From dcbde9203b67fc04ce344a0642003364e0eb21fd Mon Sep 17 00:00:00 2001 From: hugy <504650082@qq.com> Date: Sat, 13 May 2023 17:25:08 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E9=83=A8=E5=88=86=E5=81=8F=E7=A7=BB?= =?UTF-8?q?=E6=9B=B4=E6=96=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CMakeLists.txt | 2 +- doc/3.9.2.26.md | 11 ++++ src/account_mgr.cc | 14 ++--- src/chat_room_mgr.cc | 2 + src/hooks.cc | 25 ++++----- src/send_message_mgr.cc | 6 ++ src/wechat_function.h | 119 ++++++++++++++++++++-------------------- 7 files changed, 97 insertions(+), 82 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index f92dd34..7e9c95e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -23,7 +23,7 @@ add_subdirectory(spdlog) find_package(nlohmann_json CONFIG REQUIRED) find_package(unofficial-mongoose CONFIG REQUIRED) -find_package(spdlog CONFIG REQUIRED) +# find_package(spdlog CONFIG REQUIRED) diff --git a/doc/3.9.2.26.md b/doc/3.9.2.26.md index 01059ee..adef823 100644 --- a/doc/3.9.2.26.md +++ b/doc/3.9.2.26.md @@ -1,5 +1,16 @@ ## 3.9.2.26版本,预览功能没有的接口,不能使用,文档仅供参考。 #### 功能预览: +0.检查是否登录 +1.获取登录微信信息 2.发送文本 5.发送图片 6.发送文件 +9.hook消息 +10.取消hook消息 +25.获取群成员 +26.获取群成员昵称 +27.删除群成员 +28.增加群成员 +31.修改群昵称 +32.获取数据库句柄 +34.查询数据库 \ No newline at end of file diff --git a/src/account_mgr.cc b/src/account_mgr.cc index b08ce5c..2c57c36 100644 --- a/src/account_mgr.cc +++ b/src/account_mgr.cc @@ -128,16 +128,16 @@ int AccountMgr::GetSelfInfo(SelfInfoInner &out) { } } - if (*(DWORD *)(service_addr + 0x304) == 0 || - *(DWORD *)(service_addr + 0x304 + 0x10) == 0) { + if (*(DWORD *)(service_addr + 0x31C) == 0 || + *(DWORD *)(service_addr + 0x31C + 0x10) == 0) { out.head_img = string(); } else { - if (*(DWORD *)(service_addr + 0x304 + 0x14) == 0xF) { - out.head_img = string((char *)(service_addr + 0x304), - *(DWORD *)(service_addr + 0x304 + 0x10)); + if (*(DWORD *)(service_addr + 0x31C + 0x14) == 0xF) { + out.head_img = string((char *)(service_addr + 0x31C), + *(DWORD *)(service_addr + 0x31C + 0x10)); } else { - out.head_img = string(*(char **)(service_addr + 0x304), - *(DWORD *)(service_addr + 0x304 + 0x10)); + out.head_img = string(*(char **)(service_addr + 0x31C), + *(DWORD *)(service_addr + 0x31C + 0x10)); } } diff --git a/src/chat_room_mgr.cc b/src/chat_room_mgr.cc index a0c6a12..54dcdea 100644 --- a/src/chat_room_mgr.cc +++ b/src/chat_room_mgr.cc @@ -108,6 +108,7 @@ int ChatRoomMgr::DelMemberFromChatRoom(wchar_t* chat_room_id, wchar_t** wxids, DWORD init_chat_msg_addr = base_addr_ + WX_INIT_CHAT_MSG_OFFSET; __asm { PUSHAD + PUSHFD CALL get_chat_room_mgr_addr SUB ESP,0x14 MOV ESI,EAX @@ -120,6 +121,7 @@ int