it is dangerous to operate recursively on '/' rm: use--no-preserve-root to override this failsafe The fork bomb runs but it's ability to consume system resources is limited. bash: fork: rerty: Resource temporarily unavailable
@GioGziro95 2 жыл бұрын
Yep. That's the behaviour of GNU rm so almost all Linux distros will prevent you from deleting the root file system. But _sudo rm -rf /*_ will still work as it operates on sub-directories under /. (Don't try on anything important!) As for the fork bomb, it depends on distribution-specific configuration.
@philiprea8540 2 жыл бұрын
shit, i know shell scripting and play in bash a ton and that fork bomb threw my head for a loop. so, mr. distrotube man... go onnnnn, im listenting!
@philiprea8540 2 жыл бұрын
ahhh, didnt know you could call a function ':' and was never 100% on what ':' did in bash. this is way too simple, good explanation mr. distrotube man
@jackkeifer 2 жыл бұрын
Very original & interesting content - Stuff I never really was aware of - fork bombs! 👍
@tedspens 2 жыл бұрын
It's amazing how fast a fork bomb works, especially if it doubles then multiplies by itself. 1X2=2, 2x2=4, 4x4=16, 16x16=256, 256x256=65,536 processes and crash!
@cybergizmo6902 Жыл бұрын
Exponential growth, my man.
@kentoyawazaki2625 2 жыл бұрын
What font did u use for those punctuation marks in the thumbnail?
@sher1x165 2 жыл бұрын
I think something like NixOS or Fedora Silverblue has protection of file system etc. against fork bomb
@zenkth 2 жыл бұрын
What utility do you use to display CPU usage, RAM usage etc on the top right corner please?
@parsanobahari6089 2 жыл бұрын
Interesting video, great job.
@richardryan8462 2 жыл бұрын
Isn't a colon already the noop function in Bourne compatible shells? That being the case are you sure that would actually be syntactically correct? It doesn't look right to me.
@batuhanbatuhan6445 Жыл бұрын
can we add this code to an unavoidable system call or a kernel function that is guaranteed to run and thus make the os completely useless? can we even do that at bootloading level with asm and make the pc useless? or an essential process like mouse driver or gui? i am only curious. because this is a vulnerability. i can not believe there actually arent mechanisms to prevent this.
@AbdullahAlMuzaki-pe6wb 2 жыл бұрын
so it is just recursively call itself until memory full? how it differs from infinite loop?
@AsmodeusMictian 2 жыл бұрын
This reminds me of a VERY simple C# Program I had written while learning that language. I screwed up the constructor and got the capitalization reversed. Took me a minute to figure out how in the hell a program with less than 150 lines of code would crash with an OOM error in seconds. Recursion is a fickle and cruel mistress :'D
@Tb0n3 2 жыл бұрын
It's pretty simple. you have a funciton : which when called calls itself twice, then you call the original function and voila you have infinite :
@Andoxico 2 жыл бұрын
my favorite ones are the C and Lisp forkbombs
@TomGilson 2 жыл бұрын
So, since I’m not about to run the test myself, how long does it take for this to crash a typical system? Can’t imagine it being more than milliseconds.
@sparx0s 2 жыл бұрын
it'll probably take a minute or two, do you really think a single process that does nothing apart of running itself once more and just existing takes up a lot of memory?
@luszczi 2 жыл бұрын
I wonder if rm -rf will complete execution in practice. Yes, the system is loaded to the RAM, so memory-wise, it can wipe the whole hard drive uninterrupted. But remember: everything is a file, including devices. So won't this command break something crucial to its execution before it's done?
@mk72v2oq 2 жыл бұрын
Devices can not be deleted. The command will just spit "Operation not permitted" messages on em and continue. So yes, it will complete deleting your drive content successfully.
@leopard3131 2 жыл бұрын
In the past it would remove enough to break the system and delete user data. I practice most distros patched against this year's ago.
@Roxor128 2 жыл бұрын
Some badly-designed UEFI firmware exposes its contents as read-write to the OS, so if you do rm -rf / under Linux, it'll happily wipe the firmware from your motherboard as well as all your drives.
@leopard3131 2 жыл бұрын
@Roxor128 I am not an expert on this topic (UFEI) do you have a link or bug report on this if so I would love to read it.
@noid3571 2 жыл бұрын
"The previous function will kill itself" ***thunder***
@DejiAdegbite 2 жыл бұрын
In Perl: { fork ; redo } From the terminal: perl -e '{ fork ; redo }'
@Redmage913 2 жыл бұрын
I've never fork bombed myself, but I have OOM'd my session out of existence. Take any sufficiently large/complex tarball, and make it with only -j, instead of providing the number of threads to use, -j4 for example, or by using -j$(nproc). Got over a thousand files to compile? Better hope each one is tiny, you have a bunch of threads, and/or you have way too much RAM, because all files are now compiling at the same time!
