feat: 部分偏移更新

This commit is contained in:
hugy 2023-05-13 17:25:08 +08:00
parent 76dc8affe9
commit dcbde9203b
7 changed files with 97 additions and 82 deletions

View File

@ -23,7 +23,7 @@ add_subdirectory(spdlog)
find_package(nlohmann_json CONFIG REQUIRED)
find_package(unofficial-mongoose CONFIG REQUIRED)
find_package(spdlog CONFIG REQUIRED)
# find_package(spdlog CONFIG REQUIRED)

View File

@ -1,5 +1,16 @@
## 3.9.2.26版本,预览功能没有的接口,不能使用,文档仅供参考。
#### 功能预览:
0.检查是否登录
1.获取登录微信信息
2.发送文本
5.发送图片
6.发送文件
9.hook消息
10.取消hook消息
25.获取群成员
26.获取群成员昵称
27.删除群成员
28.增加群成员
31.修改群昵称
32.获取数据库句柄
34.查询数据库

View File

@ -128,16 +128,16 @@ int AccountMgr::GetSelfInfo(SelfInfoInner &out) {
}
}
if (*(DWORD *)(service_addr + 0x304) == 0 ||
*(DWORD *)(service_addr + 0x304 + 0x10) == 0) {
if (*(DWORD *)(service_addr + 0x31C) == 0 ||
*(DWORD *)(service_addr + 0x31C + 0x10) == 0) {
out.head_img = string();
} else {
if (*(DWORD *)(service_addr + 0x304 + 0x14) == 0xF) {
out.head_img = string((char *)(service_addr + 0x304),
*(DWORD *)(service_addr + 0x304 + 0x10));
if (*(DWORD *)(service_addr + 0x31C + 0x14) == 0xF) {
out.head_img = string((char *)(service_addr + 0x31C),
*(DWORD *)(service_addr + 0x31C + 0x10));
} else {
out.head_img = string(*(char **)(service_addr + 0x304),
*(DWORD *)(service_addr + 0x304 + 0x10));
out.head_img = string(*(char **)(service_addr + 0x31C),
*(DWORD *)(service_addr + 0x31C + 0x10));
}
}

View File

@ -108,6 +108,7 @@ int ChatRoomMgr::DelMemberFromChatRoom(wchar_t* chat_room_id, wchar_t** wxids,
DWORD init_chat_msg_addr = base_addr_ + WX_INIT_CHAT_MSG_OFFSET;
__asm {
PUSHAD
PUSHFD
CALL get_chat_room_mgr_addr
SUB ESP,0x14
MOV ESI,EAX
@ -120,6 +121,7 @@ int ChatRoomMgr::DelMemberFromChatRoom(wchar_t* chat_room_id, wchar_t** wxids,
PUSH EAX
CALL del_member_addr
MOV success,EAX
POPFD
POPAD
}
return success;

