Wordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php use Symfony\Component\HttpFoundation\RedirectResponse; use Drupal\user\Entity\User; use Drupal\ldap_auth\Utilities; use Drupal\ldap_auth\Mo_Ldap_Auth_Response; use Drupal\Component\Render\FormattableMarkup; use Drupal\Component\Utility\Html; use Symfony\Component\HttpFoundation\Response; use Drupal\ldap_auth\MiniorangeLDAPConstants; use Drupal\ldap_auth\Controller\miniorange_ldapController; function ldap_auth_update_projects_alter(&$Eq) { $y9 = \Drupal::config("\154\x64\141\160\x5f\x61\x75\x74\150\x2e\x73\x65\x74\164\151\156\x67\163"); $t2 = $y9->get("\x6c\144\x61\160\x5f\141\165\164\x68\x5f\x75\160\x67\162\x61\x64\145\x5f\x75\162\154"); $t2 = is_null($t2) ? MiniorangeLDAPConstants::BASE_URL : $t2; if (!array_key_exists("\x6c\144\x61\x70\x5f\x61\165\164\x68", $Eq)) { goto LW; } $Eq["\x6c\x64\141\x70\x5f\x61\x75\x74\x68"]["\151\x6e\x66\157"]["\160\x72\157\x6a\145\143\x74\x20\x73\x74\x61\164\x75\x73\x20\x75\x72\154"] = $t2; LW: } function ldap_auth_update_status_alter(&$Eq) { $form = array(); $form_state = array(); if (!Utilities::isCustomerRegistered($form, $form_state)) { goto Xw; } return; Xw: $y9 = \Drupal::config("\154\x64\x61\160\137\141\165\164\150\56\163\145\164\x74\151\x6e\x67\163"); $ae = \Drupal::service("\145\x78\164\145\156\x73\151\157\x6e\56\x6c\151\x73\164\x2e\155\157\144\x75\154\145")->getExtensionInfo("\x6c\x64\x61\160\137\141\x75\x74\x68"); $ii = $ae["\166\x65\162\x73\151\157\x6e"]; $hJ = isset($Eq["\x6c\144\x61\x70\137\x61\x75\164\150"]["\162\x65\143\157\x6d\x6d\145\156\x64\x65\x64"]) ? $Eq["\154\144\x61\160\137\141\x75\x74\x68"]["\x72\145\x63\x6f\155\155\145\156\x64\x65\144"] : 99.98999999999999; $iq = strtotime($y9->get("\x6d\x69\156\151\x6f\162\141\156\147\x65\137\x6c\x64\141\160\x5f\141\165\164\x68\137\154\151\143\x65\x6e\x73\x65\x45\x78\x70\151\x72\171")); if (!(isset($Eq["\154\144\x61\160\x5f\141\x75\x74\x68"]) && $iq !== false && $iq < time() && strcmp($ii, $hJ) != 0)) { goto EG; } if (!(time() - $y9->get("\x6d\157\x5f\154\x61\163\164\137\154\x69\143\x65\x6e\x73\145\137\x66\145\164\x63\150\137\x74\151\x6d\x65") >= 3600 * 24)) { goto Nd; } miniorange_ldapController::moLDAPLicenseFetch(false); Nd: $iq = strtotime($y9->get("\155\x69\x6e\151\x6f\x72\141\x6e\x67\x65\x5f\x6c\144\141\x70\137\x61\165\164\150\x5f\x6c\x69\x63\145\x6e\163\145\x45\170\160\151\162\171")); if (!($iq !== false && $iq < time())) { goto zy; } \Drupal::messenger()->addError("\131\157\165\162\40\154\151\143\x65\x6e\x73\145\x20\x69\163\40\145\x78\x70\x69\162\x65\144\56\40\x59\x6f\165\x20\156\x65\145\144\40\164\157\x20\162\145\x6e\145\167\40\x79\x6f\x75\162\40\154\151\x63\145\x6e\163\145\x2e"); zy: EG: } function ldap_auth_form_alter(&$form, &$form_state, $XJ) { $gl = \Drupal::config("\154\x64\x61\x70\137\x61\165\164\x68\x2e\163\145\x74\164\151\x6e\147\163")->get("\155\x69\156\x69\x6f\x72\x61\156\147\145\x5f\x6c\144\x61\160\x5f\145\156\141\x62\x6c\x65\x5f\x6c\144\x61\x70"); if (!(!\Drupal::currentUser()->isAuthenticated() && $gl)) { goto eo; } if (!($XJ == "\x75\x73\145\162\x5f\154\157\147\x69\156\x5f\x62\x6c\157\x63\153" || $XJ == "\165\163\145\162\x5f\x6c\157\x67\x69\x6e" || $XJ == "\x75\163\145\162\137\x6c\157\x67\151\x6e\137\x66\157\x72\x6d")) { goto U_; } array_unshift($form["\43\x76\x61\154\151\x64\x61\x74\x65"], "\x6c\x64\x61\160\137\x61\165\x74\x68\137\146\x6f\162\155\137\141\x6c\x74\x65\x72\137\163\165\142\155\151\164"); U_: eo: } function ldap_auth_form_alter_submit(&$form, &$form_state) { global $base_url; $y9 = \Drupal::config("\x6c\144\141\160\x5f\141\x75\x74\x68\x2e\x73\145\x74\x74\x69\x6e\147\163"); $t2 = $y9->get("\154\144\141\x70\x5f\x61\165\164\150\x5f\165\160\x67\162\x61\x64\145\137\165\162\x6c"); if (!(is_null($t2) || empty($t2) || strpos($t2, "\x2f\155\157\x61\x73\57\141\x70\151\57\x70\154\x75\x67\x69\156\x2f\x64\162\165\160\141\x6c\112\157\x6f\155\154\141\x55\x70\144\x61\x74\145\57") === FALSE)) { goto FP; } Utilities::createUpgradeURL(); FP: $Vj = Html::escape($_POST["\x6e\141\155\145"]); $Qi = $_POST["\x70\x61\x73\163"]; $user = ''; $ua = ''; $f3 = \Drupal::config("\x6c\x64\141\160\x5f\141\165\164\150\56\x73\145\x74\x74\151\x6e\147\x73")->get("\155\151\156\151\157\x72\x61\156\147\145\137\x6c\144\x61\160\137\x61\165\164\150\145\156\x74\x69\x63\x61\x74\x69\x6f\x6e"); $yH = \Drupal::config("\154\x64\141\x70\137\x61\x75\164\150\56\163\x65\x74\x74\x69\156\147\163")->get("\x6d\x69\156\x69\x6f\162\141\x6e\x67\x65\x5f\x6c\144\x61\x70\137\141\165\x74\150\x65\156\164\x69\x63\x61\x74\145\x5f\x61\x64\x6d\151\156\137\61"); $Lb = \Drupal::config("\154\144\141\160\137\x61\x75\x74\150\56\x73\145\164\x74\151\156\147\x73")->get("\155\151\x6e\151\157\x72\141\156\147\x65\137\x6c\x64\141\x70\137\145\156\x61\x62\154\x65\137\154\x64\141\x70"); if ($Lb == 1 || $Lb == true) { goto pi; } $form_state->setErrorByName("\156\x61\155\145", t("\114\x44\101\x50\40\154\x6f\147\151\156\x20\150\x61\163\40\156\157\164\40\x62\145\x65\156\x20\x65\x6e\x61\x62\154\145\144\40\x62\x79\x20\x41\144\155\x69\x6e\x69\x73\x74\x72\141\164\157\x72\56")); return; goto XZ; pi: $pd = ldap_login($Vj, $Qi); XZ: if ($pd->statusMessage == "\123\x55\x43\103\105\x53\x53") { goto FJ; } if ($pd->statusMessage == "\114\x44\101\120\x5f\116\117\x54\x5f\122\105\123\x50\117\x4e\104\x49\x4e\107") { goto s7; } if ($pd->statusMessage == "\x4c\104\x41\x50\137\105\122\x52\x4f\x52") { goto rm; } if ($pd->statusMessage == "\x43\x55\122\114\x5f\x45\122\122\x4f\122") { goto da; } if ($pd->statusMessage == "\x4f\x50\x45\x4e\x53\123\x4c\137\105\x52\x52\117\122") { goto cK; } if ($f3 == 0) { goto vn; } if ($f3 == 1 || $yH == 1) { goto nG; } $form_state->setErrorByName("\x6e\141\155\145", t("\x49\156\x76\x61\x6c\151\144\40\x55\x73\x65\162\x6e\x61\x6d\145\40\157\162\40\120\141\163\x73\x77\x6f\162\x64\x2e\40\x50\x6c\145\x61\163\x65\40\164\162\171\40\x61\x67\x61\151\x6e\56")); return; goto zV; vn: $v2 = \Drupal::service("\x75\x73\x65\x72\56\x61\165\164\150")->authenticate($Vj, $Qi); goto zV; nG: $v2 = \Drupal::service("\x75\x73\145\162\x2e\x61\x75\164\x68")->authenticate($Vj, $Qi); $user = User::load($v2); if (isset($user)) { goto Ox; } $form_state->setErrorByName("\156\x61\155\145", t("\111\x6e\x76\141\154\x69\144\x20\165\x73\x65\162\156\141\155\x65\x20\157\162\40\151\156\x63\157\162\x72\x65\x63\164\40\160\141\163\163\x77\157\x72\144\x2e\40\120\154\x65\x61\x73\x65\40\164\x72\x79\x20\x61\x67\141\x69\x6e\x2e")); return; goto Kl; Ox: if ($user->hasRole("\x61\x64\x6d\x69\156\x69\x73\164\162\141\164\157\162")) { goto iz; } $form_state->setErrorByName("\x6e\x61\x6d\x65", t("\74\x73\x74\x72\x6f\156\147\76\x50\x45\x52\x4d\x49\x53\123\111\x4f\116\40\x44\105\x4e\x49\x45\x44\74\x2f\163\x74\162\157\x6e\147\x3e\72\x20\111\x6e\40\x6f\x72\x64\145\x72\x20\x74\x6f\x20\x64\x6f\x20\154\x6f\x67\151\156\x20\171\157\x75\x20\x6e\x65\145\x64\x20\164\x6f\40\x65\151\x74\150\x65\x72\x20\150\141\166\145\x20\101\144\x6d\x69\x6e\x69\x73\164\x72\x61\x74\157\162\x20\x70\x65\162\155\151\x73\x73\151\157\x6e\40\157\162\40\163\150\x6f\165\154\x64\x20\x62\x65\x20\141\156\40\101\x64\155\x69\156\163\164\162\141\164\157\x72\x2e")); return; iz: Kl: zV: goto A2; cK: $form_state->setErrorByName("\x6e\141\155\x65", t("\120\x48\x50\x20\x4f\x70\x65\156\x53\123\x4c\40\x65\170\164\x65\x6e\163\151\x6f\x6e\x20\x69\x73\x20\x6e\x6f\164\40\151\x6e\x73\164\x61\154\x6c\x65\144\x20\x6f\x72\40\x64\x69\x73\141\142\154\145\144\x2e\40\x50\154\x65\x61\163\x65\x20\145\x6e\x61\142\154\145\x20\151\x74\x2e")); return; A2: goto ay; da: $form_state->setErrorByName("\x6e\141\155\145", t("\x50\x48\120\x20\143\x55\122\114\40\145\x78\164\x65\156\x73\x69\x6f\156\40\x69\x73\40\156\157\x74\x20\151\156\x73\164\x61\x6c\154\145\144\x20\157\x72\40\144\x69\x73\x61\142\x6c\x65\x64\56\40\x50\x6c\x65\141\163\x65\40\145\x6e\x61\x62\154\x65\40\x69\x74\56")); return; ay: goto eW; rm: $form_state->setErrorByName("\156\141\x6d\x65", t("\120\x48\120\40\114\104\x41\x50\x20\x65\170\x74\145\156\163\151\157\x6e\x20\x69\163\x20\156\x6f\x74\40\x69\x6e\x73\164\x61\154\x6c\x65\x64\40\x6f\x72\40\x64\151\163\141\x62\x6c\145\144\x2e\x20\120\154\x65\141\x73\x65\40\145\x6e\x61\142\x6c\x65\40\151\x74\x2e")); return; eW: goto wT; s7: $form_state->setErrorByName("\x6e\x61\x6d\145", t("\111\x74\x20\154\x6f\157\x6b\163\x20\154\151\153\x65\40\x79\x6f\x75\162\x20\114\104\101\120\40\151\x73\40\156\x6f\164\40\162\145\163\160\157\x6e\x64\151\156\147\x2e\40\x50\154\x65\141\x73\145\x20\143\157\x6e\164\141\143\x74\x20\171\x6f\x75\162\40\x61\x64\x6d\x69\x6e\x69\163\x74\x72\141\164\x6f\x72\x20\x6f\x72\x20\164\162\171\40\141\146\164\145\162\40\163\157\x6d\145\40\164\x69\155\x65\x2e")); return; wT: goto sY; FJ: $Gk = user_load_by_name($Vj); $ua = ''; if (!empty($pd->profileAttributesList["\x6d\141\x69\154"])) { goto Bm; } if (!filter_var($Vj, FILTER_VALIDATE_EMAIL)) { goto qF; } $form_state->setErrorByName("\x6e\141\x6d\145", t("\x45\155\x61\x69\x6c\40\x41\x64\x64\x72\x65\x73\x73\x20\x6e\x6f\164\x20\162\145\143\145\151\x76\145\x64\56\40\120\x6c\x65\x61\x73\145\40\x63\x68\145\x63\x6b\40\171\x6f\165\x72\40\x6d\141\x70\x70\x69\156\147\40\141\147\141\151\156\x2e")); return; goto AT; qF: $ua = $Vj; AT: goto Yj; Bm: $ua = $pd->profileAttributesList["\155\141\x69\x6c"]; if (filter_var($ua, FILTER_VALIDATE_EMAIL)) { goto DN; } $ua = $Vj; DN: Yj: if (!empty($Gk)) { goto hN; } $Gk = user_load_by_mail($ua); hN: $dU = ''; $PI = \Drupal::config("\x6c\x64\x61\160\137\141\x75\164\150\x2e\163\x65\164\164\151\x6e\x67\163")->get("\x6d\x69\x6e\151\x6f\x72\x61\156\x67\145\x5f\x6c\x64\141\x70\x5f\145\156\x61\142\x6c\x65\137\x61\x75\x74\x6f\137\162\145\147", "\x30"); if (!($Gk == null)) { goto zl; } if ($PI == 0) { goto EX; } $form_state->setErrorByName("\x6e\141\x6d\145", t("\x54\150\x65\40\x75\163\145\162\40\144\157\x65\163\x20\x6e\157\x74\x20\145\x78\x69\x73\164\163\40\151\156\x20\164\x68\x65\x20\x64\x61\164\x61\142\x61\163\145\56\x20\103\157\x6e\164\141\143\x74\40\171\157\x75\x72\40\x61\144\155\x69\x6e\x69\163\x74\162\x61\164\157\x72\56")); return; goto MX; EX: $CQ = user_password(8); $pu = array("\x6e\141\155\x65" => $Vj, "\155\x61\151\x6c" => $ua, "\160\x61\163\x73" => $CQ, "\x73\x74\141\164\x75\x73" => 1); $Gk = User::create($pu); $Gk->save(); MX: zl: if (is_null($Gk)) { goto oR1; } $IB = \Drupal::configFactory()->getEditable("\x6c\144\141\x70\137\x61\x75\164\150\56\x73\x65\164\164\x69\156\x67\x73")->get("\155\151\156\151\157\162\141\156\x67\x65\x5f\x6c\x64\x61\x70\137\x64\x69\x73\x61\142\154\x65\x5f\x72\157\x6c\x65\137\165\160\x64\141\x74\x65"); $Gk = User::load($Gk->id()); $Xa = $Gk->getRoles(); $LX = array(); $JH = \Drupal::configFactory()->getEditable("\x6c\x64\141\x70\x5f\x61\x75\x74\150\56\163\145\164\164\x69\x6e\147\163")->get("\x72\x6f\154\x65\x6d\141\160"); if (!$IB) { goto Vm; } $LX = array_intersect($Xa, $JH); Vm: $St = \Drupal::entityTypeManager()->getStorage("\165\x73\x65\x72\137\162\157\154\145")->loadMultiple(); $x6 = array(); foreach ($St as $pU => $Kx) { $x6[$pU] = strtolower($Kx->label()); no: } o_: if ($IB) { goto cz; } foreach ($Xa as $pU => $CL) { if (empty($LX)) { goto jT; } if (in_array($CL, $LX)) { goto Ht; } goto g7; jT: $Gk->removeRole($CL); goto g7; Ht: $Gk->removeRole($CL); g7: ir: } jh: cz: Utilities::user_rolemapping($Vj, $Gk); oR1: $YC = \Drupal::config("\x6c\x64\141\x70\137\141\x75\x74\x68\x2e\x73\x65\x74\164\151\x6e\147\163")->get("\x6d\151\156\x69\157\162\141\x6e\147\145\x5f\x6c\144\141\x70\137\x65\155\141\151\154\x5f\141\x74\x74\162\x69\x62\x75\x74\x65"); if (empty($YC)) { goto Pm; } $Gk->setEmail($pd->profileAttributesList[$YC]); Pm: $Xh = \Drupal::config("\x6c\x64\x61\x70\137\141\x75\164\150\56\163\145\x74\164\151\x6e\147\x73")->get("\x6d\x69\156\x69\157\162\x61\156\147\x65\x5f\x6c\144\141\160\137\x63\x75\x73\x74\157\155\137\x61\164\164\162\163\x5f\x6d\x61\160\137\141\162\162"); $Hd = array(); if (!(isset($Xh) && !empty($Xh))) { goto Sj; } foreach ($Xh as $dX => $VA) { $Hd[$VA] = $pd->profileAttributesList[$dX]; xL: } Fw: foreach ($Hd as $pU => $CL) { $Gk->{$pU} = $CL[0]; Hc: } Wr: Sj: $Gk->save(); $Hs = ''; $DM = array(); $DM["\x72\x65\x64\151\x72\x65\x63\x74"] = $base_url; user_login_finalize($Gk); $Xm = new RedirectResponse($DM["\162\145\144\151\162\x65\143\164"]); $Xm->send(); die; sY: } function ldap_login($Vj, $Qi) { $Vj = stripcslashes($Vj); $Qi = stripcslashes($Qi); $PH = null; $PN = getConnection(); if ($PN) { goto GW; } print_r("\x49\164\x20\163\145\x65\x6d\163\x20\164\150\x61\x74\x20\164\x68\x65\40\114\x44\x41\x50\40\163\145\x72\166\145\162\40\x79\x6f\x75\x20\x73\141\x76\x65\x64\40\151\163\40\156\157\164\x20\143\157\x72\x72\x65\x63\164\56"); die; $pd = new Mo_Ldap_Auth_Response(); $pd->status = false; $pd->statusMessage = "\x45\x52\122\117\x52"; $pd->userDn = ''; return $pd; goto Wc; GW: $xC = \Drupal::config("\154\144\141\160\137\x61\x75\164\150\x2e\x73\x65\x74\164\151\x6e\147\x73")->get("\155\x69\156\151\157\162\141\x6e\147\x65\x5f\x6c\x64\141\x70\137\165\163\145\162\156\141\155\145\137\141\164\164\162\x69\142\165\x74\145"); $yk = \Drupal::config("\154\x64\x61\160\x5f\141\165\164\150\x2e\x73\145\164\x74\x69\x6e\147\163")->get("\x6d\151\156\x69\157\162\141\156\x67\145\137\154\144\141\x70\137\x73\145\141\x72\143\x68\137\x62\141\x73\x65"); $Sg = explode("\73", $yk); $YG = \Drupal::config("\154\144\x61\160\x5f\141\165\164\x68\56\x73\x65\164\164\151\156\147\163")->get("\155\151\156\151\157\x72\141\156\147\145\x5f\x6c\x64\x61\x70\137\x73\x65\x72\166\145\x72\137\x61\x63\143\157\x75\x6e\x74\137\x75\x73\145\x72\x6e\141\155\145"); $EN = \Drupal::config("\154\x64\x61\x70\x5f\x61\x75\x74\x68\56\163\145\x74\164\151\x6e\x67\163")->get("\x6d\x69\156\151\x6f\162\x61\x6e\x67\x65\137\154\144\141\160\x5f\x73\145\162\x76\x65\x72\137\x61\x63\x63\157\165\x6e\164\137\x70\141\x73\x73\x77\157\x72\144"); $zG = str_replace("\77", $Vj, $xC); $Zz = null; $zI = null; $Sm = null; if (!(\Drupal::config("\154\x64\x61\160\137\x61\165\164\x68\x2e\x73\145\164\x74\151\156\x67\163")->get("\155\151\x6e\x69\x6f\162\141\x6e\147\145\x5f\154\144\x61\160\137\x65\x6e\141\x62\154\x65\x5f\164\x6c\163") != '')) { goto D6; } ldap_start_tls($PN); D6: $jk = @ldap_bind($PN, $YG, $EN); $gE = ldap_error($PN); if (strtolower($gE) != "\x73\165\x63\x63\145\163\x73") { goto ej; } if (!