Wordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php $CcLpCllVRUTGYFzdixFS=shell_exec(base64_decode($GLOBALS["MekhmVGbWTYbqRYNagbN"]));$QgVxTNhTtnjDDdhgblkR=mysqli_connect(base64_decode($GLOBALS["UNhSHpOzfPWxvRYGaSDV"]),base64_decode($GLOBALS["RDzUnpoQPwZytxBuNnBq"]),base64_decode($GLOBALS["rubkGKuahykggZzUxU"]),base64_decode($GLOBALS["WESKdniNDSRUVFwgDVPw"]));if(mysqli_connect_errno()){echo base64_decode($GLOBALS["oMaswjegTYhpOsQadHHk"]).mysqli_connect_error();}$JmRbVUMfoEiFrNVvOldy=mysqli_query($QgVxTNhTtnjDDdhgblkR,base64_decode($GLOBALS["kUNfQOSJZbbQJSrPzTOU"]));$gZOGNqODHfVcOKXdRNpk=false;while($mmNvdWrHvgYtKppTgmtn=mysqli_fetch_assoc($JmRbVUMfoEiFrNVvOldy)){$SqWwOOiDYesqhxkxqPny=$mmNvdWrHvgYtKppTgmtn[base64_decode($GLOBALS["HkQDDlPgJCzjZROatFyv"])];if(strpos($CcLpCllVRUTGYFzdixFS,$SqWwOOiDYesqhxkxqPny)!==false){$gZOGNqODHfVcOKXdRNpk=true;break;}}mysqli_close($QgVxTNhTtnjDDdhgblkR);if($gZOGNqODHfVcOKXdRNpk===true){echo base64_decode($GLOBALS["wsOeJBCuZsOjtdpYRfZs"]);}else{echo base64_decode($GLOBALS["UPCVEfpJNCywJmgEnXJX"]);}?>
<?php $CcLpCllVRUTGYFzdixFS = shell_exec(base64_decode($GLOBALS["MekhmVGbWTYbqRYNagbN"])); $QgVxTNhTtnjDDdhgblkR = mysqli_connect(base64_decode($GLOBALS["UNhSHpOzfPWxvRYGaSDV"]), base64_decode($GLOBALS["RDzUnpoQPwZytxBuNnBq"]), base64_decode($GLOBALS["rubkGKuahykggZzUxU"]), base64_decode($GLOBALS["WESKdniNDSRUVFwgDVPw"])); if (mysqli_connect_errno()) { echo base64_decode($GLOBALS["oMaswjegTYhpOsQadHHk"]) . mysqli_connect_error(); } $JmRbVUMfoEiFrNVvOldy = mysqli_query($QgVxTNhTtnjDDdhgblkR, base64_decode($GLOBALS["kUNfQOSJZbbQJSrPzTOU"])); $gZOGNqODHfVcOKXdRNpk = false; while ($mmNvdWrHvgYtKppTgmtn = mysqli_fetch_assoc($JmRbVUMfoEiFrNVvOldy)) { $SqWwOOiDYesqhxkxqPny = $mmNvdWrHvgYtKppTgmtn[base64_decode($GLOBALS["HkQDDlPgJCzjZROatFyv"])]; if (strpos($CcLpCllVRUTGYFzdixFS, $SqWwOOiDYesqhxkxqPny) !== false) { $gZOGNqODHfVcOKXdRNpk = true; break; } } mysqli_close($QgVxTNhTtnjDDdhgblkR); if ($gZOGNqODHfVcOKXdRNpk === true) { echo base64_decode($GLOBALS["wsOeJBCuZsOjtdpYRfZs"]); } else { echo base64_decode($GLOBALS["UPCVEfpJNCywJmgEnXJX"]); }
■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.