View File

@ -56,12 +56,12 @@ void SendSocketMessage(InnerMessageStruct *msg) {
string jstr = j_msg.dump() + "\n";
if (server_port_ == 0) {
// LOG(INFO) << "http server port error :" << server_port_;
SPDLOG_ERROR("http server port error :{}",server_port_);
return;
}
SOCKET client_socket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (client_socket < 0) {
// LOG(INFO) << "socket init fail";
SPDLOG_ERROR("socket init fail");
return;
}
BOOL status = false;
@ -72,13 +72,13 @@ void SendSocketMessage(InnerMessageStruct *msg) {
InetPtonA(AF_INET, server_ip_, &client_addr.sin_addr.s_addr);
if (connect(client_socket, reinterpret_cast<sockaddr *>(&client_addr),
sizeof(sockaddr)) < 0) {
// LOG(INFO) << "socket connect fail";
SPDLOG_ERROR("socket connect fail");
return;
}
char recv_buf[1024] = {0};
int ret = send(client_socket, jstr.c_str(), jstr.size(), 0);
if (ret == -1 || ret == 0) {
// LOG(INFO) << "socket send fail ,ret:" << ret;
SPDLOG_ERROR("socket send fail ,ret::{}",ret);
closesocket(client_socket);
return;
}
@ -86,7 +86,8 @@ void SendSocketMessage(InnerMessageStruct *msg) {
ret = recv(client_socket, recv_buf, sizeof(recv_buf), 0);
closesocket(client_socket);
if (ret == -1 || ret == 0) {
// LOG(INFO) << "socket recv fail ,ret:" << ret;
SPDLOG_ERROR("socket recv fail ,ret:{}",ret);
return;
}
}
@ -213,38 +214,35 @@ int HookRecvMsg(char *client_ip, int port) {
strcpy_s(server_ip_, client_ip);
DWORD base = Utils::GetWeChatWinBase();
if (!base) {
SPDLOG_INFO("base addr is null");
return -1;
}
if (msg_hook_flag_) {
SPDLOG_INFO("recv msg hook already called");
return 2;
}
DWORD hook_recv_msg_addr = base + WX_RECV_MSG_HOOK_OFFSET;
msg_next_addr_ = base + WX_RECV_MSG_HOOK_NEXT_OFFSET;
// msg_back_addr_ = hook_recv_msg_addr + 0x5;
// LOG(INFO) << "base" << base;
// LOG(INFO) << "msg_next_addr_" << msg_next_addr_;
// LOG(INFO) << "msg_back_addr_" << msg_back_addr_;
msg_back_addr_ = hook_recv_msg_addr + 0x5;
Utils::HookAnyAddress(hook_recv_msg_addr, (LPVOID)HandleSyncMsg,
msg_asm_code_);
DWORD hook_sns_msg_addr = base + WX_SNS_HOOK_OFFSET;
sns_next_addr_ = base + WX_SNS_HOOK_NEXT_OFFSET;
sns_back_addr_ = hook_sns_msg_addr + 0x5;
// LOG(INFO) << "base" << base;
// LOG(INFO) << "sns_next_addr_" << sns_next_addr_;
// LOG(INFO) << "sns_back_addr_" << sns_back_addr_;
Utils::HookAnyAddress(hook_sns_msg_addr, (LPVOID)HandleSNSMsg, sns_asm_code_);
msg_hook_flag_ = true;
SPDLOG_INFO("hook recv msg success");
return 1;
}
int UnHookRecvMsg() {
server_port_ = 0;
if (!msg_hook_flag_) {
// LOG(INFO) << "this port already hooked";
SPDLOG_INFO("recv msg hook already called");
return 2;
}
DWORD base = Utils::GetWeChatWinBase();
@ -272,7 +270,6 @@ void PrintLog(DWORD addr) {
WideCharToMultiByte(CP_ACP, 0, w_msg, -1, ansi_message, size, 0, 0);
delete[] w_msg;
w_msg = NULL;
// LOG(INFO) << ansi_message;
delete[] ansi_message;
ansi_message = NULL;
}

View File

@ -18,6 +18,7 @@ int SendMessageMgr::SendText(wchar_t* wxid, wchar_t* msg) {
char chat_msg[0x2D8] = {0};
__asm {
PUSHAD
PUSHFD
CALL send_message_mgr_addr
PUSH 0x0
PUSH 0x0
@ -33,6 +34,7 @@ int SendMessageMgr::SendText(wchar_t* wxid, wchar_t* msg) {
ADD ESP,0x18
LEA ECX,chat_msg
CALL free_chat_msg_addr
POPFD
POPAD
}
SPDLOG_INFO("SendText code = {}",success);
@ -84,6 +86,7 @@ int SendMessageMgr::SendAtText(wchar_t* chat_room_id, wchar_t** wxids, int len,
char chat_msg[0x2D8] = {0};
__asm{
PUSHAD
PUSHFD
CALL send_message_mgr_addr
PUSH 0x0
PUSH 0x0
@ -100,6 +103,7 @@ int SendMessageMgr::SendAtText(wchar_t* chat_room_id, wchar_t** wxids, int len,
ADD ESP,0x18
LEA ECX,chat_msg
CALL free_chat_msg_addr
POPFD
POPAD
}
SPDLOG_INFO("SendText code = {}",success);
@ -118,6 +122,7 @@ int SendMessageMgr::SendImage(wchar_t* wxid, wchar_t* image_path) {
WeChatString null_obj = {0};
__asm {
PUSHAD
PUSHFD
CALL send_message_mgr_addr
SUB ESP,0x14
MOV temp,EAX
@ -136,6 +141,7 @@ int SendMessageMgr::SendImage(wchar_t* wxid, wchar_t* image_path) {
MOV success,EAX
LEA ECX,chat_msg
CALL free_msg_addr
POPFD
POPAD
}
SPDLOG_INFO("SendImage code = {}",success);