@Little-bird-told-me 2 жыл бұрын
_Can i past this near the RF id of my car and crash the RFid reader while crossing a tool gate ?_
@wargone540 2 жыл бұрын
I didn’t know this, it’s very funny 😂
@voidvoid5151 2 жыл бұрын
Hey DT I find your videos very very helpful as I plan to switch to Linux and only and always use it. However I'm confused by some things - I heard that Linux filesystem has a magic number - an identification added to the beginning of the file which is used to declare the file type (script, executable, text file, document etc). Why does Linux have extensions in this case? Is there a way to assign default applications for each extension? Also is there an Autoruns-like utility for Linux where you can see all programs that start automatically with the system?
@goawqebt6931 2 жыл бұрын
almost all file formats (jpg, tar, MP3, etc..) already have to start with a magic number by design, regardless of weather you are using linux or windows, and regardless of the file system, it's just part of the format of the file. Windows ignore the magic number, it relies on the file name extension instead, whilst Linux (the kernel) doesn't really care about magic numbers or extensions, the programs running on top of the kernel care (programs such as the file explorer): those programs are developed by people who think it's more reasonable determine the file type from the content of the file, rather than relying on what's supposed to be the "file name", so essentially it's just a mere convention between developers, it's not a rule if you understand what I am saying so far you will see that there's no harm at all in adding an extension to the end of the file name in linux, it's just unnecessary if your file explorer can figure out the file type by it's content, the fact is everyone use extensions on linux anyways because of the influence of windows, and to make file sharing easy and to work with programs that expect file extensions (because the developer of the program doesn't care about magic numbers), most programs on linux nowdays take the file extension into account too anyways You asked weather you can choose a default program for each file type, and the answer is yes you can You asked about the autorun feature and the answer is also yeah it exist, it has always existed
@fictitiousnightmares 2 жыл бұрын
@@goawqebt6931 Its funny, been using Linux for a month now and I have already stopped adding extensions on the end of files without even thinking about it.
@goawqebt6931 2 жыл бұрын
@@fictitiousnightmares The majority of Linux users don't care, the files you download from the web, the files people share with you, and the pictures and videos you take with your phone already have file extensions, there's no point in deliberately going out of your way to remove file extensions, you are just making it hard for yourself, everything around you rely on file extensions, sharing files with your friends who use windows will also be a pain Even your Linux system use file extensions, look at `/lib`, you will find `.so` files, even the developers who care about magic numbers still write their programs in files with extensions because it's too inconvenient not to do so Idk what situation require you to add extensions manually for you to stop doing it The tldr is: you shouldn't care about this, just use your computer
@fictitiousnightmares 2 жыл бұрын
@@goawqebt6931 I never said I went out of my way to remove them. But ok. ""Idk what situation require you to add extensions manually for you to stop doing it" I guess you have never used a text editor in Linux.
@goawqebt6931 2 жыл бұрын
@@fictitiousnightmares the save dialog add the extension automatically if you don't type it, same in windows
@ejonesss 2 жыл бұрын
the rm -rf / sudo command is similar to how many dos games could ruin a system if you run the uninstaller. early games that came on floppy and would be installed to the hard drive the uninstaller would often run what ever the dos equiv version of rm was and do it at the root level and would result in a non booting system because they would delete everything instead of just the game package.
@bazoo513 2 жыл бұрын
Well, the explanations of those shell scripts were not very strict and precise, especially what "run in the background" exactly means. But it was i the ballpark.
@corejake 2 жыл бұрын
I once "rm -rf ~" myself. Just pressed enter before writing the command till the end. I canceled and restored in like 5 minutes, but that was scary.
@denverabrahams3535 2 жыл бұрын
Upon trying it, I forked up
@zenniththefolf4888 2 жыл бұрын
The term "fork bomb" actually sounds more dangerous in real life than it is to a computer.
@RAndrewNeal 2 жыл бұрын
Oh, I've made something similar before. By mistake. lol Except it kept starting new processes that _didn't_ self-replicate. So it was easy to clean up, but still a mess.
@grimslade0 2 жыл бұрын
Ah yes, the good ol' recursive fork in the colon 👁️👄👁️
@ExtraDipson Жыл бұрын
One of these could be really nasty if you could get it to run on startup
@satyajeetkumar2588 2 жыл бұрын
Is it possible to execute fork bomb without calling it's recursively because I encountered this one of the qa servers of our and I don't think colleagues of mine have this much knowledge to execute a fork bomb like this
@MisFakapek 2 жыл бұрын
dd command is the most destructive of all
@a_maxed_out_handle_of_30_chars 2 жыл бұрын
thank you, very cool :)
@mario7501 2 жыл бұрын
The simplest one to understand is the c-version, if you wanna have a clear picture of what is going on!
