rm -rf phpshell.php
^__________^ was this the exploited hole ?
I think so. In fact the problem is that it got there...
probably uploaded somehow... a upload-form, some web-script maybe?
check php permissions i'd say. where was enr php-file located? do you know?
good luck, Jst.
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]