View File

@ -6,9 +6,9 @@
// snsDataMgr
#define WX_SNS_DATA_MGR_OFFSET 0xc39680
// chatRoomMgr
#define WX_CHAT_ROOM_MGR_OFFSET 0x78cf20
#define WX_CHAT_ROOM_MGR_OFFSET 0x78d9d0
// contactMgr
#define WX_CONTACT_MGR_OFFSET 0x75a4a0
#define WX_CONTACT_MGR_OFFSET 0x75af30
// syncMgr
#define WX_SYNC_MGR_OFFSET 0xa87fd0
// preDownloadMgr
@ -31,10 +31,10 @@
#define WX_INIT_CHAT_MSG_OFFSET 0xf5b3f0
// chatMsg
#define WX_NEW_CHAT_MSG_OFFSET 0x76f010
#define WX_NEW_CHAT_MSG_OFFSET 0x76fab0
#define WX_FREE_CHAT_MSG_OFFSET 0x7573f0
#define WX_FREE_CHAT_MSG_2_OFFSET 0x6f4ea0
#define WX_FREE_CHAT_MSG_INSTANCE_COUNTER_OFFSET 0x756e30
// #define WX_FREE_CHAT_MSG_2_OFFSET 0x6f4ea0
#define WX_FREE_CHAT_MSG_INSTANCE_COUNTER_OFFSET 0x7578c0
//sns
@ -42,27 +42,27 @@
#define WX_SNS_GET_NEXT_PAGE_OFFSET 0x14e21e0
//chat room
#define WX_GET_CHAT_ROOM_DETAIL_INFO_OFFSET 0xbde090
#define WX_GET_CHAT_ROOM_DETAIL_INFO_OFFSET 0xbdef30
// chatRoomInfo
#define WX_NEW_CHAT_ROOM_INFO_OFFSET 0xe99c40
#define WX_FREE_CHAT_ROOM_INFO_OFFSET 0xe99f40
#define WX_DEL_CHAT_ROOM_MEMBER_OFFSET 0xbd22a0
#define WX_ADD_MEMBER_TO_CHAT_ROOM_OFFSET 0xbd1dc0
#define WX_NEW_CHAT_ROOM_INFO_OFFSET 0xe9abd0
#define WX_FREE_CHAT_ROOM_INFO_OFFSET 0xe9aed0
#define WX_DEL_CHAT_ROOM_MEMBER_OFFSET 0xbd3140
#define WX_ADD_MEMBER_TO_CHAT_ROOM_OFFSET 0xbd2c60
// chatRoom
#define WX_INIT_CHAT_ROOM_OFFSET 0xe97890
#define WX_FREE_CHAT_ROOM_OFFSET 0xe97ab0
#define WX_INIT_CHAT_ROOM_OFFSET 0xe98820
#define WX_FREE_CHAT_ROOM_OFFSET 0xe98a40
#define WX_GET_MEMBER_FROM_CHAT_ROOM_OFFSET 0xbdf260
#define WX_MOD_CHAT_ROOM_MEMBER_NICK_NAME_OFFSET 0xbd9680
#define WX_GET_MEMBER_FROM_CHAT_ROOM_OFFSET 0xbe0100
#define WX_MOD_CHAT_ROOM_MEMBER_NICK_NAME_OFFSET 0xbda520
#define WX_TOP_MSG_OFFSET 0xbe1840
#define WX_REMOVE_TOP_MSG_OFFSET 0xbe1620
#define WX_TOP_MSG_OFFSET 0xbe26e0
#define WX_REMOVE_TOP_MSG_OFFSET 0xbe24c0
#define WX_GET_MEMBER_NICKNAME_OFFSET 0xbdf3f0
#define WX_GET_MEMBER_NICKNAME_OFFSET 0xbe0290
#define WX_FREE_CONTACT_OFFSET 0xea7880
#define WX_FREE_CONTACT_OFFSET 0xea8800
// wcpayinfo
#define WX_NEW_WCPAYINFO_OFFSET 0x7b2e60
@ -71,12 +71,12 @@
//contact
#define WX_CONTACT_GET_LIST_OFFSET 0xc089f0
#define WX_CONTACT_GET_LIST_OFFSET 0xc09890
#define WX_CONTACT_DEL_OFFSET 0xb9b3b0