ChatRoomMgr::DelMemberFromChatRoom(wchar_t* chat_room_id, wchar_t** wxids, PUSH EAX CALL del_member_addr MOV success,EAX + POPFD POPAD } return success; diff --git a/src/hooks.cc b/src/hooks.cc index 4d99986..3b0aeef 100644 --- a/src/hooks.cc +++ b/src/hooks.cc @@ -56,12 +56,12 @@ void SendSocketMessage(InnerMessageStruct *msg) { string jstr = j_msg.dump() + "\n"; if (server_port_ == 0) { - // LOG(INFO) << "http server port error :" << server_port_; + SPDLOG_ERROR("http server port error :{}",server_port_); return; } SOCKET client_socket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); if (client_socket < 0) { - // LOG(INFO) << "socket init fail"; + SPDLOG_ERROR("socket init fail"); return; } BOOL status = false; @@ -72,13 +72,13 @@ void SendSocketMessage(InnerMessageStruct *msg) { InetPtonA(AF_INET, server_ip_, &client_addr.sin_addr.s_addr); if (connect(client_socket, reinterpret_cast(&client_addr), sizeof(sockaddr)) < 0) { - // LOG(INFO) << "socket connect fail"; + SPDLOG_ERROR("socket connect fail"); return; } char recv_buf[1024] = {0}; int ret = send(client_socket, jstr.c_str(), jstr.size(), 0); if (ret == -1 || ret == 0) { - // LOG(INFO) << "socket send fail ,ret:" << ret; + SPDLOG_ERROR("socket send fail ,ret::{}",ret); closesocket(client_socket); return; } @@ -86,7 +86,8 @@ void SendSocketMessage(InnerMessageStruct *msg) { ret = recv(client_socket, recv_buf, sizeof(recv_buf), 0); closesocket(client_socket); if (ret == -1 || ret == 0) { - // LOG(INFO) << "socket recv fail ,ret:" << ret; + SPDLOG_ERROR("socket recv fail ,ret:{}",ret); + return; } } @@ -213,38 +214,35 @@ int HookRecvMsg(char *client_ip, int port) { strcpy_s(server_ip_, client_ip); DWORD base = Utils::GetWeChatWinBase(); if (!base) { + SPDLOG_INFO("base addr is null"); return -1; } if (msg_hook_flag_) { + SPDLOG_INFO("recv msg hook already called"); return 2; } DWORD hook_recv_msg_addr = base + WX_RECV_MSG_HOOK_OFFSET; msg_next_addr_ = base + WX_RECV_MSG_HOOK_NEXT_OFFSET; - // msg_back_addr_ = hook_recv_msg_addr + 0x5; - // LOG(INFO) << "base" << base; - // LOG(INFO) << "msg_next_addr_" << msg_next_addr_; - // LOG(INFO) << "msg_back_addr_" << msg_back_addr_; + msg_back_addr_ = hook_recv_msg_addr + 0x5; Utils::HookAnyAddress(hook_recv_msg_addr, (LPVOID)HandleSyncMsg, msg_asm_code_); DWORD hook_sns_msg_addr = base + WX_SNS_HOOK_OFFSET; sns_next_addr_ = base + WX_SNS_HOOK_NEXT_OFFSET; sns_back_addr_ = hook_sns_msg_addr + 0x5; - // LOG(INFO) << "base" << base; - // LOG(INFO) << "sns_next_addr_" << sns_next_addr_; - // LOG(INFO) << "sns_back_addr_" << sns_back_addr_; Utils::HookAnyAddress(hook_sns_msg_addr, (LPVOID)HandleSNSMsg, sns_asm_code_); msg_hook_flag_ = true; + SPDLOG_INFO("hook