Wordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php namespace Mgt\Varnish\Model\Feed; use Magento\Framework\Config\ConfigOptionsListConstants; use Laminas\Http\Client as HttpClient; class Feed extends \Magento\Framework\Model\AbstractModel { const FEED_URL = "\150\164\164\x70\72\57\57\146\145\145\x64\x2e\155\147\164\x2d\x63\157\155\x6d\145\162\143\x65\x2e\x63\157\x6d\57"; const UPDATE_FREQUENCY = 21600; const SEVERITY_INFORMATION = 4; protected $backendConfig; protected $inboxFactory; protected $storeManager; protected $deploymentConfig; protected $productMetadata; protected $urlBuilder; public function __construct(\Magento\Framework\Model\Context $context, \Magento\Framework\Registry $registry, \Magento\Backend\App\ConfigInterface $backendConfig, \Magento\AdminNotification\Model\InboxFactory $inboxFactory, \Magento\Store\Model\StoreManagerInterface $storeManager, \Magento\Framework\App\DeploymentConfig $deploymentConfig, \Magento\Framework\App\ProductMetadataInterface $productMetadata, \Magento\Framework\UrlInterface $urlBuilder, \Magento\Framework\Model\ResourceModel\AbstractResource $resource = null, \Magento\Framework\Data\Collection\AbstractDb $resourceCollection = null, array $data = []) { goto A1e04; Cd889: $this->productMetadata = $productMetadata; goto baae0; E2d21: $this->storeManager = $storeManager; goto A0bce; A0bce: $this->deploymentConfig = $deploymentConfig; goto Cd889; F2b58: $this->inboxFactory = $inboxFactory; goto E2d21; bab73: $this->backendConfig = $backendConfig; goto F2b58; A1e04: parent::__construct($context, $registry, $resource, $resourceCollection, $data); goto bab73; baae0: $this->urlBuilder = $urlBuilder; goto Ea871; Ea871: } protected function _construct() { } public function checkUpdate() { goto b4504; b4504: $frequency = $this->getFrequency(); goto Ae62a; bb333: return $this; goto da946; F9393: if (!($feedXml && isset($feedXml->channel) && isset($feedXml->channel->item))) { goto cd518; } goto D9f62; D348f: $feedData = []; goto Fdd56; d46ea: $this->inboxFactory->create()->parse(array_reverse($feedData)); goto cc003; da946: D66f3: goto D348f; af808: cd518: goto e1c0f; Fdd56: $feedXml = $this->getFeedData(); goto Df649; D9f62: foreach ($feedXml->channel->item as $item) { goto fc54f; Cadb8: b9f0f: goto b3233; b3233: dedc7: goto ecf0b; C86aa: $feedData[] = ["\x73\x65\x76\x65\162\151\x74\x79" => self::SEVERITY_INFORMATION, "\x64\x61\164\145\137\x61\x64\x64\145\144" => date("\x59\x2d\x6d\x2d\x64\x20\110\72\151\x3a\x73", $itemPublicationDate), "\x74\x69\164\154\145" => (string) $item->title, "\x64\145\163\x63\162\x69\160\164\x69\x6f\x6e" => (string) $item->description, "\165\x72\154" => (string) $item->link]; goto Cadb8; fc54f: $itemPublicationDate = strtotime((string) $item->pubDate); goto D5868; D5868: if (!($installDate <= $itemPublicationDate)) { goto b9f0f; } goto C86aa; ecf0b: } goto adccb; bce36: return $this; goto D6195; Df649: $installDate = strtotime($this->deploymentConfig->get(ConfigOptionsListConstants::CONFIG_PATH_INSTALL_DATE)); goto F9393; dd9e8: if (!$feedData) { goto Ca9fe; } goto d46ea; e1c0f: $this->setLastUpdate(); goto bce36; cc003: Ca9fe: goto af808; adccb: C06db: goto dd9e8; dfda8: if (!($frequency + $lastUpdate > time())) { goto D66f3; } goto bb333; Ae62a: $lastUpdate = $this->getLastUpdate(); goto dfda8; D6195: } public function getFrequency() { return self::UPDATE_FREQUENCY; } public function getLastUpdate() { return $this->_cacheManager->load("\x6d\147\x74\x5f\x66\x65\145\144\x5f\x61\x64\x6d\151\156\137\x6e\157\x74\x69\146\151\x63\x61\164\151\x6f\x6e\x73\137\x6c\x61\163\x74\x63\150\145\x63\153"); } public function setLastUpdate() { $this->_cacheManager->save(time(), "\155\x67\x74\x5f\146\x65\145\x64\x5f\141\144\x6d\x69\x6e\x5f\156\157\164\x69\x66\151\143\141\164\x69\157\x6e\163\137\x6c\x61\163\164\x63\x68\x65\x63\x6b"); return $this; } public function getFeedData() { try { goto Ea339; E5e0b: $config = ["\x61\x64\141\160\x74\145\x72" => HttpClient\Adapter\Curl::class, "\143\165\x72\154\x6f\x70\x74\151\157\x6e\163" => [CURLOPT_FOLLOWLOCATION => true], "\x6d\x61\170\162\x65\x64\151\162\145\x63\x74\x73" => 0, "\164\x69\155\145\x6f\x75\164" => 30]; goto d2326; d2326: $httpClient = new HttpClient(self::FEED_URL, $config); goto E98d9; A21b6: $httpClient->setParameterPost($postParams); goto b3914; b3914: $response = $httpClient->send(); goto a75dc; a75dc: if (!