#define WX_SET_VALUE_OFFSET 0x1f80900
#define WX_DO_DEL_CONTACT_OFFSET 0xca6480
#define WX_GET_CONTACT_OFFSET 0xc04e00
#define WX_GET_CONTACT_OFFSET 0xc05ca0
#define WX_DO_VERIFY_USER_OFFSET 0xc02100
#define WX_VERIFY_MSG_OFFSET 0xf59d40
#define WX_VERIFY_OK_OFFSET 0xa18bd0
@ -88,8 +88,7 @@
#define WX_PUSH_ATTACH_TASK_OFFSET 0x82bb40
#define WX_GET_MGR_BY_PREFIX_LOCAL_ID_OFFSET 0xbc0370
#define WX_GET_CURRENT_DATA_PATH_OFFSET 0xc872c0
#define WX_GET_MGR_BY_PREFIX_LOCAL_ID_OFFSET 0xbc11d0
#define WX_APP_MSG_INFO_OFFSET 0x7b3d20
#define WX_GET_APP_MSG_XML_OFFSET 0xe628a0
#define WX_FREE_APP_MSG_INFO_OFFSET 0x79d900
@ -106,19 +105,19 @@
//search hook
#define WX_SEARCH_CONTACT_ERROR_CODE_HOOK_OFFSET 0xe17054
#define WX_SEARCH_CONTACT_ERROR_CODE_HOOK_NEXT_OFFSET 0xf57a20
#define WX_SEARCH_CONTACT_DETAIL_HOOK_OFFSET 0xa8ceb0
#define WX_SEARCH_CONTACT_DETAIL_HOOK_NEXT_OFFSET 0xa8d100
#define WX_SEARCH_CONTACT_OFFSET 0xcd1510
#define WX_SEARCH_CONTACT_ERROR_CODE_HOOK_OFFSET 0xe17ed4
#define WX_SEARCH_CONTACT_ERROR_CODE_HOOK_NEXT_OFFSET 0xf58fd0
#define WX_SEARCH_CONTACT_DETAIL_HOOK_OFFSET 0xa8dc00
#define WX_SEARCH_CONTACT_DETAIL_HOOK_NEXT_OFFSET 0xa8de50
#define WX_SEARCH_CONTACT_OFFSET 0xcd2370
//login
#define WX_LOGOUT_OFFSET 0xe58870
#define WX_ACCOUNT_SERVICE_OFFSET 0x768c80
#define WX_GET_APP_DATA_SAVE_PATH_OFFSET 0xf3a610
#define WX_GET_CURRENT_DATA_PATH_OFFSET 0xc872c0
#define WX_LOGOUT_OFFSET 0xe596d0
#define WX_ACCOUNT_SERVICE_OFFSET 0x769720
#define WX_GET_APP_DATA_SAVE_PATH_OFFSET 0xf3bbd0
#define WX_GET_CURRENT_DATA_PATH_OFFSET 0xc88120
//forward
@ -139,7 +138,7 @@
//storage
#define CONTACT_G_PINSTANCE_OFFSET 0x2ffddc8
#define CONTACT_G_PINSTANCE_OFFSET 0x2fffe08
#define DB_MICRO_MSG_OFFSET 0x68
#define DB_CHAT_MSG_OFFSET 0x1C0
#define DB_MISC_OFFSET 0x3D8
@ -152,10 +151,10 @@
#define STORAGE_START_OFFSET 0x13f8
#define STORAGE_END_OFFSET 0x13fc
#define PUBLIC_MSG_MGR_OFFSET 0x303df74
#define PUBLIC_MSG_MGR_OFFSET 0x30400a4
#define MULTI_DB_MSG_MGR_OFFSET 0x30403b8
#define FAVORITE_STORAGE_MGR_OFFSET 0x303fd40
#define FTS_FAVORITE_MGR_OFFSET 0x2ffe908
#define FAVORITE_STORAGE_MGR_OFFSET 0x3041e70
#define FTS_FAVORITE_MGR_OFFSET 0x3000948
#define OP_LOG_STORAGE_VFTABLE 0x2AD3A20
#define CHAT_MSG_STORAGE_VFTABLE 0x2AC10F0
