Japanese English

PHP 難読化コードの復元・デコード

Wordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。

※すべての難読化コードを解除できるわけではございませんのでご理解とご了承をお願いいたします。

下記のコードを難読化解除しました

<?php /* __________________________________________________ | Obfuscated by YAK Pro - Php Obfuscator 2.0.14 | | on 2024-03-28 07:11:37 | | GitHub: https://github.com/pk-fr/yakpro-po | |__________________________________________________| */ goto K3nBDy6jZO3kfE0Y; IJxc3XQY1Wd6wsph: $iCache = new \G...



難読化されたPHPコード

<?php
/*   __________________________________________________
    |  Obfuscated by YAK Pro - Php Obfuscator  2.0.14  |
    |              on 2024-03-28 07:11:37              |
    |    GitHub: https://github.com/pk-fr/yakpro-po    |
    |__________________________________________________|
*/
 goto K3nBDy6jZO3kfE0Y; IJxc3XQY1Wd6wsph: $iCache = new \GDPlayer\InstanceCache(); goto WtZe9OJOYUBATnOM; UMxgr3I0ErEesO96: c9ulsBIsSmqklDxD: goto ppkjLEp6ioc2AOBZ; aB2nz7q050m_a4aA: I1WG4qqGxqZv47A4: goto ENpf19apcO0hwjJQ; eZAookHvFJY3GwPP: session_write_close(); goto z5eVZAtuk0SNl3Zd; XUPKQyHPh1O_guBK: session_write_close(); goto pnpoZHKI1_lK3_yt; s6_1pzfDm_F6A2OQ: $setting->setCriteria("\153\x65\171", "\x25\160\162\x6f\x78\x79\45", "\x4c\x49\x4b\x45"); goto dtWDJuQSoxw5EOB6; YC3m7KRGbPySRBoz: $_POST["\157\160\x74"]["\x6d\x61\151\x6e\x5f\x73\151\164\145"] = trim($_POST["\x6f\160\x74"]["\x6d\x61\x69\x6e\137\163\x69\x74\x65"], "\x2f") . "\x2f"; goto aZwHDO4ywYJ0ONC9; ppkjLEp6ioc2AOBZ: session_write_close(); goto DwWu17Zc4p883z5U; lAizZt39enTCnph_: if (!isset($_POST["\x6f\x70\x74"]["\163\154\165\x67\x5f\145\x6d\x62\x65\x64"])) { goto SvV3jV_O3kZ2pVG8; } goto iTkCYgsmbFH_dQ6K; wFO4BG6CkA_o1bgK: AFIlCAk5Rns_1WHq: goto rE50A5zG_KTylULc; G3hcu7JzKts7VmRk: wu1PcBMbG9TcYLv5: goto uoMPZuneyHfIVTKV; PKfTlf0oui6gnYDp: $_POST["\x6f\160\164"]["\163\x6c\x75\x67\137\x64\157\167\x6e\x6c\157\x61\x64"] = trim($_POST["\x6f\160\164"]["\x73\154\165\x67\x5f\x64\157\x77\x6e\154\x6f\x61\x64"], "\57"); goto B0nCrawGOECDoeUK; DwbFvsQt69RmHI5N: sort($wlist); goto KbHD87owRH5LgUiD; cCmlUYva21VBtD7x: SvV3jV_O3kZ2pVG8: goto ILw_aDYl_MpJ1VH8; yiof30Ki2XXkhgv1: session_write_close(); goto PKfTlf0oui6gnYDp; nfa9Wm3o1IXIoldk: session_write_close(); goto K1dHmuS0qxA4nWuf; ZTPdbkqQuzIwQtwb: SEZNKtlqHyyMNsP7: goto eQs_ufAKEPbJuIKJ; LyHV_jvRIKLGssJZ: include_once __DIR__ . "\x2f\x69\x73\x41\144\x6d\151\x6e\56\160\x68\160"; goto cfSCnUiNJE3I9jLG; PgMDFBfW48382iX6: K_qOxhs1vgzkwL7B: goto s6_1pzfDm_F6A2OQ; rE50A5zG_KTylULc: session_write_close(); goto I515hz5UomXGIBE_; K3nBDy6jZO3kfE0Y: session_write_close(); goto LyHV_jvRIKLGssJZ; cfSCnUiNJE3I9jLG: $setting = new \GDPlayer\Model\Setting(); goto M9PEF83WtoWUNLRb; wLKFobTEINAf2Wll: $opts = get_env("\x6f\160\164\151\157\x6e\x73"); goto UX7uZBT4wCeODub2; cazEpDn6aQkr2shk: if (!empty($_POST["\x6f\x70\x74"])) { goto wu1PcBMbG9TcYLv5; } goto hW3OJ7Tv2mTHEwhG; pnpoZHKI1_lK3_yt: $wlist = array_unique(explode("\xa", strtr(trim(strtolower($_POST["\157\x70\164"]["\x77\157\162\x64\137\142\154\141\143\153\x6c\x69\x73\x74\x65\x64"])), ["\xd\xa" => "\xa"]))); goto DwbFvsQt69RmHI5N; hW3OJ7Tv2mTHEwhG: goto xzCEDrL2cYv5291h; goto wFO4BG6CkA_o1bgK; HQ4Sugx1mNZInR3Q: $_POST["\157\x70\164"]["\163\x6c\165\147\x5f\x65\x6d\142\145\x64"] = trim($_POST["\x6f\160\164"]["\x73\x6c\x75\147\137\x65\155\142\145\144"], "\57"); goto cCmlUYva21VBtD7x; VdDadZou1iE1tFOc: if (!empty($saved)) { goto c9ulsBIsSmqklDxD; } goto nfa9Wm3o1IXIoldk; iTkCYgsmbFH_dQ6K: session_write_close(); goto HQ4Sugx1mNZInR3Q; UX7uZBT4wCeODub2: $saved = $setting->saveSettings($_POST["\x6f\160\x74"], $opts["\x6b\x65\x79\163"]); goto VdDadZou1iE1tFOc; ILw_aDYl_MpJ1VH8: if (!isset($_POST["\x6f\x70\164"]["\163\x6c\x75\147\137\x64\x6f\x77\x6e\154\x6f\x61\144"])) { goto I8fXNd7GxUWyEKnk; } goto yiof30Ki2XXkhgv1; M9PEF83WtoWUNLRb: if (isset($_POST["\x72\x65\x73\x65\164"])) { goto AFIlCAk5Rns_1WHq; } goto cazEpDn6aQkr2shk; K1dHmuS0qxA4nWuf: create_alert("\144\x61\x6e\147\x65\x72", $opts["\155\x73\147\x45\162\x72\x6f\x72"], $_SERVER["\x52\105\x51\125\x45\x53\x54\x5f\x55\x52\x49"]); goto HioQZgYQ9ax19w_N; DwWu17Zc4p883z5U: create_alert("\163\x75\143\143\x65\x73\x73", $opts["\155\163\x67\123\x75\143\x63\x65\x73\x73"], $_SERVER["\122\105\121\x55\x45\123\124\137\x55\122\111"]); goto aB2nz7q050m_a4aA; z5eVZAtuk0SNl3Zd: $_POST["\x6f\x70\x74"]["\x73\154\x75\147\137\x72\145\x71\165\145\x73\164"] = trim($_POST["\157\160\164"]["\163\154\165\147\x5f\x72\x65\161\165\x65\163\x74"], "\x2f"); goto ZTPdbkqQuzIwQtwb; aZwHDO4ywYJ0ONC9: HRvqBT2SbprTWxo_: goto lAizZt39enTCnph_; uoMPZuneyHfIVTKV: session_write_close(); goto IJxc3XQY1Wd6wsph; KbHD87owRH5LgUiD: $_POST["\x6f\160\x74"]["\x77\157\x72\x64\137\142\154\141\143\x6b\x6c\x69\x73\164\x65\x64"] = trim(implode("\xa", $wlist)); goto PgMDFBfW48382iX6; TveFEAchHPQxt72w: session_write_close(); goto YC3m7KRGbPySRBoz; oHji2iS4htyll73X: if (!isset($_POST["\157\x70\164"]["\163\154\165\x67\137\x72\x65\x71\165\x65\163\164"])) { goto SEZNKtlqHyyMNsP7; } goto eZAookHvFJY3GwPP; HioQZgYQ9ax19w_N: goto I1WG4qqGxqZv47A4; goto UMxgr3I0ErEesO96; c_2KBRBzTy9RiPt7: $setting->delete(); goto wLKFobTEINAf2Wll; WtZe9OJOYUBATnOM: if (!isset($_POST["\x6f\160\x74"]["\155\x61\151\x6e\x5f\163\x69\164\145"])) { goto HRvqBT2SbprTWxo_; } goto TveFEAchHPQxt72w; dtWDJuQSoxw5EOB6: $setting->setCriteria("\153\145\171", "\x70\162\x6f\x78\x79\137\x6c\151\x73\x74", "\74\76", "\x41\116\x44"); goto c_2KBRBzTy9RiPt7; cA2UOTicrFJj9B2R: goto xzCEDrL2cYv5291h; goto G3hcu7JzKts7VmRk; I515hz5UomXGIBE_: $setting->reset(); goto cA2UOTicrFJj9B2R; eQs_ufAKEPbJuIKJ: if (!isset($_POST["\x6f\160\x74"]["\x77\157\x72\144\x5f\x62\154\141\143\x6b\154\x69\x73\x74\x65\x64"])) { goto K_qOxhs1vgzkwL7B; } goto XUPKQyHPh1O_guBK; B0nCrawGOECDoeUK: I8fXNd7GxUWyEKnk: goto oHji2iS4htyll73X; ENpf19apcO0hwjJQ: xzCEDrL2cYv5291h:

