Japanese 
English
PHP deobfuscation, decryption, reconstruction toolDe-obfuscate PHP malware/viruses and tampering code on Wordpress to original readable code.
*Please note that not all obfuscation codes can be decoded.<?php
$fl0 = $scrdir.$rfplayini; $fl1 = $defdir.$rfplayini; $fl2 = $cfgdir.$rfplayini; copy_defusr(0, $rfplayini); $inidata1 = @parse_ini_file($fl0); if ($inidata1 === false) { echo "\n"; echo "システム設定が間違っています。: $fl0 \n"; exit(1); } $inidata2 = @parse_ini_file($fl2); if ($inidata2 === false) { $inidata2 = array(); echo "\n"; echo "ユーザ設定が間違っています。: $fl2 \n"; echo "設定を無視します。\n"; rf_error_sleep(); } $inidata = array_merge($inidata1, $inidata2); $rfplay_auth_mode = rf_ini($inidata1, "rfplay_auth_mode"); if ($rfplay_auth_mode != 3) { $rfplay_auth_mode = 0; } $rfplay_auth_mode3_dat = rf_ini($inidata1, "rfplay_auth_mode3_dat"); if ($rfplay_auth_mode3_dat == "") { $rfplay_auth_mode3_dat = $base."rfplay_gps.dat"; } $radiko_auth_mode = $rfplay_auth_mode; $radiko_auth_mode3_dat = $rfplay_auth_mode3_dat;<?php
$fl0 = $scrdir . $rfplayini;
$fl1 = $defdir . $rfplayini;
$fl2 = $cfgdir . $rfplayini;
copy_defusr(0, $rfplayini);
$inidata1 = @parse_ini_file($fl0);
if ($inidata1 === false) {
echo "\n";
echo "システム設定が間違っています。: {$fl0} \n";
exit(1);
}
$inidata2 = @parse_ini_file($fl2);
if ($inidata2 === false) {
$inidata2 = array();
echo "\n";
echo "ユーザ設定が間違っています。: {$fl2} \n";
echo "設定を無視します。\n";
rf_error_sleep();
}
$inidata = array_merge($inidata1, $inidata2);
$rfplay_auth_mode = rf_ini($inidata1, "rfplay_auth_mode");
if ($rfplay_auth_mode != 3) {
$rfplay_auth_mode = 0;
}
$rfplay_auth_mode3_dat = rf_ini($inidata1, "rfplay_auth_mode3_dat");
if ($rfplay_auth_mode3_dat == "") {
$rfplay_auth_mode3_dat = $base . "rfplay_gps.dat";
}
$radiko_auth_mode = $rfplay_auth_mode;
$radiko_auth_mode3_dat = $rfplay_auth_mode3_dat;Malware detection & removal plugin for WordPress
(C)2020 Wordpress Doctor All rights reserved.