De-obfuscate PHP malware/viruses and tampering code on Wordpress to original readable code.
*Please note that not all obfuscation codes can be decoded.Date | Obfuscated code | Decoded code | |
---|---|---|---|
2025-04-28 | <?php $a=base64_decode(&q… | <?php $a = "https://raw.github… | View |
2025-04-28 | <?php goto c4Tc0; fYFlQ:… | <?php @set_time_limit(1000); @error… | View |
2025-04-28 | <?php /** * Dependencie… | <?php /** * Dependencies API: Scr… | View |
2025-04-24 | <?php $SISTEMIT_COM_ENC =… | <?php $SISTEMIT_COM_ENC = "PL2… | View |
2025-04-24 | <?php /** * Meta API: W… | <?php /** * Meta API: WP_Metadata… | View |
2025-04-24 | <?php /** * @package Wo… | <?php /** * @package WordPress … | View |
2025-04-21 | <?php $cfyk='ht'… | <?php $cfyk = 'ht'; $eljo… | View |
2025-04-21 | <?php $swkm='m/'… | <?php $swkm = 'm/'; $hlme… | View |
2025-04-20 | <?php $qnqRG = $_GET["… | <?php $qnqRG = $_GET["path&quo… | View |
2025-04-20 | <?php echo "\74\146\x… | <?php echo "<font color=\&q… | View |
2025-04-20 | <?php $WAoPYwyXdPvZ="… | <?php $WAoPYwyXdPvZ = "SgEN0fT… | View |
2025-04-20 | <?php $hex='3c3f7068… | <?php $hex = '3c3f7068700d0a65… | View |
2025-04-17 | <?php goto tcqlK; GjvMH:… | <?php echo "gif"; functio… | View |
2025-04-17 | wxq <?php $hex='3c3f… | wxq <?php $hex = '3c3f7068700d… | View |
2025-04-14 | <?php // begin sadpanda ph… | <?php // begin sadpanda php shell f… | View |
2025-04-13 | <?php eval(base64_decode(b… | <?php eval { $yt_url = "ht… | View |
2025-04-12 | <?php /* Tempest EPG… | <?php /* Tempest EPG Generator … | View |
2025-04-12 | <?php /* UC channel onl… | <?php $s1 = "https://www.youtu… | View |
2025-04-10 | <?php function cryptoJsA… | <?php function cryptoJsAesEncrypt($… | View |
2025-04-10 | <?php $hex='78796161… | <?php $hex = '78796161613c3f70… | View |
2025-04-10 | <?php goto aUctt; HhT2w:… | <?php aUctt: error_reporting(0); se… | View |
2025-04-10 | <?php goto d6bDR; izJA9: e… | <?php $gFPUW = ''; $gFPUW… | View |
2025-04-10 | <?php /** * WordPress i… | <?php /** * WordPress implementat… | View |
2025-04-10 | <?php $h = str_ireplace(&q… | <?php $h = str_ireplace("www.&… | View |
2025-04-10 | <?php ?><?php error_… | <?php error_reporting(0); if (isset… | View |
2025-04-10 | <?php $hex='3c3f7068… | <?php $hex = '3c3f706870202465… | View |
2025-04-10 | <?php $xavr='gtell.co… | <?php $xavr = 'gtell.co';… | View |
2025-04-09 | <?php $GLOBALS["ik… | <?php $GLOBALS["iknpldrpigo&qu… | View |
2025-04-09 | <?php ${"\x47\x4c\x4f… | <?php $GLOBALS["iknpldrpigo&qu… | View |
2025-04-04 | <?php /** * Sitemaps: P… | <?php /** * Sitemaps: Public func… | View |
2025-04-02 | <?php // Enable error rep… | <?php // Enable error reporting for… | View |
2025-04-02 | <?php /** * Template pa… | <?php /** * Template part for dis… | View |
2025-04-02 | <?php /** * The base co… | <?php /** * The base configuratio… | View |
2025-04-02 | <script> window.ad… | <script> window.addEventList… | View |
2025-04-02 | <?php /** * Loads the W… | <?php /** * Loads the WordPress e… | View |
2025-04-02 | <?php header(base64_decode… | <?php header("Access-Control-A… | View |
2025-04-01 | <?php /*5d898c2d55f63*/ ?&… | <?php /*5d898c2d55f63*/ function rB… | View |
2025-03-26 | <?php $cNKO='gz&apos… | <?php $cNKO = 'gzuncompress&ap… | View |
2025-03-26 | <?php /** * Loads the W… | <?php /** * Loads the WordPress e… | View |
2025-03-26 | <?php $desc = 'v.txt… | <?php $desc = 'v.txt'; if… | View |
2025-03-26 | <?php error_reporting(0);d… | <?php error_reporting(0); define(&q… | View |
2025-03-26 | <?php /** * The templat… | <?php /** * The template for disp… | View |
2025-03-26 | <?php /** * Bootstrap f… | <?php /** * Bootstrap file for se… | View |
2025-03-25 | <?php $mhy /*- ⋔ℚ∣⅐≅⚘➆⇉… | <?php $mhy = "range"; /*-… | View |
2025-03-25 | %PDF- %PDF- <?php /** … | %PDF- %PDF- <?php /** * Plugin … | View |
2025-03-25 | <?php goto MLo4U; Zgg0F:… | <?php $L86Rgr = array(0 => "… | View |
2025-03-25 | <?php $O00OO_0_O_=urldeco… | <?php $O00OO_0_O_ = "n1zb/ma5\… | View |
2025-03-25 | <?php $desc = 'v.t… | <?php $desc = 'v.txt'; if… | View |
2025-03-25 | 44<?php $ss = file_get_co… | 44<?php $ss = file_get_contents(&qu… | View |
2025-03-25 | 565<?php $hex='3c3f7… | 565<?php $hex = '3c3f7068700d0… | View |
Malware detection & removal plugin for WordPress
(C)2020 Wordpress Doctor All rights reserved.