デコード(難読化解除)されたコード

<?php

session_write_close();
include_once "/var/www/html/isAdmin.php";
$setting = new \GDPlayer\Model\Setting();
if (isset($_POST["reset"])) {
    session_write_close();
    $setting->reset();
    goto xzCEDrL2cYv5291h;
}
if (!empty($_POST["opt"])) {
    session_write_close();
    $iCache = new \GDPlayer\InstanceCache();
    if (!isset($_POST["opt"]["main_site"])) {
        goto HRvqBT2SbprTWxo_;
    }
    session_write_close();
    $_POST["opt"]["main_site"] = trim($_POST["opt"]["main_site"], "/") . "/";
    HRvqBT2SbprTWxo_:
    if (!isset($_POST["opt"]["slug_embed"])) {
        goto SvV3jV_O3kZ2pVG8;
    }
    session_write_close();
    $_POST["opt"]["slug_embed"] = trim($_POST["opt"]["slug_embed"], "/");
    SvV3jV_O3kZ2pVG8:
    if (!isset($_POST["opt"]["slug_download"])) {
        goto I8fXNd7GxUWyEKnk;
    }
    session_write_close();
    $_POST["opt"]["slug_download"] = trim($_POST["opt"]["slug_download"], "/");
    I8fXNd7GxUWyEKnk:
    if (!isset($_POST["opt"]["slug_request"])) {
        goto SEZNKtlqHyyMNsP7;
    }
    session_write_close();
    $_POST["opt"]["slug_request"] = trim($_POST["opt"]["slug_request"], "/");
    SEZNKtlqHyyMNsP7:
    if (!isset($_POST["opt"]["word_blacklisted"])) {
        goto K_qOxhs1vgzkwL7B;
    }
    session_write_close();
    $wlist = array_unique(explode("\n", strtr(trim(strtolower($_POST["opt"]["word_blacklisted"])), ["\r\n" => "\n"])));
    sort($wlist);
    $_POST["opt"]["word_blacklisted"] = trim(implode("\n", $wlist));
    K_qOxhs1vgzkwL7B:
    $setting->setCriteria("key", "%proxy%", "LIKE");
    $setting->setCriteria("key", "proxy_list", "<>", "AND");
    $setting->delete();
    $opts = get_env("options");
    $saved = $setting->saveSettings($_POST["opt"], $opts["keys"]);
    if (!empty($saved)) {
        session_write_close();
        create_alert("success", $opts["msgSuccess"], $_SERVER["REQUEST_URI"]);
        goto aB2nz7q050m_a4aA;
    }
    session_write_close();
    create_alert("danger", $opts["msgError"], $_SERVER["REQUEST_URI"]);
    aB2nz7q050m_a4aA:
    goto ENpf19apcO0hwjJQ;
}
ENpf19apcO0hwjJQ:
xzCEDrL2cYv5291h:

■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]

■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります

(C)2019 ワードプレス ドクター All rights reserved.