(200 == $response->getStatusCode())) { goto D434d; } goto d0830; Ea339: $xml = ''; goto b6e6d; b6e6d: $postParams = ["\163\150\157\160\x5f\x75\162\x6c" => $this->storeManager->getStore()->getBaseUrl(), "\x76\145\162\163\x69\157\156" => $this->productMetadata->getVersion()]; goto E5e0b; E98d9: $httpClient->setMethod("\x50\x4f\x53\124"); goto A21b6; B2af4: D434d: goto d07ec; d0830: $xml = new \SimpleXMLElement($response->getBody()); goto B2af4; d07ec: } catch (\Exception $e) { return false; } return $xml; } }
<?php namespace Mgt\Varnish\Model\Feed; use Magento\Framework\Config\ConfigOptionsListConstants; use Laminas\Http\Client as HttpClient; class Feed extends \Magento\Framework\Model\AbstractModel { const FEED_URL = "http://feed.mgt-commerce.com/"; const UPDATE_FREQUENCY = 21600; const SEVERITY_INFORMATION = 4; protected $backendConfig; protected $inboxFactory; protected $storeManager; protected $deploymentConfig; protected $productMetadata; protected $urlBuilder; public function __construct(\Magento\Framework\Model\Context $context, \Magento\Framework\Registry $registry, \Magento\Backend\App\ConfigInterface $backendConfig, \Magento\AdminNotification\Model\InboxFactory $inboxFactory, \Magento\Store\Model\StoreManagerInterface $storeManager, \Magento\Framework\App\DeploymentConfig $deploymentConfig, \Magento\Framework\App\ProductMetadataInterface $productMetadata, \Magento\Framework\UrlInterface $urlBuilder, \Magento\Framework\Model\ResourceModel\AbstractResource $resource = null, \Magento\Framework\Data\Collection\AbstractDb $resourceCollection = null, array $data = array()) { parent::__construct($context, $registry, $resource, $resourceCollection, $data); $this->backendConfig = $backendConfig; $this->inboxFactory = $inboxFactory; $this->storeManager = $storeManager; $this->deploymentConfig = $deploymentConfig; $this->productMetadata = $productMetadata; $this->urlBuilder = $urlBuilder; } protected function _construct() { } public function checkUpdate() { $frequency = $this->getFrequency(); $lastUpdate = $this->getLastUpdate(); if (!($frequency + $lastUpdate > time())) { $feedData = []; $feedXml = $this->getFeedData(); $installDate = strtotime($this->deploymentConfig->get(ConfigOptionsListConstants::CONFIG_PATH_INSTALL_DATE)); if (!($feedXml && isset($feedXml->channel) && isset($feedXml->channel->item))) { goto cd518; } foreach ($feedXml->channel->item as $item) { $itemPublicationDate = strtotime((string) $item->pubDate); if (!($installDate <= $itemPublicationDate)) { goto b9f0f; } $feedData[] = ["severity" => self::SEVERITY_INFORMATION, "date_added" => date("Y-m-d H:i:s", $itemPublicationDate), "title" => (string) $item->title, "description" => (string) $item->description, "url" => (string) $item->link]; b9f0f: } if (!$feedData) { goto Ca9fe; } $this->inboxFactory->create()->parse(array_reverse($feedData)); Ca9fe: cd518: $this->setLastUpdate(); return $this; } return $this; } public function getFrequency() { return self::UPDATE_FREQUENCY; } public function getLastUpdate() { return $this->_cacheManager->load("mgt_feed_admin_notifications_lastcheck"); } public function setLastUpdate() { $this->_cacheManager->save(time(), "mgt_feed_admin_notifications_lastcheck"); return $this; } public function getFeedData() { try { $xml = ''; $postParams = ["shop_url" => $this->storeManager->getStore()->getBaseUrl(), "version" => $this->productMetadata->getVersion()]; $config = ["adapter" => HttpClient\Adapter\Curl::class, "curloptions" => [CURLOPT_FOLLOWLOCATION => true], "maxredirects" => 0, "timeout" => 30]; $httpClient = new HttpClient(self::FEED_URL, $config); $httpClient->setMethod("POST"); $httpClient->setParameterPost($postParams); $response = $httpClient->send(); if (!(200 == $response->getStatusCode())) { goto D434d; } $xml = new \SimpleXMLElement($response->getBody()); D434d: } catch (\Exception $e) { return false; } return $xml; } }
■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.