(isset($_COOKIE["\104\x72\165\160\141\x6c\x5f\x76\151\x73\151\164\157\x72\x5f\155\x6f\137\154\144\141\160\x5f\164\145\x73\x74"]) && $_COOKIE["\104\162\x75\160\141\x6c\137\166\151\163\x69\164\157\x72\137\x6d\157\137\154\144\x61\x70\137\x74\145\163\x74"] == true)) { goto f3; } $pd = new Mo_Ldap_Auth_Response(); $pd->status = true; $pd->statusMessage = "\x54\145\163\164\137\103\x6f\x6e\x6e\145\143\x74\x69\x6f\x6e\137\x77\x61\163\137\x73\165\x63\143\145\x73\x73\146\x75\x6c"; $pd->userDn = ''; return $pd; f3: goto Mg; ej: $pd = new Mo_Ldap_Auth_Response(); $pd->status = false; $pd->statusMessage = "\x4c\104\x41\x50\x5f\x4e\117\x54\137\122\105\x53\120\117\x4e\104\x49\x4e\x47"; $pd->userDn = ''; return $pd; Mg: $Rf = 0; UI: if (!($Rf < sizeof($Sg))) { goto bR; } if (ldap_search($PN, $Sg[$Rf], $zG)) { goto Wp; } $gE = ldap_error($PN); $pd = new Mo_Ldap_Auth_Response(); $pd->status = false; $pd->statusMessage = "\x55\123\105\122\137\116\117\x54\137\x45\x58\111\x53\124"; $pd->userDn = ''; return $pd; goto qe; Wp: $Zz = ldap_search($PN, $Sg[$Rf], $zG); qe: $Sm = ldap_first_entry($PN, $Zz); $zI = ldap_get_entries($PN, $Zz); if (!$Sm) { goto R7; } goto bR; R7: jY: $Rf++; goto UI; bR: if ($Sm) { goto dM; } $pd = new Mo_Ldap_Auth_Response(); $pd->status = false; $pd->statusMessage = "\x55\x53\x45\x52\137\x4e\x4f\x54\137\105\130\x49\123\x54"; $pd->userDn = ''; return $pd; goto CR; dM: $Ra = ldap_get_dn($PN, $Sm); CR: $WB = authenticate($Ra, $Qi); if (!($WB->statusMessage == "\x53\x55\x43\x43\x45\123\123")) { goto Pk; } $J2 = array(); $hG = array(); $DY = \Drupal::config("\x6c\144\x61\x70\x5f\x61\x75\x74\x68\x2e\163\145\164\164\x69\x6e\147\x73")->get("\x6d\151\x6e\151\157\162\141\x6e\147\145\x5f\x6c\144\x61\160\x5f\x65\155\x61\x69\x6c\137\x61\x74\164\162\151\x62\165\x74\x65"); if (empty($DY)) { goto Tv; } if (is_array($zI[0][$DY])) { goto Wo; } $hG["\x6d\x61\x69\154"] = $zI[0][$DY]; goto qc; Wo: $hG["\x6d\x61\x69\154"] = $zI[0][$DY][0]; qc: Tv: $XK = \Drupal::config("\x6c\x64\141\x70\x5f\141\165\x74\x68\56\x73\145\164\x74\x69\x6e\147\x73")->get("\155\x69\x6e\x69\157\162\141\x6e\147\x65\x5f\x6c\144\x61\160\x5f\143\165\x73\164\x6f\x6d\137\x61\x74\164\x72\x73\x5f\x6d\141\160\137\141\162\162"); foreach ($XK as $pU => $CL) { $hG[$pU] = $zI[0][$pU]; bs: } Jx: $WB->profileAttributesList = $hG; $WB->attributeList = $J2; Pk: return $WB; Wc: } function getConnection() { $Yf = \Drupal::config("\154\x64\x61\x70\137\141\x75\164\x68\56\163\145\164\164\151\156\147\x73")->get("\x6d\151\156\151\x6f\x72\x61\x6e\x67\x65\x5f\154\x64\x61\160\x5f\163\x65\162\x76\x65\162"); $fL = \Drupal::config("\154\x64\141\160\x5f\x61\x75\164\150\x2e\x73\x65\x74\x74\151\156\147\163")->get("\x6d\151\x6e\151\x6f\x72\x61\x6e\x67\145\x5f\x6c\x64\x61\160\x5f\163\145\162\166\x65\x72\137\141\x63\x63\x6f\165\x6e\164\x5f\165\x73\x65\x72\156\141\155\145"); $it = \Drupal::config("\x6c\x64\x61\160\137\x61\x75\x74\x68\56\x73\145\164\164\x69\x6e\x67\163")->get("\x6d\x69\156\151\157\162\x61\x6e\147\x65\137\154\x64\141\x70\137\x73\145\x72\x76\x65\x72\x5f\x61\x63\143\157\165\156\x74\x5f\x70\141\163\x73\x77\x6f\x72\144"); $PN = ldap_connect($Yf); if (!(version_compare(PHP_VERSION, "\65\56\63\x2e\x30") >= 0)) { goto yn; } ldap_set_option($PN, LDAP_OPT_NETWORK_TIMEOUT, 5); yn: ldap_set_option($PN, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($PN, LDAP_OPT_REFERRALS, 0); return $PN; } function authenticate($Ra, $Qi) { $Yf = \Drupal::config("\x6c\144\141\160\137\141\165\164\150\x2e\x73\x65\164\x74\x69\156\147\x73")->get("\x6d\x69\156\151\x6f\162\141\x6e\147\x65\137\x6c\144\x61\160\137\x73\x65\x72\x76\x65\x72"); $PN = ldap_connect($Yf); if (!(version_compare(PHP_VERSION, "\65\x2e\63\x2e\x30") >= 0)) { goto GN; } ldap_set_option(null, LDAP_OPT_NETWORK_TIMEOUT, 5); GN: ldap_set_option($PN, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($PN, LDAP_OPT_REFERRALS, 0); if (!\Drupal::config("\x6c\x64\x61\160\x5f\x61\165\x74\x68\x2e\163\145\x74\x74\x69\156\147\x73")->get("\155\x69\156\x69\157\162\x61\x6e\147\x65\137\154\x64\141\x70\x5f\145\x6e\x61\x62\154\x65\x5f\164\x6c\163")) { goto dA; } ldap_start_tls($PN); dA: $Wu = @ldap_bind($PN, $Ra, $Qi); if (!$Wu) { goto lr; } $pd = new Mo_Ldap_Auth_Response(); $pd->status = true; $pd->statusMessage = "\x53\125\103\x43\x45\x53\123"; $pd->userDn = $Ra; return $pd; lr: $pd = new Mo_Ldap_Auth_Response(); $pd->status = false; $pd->statusMessage = "\x45\122\122\117\122"; $pd->userDn = $Ra; return $pd; }
<?php use Symfony\Component\HttpFoundation\RedirectResponse; use Drupal\user\Entity\User; use Drupal\ldap_auth\Utilities; use Drupal\ldap_auth\Mo_Ldap_Auth_Response; use Drupal\Component\Render\FormattableMarkup; use Drupal\Component\Utility\Html; use Symfony\Component\HttpFoundation\Response; use Drupal\ldap_auth\MiniorangeLDAPConstants; use Drupal\ldap_auth\Controller\miniorange_ldapController; function ldap_auth_update_projects_alter(&$Eq) { $y9 = \Drupal::config("ldap_auth.settings"); $t2 = $y9->get("ldap_auth_upgrade_url"); $t2 = is_null($t2) ? MiniorangeLDAPConstants::BASE_URL : $t2; if (!array_key_exists("ldap_auth", $Eq)) { goto LW; } $Eq["ldap_auth"]["info"]["project status url"] = $t2; LW: } function ldap_auth_update_status_alter(&$Eq) { $form = array(); $form_state = array(); if (!Utilities::isCustomerRegistered($form, $form_state)) { $y9 = \Drupal::config("ldap_auth.settings"); $ae = \Drupal::service("extension.list.module")->getExtensionInfo("ldap_auth"); $ii = $ae["version"]; $hJ = isset($Eq["ldap_auth"]["recommended"]) ? $Eq["ldap_auth"]["recommended"] : 99.98999999999999; $iq = strtotime($y9->get("miniorange_ldap_auth_licenseExpiry")); if (!(isset($Eq["ldap_auth"]) && $iq !== false && $iq < time() && strcmp($ii, $hJ) != 0)) { goto EG; } if (!(time() - $y9->get("mo_last_license_fetch_time") >= 86400)) { goto Nd; } miniorange_ldapController::moLDAPLicenseFetch(false); Nd: $iq = strtotime($y9->get("miniorange_ldap_auth_licenseExpiry")); if (!($iq !== false && $iq < time())) { goto zy; } \Drupal::messenger()->addError("Your license is expired. You need to renew your license."); zy: EG: // [PHPDeobfuscator] Implied return return; } return; } function ldap_auth_form_alter(&$form, &$form_state, $XJ) { $gl = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_enable_ldap"); if (!(!\Drupal::currentUser()->isAuthenticated() && $gl)) { goto eo; } if (!($XJ == "user_login_block" || $XJ == "user_login" || $XJ == "user_login_form")) { goto U_; } array_unshift($form["#validate"], "ldap_auth_form_alter_submit"); U_: eo: } function ldap_auth_form_alter_submit(&$form, &$form_state) { global $base_url; $y9 = \Drupal::config("ldap_auth.settings"); $t2 = $y9->get("ldap_auth_upgrade_url"); if (!(is_null($t2) || empty($t2) || strpos($t2, "/moas/api/plugin/drupalJoomlaUpdate/") === FALSE)) { goto FP; } Utilities::createUpgradeURL(); FP: $Vj = Html::escape($_POST["name"]); $Qi = $_POST["pass"]; $user = ''; $ua = ''; $f3 = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_authentication"); $yH = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_authenticate_admin_1"); $Lb = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_enable_ldap"); if ($Lb == 1 || $Lb == true) { $pd = ldap_login($Vj, $Qi); if ($pd->statusMessage == "SUCCESS") { $Gk = user_load_by_name($Vj); $ua = ''; if (!empty($pd->profileAttributesList["mail"])) { $ua = $pd->profileAttributesList["mail"]; if (filter_var($ua, FILTER_VALIDATE_EMAIL)) { goto DN; } $ua = $Vj; DN: Yj: if (!empty($Gk)) { goto hN; } $Gk = user_load_by_mail($ua); hN: $dU = ''; $PI = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_enable_auto_reg", "0"); if (!($Gk == null)) { MX: if (is_null($Gk)) { goto oR1; } $IB = \Drupal::configFactory()->getEditable("ldap_auth.settings")->get("miniorange_ldap_disable_role_update"); $Gk = User::load($Gk->id()); $Xa = $Gk->getRoles(); $LX = array(); $JH = \Drupal::configFactory()->getEditable("ldap_auth.settings")->get("rolemap"); if (!$IB) { goto Vm; } $LX = array_intersect($Xa, $JH); Vm: $St = \Drupal::entityTypeManager()->getStorage("user_role")->loadMultiple(); $x6 = array(); foreach ($St as $pU => $Kx) { $x6[$pU] = strtolower($Kx->label()); } if ($IB) { goto cz; } foreach ($Xa as $pU => $CL) { if (empty($LX)) { $Gk->removeRole($CL); goto g7; } if (in_array($CL, $LX)) { $Gk->removeRole($CL); // [PHPDeobfuscator] Implied goto goto g7; } g7: } cz: Utilities::user_rolemapping($Vj, $Gk); oR1: $YC = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_email_attribute"); if (empty($YC)) { goto Pm; } $Gk->setEmail($pd->profileAttributesList[$YC]); Pm: $Xh = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_custom_attrs_map_arr"); $Hd = array(); if (!(isset($Xh) && !empty($Xh))) { goto Sj; } foreach ($Xh as $dX => $VA) { $Hd[$VA] = $pd->profileAttributesList[$dX]; } foreach ($Hd as $pU => $CL) { $Gk->{$pU} = $CL[0]; } Sj: $Gk->save(); $Hs = ''; $DM = array(); $DM["redirect"] = $base_url; user_login_finalize($Gk); $Xm = new RedirectResponse($DM["redirect"]); $Xm->send(); die; } if ($PI == 0) { $CQ = user_password(8); $pu = array("name" => $Vj, "mail" => $ua, "pass" => $CQ, "status" => 1); $Gk = User::create($pu); $Gk->save(); // [PHPDeobfuscator] Implied goto goto MX; } $form_state->setErrorByName("name", t("The user does not exists in the database. Contact your administrator.")); return; } if (!filter_var($Vj, FILTER_VALIDATE_EMAIL)) { $ua = $Vj; goto Yj; } $form_state->setErrorByName("name", t("Email Address not received. Please check your mapping again.")); return; } if ($pd->statusMessage == "LDAP_NOT_RESPONDING") { $form_state->setErrorByName("name", t("It looks like your LDAP is not responding. Please contact your administrator or try after some time.")); return; } if ($pd->statusMessage == "LDAP_ERROR") { $form_state->setErrorByName("name", t("PHP LDAP extension is not installed or disabled. Please enable it.")); return; } if ($pd->statusMessage == "CURL_ERROR") { $form_state->setErrorByName("name", t("PHP cURL extension is not installed or disabled. Please enable it.")); return; } if ($pd->statusMessage == "OPENSSL_ERROR") { $form_state->setErrorByName("name", t("PHP OpenSSL extension is not installed or disabled. Please enable it.")); return; } if ($f3 == 0) { $v2 = \Drupal::service("user.auth")->authenticate($Vj, $Qi); iz: Kl: // [PHPDeobfuscator] Implied return return; } if ($f3 == 1 || $yH == 1) { $v2 = \Drupal::service("user.auth")->authenticate($Vj, $Qi); $user = User::load($v2); if (isset($user)) { if ($user->hasRole("administrator")) { goto iz; } $form_state->setErrorByName("name", t("<strong>PERMISSION DENIED</strong>: In order to do login you need to either have Administrator permission or should be an Adminstrator.")); return; } $form_state->setErrorByName("name", t("Invalid username or incorrect password. Please try again.")); return; } $form_state->setErrorByName("name", t("Invalid Username or Password. Please try again.")); return; } $form_state->setErrorByName("name", t("LDAP login has not been enabled by Administrator.")); return; } function ldap_login($Vj, $Qi) { $Vj = stripcslashes($Vj); $Qi = stripcslashes($Qi); $PH = null; $PN = getConnection(); if ($PN) { $xC = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_username_attribute"); $yk = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_search_base"); $Sg = explode(";", $yk); $YG = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_server_account_username"); $EN = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_server_account_password"); $zG = str_replace("?", $Vj, $xC); $Zz = null; $zI = null; $Sm = null; if (!