Zip bomb detected when running ingest modules

A place for general discussion of sleuthkit.org projects or other open source forensics software.

Moderator: carrier

Zip bomb detected when running ingest modules

Postby practicallymagic » Sat Jan 07, 2017 8:11 pm

Hi there,

Every time I run ingest modules on an image from the digitalcorpora site for some post grad work Autopsy warns me that a potential zip bomb was detected and says it has passed the maximum number of errors available to be shown.

This has happened on a number of images. I contacted Digital Corpora and they said they use FTK and this doesn't happen. Am I missing a hash index or something else That stops this warning from apprearing and ignores the offending file? (42.zip).

The file in question is http://digitalcorpora.org/corp/nps/scen ... -12-08.E01

I'd be very grateful if anyone can help!
practicallymagic
 
Posts: 1
Joined: Sat Jan 07, 2017 8:01 pm

Return to General

Who is online

Users browsing this forum: No registered users and 1 guest