LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-19-2016, 12:12 PM   #1
maria95
LQ Newbie
 
Registered: May 2016
Posts: 1

Rep: Reputation: Disabled
What does this command do ? Malicious code ?


Hi everyone

Total Linux newbie (experimenting with Synology Disk Station Manager NAS operation system, excuse me a million times if I'm sooo newbie that I'm wrong that DSM is a type of Linux)


Found on the NAS a well-hidden user downloaded file called "cmd.sh" which contains the following:


threads=4; for crf in 20 21; do db=-1:-1; for tune in "" "-tune grain" "-tune film"; do for f in S01/The.Twilight.Zone.S01E01*.mkv; do avconv -i "$f" -threads "$threads" -codec copy -c:v libx264 -preset placebo $tune -me_range 32 -me_method tesa -flags2 -fastpskip -subq 10 -g 1500 -bf 16 -b_strategy 2 -b-pyramid 2 -mixed-refs 1 -psy 1 -8x8dct 1 -partitions all -direct-pred auto -weightb 1 -deblock "$db" -crf "$crf" -frames $[5*60*24] /tmp/RE/"$f"-"$crf"-"$tune".mkv; echo; done; done; done


Could anyone explain what this does ?

As far as I know the ".sh" extension is the equivalent of an executable file in Windows (.bat/.exe/.com) ?

So is this a malicious file in a download targeting NAS users specifically ? That would be something I never saw before.

Thank you very much for any insight.

Cheers
Maria
 
Old 05-19-2016, 12:39 PM   #2
rtmistler
Moderator
 
Registered: Mar 2011
Location: Sutton, MA. USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu
Posts: 4,476
Blog Entries: 10

Rep: Reputation: 1639Reputation: 1639Reputation: 1639Reputation: 1639Reputation: 1639Reputation: 1639Reputation: 1639Reputation: 1639Reputation: 1639Reputation: 1639Reputation: 1639
Hi Welcome to LQ.

I don't think it's malicious to the effect that it tries to do something other than be an annoyance. My read is that it will play a movie accompanied by sound to the Twilight Zone tune. Still I would recommend against running it.
 
1 members found this post helpful.
Old 05-19-2016, 02:24 PM   #3
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 8,501

Rep: Reputation: 2431Reputation: 2431Reputation: 2431Reputation: 2431Reputation: 2431Reputation: 2431Reputation: 2431Reputation: 2431Reputation: 2431Reputation: 2431Reputation: 2431
I would rather say it tries to convert a set of video files. Probably it was used once to do that and just not removed.
 
2 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Hacked. How does malicious code run at boot ? sierrajam Linux - Security 8 01-16-2015 11:21 AM
How to detect malicious code on linux adumith Linux - Security 6 03-04-2014 02:06 PM
Malicious C code protection gdboling Programming 4 09-02-2003 07:14 PM


All times are GMT -5. The time now is 03:54 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration