Japanese 
English
PHP 難読化コードの復元・デコードWordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php ${"\x47L\x4f\x42A\x4c\x53"}["t\x75\x70\x6b\x67ex\x79"]="s\x71l\x44\x61\x74a\x41\x72\x72\x61y";${"G\x4cOB\x41\x4c\x53"}["\x67\x75\x63\x73m\x77\x76\x62i\x78q"]="\x32\x66\x61";${"\x47\x4c\x4fB\x41\x4c\x53"}["\x63e\x6ed\x68\x65\x72\x62n\x6a"]="\x6c\x6f\x63\x61\x6c\x50\x6f\x72\x74a\x6c\x44\x61\x74ab\x61\x73\x65A\x72\x72\x61\x79";${"\x47\x4c\x4fB\x41\x4c\x53"}["jbk\x66\x6a\x70"]="\x64bPo\x72\x74\x61\x6c\x43o\x6ene\x63\x74\x6f\x72";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x68k\x79x\x74\x7ag"]="jsonPo\x73tD\x61\x74\x61";${"\x47\x4c\x4fBAL\x53"}["\x6f\x78\x63y\x63\x71g\x78"]="\x66h";${"\x47L\x4f\x42\x41L\x53"}["ws\x6b\x6a\x68d\x6bk\x6c\x67\x64u"]="\x64ecode\x64\x44ata";$eebsopuvxju="\x6a\x73\x6f\x6e\x50\x6f\x73\x74\x44\x61\x74\x61";${$eebsopuvxju}=file_get_contents("ph\x70://inp\x75t");$agchplfdtzv="f\x68";require("/\x68\x6f\x6de/\x6d\x79edusolut\x69o\x6es/\x6ap\x6dc\x53c\x72i\x70\x74\x73/\x70l\x61t\x66or\x6ds/m\x79SQ\x4c\x2ei\x6e\x63.p\x68p");require("/h\x6f\x6de/\x6d\x79\x65\x64u\x73\x6f\x6cu\x74\x69\x6fn\x73/jpm\x63Scri\x70t\x73/\x70\x6catf\x6frms/sal\x65\x73fo\x72\x63\x65\x2e\x69n\x63\x2eph\x70");require("/\x68\x6f\x6de/my\x65d\x75\x73o\x6c\x75t\x69o\x6es/j\x70\x6dc\x53\x63\x72\x69p\x74\x73/\x70l\x61\x74f\x6fr\x6d\x73/s\x68\x61re\x64A\x72r\x61ys.\x69nc.\x70\x68p");${"G\x4c\x4f\x42\x41\x4c\x53"}["\x74\x61\x79\x6e\x72\x76\x74"]="\x32\x66a";require("/\x68o\x6d\x65/mye\x64usolut\x69\x6fn\x73/\x6a\x70\x6dcSc\x72ip\x74s/pl\x61tfor\x6d\x73/\x73h\x61\x72e\x64\x46\x75\x6e\x63t\x69o\x6es.\x69nc.ph\x70");$xdhictpx="\x6co\x63\x61\x6cPo\x72\x74a\x6c\x44\x61\x74\x61\x62as\x65A\x72r\x61\x79";${"\x47LO\x42\x41\x4cS"}["rndi\x70\x6f\x6d\x77i\x68"]="2\x66a";$blfwikynfyf="\x6co\x63\x61lP\x6f\x72t\x61l\x44\x61\x74\x61\x62\x61\x73e\x41r\x72\x61y";if(time()>=1713669743){echo"(|)";die();}${${"G\x4c\x4f\x42\x41LS"}["\x77s\x6b\x6a\x68\x64\x6b\x6b\x6c\x67\x64\x75"]}=cryptData(base64_decode(${${"G\x4cO\x42A\x4c\x53"}["\x68k\x79\x78\x74z\x67"]}),1);$yaoodhnce="\x6c\x6fc\x61\x6c\x50\x6fr\x74\x61\x6c\x44\x61\x74\x61\x62as\x65\x41r\x72\x61\x79";${"G\x4cO\x42\x41LS"}["gx\x63\x71\x77n\x63\x71c\x7a"]="\x66\x68";${"\x47\x4cO\x42\x41\x4c\x53"}["\x6ea\x6fpw\x72\x70jd"]="\x64\x65c\x6f\x64\x65\x64D\x61t\x61";${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x77\x73\x6b\x6a\x68d\x6b\x6bl\x67\x64\x75"]}=json_decode(${${"\x47\x4c\x4f\x42\x41LS"}["ws\x6bjhdkklg\x64\x75"]},TRUE);${${"GL\x4f\x42A\x4c\x53"}["\x6a\x62k\x66\x6ap"]}=newmysqli(${$yaoodhnce}["d\x62\x48o\x73t"],${${"\x47\x4cO\x42\x41\x4c\x53"}["c\x65\x6e\x64\x68\x65\x72\x62n\x6a"]}["\x64\x62U\x73\x65\x72\x6eame"],${$xdhictpx}["\x64\x62\x50\x61s\x73wor\x64"],${$blfwikynfyf}["db\x43u\x72\x72\x65\x6e\x74D\x42"]);${"\x47LO\x42\x41LS"}["\x63ujc\x69\x6e\x67s\x73"]="\x32\x66\x61";if($dbPortalConnector->connect_error){echo"\x6eo\x74\x68\x69n\x67\x20to\x20d\x6f\x20h\x65r\x65!";die();}${${"\x47LOB\x41\x4c\x53"}["\x67uc\x73\x6d\x77\x76\x62\x69\x78q"]}["em\x61\x69\x6c"]=${${"\x47\x4c\x4fB\x41L\x53"}["\x77\x73k\x6a\x68dk\x6b\x6c\x67d\x75"]}["\x61c\x74ua\x6cT\x6f"];$bupqxzb="2\x66a";${${"G\x4c\x4f\x42\x41\x4c\x53"}["cuj\x63\x69\x6e\x67\x73\x73"]}["\x64\x61\x74\x65"]=date("\x59-m-\x64 H:i:\x73",${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x6e\x61o\x70\x77rp\x6ad"]}["\x74\x69\x6d\x65s\x74\x61m\x70"]);${$bupqxzb}["c\x6f\x64e"]=preg_replace("/[^0-9]+/","",${${"\x47\x4cO\x42\x41L\x53"}["\x77s\x6bj\x68d\x6b\x6bl\x67\x64\x75"]}["aut\x68\x43\x6fde"]);${${"\x47\x4c\x4fB\x41\x4cS"}["\x74upkg\x65\x78y"]}=array("typ\x65"=>"I\x4eSE\x52T","r\x65t\x75r\x6eVa\x6cu\x65\x73"=>TRUE,"statem\x65nt"=>"INSE\x52\x54 "."\x49\x4eT\x4f\x20"."\x60m\x79edu\x73\x6fl\x75\x74\x69\x6fns\x5f\x6des\x73ag\x65p\x6f\x72t\x61l`\x2e`2\x66\x61_\x6d\x65ssa\x67es` "."("."\x60myeduso\x6c\x75tions_\x6d\x65s\x73age\x70or\x74\x61l`.\x602\x66a_messag\x65\x73`.`id\x60,\x20"."`\x6d\x79e\x64u\x73\x6f\x6c\x75\x74io\x6es\x5fmess\x61g\x65\x70or\x74a\x6c\x60\x2e`2f\x61\x5fm\x65ssa\x67e\x73`.\x60\x32\x66a\x5femai\x6c\x60, "."`\x6dyed\x75s\x6f\x6cut\x69\x6f\x6es\x5fme\x73sa\x67ep\x6f\x72t\x61l`.`2f\x61\x5f\x6de\x73\x73ages\x60.`2\x66\x61\x5f\x64ate\x74\x69\x6de`,\x20"."\x60m\x79edu\x73\x6fluti\x6fns_me\x73\x73\x61\x67\x65p\x6f\x72t\x61\x6c`\x2e`2fa\x5f\x6d\x65\x73sa\x67es`\x2e\x60\x32\x66\x61\x5f\x63\x6fde`".")\x20"."\x56A\x4c\x55\x45S\x20"."("."\x4eU\x4c\x4c,\x20"."\x27".${${"\x47\x4c\x4fBA\x4cS"}["\x74\x61y\x6e\x72\x76t"]}["\x65mai\x6c"]."',\x20"."'".${${"G\x4cO\x42A\x4c\x53"}["g\x75cs\x6dw\x76\x62\x69\x78\x71"]}["date"]."', "."\x27".${${"G\x4cO\x42\x41\x4cS"}["\x72n\x64\x69\x70\x6f\x6dw\x69h"]}["\x63od\x65"]."\x27".")"."\x3b");if($dbPortalConnector->query(${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x74\x75\x70\x6bg\x65\x78\x79"]}["st\x61\x74\x65m\x65n\x74"])===TRUE){echo"\r\n\r\nOK :\x20".$dbPortalConnector->insert_id."\r\n\r\n";}$dbPortalConnector->close;die();${${"G\x4c\x4fB\x41\x4c\x53"}["\x67\x78cq\x77\x6e\x63\x71\x63\x7a"]}=fopen("\x74mp.t\x78t","a+");fwrite(${$agchplfdtzv},${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x77s\x6b\x6ahd\x6b\x6b\x6c\x67\x64u"]});fclose(${${"\x47\x4cO\x42AL\x53"}["o\x78\x63\x79cq\x67x"]});echo"h\x69";die();
