Paddy Landau
January 28th, 2010, 01:10 PM
Reading about malicious commands (http://ubuntuforums.org/announcement.php?a=54), I became really curious about the following:
WARNING: DO NOT RUN THIS! -->
:(){:|:&};:Looking up these commands in the bash manual (man bash), I found that I was unable to decipher it.
I booted with a Live CD so that it could do no damage, started System Monitor, and tried. My first attempt gave an error:
bash: syntax error near unexpected token: '{:'Well, I expected an error because (according to the manual) '{' and '}' require spaces. So, I re-entered the command with an extra space:
:(){ :|:&};:This seemed to work, creating a job in the background. Pressing Enter again showed that the job had already completed:
[1]+ Done : | :As promised, however, the System Monitor showed rapidly increasing CPU and swap, and then the system hung.
Now, I'm struggling to understand why this should be.
: -- does nothing.
() -- supposed to start a subshell, but by itself it simply returns an error, so I don't understand why it works in this case.
{ } -- creates a subset of commands.
:|:& -- does nothing, but does it in the background.
; -- starts a new command.
: -- does nothing.
From what I understand, this means, "Do nothing; start a subshell, do nothing and end; start a separate list that does nothing and send it to the background; do nothing."
So how do all of these bits of "do nothing" manage to hang the machine?
WARNING: DO NOT RUN THIS! -->
:(){:|:&};:Looking up these commands in the bash manual (man bash), I found that I was unable to decipher it.
I booted with a Live CD so that it could do no damage, started System Monitor, and tried. My first attempt gave an error:
bash: syntax error near unexpected token: '{:'Well, I expected an error because (according to the manual) '{' and '}' require spaces. So, I re-entered the command with an extra space:
:(){ :|:&};:This seemed to work, creating a job in the background. Pressing Enter again showed that the job had already completed:
[1]+ Done : | :As promised, however, the System Monitor showed rapidly increasing CPU and swap, and then the system hung.
Now, I'm struggling to understand why this should be.
: -- does nothing.
() -- supposed to start a subshell, but by itself it simply returns an error, so I don't understand why it works in this case.
{ } -- creates a subset of commands.
:|:& -- does nothing, but does it in the background.
; -- starts a new command.
: -- does nothing.
From what I understand, this means, "Do nothing; start a subshell, do nothing and end; start a separate list that does nothing and send it to the background; do nothing."
So how do all of these bits of "do nothing" manage to hang the machine?