Wednesday, 25 April 2018

What does this cryptic Bash command mean?


I was reading Ubuntu Forum's warning about malicious commands and found this interesting gem:



:(){ :|:& };:


WARNING: The above code will crash your machine unless you have strict proc limits in place (which you probably don't) prompting a hard restart.


Consider this code similar to running sudo rm -rf /.



But what does that mean? Even with my programming experience I've never seen a command that cryptic that's not assembly language.



Answer



It's, as you said, a forkbomb. What it does is define a function, then call it. The function is called :.


Let's name it forkbomb so we can better see what's going on:


forkbomb(){ forkbomb|forkbomb& };forkbomb

As you can see, and probably guess from your programming experience, the first part is the function definition (forkbomb(){ ... }), and the very last : is where the function gets called (the ; just separates statements in Bash).


Now, what does this function do? If you're familiar with Bash, you'll know that the | character pipes the standard output of one command/program to the standard input of another. So basically, :|: starts up two instances of the function (this is where it "forks").


And then the magic: the & puts those commands in the background, allowing the original function to return, while each instance forks 'til the cows come home in the background, thus using up all your resources and taking down the system (unless it has limits imposed on it).


No comments:

Post a Comment

Where does Skype save my contact's avatars in Linux?

I'm using Skype on Linux. Where can I find images cached by skype of my contact's avatars? Answer I wanted to get those Skype avat...