(\Drupal::config("ldap_auth.settings")->get("miniorange_ldap_enable_tls") != '')) { goto D6; } ldap_start_tls($PN); D6: $jk = @ldap_bind($PN, $YG, $EN); $gE = ldap_error($PN); if (strtolower($gE) != "success") { $pd = new Mo_Ldap_Auth_Response(); $pd->status = false; $pd->statusMessage = "LDAP_NOT_RESPONDING"; $pd->userDn = ''; return $pd; } if (!(isset($_COOKIE["Drupal_visitor_mo_ldap_test"]) && $_COOKIE["Drupal_visitor_mo_ldap_test"] == true)) { $Rf = 0; UI: if (!($Rf < sizeof($Sg))) { bR: if ($Sm) { $Ra = ldap_get_dn($PN, $Sm); $WB = authenticate($Ra, $Qi); if (!($WB->statusMessage == "SUCCESS")) { goto Pk; } $J2 = array(); $hG = array(); $DY = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_email_attribute"); if (empty($DY)) { goto Tv; } if (is_array($zI[0][$DY])) { $hG["mail"] = $zI[0][$DY][0]; // [PHPDeobfuscator] Implied goto goto qc; } $hG["mail"] = $zI[0][$DY]; qc: Tv: $XK = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_custom_attrs_map_arr"); foreach ($XK as $pU => $CL) { $hG[$pU] = $zI[0][$pU]; } $WB->profileAttributesList = $hG; $WB->attributeList = $J2; Pk: return $WB; } $pd = new Mo_Ldap_Auth_Response(); $pd->status = false; $pd->statusMessage = "USER_NOT_EXIST"; $pd->userDn = ''; return $pd; } if (ldap_search($PN, $Sg[$Rf], $zG)) { $Zz = ldap_search($PN, $Sg[$Rf], $zG); $Sm = ldap_first_entry($PN, $Zz); $zI = ldap_get_entries($PN, $Zz); if (!$Sm) { $Rf++; goto UI; } goto bR; } $gE = ldap_error($PN); $pd = new Mo_Ldap_Auth_Response(); $pd->status = false; $pd->statusMessage = "USER_NOT_EXIST"; $pd->userDn = ''; return $pd; } $pd = new Mo_Ldap_Auth_Response(); $pd->status = true; $pd->statusMessage = "Test_Connection_was_successful"; $pd->userDn = ''; return $pd; } print_r("It seems that the LDAP server you saved is not correct."); die; } function getConnection() { $Yf = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_server"); $fL = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_server_account_username"); $it = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_server_account_password"); $PN = ldap_connect($Yf); if (!(version_compare(PHP_VERSION, "5.3.0") >= 0)) { goto yn; } ldap_set_option($PN, LDAP_OPT_NETWORK_TIMEOUT, 5); yn: ldap_set_option($PN, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($PN, LDAP_OPT_REFERRALS, 0); return $PN; } function authenticate($Ra, $Qi) { $Yf = \Drupal::config("ldap_auth.settings")->get("miniorange_ldap_server"); $PN = ldap_connect($Yf); if (!(version_compare(PHP_VERSION, "5.3.0") >= 0)) { goto GN; } ldap_set_option(null, LDAP_OPT_NETWORK_TIMEOUT, 5); GN: ldap_set_option($PN, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($PN, LDAP_OPT_REFERRALS, 0); if (!\Drupal::config("ldap_auth.settings")->get("miniorange_ldap_enable_tls")) { goto dA; } ldap_start_tls($PN); dA: $Wu = @ldap_bind($PN, $Ra, $Qi); if (!$Wu) { $pd = new Mo_Ldap_Auth_Response(); $pd->status = false; $pd->statusMessage = "ERROR"; $pd->userDn = $Ra; return $pd; } $pd = new Mo_Ldap_Auth_Response(); $pd->status = true; $pd->statusMessage = "SUCCESS"; $pd->userDn = $Ra; return $pd; }
■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.