rogerdodger

thanks. i was able to get rid of them with unlink() also, strange that scandir() was able to see 3 files with the same name and readdir() did not see these files at all. also could not remove them with bash command rm also, i don't think my server was compromised since the attacker was assuming the POST was being used in a db. is there a better way of cleaning POST requests?

thanks. no thats not the exact code. But yes PHP sees it but the filesystem doesn't i guess. also php cannot open the file either.

i just discovered a file on my server that was created by my script from what appears to be a penetration test. now i have a file named " somecustominjectedheaderinjectedbywvs" but I cannot see or delete it on my apache server (through ssh). i discovered from a php script that was reading a directory. it printed out this file name as a result of this loop: foreach("/mydir/" as $file){ throush ssh i cannot remove the file because it doesn't exist. also PHP cannot open the file becuase it doesn't exist although it shows up in my scandir() result. Can someone please help me to get rid of it as it shouldn't be there? i also found another file that looks like it was named after a bash command that I cannot also remove. Please help