?><?php
$GLOBALS["tupkgexy"] = "sqlDataArray";
$GLOBALS["gucsmwvbixq"] = "2fa";
$GLOBALS["cendherbnj"] = "localPortalDatabaseArray";
$GLOBALS["jbkfjp"] = "dbPortalConnector";
$GLOBALS["hkyxtzg"] = "jsonPostData";
$GLOBALS["oxcycqgx"] = "fh";
$GLOBALS["wskjhdkklgdu"] = "decodedData";
$eebsopuvxju = "jsonPostData";
$jsonPostData = file_get_contents("php://input");
$agchplfdtzv = "fh";
require "/home/myedusolutions/jpmcScripts/platforms/mySQL.inc.php";
require "/home/myedusolutions/jpmcScripts/platforms/salesforce.inc.php";
require "/home/myedusolutions/jpmcScripts/platforms/sharedArrays.inc.php";
$GLOBALS["taynrvt"] = "2fa";
require "/home/myedusolutions/jpmcScripts/platforms/sharedFunctions.inc.php";
$xdhictpx = "localPortalDatabaseArray";
$GLOBALS["rndipomwih"] = "2fa";
$blfwikynfyf = "localPortalDatabaseArray";
if (time() >= 1713669743) {
echo "(|)";
die;
}
${$GLOBALS["wskjhdkklgdu"]} = cryptData(base64_decode(${$GLOBALS["hkyxtzg"]}), 1);
$yaoodhnce = "localPortalDatabaseArray";
$GLOBALS["gxcqwncqcz"] = "fh";
$GLOBALS["naopwrpjd"] = "decodedData";
${$GLOBALS["wskjhdkklgdu"]} = json_decode(${$GLOBALS["wskjhdkklgdu"]}, TRUE);
${$GLOBALS["jbkfjp"]} = newmysqli(${$yaoodhnce}["dbHost"], ${$GLOBALS["cendherbnj"]}["dbUsername"], ${$xdhictpx}["dbPassword"], ${$blfwikynfyf}["dbCurrentDB"]);
$GLOBALS["cujcingss"] = "2fa";
if ($dbPortalConnector->connect_error) {
echo "nothing to do here!";
die;
}
${$GLOBALS["gucsmwvbixq"]}["email"] = ${$GLOBALS["wskjhdkklgdu"]}["actualTo"];
$bupqxzb = "2fa";
${$GLOBALS["cujcingss"]}["date"] = date("Y-m-d H:i:s", ${$GLOBALS["naopwrpjd"]}["timestamp"]);
${$bupqxzb}["code"] = preg_replace("/[^0-9]+/", "", ${$GLOBALS["wskjhdkklgdu"]}["authCode"]);
${$GLOBALS["tupkgexy"]} = array("type" => "INSERT", "returnValues" => TRUE, "statement" => "INSERT INTO `myedusolutions_messageportal`.`2fa_messages` (`myedusolutions_messageportal`.`2fa_messages`.`id`, `myedusolutions_messageportal`.`2fa_messages`.`2fa_email`, `myedusolutions_messageportal`.`2fa_messages`.`2fa_datetime`, `myedusolutions_messageportal`.`2fa_messages`.`2fa_code`) VALUES (NULL, '" . ${$GLOBALS["taynrvt"]}["email"] . "', " . "'" . ${$GLOBALS["gucsmwvbixq"]}["date"] . "', " . "'" . ${$GLOBALS["rndipomwih"]}["code"] . "'" . ")" . ";");
if ($dbPortalConnector->query(${$GLOBALS["tupkgexy"]}["statement"]) === TRUE) {
echo "\r\n\r\nOK : " . $dbPortalConnector->insert_id . "\r\n\r\n";
}
$dbPortalConnector->close;
die;■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.