How to delete files on server based on name?

V4NT0M · 10 Jun 2012 at 12:08

Not so long ago one of my websites was compromised, probably from an out of date wordpress install. I was alerted to this by Dreamhost's robot who had thoughtfully found injected code, removed it and then appended .INFECTED to the end of the original files.

This caused a lot of problems which I managed to rectify but now I have a server full of infected files, without having to go through each DIR maually deleting these is there some shell command I can run or some other process the automatically delete these files?

Thanks.

Linkex · 10 Jun 2012 at 12:18

What sort of server? Are you accessing through a remote desktop type session, ssh, ftp?

Whatever solution you end up using, I would personally copy all the files to a dedicated folder, back up that folder, then delete it from the server, just in case.

V4NT0M · 10 Jun 2012 at 18:39

I have FTP and Shell access, nothing else, it's a shared linux box.

Illusion · 13 Jun 2012 at 19:47

You could run something like:

find / -name *.INFECTED

To get a list of files, and if you are happy to remove them all, run:

for file in $(find / -name *.INFECTED); do rm -f $file; done

rm -f could be dangerous if you aren't careful though so be sure to check which files you will be deleting first!

If all the files are in a specific folder like /var/www/infectedsite, it would probably be quicker to change the find command in the above commands to just search that folder, i.e. "find /var/www/infectedsite -name *.INFECTED"