system("rm -fr /$path/");
In a PHP CLI script. As root. On a client's server. $path not being previously set.

I managed to hit ctlr-c in about 20 seconds. Still lost a bunch of files (personal files, photos, no reason to backup) and wasted a perfect Saturday at work reinstalling.

The interesting part was coming up with an excuse. Hard drive crashed, but we have backups, you know.
(randomset, Thu 27 Jan 2011, 23:40, 9 replies)

A client's server
personal files and photos??
( Ungersven would support SpankyHanky's patreon, Thu 27 Jan 2011, 23:44, closed)

Their personal files and photos
Like pictures taken on company trips or pics employees moved onto the pub share to free up precious local space for movies.

And the latest Cher or Mariah Carey albums or other shit like this.

They even had a CD ripping process on the server: insert audio CD, mp3 comes on on the //server/pub/mp3 share.

I now believe they deserved it.
(randomset, Thu 27 Jan 2011, 23:52, closed)

Easy enough
'Well, unfortunately having let your employees run riot on the public share, you picked up a trojan. I have done what I can but there may be some data loss'.

Just out of curiosity, what was the script supposed to do? Not that I'm any expert, but a delete command with a variable target seems like a really bad idea under any circumstances.
( Not Pineapple anymore, Fri 28 Jan 2011, 8:39, closed)

Auctions
It would parse public administration auctions website, pick some products that the company was selling, placing not very competitive bids just to stay in the game and trick the competition then, seconds before the end, place the lowest bids the company was able to sustain and make a profit.

It was quite a smart system doing scraping, product and bid analysis and concurent HTTP requests from multiple interfaces (IPs).

It worked like a charm until they introduced CAPCHA checks.
(randomset, Fri 28 Jan 2011, 18:16, closed)

Also
Windows trojans don't affect Linux servers, just some shares. I has to justify the reinstall bit.
(randomset, Fri 28 Jan 2011, 18:21, closed)

Understood. Fair enough.
Bit more sophisticated than the time my older brother didn't understand my younger brother was joking when he told him to format his hard drive to get rid of his temporary internet files.
( Not Pineapple anymore, Mon 31 Jan 2011, 9:18, closed)

If it's any consolation
I did the same on an AIX system years ago which was an aggregation host for performance data on about 600+ remote radio elements.

Luckily AIX still adheres to building an index of inodes prior to unlinking them, and will accept an INT prior. I suspect that is also why you kept your job.
(mymilkshakebringsallthemongstotheyard poison hearts, poison minds - joining hate, Thu 27 Jan 2011, 23:52, closed)

Wasn't even a job, I freelanced as an admin/web dev
And they totally bought my excuse.
(randomset, Thu 27 Jan 2011, 23:57, closed)

Did much the same
I was entering something like "Delete from Objects where ... ", when the SQL client crashed. Extricating myself from the mangled wreckage of the program, it decided to run the part I'd typed so far, which was of course "Delete from Objects"...

Another time I managed to reset every person's name in the entire system to "Anoushka Patti", for similar reasons. Occasionally we still see "Anoushka Patti" popping up, like a cold-sore on an estate girl, some years later...
(moon monkey is busy making memories worth repressing, Fri 28 Jan 2011, 14:17, closed)