I just noticed today that I have got lots of spam links in my wordpress blog. I just found a file which contains
<?php eval (chr(101).chr(114)...
Its very very long string. Can someone tell me how can I decode this to see what it does? So that I can try to remove the spam links? Thanks.
Just replace eval by echo and have a look at the generated output
<?php echo (chr(101).chr(114)...
Simply replace eval with echo:
<?php echo (chr(101).chr(114)...
Besides that, you most likely need to reinstall whatever you have on your webspace as you obviously have been hacked. Ensure that you use the most recent version of Wordpress and all other software you are running to prevent this from happening again.
Instead of executing (eval) you can just echo out what it says, preferrably with htmlspecialchars if you execute it via browser:
<?php echo htmlspecialchars(chr(101)...
odds are though that you won't see anything understandable, since it is probably encoded in more ways than one.