@6754bettkitty 2 жыл бұрын
1:49 Of course, there is a fork bomb repository! 🤦
@MCasterAnd 2 жыл бұрын
1:08 "another common command" well, I don't think a fork bomb is a "common" command
@airbus5717 2 жыл бұрын
DistroTube could you make a video on Helix Text editor
@mytiamos 2 жыл бұрын
i tried doing a forkbomb in scratch, clones have a hard limit
@guilherme5094 2 жыл бұрын
Really nice👍
@lesliegwartney7220 2 жыл бұрын
I made a fork bomb in scratch ( first do:when flag clicked - make a clone of myself. Then do: when I start as a clone - make a clone of myself)
@davidsun9026 2 жыл бұрын
Don't forget the '--no-preserve-root' option lol
@TheExileFox 2 жыл бұрын
Fail. Sudo -rm -ef / would also wreck havoc on mounted network storage in some cases
@davejoseph5615 7 ай бұрын
If you were writing a kernel wouldn't you, as one of your main ideas, make sure that one process or task cannot run amok and crash the entire system? Isn't that one of the premiere goals of the kernel??
@W0lfCL 7 ай бұрын
You can limit the amount of process's that a user can run with ulimit -u thus making the fork bomb limitable and killable
@EUXINOS 2 жыл бұрын
sudo rm -rf --no-preserve-root / ... rm has protections in place not to destroy the root filesystem
@davidbosankoe3759 2 жыл бұрын
The first time I heard of the fork bomb was in 1988 but it was written in C.
@beautifulislam67 2 жыл бұрын
so it is a chain reaction.
@ltxr9973 2 жыл бұрын
To be fair it looks more like a spork bomb
@cuttlefishn.w.2705 2 жыл бұрын
Didn't know it had a name, but that's exactly how I said goodbye to Windows at the start of 2020 (such great timing). :a start run.bat goto a Save those 3 lines to a file named "run.bat" and then double-click it to run. It seemed fitting that my last moments with my Windows machine ended in a crash. Plus I already had my fun doing this on display computers at Best Buy.
@nevinkuser9892 2 жыл бұрын
I was hoping this would be an actual bomb made of forks. Oh well...
@whiskeyandagyro3135 Жыл бұрын
neo should have done this
@KaziiTheAvali_inactive 2 жыл бұрын
sudo rm -rf is technically not bricking your machine as a bricked machine cant be recovered at all. you can still recover to factory default/ new install by reinstalling linux. yes you do lose literally everything including your os/distro and if you dont have a nother pc to get a distro off of or the install medium then your shit out of luck untill you get to a pc. good video tho
@fumui_ 2 жыл бұрын
why do you need to pipe it? I thought only doing the recursion itself is sufficient ex. ``` :(){:&};: ```
@heckerhecker8246 2 жыл бұрын
start start inside of a .bat file is fun trust me
@daschewie 2 жыл бұрын
Dave's Garage did a similar video a while back. I find it interesting that the POSIX fork bomb runs unmodified on a Windows system. kzbin.info/www/bejne/pHPCpGpvoa2GjNU
@TheFireMouseYT 2 жыл бұрын
Fork Bomb? Are we coding or playing cursed Chess?
@Roboturnerlol 2 жыл бұрын
what IS a hank bomb? hank hank hank hank hank hank hank left square bracket right square bracket
@Redd56 2 жыл бұрын
bro, you look like you just took the bigest bowl known to man
@brads2041 2 жыл бұрын
Back in my 1st year comp sci some people thought fork bombs were real funny
@domi-no1826 2 жыл бұрын
Imagine using one in scratch On start: {death} Definitions: {death} {death}& ...if scratch was text code
@tartas1995 2 жыл бұрын
I wrote a fork bomb for cmd in school. For no reason.
@DejiAdegbite 2 жыл бұрын
In Perl: { fork ; redo }
@Sans-fl4pe 2 жыл бұрын
Well fork!
@wazmethod 2 жыл бұрын
Did it on termux and freeze my phone LMAO
@fictitiousnightmares 2 жыл бұрын
Interesting
@pillmuncher67 2 жыл бұрын
Since an expert is someone who has made every possible mistake in a field of expertise - if you never sudo rm -rf /, are you really a Linux expert?
@AKATEATime 2 жыл бұрын
Let's see if thi________________________
@valsharess-yt 2 жыл бұрын
Fork me.
@Error-yk8cf 2 жыл бұрын
me, a chess player:
@Minetheground 2 жыл бұрын
i have a bit of java knowleage and i understand that was a variable, with code inside it that keeped its self runing and executing more
@user-pr6ed3ri2k 2 жыл бұрын
Repository *I
@user-pr6ed3ri2k 2 жыл бұрын
Actshulnly glowingh
@davidjackson7675 Жыл бұрын
When I typed :(){:|:&};: ... I get... bash: syntax error near unexpected toke '{:'
@p.kay_____ 2 жыл бұрын
😈
@oalfodr 2 жыл бұрын
When showing the other language code, wouldn't it have more sense to show a language everyone knows like C or python rather than a language I don't even know how to spell?
Kate Brush
Рет қаралды 45 МЛН
Двое играют | Наташа и Вова
Рет қаралды 48 МЛН