Japanese English

PHP deobfuscation, decryption, reconstruction tool

De-obfuscate PHP malware/viruses and tampering code on Wordpress to original readable code.

*Please note that not all obfuscation codes can be decoded.

Decoded the code below.

<?php namespace Mgt\Varnish\Controller\Adminhtml\Purge; class Action extends \Magento\Backend\App\Action { public function execute() { goto E77c0; a3cfa: try { goto ab851; Fdba7: $this->messageManager->addSuccessMessage(sprintf("\x54\x68\x65\x20\x53\164\157\162\145\x20\42\45\x73\x22\x20\x68...



Obfuscated php code

<?php
 namespace Mgt\Varnish\Controller\Adminhtml\Purge; class Action extends \Magento\Backend\App\Action { public function execute() { goto E77c0; a3cfa: try { goto ab851; Fdba7: $this->messageManager->addSuccessMessage(sprintf("\x54\x68\x65\x20\x53\164\157\162\145\x20\42\45\x73\x22\x20\x68\141\163\x20\x62\145\145\x6e\40\160\165\162\x67\145\x64\x20\x66\x72\157\155\40\x56\x61\162\156\151\163\x68\40\103\x61\143\150\145", $storeBaseUrl)); goto faace; c525c: $storeBaseUrl = $store->getBaseUrl(); goto Fdba7; adc30: $storeManager = $this->_objectManager->get("\x5c\115\x61\x67\145\156\x74\157\x5c\x53\164\x6f\x72\x65\134\115\157\144\x65\x6c\134\123\164\157\162\145\115\x61\x6e\141\147\145\162\111\156\x74\145\x72\x66\x61\x63\x65"); goto C3d2d; C3d2d: $store = $storeManager->getStore($storeId); goto C98a4; ab851: $cachePurger = $this->_objectManager->get("\x5c\115\x61\x67\145\x6e\x74\157\134\103\141\x63\x68\x65\111\x6e\x76\x61\x6c\x69\144\x61\164\x65\134\x4d\x6f\x64\x65\154\x5c\120\165\162\x67\x65\103\x61\x63\x68\x65"); goto adc30; C98a4: $cachePurger->purgeStoreRequest($store); goto c525c; faace: } catch (\Exception $e) { $errorMessage = $e->getMessage(); $this->messageManager->addErrorMessage($errorMessage); } goto C53b4; dada1: return $resultRedirect->setPath("\141\x64\155\x69\x6e\x68\x74\155\154\57\x63\x61\x63\150\x65\57\x69\156\144\145\x78"); goto C2ad8; bd1b4: $storeId = (int) $request->getParam("\x73\164\x6f\x72\145\137\151\144"); goto a3cfa; C53b4: $resultRedirect = $this->resultRedirectFactory->create(); goto dada1; E77c0: $request = $this->getRequest(); goto bd1b4; C2ad8: } }

Decoded(de-Obfuscated) php code

<?php

namespace Mgt\Varnish\Controller\Adminhtml\Purge;

class Action extends \Magento\Backend\App\Action
{
    public function execute()
    {
        $request = $this->getRequest();
        $storeId = (int) $request->getParam("store_id");
        try {
            $cachePurger = $this->_objectManager->get("\\Magento\\CacheInvalidate\\Model\\PurgeCache");
            $storeManager = $this->_objectManager->get("\\Magento\\Store\\Model\\StoreManagerInterface");
            $store = $storeManager->getStore($storeId);
            $cachePurger->purgeStoreRequest($store);
            $storeBaseUrl = $store->getBaseUrl();
            $this->messageManager->addSuccessMessage(sprintf("The Store \"%s\" has been purged from Varnish Cache", $storeBaseUrl));
        } catch (\Exception $e) {
            $errorMessage = $e->getMessage();
            $this->messageManager->addErrorMessage($errorMessage);
        }
        $resultRedirect = $this->resultRedirectFactory->create();
        return $resultRedirect->setPath("adminhtml/cache/index");
    }
}

Malware detection & removal plugin for WordPress

(C)2020 Wordpress Doctor All rights reserved.