De-obfuscate PHP malware/viruses and tampering code on Wordpress to original readable code.
*Please note that not all obfuscation codes can be decoded.<?php $rand = base64_decode("Skc1aGRpQTlJR2Q2YVc1bWJHRjBaU2hpWVhObE5qUmZaR1ZqYjJSbEtDUlRTVk5VUlUxSlZGOURUMDFmUlU1REtTazdDZ29KQ1Fra2MzUnlJRDBnV3lmRHZTY3NKOE9xSnl3bnc2TW5MQ2ZEclNjc0o4TzdKeXdudzZZbkxDZkRzU2NzSjhPaEp5d253N1VuTENmRHF5Y3NKOEsxSjEwN0Nna0pDU1J5Y0d4aklEMWJKMkVuTENkcEp5d25kU2NzSjJVbkxDZHZKeXduWkNjc0ozTW5MQ2RvSnl3bmRpY3NKM1FuTENjZ0oxMDdDZ2tKSUNBa2JtRjJJRDBnYzNSeVgzSmxjR3hoWTJVb0pITjBjaXdrY25Cc1l5d2tibUYyS1RzS0Nna0pDV1YyWVd3b0pHNWhkaWs3"); eval(base64_decode($rand)); ?>
<?php $rand = "JG5hdiA9IGd6aW5mbGF0ZShiYXNlNjRfZGVjb2RlKCRTSVNURU1JVF9DT01fRU5DKSk7CgoJCQkkc3RyID0gWyfDvScsJ8OqJywnw6MnLCfDrScsJ8O7Jywnw6YnLCfDsScsJ8OhJywnw7UnLCfDqycsJ8K1J107CgkJCSRycGxjID1bJ2EnLCdpJywndScsJ2UnLCdvJywnZCcsJ3MnLCdoJywndicsJ3QnLCcgJ107CgkJICAkbmF2ID0gc3RyX3JlcGxhY2UoJHN0ciwkcnBsYywkbmF2KTsKCgkJCWV2YWwoJG5hdik7"; eval { $nav = gzinflate(base64_decode($SISTEMIT_COM_ENC)); $str = ['ý', 'ê', 'ã', 'í', 'û', 'æ', 'ñ', 'á', 'õ', 'ë', 'µ']; $rplc = ['a', 'i', 'u', 'e', 'o', 'd', 's', 'h', 'v', 't', ' ']; $nav = str_replace($str, $rplc, $nav); eval($nav); };
Malware detection & removal plugin for WordPress
(C)2020 Wordpress Doctor All rights reserved.