I was tricked into copy pasting a command, did it hurt me?
Solution 1:
Nope, it didn’t do anything — it’s just a close call.
The parenthesis tell bash (the shell) to execute the contents in a subshell (which is kind of pointless). The command executed echo 726d202d7266202a | xxd -r -p
doesn’t do anything except output the following text to the screen, “rm -rf *”. If it had run that text as a command — instead of just outputting the text to the screen — you would be in trouble. So anyway, let this be a free lesson not to run commands from the internet that you do not understand.
Solution 2:
In the spirit of "it is better to teach a man to fish than give him a fish", I advise you to type in the terminal man xxd
(and yes, I'm yet another person telling you to input something into the terminal... but you should recognize the man
command as safe).
If you're not familiar with echo
, you should check that out too. Basically, the command you listed "echoes" the string to standard output.
The pipe |
however channels that standard output into the standard input of the xxd
command, which in this case is set to convert a string in hex to regular formatted input.
So the short answer is: no, it didn't delete anything. But it echoed rm -rf *
to your screen, which must have given you a bit of a chill :-)
Solution 3:
The attacker probably meant to have you paste $(echo 726d202d7266202a | xxd -r -p)
into your shell. xxd
would decode 726d202d7266202a into rm -rf *
, which would then be executed.
Solution 4:
if you are worried about somebody tingling your filesystem then chroot
is at your disposal. chroot /random/directory
then execute the heck out the command.