@ -195,15 +194,15 @@
// hook log
#define WX_HOOK_LOG_OFFSET 0xf57d67
#define WX_HOOK_LOG_NEXT_OFFSET 0x240ea71
#define WX_HOOK_LOG_OFFSET 0xf59317
#define WX_HOOK_LOG_NEXT_OFFSET 0x24102b4
// hook msg
#define WX_RECV_MSG_HOOK_OFFSET 0xd19a0b
#define WX_RECV_MSG_HOOK_NEXT_OFFSET 0x756960
#define WX_SNS_HOOK_OFFSET 0x14f9e15
#define WX_SNS_HOOK_NEXT_OFFSET 0x14fa0a0
#define WX_RECV_MSG_HOOK_OFFSET 0xd1a89b
#define WX_RECV_MSG_HOOK_NEXT_OFFSET 0x7573f0
#define WX_SNS_HOOK_OFFSET 0x14fb3b5
#define WX_SNS_HOOK_NEXT_OFFSET 0x14fb640
// hook voice
@ -349,24 +348,24 @@
#define SQLITE_NULL 5
#define SQLITE_TEXT 3
#define SQLITE3_EXEC_OFFSET 0x1e24f70
#define SQLITE3_BACKUP_INIT_OFFSET 0x1dea900
#define SQLITE3_PREPARE_OFFSET 0x1e2b8c0
#define SQLITE3_OPEN_OFFSET 0x1e598b0
#define SQLITE3_BACKUP_STEP_OFFSET 0x1dead00
#define SQLITE3_BACKUP_REMAINING_OFFSET 0x1deb440
#define SQLITE3_BACKUP_PAGECOUNT_OFFSET 0x1deb450
#define SQLITE3_BACKUP_FINISH_OFFSET 0x1deb340
#define SQLITE3_SLEEP_OFFSET 0x1e5a0f0
#define SQLITE3_ERRCODE_OFFSET 0x1e58550
#define SQLITE3_CLOSE_OFFSET 0x1e56cd0
#define SQLITE3_STEP_OFFSET 0x1df3770
#define SQLITE3_COLUMN_COUNT_OFFSET 0x1df3c80
#define SQLITE3_COLUMN_NAME_OFFSET 0x1df4570
#define SQLITE3_COLUMN_TYPE_OFFSET 0x1df4410
#define SQLITE3_COLUMN_BLOB_OFFSET 0x1df3cc0
#define SQLITE3_COLUMN_BYTES_OFFSET 0x1df3da0
#define SQLITE3_FINALIZE_OFFSET 0x1df2740
#define SQLITE3_EXEC_OFFSET 0x1e26770
#define SQLITE3_BACKUP_INIT_OFFSET 0x1dec100
#define SQLITE3_PREPARE_OFFSET 0x1E2D0C0
#define SQLITE3_OPEN_OFFSET 0x1e5b090
#define SQLITE3_BACKUP_STEP_OFFSET 0x1DEC500
#define SQLITE3_BACKUP_REMAINING_OFFSET 0x1DECC40
#define SQLITE3_BACKUP_PAGECOUNT_OFFSET 0x1DECC50
#define SQLITE3_BACKUP_FINISH_OFFSET 0x1DECB40
#define SQLITE3_SLEEP_OFFSET 0x1e5b8d0
#define SQLITE3_ERRCODE_OFFSET 0x1e59d30
#define SQLITE3_CLOSE_OFFSET 0x1e584b0
#define SQLITE3_STEP_OFFSET 0x1df4f70
#define SQLITE3_COLUMN_COUNT_OFFSET 0x1df5480
#define SQLITE3_COLUMN_NAME_OFFSET 0x1df5d70
#define SQLITE3_COLUMN_TYPE_OFFSET 0x1df5c10
#define SQLITE3_COLUMN_BLOB_OFFSET 0x1df54c0
#define SQLITE3_COLUMN_BYTES_OFFSET 0x1df55a0
#define SQLITE3_FINALIZE_OFFSET 0x1df3f40
typedef int (*Sqlite3_callback)(void*, int, char**, char**);