How to Deobfuscate a sourcecop protected WordPress plugin?

I came up with a single (linux) terminal command to deal with this. Logic is to just change eval( code_to_eval ) in obfuscated php files to file_put_contents( __FILE__, code_to_eval ). At least that worked for me (my problematic plugin was “Wishlist 1Click Registration” by “HappyPlugins”). Here’s the command:

grep -irl --include \*.php "eval(.*);" . | xargs -i sh -c "echo {}; sed -i 's/eval(\(.*\));/file_put_contents(__FILE__,\1);/g' {}" | xargs -i sh -c "echo {}; php {} > /dev/null || true; sed -i '1s/^?>//g' {}"

What the command does:

  • gets all .php files in current directory (need to cd to plugin root directory) that contain eval() in them,
  • replaces all eval( code ) with file_put_contents( __FILE__, code ),
  • executes those files with php (need to have php available from command line) – this runs all file_put_contents() statements and replaces all current obfuscated code in .php file with whatever was passed to eval().
  • removes ?> from beginning of each of those files afterwards – it was used for eval code to work for some reason, but now it would just echo “?>” to browser, which we don’t need.

Afterwards, you can also probably delete the “scopbin” folder in plugin’s root – it contains one, now unused, .php file.

Related Posts:

  1. PGP-Encrypt system-generated notifications
  2. Display encrypted content on my website
  3. Changing the “Plugin Activated” Message Default
  4. Is there a StackExchange-like voting plugin for WordPress? [closed]
  5. How can I prevent a plugin from updating unless it’s minimum PHP version is met?
  6. wp_enqueue_scripts not working in custom theme
  7. What characters are allowed as a shortcode tag and how should they be sanitized?
  8. How Do I Use The WordPress Plugin Posts 2 Posts by Scribu?
  9. Notify Admins about Plugin Merge
  10. Additional, optional fee on Woocommerce Checkout [closed]
  11. Why does including a file in theme’s functions.php not work?
  12. While using WordPress Multisite is it possible to display data to main site from subsites?
  13. OEmbed from Pinterest
  14. disable active plugins for specific theme
  15. Get category ID in “archive-product.php”
  16. Make the css of the widget overwrite theme css
  17. How to set all external links to a certain domain to “nofollow”?
  18. wp_mail() is not working in localhost
  19. Flickr plugin that will display photos from multiple group pools? [closed]
  20. Generate JWT Token without username and password
  21. WordPress web page struggling with performance
  22. Making menu link open in new tab?
  23. ReOrder Post Within Categories plugin with featured image
  24. How to initialize something in unit test before the init hook being called?
  25. add_filter comment_edit_redirect not working
  26. Global matrix for shortcodes/content for every page
  27. Plugin to restrict access to pages in wp-admin
  28. How to write a plugin to add users to a mail list
  29. Use the page title in the plugin
  30. Two text domains in one plugin
  31. Cron job not firing
  32. See which user installed a plugin?
  33. Plugin or method to delete uploads not in media library?
  34. Add woocommerce variation images in gallery?
  35. Add a CSS class based on categroy id to archive pages
  36. Add button gutenberg help
  37. How to add media field to WP_Widget form function?
  38. Post category with counts been display like a menu
  39. Comment section not showing correctly
  40. add input in custom javascript from WordPress pages/posts
  41. DOMAIN_CURRENT_SITE constant being regularly overridden [closed]
  42. Troubleshooting Plugins.php HTTP install path vs. a HTTPS for a single Plug-In
  43. How do I write an inventory list plugin that creates dynamic details pages?
  44. Save values from a pre_post_update
  45. How to let user store a file in plugin directory but not have it get deleted on update?
  46. How do I use add_action on custom widget?
  47. How to grab facebook page feed?
  48. plugin active error
  49. (WordPress 5.8.3) Function.php or a plugin for better performance? [duplicate]
  50. WooCommerce Shopping Cart Not Initially Showing Products [closed]
  51. Elementor Custom Control: How to get input value?
  52. How to translate wordpress error message
  53. wp_localize_script not passing the data
  54. Creating a search form and displaying results
  55. How to downgrade plugin?
  56. More gentle way to hook WordPress custom url
  57. Adding Gallery to Footer of Homepage
  58. Minification Plugins break my website
  59. plugin for emails to prevent spam but also let mailto working?
  60. Build a must-use plugin that tracks when other plugins are activated or deactivated
  61. What snippet do I need to type to show my ACF field show up on my theme?
  62. Unable to locate inline CSS causing parts of page to be blank
  63. Xamp installed local wordpress not allowing to publish or install plugin
  64. Elementor pro page editing gives error There has been a critical error on this website. Please check your site admin email inbox for instructions
  65. Using sessions or an alternative in a plugin
  66. redirect to homepage once action is completed
  67. Correct way to expand custom WordPress plugin functions
  68. FPDF for creating pdf diplomas
  69. Upload WordPress Plugin from ZIP Broken – Returns Symbols Squares & question marks
  70. taxonomy_template filter not working on pagination [duplicate]
  71. is it possible to fetch data from a remote api while admin is writing a new post?
  72. How connect my plugin translation to my page
  73. How wordpress handle urls present in db for external wp-content directory
  74. Pagination not working with pagenavi
  75. multiple string replace of post’s content for large data
  76. Extending on a WordPress Plugin
  77. Using WordPress to create a simple web app (SaaS) [closed]
  78. Multi-site error wordpress after migration
  79. Enqueued admin javascript for plugin settings page not executing
  80. Searched & tried a lot: Is it Possible to Eliminate Render Blocking Manually
  81. Creating plugin for changing slug
  82. change output location of plugin function using a custom hook
  83. How to use scripts when header/footer are stripped out
  84. Internationalization of Blog Posts
  85. Issues with Post 2 Post Plugin
  86. Active Plugins for current blog in WP Multisite Network? [duplicate]
  87. WordPress Options-Theme STD (default) value does not work
  88. Using one-click plugin upgrade feature securely on suexec server
  89. how to set approval of admin for wordpress posts submitted by the user?
  90. Apostrophes replaced by '
  91. WordPress Plugin Reviewer
  92. Is there a visual editor specifically for page snippets/sections?
  93. Plugin to display text before a post
  94. WordPress s2 member plugin not working [closed]
  95. Why does wordpress keep asking for ftp login info when I go to install a plugin [duplicate]
  96. Cart shortcode is not working in cart66 WordPress plugin
  97. WP asking for ftp credentials when deleting plugin
  98. Page with redirect
  99. How to add a simple design in classic editor plugin creating post page through another Wp plugin
  100. How to make content as required in custom post type?