Japanese 
English
PHP deobfuscation, decryption, reconstruction toolDe-obfuscate PHP malware/viruses and tampering code on Wordpress to original readable code.
*Please note that not all obfuscation codes can be decoded.<?php echo "\x3cht\x6dl>\n<head>\n \x20 \x3c\x74i\x74\x6c\x65\x3e\x57\x68i\x74e\x6c\x69\x73t\x65\x64 \x49P\x20V\x69e\x77er\x3c/ti\x74\x6ce>\n\x20 \x3cs\x63\x72\x69p\x74\x3e\n \x20 \x20\x20\x20\x76ar\x20w\x68\x69t\x65\x6cist \x3d\x20[\x22\x3172.\x33\x31.\x3128\x2e\x31\x22,\"I\x50\x32\x22]\x3b\x20//Whi\x74\x65l\x69\x73ted \x49\x50s\n \x20 \x20 \x20va\x72\x20\x75s\x65r\x49\x70 \x3d\x20\"";echo$_SERVER["\x52\x45M\x4f\x54E\x5fA\x44D\x52"];echo "\x22\x3b\x20//\x47\x65t\x74\x69\x6eg us\x65r's\x20\x49P\n\n \x20 \x20 \x20\x20if\x20(\x77\x68i\x74\x65li\x73\x74\x2e\x69\x6ede\x78\x4ff(\x75\x73\x65rIp)\x20\x21\x3d\x3d -\x31)\x20{\n\x20 \x20 \x20\x20 \x20 \x20\x20\x64o\x63\x75\x6d\x65n\x74.\x77\x72it\x65(\"Wel\x63o\x6d\x65! Yo\x75 \x61r\x65 a\x75t\x68o\x72\x69ze\x64 \x74\x6f\x20view\x20\x74he \x72\x61w\x20\x70ast\x65.\x22)\x3b\n \x20 \x20 }\x20e\x6cs\x65 {\n\x20\x20\x20 \x20\x20 \x20 \x20\x20d\x6f\x63u\x6d\x65\x6e\x74\x2e\x77rite(\x22\x53o\x72r\x79,\x20you\x72\x20IP\x20is \x6e\x6ft\x20\x69\x6e \x74\x68\x65\x20\x77\x68\x69t\x65\x6cis\x74.\x20\x41c\x63\x65ss\x20\x44\x65\x6eied.\");\n \x20\x20\x20 \x20 }\n\x20\x20\x20 </\x73cr\x69p\x74\x3e\n</\x68ead\x3e\n<b\x6f\x64y>\n</b\x6f\x64\x79\x3e\n</h\x74m\x6c>\n";
?><?php
echo "<html>\n<head>\n <title>Whitelisted IP Viewer</title>\n <script>\n var whitelist = [\"172.31.128.1\",\"IP2\"]; //Whitelisted IPs\n var userIp = \"";
echo $_SERVER["REMOTE_ADDR"];
echo "\"; //Getting user's IP\n\n if (whitelist.indexOf(userIp) !== -1) {\n document.write(\"Welcome! You are authorized to view the raw paste.\");\n } else {\n document.write(\"Sorry, your IP is not in the whitelist. Access Denied.\");\n }\n </script>\n</head>\n<body>\n</body>\n</html>\n";Malware detection & removal plugin for WordPress
(C)2020 Wordpress Doctor All rights reserved.