Trying out some Deadly Linux Commands part 1

I love how you're angry at the fail safes

JosephDickson

There's a few explanations for why these didn't work
1) The fork bomb didn't cause lasting damage because it's basically just the same as opening a ton of cmd consoles on a windows machine. It eats up all the ram and cpu time and locks up the system. A forced restart will kill all the processes forcefully so there's no lasting problem.
2) rm -rf / doesn't work by itself anymore because of the --no-preserve-root thing. It also needs to be sudo to cause irrecoverable damage. Doing it without sudo will just delete all your documents, but leave the underlying system intact.
3) mkfs.ext4 /dev/sda1 didn't work because /dev/sda1 is mounted. No matter how much you try you won't get this to work. You can't unmount the root. It's the same reason why "deleting system32" on windows doesn't actually work (though don't go around deleting random files in there).
4) dd if=/dev/random of=/dev/sda didn't work (probably) because /dev/random is so very incredibly slow. If you want this to work, use /dev/zero in place of /dev/random.
5) mv / /dev/null doesn't work because it's impossible to "mv" the root directory, and also it's impossible to "mv" anything to /dev/null since /dev/null isn't a directory. It's one of those weird pseudo-files that aren't really real but you can use them anyway.
6) same as #5 for sudo mv ~/ /dev/null
7) rm -f /usr/bin/sudo;rm -f /bin/su doesn't delete the root user, it just deletes the commands "sudo" and "su". "gksu" will still work, the software center will still work, etc.

DaffyDaffyDaffy

I'd like to see a video on verifying a linux system for being clean of malware. Whilst I know it won't be the same scale as Mac or Windows. I'm interested to see how one goes about validating integrity of a Linux install. Particularly the tools and techniques involved. Also whether it is possible to validate a Linux system with some certainty.

dancemat

The fork bomb is easy to prevent by setting nproc in /etc/security/limits.conf.

DontScareTheFish

Great video! It brings a question to mind that I have been trying to figure out on my own for a while: How does one switch to a different TTY in a virtual machine? When I try and do it with my Linux Mint or Ubuntu host, it switches the host machine and not the VM... Thanks! :)

EzeeLinux

3:15 /dev/random goes empty very quickly if there are no user interrupts to generate new numbers, and afaik, dd will just pause the process if the input blocks. I think /dev/urandom should do the trick.

felsenhower

Care to do a follow up? I can improve a few commands so that they should work (because apparently the people who write these commands in some article doesn't test them or read man pages...):

sudo rm -rf /*
_(should bypass the --no-preserve-root failsafe)_
sudo dd if=/dev/urandom of=/dev/sda
_(random is crypto safe and really slow, urandom is quick)_
sudo dd if=/dev/zero of=/dev/sda
_(write zeroes to disk)_
$(echo | base64 -d)
_(some obscuring of a command)_
mkfs.ext3 -F -F /dev/sda1
_(the double -F flag is important, this should write to even a mounted drive)_
chmod 000 / -R
_(permissions are fun!)_
sudo dd if=/dev/urandom of=/dev/mem
_(should/could promptly corrupt memory and crash the machine, no persistent damage)_

and for fun (untested and written on a whim):

echo | gcc -xc -; ./a.out
_(should hog up quite some memory)_

alcesmir

deadly commands? DEADLY?
Like sudo put fingers in wall plug....

Fork Bomb: Creates a file that creates two files that create two files that create two files that create two files etc. etc. etc.
rm -rf /: Forcibly and recursively removes the root. Because this is recursive, it wipes the whole system.
I keep pressing the comment button before I'm done...
mkfs.ext4 /dev/sda1: Makes a file system of extension 4 at the first partition of the first hard drive; the location of the operating system.
dd if=/dev/random of=/dev/sda: Writes lots of random numbers to the first hard drive.
mv / /dev/null: Moves the root to a completely inaccessible directory.
rm -f /usr/bin/sudo;rm -f /bin/su: Removes commands "sudo" and "su."

aviaviate

Using dd to wipe out the disk root is on won't kill the system immediately, as programs running are still in your ram. rm -rf / --no-preserve-root should have the same result.

沈煜詳

You can still install things using the software center because you didn't remove /usr/bin/gksu after removing su and sudo.

seanlingham

Shouldn't the mv / /dev/nul be: mv /* /dev/nul?

katelynhamer

The things that still runs after the comands execute will stop work on reboot

MakeLinuxSimple

mkfs.ext4 /dev/sda1 doesn't really hurt your Linux system if you have an OEM diags partition, or your Linux partition is just not the first partition on the disk.

WolfireGaming

A few years back, I made the mistake of setting up commands on the administration terminal. The next thing I got was a login loop. I had accidentally killed the menu bar and had to use commands to get it back from the admin terminal. Once I finished, I typed reboot. Lesson, use a virtual machine if you are going to experiment.

lordgaben-hq

The sudo/su thing also has Policykit as an alternative (pkexec uses this backend)

paulstelian

interesting video and that Ubuntu skin you have looks cool

kulgan

I accidentally performed chmod 777 recursively on a directory which had a symbolyc link to / somewhere inside of it. And everything broke, i could not use sudo because it didnt like that /etc/sudoers had 777 permissions XD

XYNHA

You try to move a directory (/) to a file /dev/null ... and that's the warning you get. You can't move a dir to a non-dir.. yet you try it again...

AnastasisGrammenos

2:17 You need to compile it first. You think bash is an interpreter of C/C++? lol

hopkinskong