doc: 更新文档

2024-11-05 09:59:23 +08:00 · 2023-07-08 17:13:38 +08:00 · 2023-07-08 17:13:38 +08:00 · 23fc28d011
commit 23fc28d011
parent e373b2f063
5 changed files with 49 additions and 51 deletions
--- a/python/decrpt.py
+++ b/python/decrpt.py
@ -1,51 +0,0 @@
 import ctypes
 import hashlib
 import hmac
 # pip install pycryptodome
 from Crypto.Cipher import AES
 def decrypt(password, input_file, out_file):
    password = bytes.fromhex(password.replace(' ', ''))
    with open(input_file, 'rb') as (f):
        blist = f.read()
    print(len(blist))
    salt = blist[:16]
    key = hashlib.pbkdf2_hmac('sha1', password, salt, DEFAULT_ITER, KEY_SIZE)
    first = blist[16:DEFAULT_PAGESIZE]
    mac_salt = bytes([x ^ 58 for x in salt])
    mac_key = hashlib.pbkdf2_hmac('sha1', key, mac_salt, 2, KEY_SIZE)
    hash_mac = hmac.new(mac_key, digestmod='sha1')
    hash_mac.update(first[:-32])
    hash_mac.update(bytes(ctypes.c_int(1)))
    if hash_mac.digest() == first[-32:-12]:
        print('decrypt success')
    else:
        print('password error')
        return
    blist = [blist[i:i + DEFAULT_PAGESIZE] for i in range(DEFAULT_PAGESIZE, len(blist), DEFAULT_PAGESIZE)]
    with open(out_file, 'wb') as (f):
        f.write(SQLITE_FILE_HEADER)
        t = AES.new(key, AES.MODE_CBC, first[-48:-32])
        f.write(t.decrypt(first[:-48]))
        f.write(first[-48:])
        for i in blist:
            t = AES.new(key, AES.MODE_CBC, i[-48:-32])
            f.write(t.decrypt(i[:-48]))
            f.write(i[-48:])
 def main():
    password = '565735E30E474DA09250CB5AA047E3940FFA1C6F767C4263B13ABB512933DA49'
    input_file = 'C:/var/Applet.db'
    out_file = 'c:/var/out/Applet.db'
    decrypt(password, input_file, out_file)
 if __name__ == '__main__':
    SQLITE_FILE_HEADER = bytes('SQLite format 3', encoding='ASCII') + bytes(1)
    KEY_SIZE = 32
    DEFAULT_PAGESIZE = 4096
    DEFAULT_ITER = 64000
    main()
--- a/python/http_server.py
+++ b/python/http_server.py
@ -0,0 +1,26 @@
 from fastapi import FastAPI, Request
 app = FastAPI()
 # pip install fastapi
 # run command :uvicorn test:app --reload 
 # 127.0.0.1:8000/api  
@app.post("/api")
 def create_item(request: Request):
    print("recv msg")
    return {"code": 0, "msg": "success"}
@app.middleware("http")
 async def TestCustomMiddleware(request: Request, call_next):
    the_headers = request.headers
    the_body = await request.json()
    print(the_headers)
    print(the_body)
    response = await call_next(request)
    return response
--- a/python/readme.md
+++ b/python/readme.md
@ -0,0 +1,10 @@
 ###  常用的一些工具   
 client.py :  快速测试dll的http接口。   
 decrpt.py :  微信数据库解密工具。password 为dll个人信息里返回的dbkey。    
 http_server.py : 一个简单的http server，用来接收hook的消息。  
 tcpserver.py:  一个简单的tcp server，用来接收hook的消息。  
--- a/tool/injector/ConsoleApplication.exe
+++ b/tool/injector/ConsoleApplication.exe
--- a/tool/injector/readme.md
+++ b/tool/injector/readme.md
@ -1 +1,14 @@
 ## 可以使用对应分支下的注入工具，或者自己编译一下 source目录下的注入程序。
 1.ConsoleApplication.exe   
 编译好的x64版本的注入器  
 命令行注入工具，注入命令 
 ``` javascript
    //-i  注入程序名   -p 注入dll路径   
    // -u 卸载程序名   -d 卸载dll名称
    //注入  
    ConsoleInject.exe  -i demo.exe -p E:\wxhelper.dll
    //卸载 
    ConsoleInject.exe  -u demo.exe -d  wxhelper.dll
 ```