recv msg success"); return 1; } int UnHookRecvMsg() { server_port_ = 0; if (!msg_hook_flag_) { - // LOG(INFO) << "this port already hooked"; + SPDLOG_INFO("recv msg hook already called"); return 2; } DWORD base = Utils::GetWeChatWinBase(); @@ -272,7 +270,6 @@ void PrintLog(DWORD addr) { WideCharToMultiByte(CP_ACP, 0, w_msg, -1, ansi_message, size, 0, 0); delete[] w_msg; w_msg = NULL; - // LOG(INFO) << ansi_message; delete[] ansi_message; ansi_message = NULL; } diff --git a/src/send_message_mgr.cc b/src/send_message_mgr.cc index d681278..80b23c0 100644 --- a/src/send_message_mgr.cc +++ b/src/send_message_mgr.cc @@ -18,6 +18,7 @@ int SendMessageMgr::SendText(wchar_t* wxid, wchar_t* msg) { char chat_msg[0x2D8] = {0}; __asm { PUSHAD + PUSHFD CALL send_message_mgr_addr PUSH 0x0 PUSH 0x0 @@ -33,6 +34,7 @@ int SendMessageMgr::SendText(wchar_t* wxid, wchar_t* msg) { ADD ESP,0x18 LEA ECX,chat_msg CALL free_chat_msg_addr + POPFD POPAD } SPDLOG_INFO("SendText code = {}",success); @@ -84,6 +86,7 @@ int SendMessageMgr::SendAtText(wchar_t* chat_room_id, wchar_t** wxids, int len, char chat_msg[0x2D8] = {0}; __asm{ PUSHAD + PUSHFD CALL send_message_mgr_addr PUSH 0x0 PUSH 0x0 @@ -100,6 +103,7 @@ int SendMessageMgr::SendAtText(wchar_t* chat_room_id, wchar_t** wxids, int len, ADD ESP,0x18 LEA ECX,chat_msg CALL free_chat_msg_addr + POPFD POPAD } SPDLOG_INFO("SendText code = {}",success); @@ -118,6 +122,7 @@ int SendMessageMgr::SendImage(wchar_t* wxid, wchar_t* image_path) { WeChatString null_obj = {0}; __asm { PUSHAD + PUSHFD CALL send_message_mgr_addr SUB ESP,0x14 MOV temp,EAX @@ -136,6 +141,7 @@ int SendMessageMgr::SendImage(wchar_t* wxid, wchar_t* image_path) { MOV success,EAX LEA ECX,chat_msg CALL free_msg_addr + POPFD POPAD } SPDLOG_INFO("SendImage code = {}",success); diff --git a/src/wechat_function.h b/src/wechat_function.h index 637c55a..edd9011 100644 --- a/src/wechat_function.h +++ b/src/wechat_function.h @@ -6,9 +6,9 @@ // snsDataMgr #define WX_SNS_DATA_MGR_OFFSET 0xc39680 // chatRoomMgr -#define WX_CHAT_ROOM_MGR_OFFSET 0x78cf20 +#define WX_CHAT_ROOM_MGR_OFFSET 0x78d9d0 // contactMgr -#define WX_CONTACT_MGR_OFFSET 0x75a4a0 +#define WX_CONTACT_MGR_OFFSET 0x75af30 // syncMgr #define WX_SYNC_MGR_OFFSET 0xa87fd0 // preDownloadMgr @@ -31,10 +31,10 @@ #define WX_INIT_CHAT_MSG_OFFSET 0xf5b3f0 // chatMsg -#define WX_NEW_CHAT_MSG_OFFSET 0x76f010 +#define WX_NEW_CHAT_MSG_OFFSET 0x76fab0 #define WX_FREE_CHAT_MSG_OFFSET 0x7573f0 -#define WX_FREE_CHAT_MSG_2_OFFSET 0x6f4ea0 -#define WX_FREE_CHAT_MSG_INSTANCE_COUNTER_OFFSET 0x756e30 +// #define WX_FREE_CHAT_MSG_2_OFFSET 0x6f4ea0 +#define WX_FREE_CHAT_MSG_INSTANCE_COUNTER_OFFSET 0x7578c0 //sns @@ -42,27 +42,27 @@ #define WX_SNS_GET_NEXT_PAGE_OFFSET 0x14e21e0 //chat room -#define WX_GET_CHAT_ROOM_DETAIL_INFO_OFFSET 0xbde090 +#define WX_GET_CHAT_ROOM_DETAIL_INFO_OFFSET 0xbdef30 // chatRoomInfo -#define WX_NEW_CHAT_ROOM_INFO_OFFSET 0xe99c40 -#define WX_FREE_CHAT_ROOM_INFO_OFFSET 0xe99f40 -#define WX_DEL_CHAT_ROOM_MEMBER_OFFSET 0xbd22a0 -#define WX_ADD_MEMBER_TO_CHAT_ROOM_OFFSET 0xbd1dc0 - +#define WX_NEW_CHAT_ROOM_INFO_OFFSET 0xe9abd0 +#define WX_FREE_CHAT_ROOM_INFO_OFFSET 0xe9aed0 +#define WX_DEL_CHAT_ROOM_MEMBER_OFFSET 0xbd3140 +#define WX_ADD_MEMBER_TO_CHAT_ROOM_OFFSET 0xbd2c60 + // chatRoom -#define WX_INIT_CHAT_ROOM_OFFSET 0xe97890 -#define WX_FREE_CHAT_ROOM_OFFSET 0xe97ab0 +#define WX_INIT_CHAT_ROOM_OFFSET 0xe98820 +#define WX_FREE_CHAT_ROOM_OFFSET 0xe98a40 -#define WX_GET_MEMBER_FROM_CHAT_ROOM_OFFSET 0xbdf260 -#define WX_MOD_CHAT_ROOM_MEMBER_NICK_NAME_OFFSET 0xbd9680 +#define WX_GET_MEMBER_FROM_CHAT_ROOM_OFFSET 0xbe0100 +#define WX_MOD_CHAT_ROOM_MEMBER_NICK_NAME_OFFSET 0xbda520 -#define WX_TOP_MSG_OFFSET 0xbe1840 -#define WX_REMOVE_TOP_MSG_OFFSET 0xbe1620 +#define WX_TOP_MSG_OFFSET 0xbe26e0 +#define WX_REMOVE_TOP_MSG_OFFSET 0xbe24c0 -#define WX_GET_MEMBER_NICKNAME_OFFSET 0xbdf3f0 +#define WX_GET_MEMBER_NICKNAME_OFFSET 0xbe0290 -#define WX_FREE_CONTACT_OFFSET 0xea7880 +#define WX_FREE_CONTACT_OFFSET 0xea8800 // wcpayinfo #define WX_NEW_WCPAYINFO_OFFSET 0x7b2e60 @@ -71,12 +71,12 @@ //contact -#define WX_CONTACT_GET_LIST_OFFSET 0xc089f0 +#define WX_CONTACT_GET_LIST_OFFSET 0xc09890 #define WX_CONTACT_DEL_OFFSET 0xb9b3b0 #define WX_SET_VALUE_OFFSET 0x1f80900 #define WX_DO_DEL_CONTACT_OFFSET 0xca6480 -#define WX_GET_CONTACT_OFFSET 0xc04e00 +#define WX_GET_CONTACT_OFFSET 0xc05ca0 #define WX_DO_VERIFY_USER_OFFSET 0xc02100 #define WX_VERIFY_MSG_OFFSET 0xf59d40 #define WX_VERIFY_OK_OFFSET 0xa18bd0 @@ -88,8 +88,7 @@ #define WX_PUSH_ATTACH_TASK_OFFSET 0x82bb40 -#define WX_GET_MGR_BY_PREFIX_LOCAL_ID_OFFSET 0xbc0370 -#define WX_GET_CURRENT_DATA_PATH_OFFSET 0xc872c0 +#define WX_GET_MGR_BY_PREFIX_LOCAL_ID_OFFSET 0xbc11d0 #define WX_APP_MSG_INFO_OFFSET 0x7b3d20 #define WX_GET_APP_MSG_XML_OFFSET 0xe628a0 #define WX_FREE_APP_MSG_INFO_OFFSET 0x79d900 @@ -106,19 +105,19 @@ //search hook -#define WX_SEARCH_CONTACT_ERROR_CODE_HOOK_OFFSET 0xe17054 -#define WX_SEARCH_CONTACT_ERROR_CODE_HOOK_NEXT_OFFSET 0xf57a20 -#define WX_SEARCH_CONTACT_DETAIL_HOOK_OFFSET 0xa8ceb0 -#define WX_SEARCH_CONTACT_DETAIL_HOOK_NEXT_OFFSET 0xa8d100 -#define WX_SEARCH_CONTACT_OFFSET 0xcd1510 +#define WX_SEARCH_CONTACT_ERROR_CODE_HOOK_OFFSET 0xe17ed4 +#define WX_SEARCH_CONTACT_ERROR_CODE_HOOK_NEXT_OFFSET 0xf58fd0 +#define WX_SEARCH_CONTACT_DETAIL_HOOK_OFFSET 0xa8dc00 +#define WX_SEARCH_CONTACT_DETAIL_HOOK_NEXT_OFFSET 0xa8de50 +#define WX_SEARCH_CONTACT_OFFSET 0xcd2370 //login -#define WX_LOGOUT_OFFSET 0xe58870 -#define WX_ACCOUNT_SERVICE_OFFSET 0x768c80 -#define WX_GET_APP_DATA_SAVE_PATH_OFFSET 0xf3a610 -#define WX_GET_CURRENT_DATA_PATH_OFFSET 0xc872c0 +#define WX_LOGOUT_OFFSET 0xe596d0 +#define WX_ACCOUNT_SERVICE_OFFSET 0x769720 +#define WX_GET_APP_DATA_SAVE_PATH_OFFSET 0xf3bbd0 +#define WX_GET_CURRENT_DATA_PATH_OFFSET 0xc88120 //forward @@ -139,7 +138,7 @@ //storage -#define CONTACT_G_PINSTANCE_OFFSET 0x2ffddc8 +#define CONTACT_G_PINSTANCE_OFFSET 0x2fffe08 #define DB_MICRO_MSG_OFFSET 0x68 #define DB_CHAT_MSG_OFFSET 0x1C0 #define DB_MISC_OFFSET 0x3D8 @@ -152,10 +151,10 @@ #define STORAGE_START_OFFSET 0x13f8 #define STORAGE_END_OFFSET 0x13fc -#define PUBLIC_MSG_MGR_OFFSET 0x303df74 +#define PUBLIC_MSG_MGR_OFFSET 0x30400a4 #define MULTI_DB_MSG_MGR_OFFSET 0x30403b8 -#define FAVORITE_STORAGE_MGR_OFFSET 0x303fd40 -#define FTS_FAVORITE_MGR_OFFSET 0x2ffe908 +#define FAVORITE_STORAGE_MGR_OFFSET 0x3041e70 +#define FTS_FAVORITE_MGR_OFFSET 0x3000948 #define OP_LOG_STORAGE_VFTABLE 0x2AD3A20 #define CHAT_MSG_STORAGE_VFTABLE 0x2AC10F0 @@ -195,15 +194,15 @@ // hook log -#define WX_HOOK_LOG_OFFSET 0xf57d67 -#define WX_HOOK_LOG_NEXT_OFFSET 0x240ea71 +#define WX_HOOK_LOG_OFFSET 0xf59317 +#define WX_HOOK_LOG_NEXT_OFFSET 0x24102b4 // hook msg -#define WX_RECV_MSG_HOOK_OFFSET 0xd19a0b -#define WX_RECV_MSG_HOOK_NEXT_OFFSET 0x756960 -#define WX_SNS_HOOK_OFFSET 0x14f9e15 -#define WX_SNS_HOOK_NEXT_OFFSET 0x14fa0a0 +#define WX_RECV_MSG_HOOK_OFFSET 0xd1a89b +#define WX_RECV_MSG_HOOK_NEXT_OFFSET 0x7573f0 +#define WX_SNS_HOOK_OFFSET 0x14fb3b5 +#define WX_SNS_HOOK_NEXT_OFFSET 0x14fb640 // hook voice @@ -349,24 +348,24 @@ #define SQLITE_NULL 5 #define SQLITE_TEXT 3 -#define SQLITE3_EXEC_OFFSET 0x1e24f70 -#define SQLITE3_BACKUP_INIT_OFFSET 0x1dea900 -#define SQLITE3_PREPARE_OFFSET 0x1e2b8c0 -#define SQLITE3_OPEN_OFFSET 0x1e598b0 -#define SQLITE3_BACKUP_STEP_OFFSET 0x1dead00 -#define SQLITE3_BACKUP_REMAINING_OFFSET 0x1deb440 -#define SQLITE3_BACKUP_PAGECOUNT_OFFSET 0x1deb450 -#define SQLITE3_BACKUP_FINISH_OFFSET 0x1deb340 -#define SQLITE3_SLEEP_OFFSET 0x1e5a0f0 -#define SQLITE3_ERRCODE_OFFSET 0x1e58550 -#define SQLITE3_CLOSE_OFFSET 0x1e56cd0 -#define SQLITE3_STEP_OFFSET 0x1df3770 -#define SQLITE3_COLUMN_COUNT_OFFSET 0x1df3c80 -#define SQLITE3_COLUMN_NAME_OFFSET 0x1df4570 -#define SQLITE3_COLUMN_TYPE_OFFSET 0x1df4410 -#define SQLITE3_COLUMN_BLOB_OFFSET 0x1df3cc0 -#define SQLITE3_COLUMN_BYTES_OFFSET 0x1df3da0 -#define SQLITE3_FINALIZE_OFFSET 0x1df2740 +#define SQLITE3_EXEC_OFFSET 0x1e26770 +#define SQLITE3_BACKUP_INIT_OFFSET 0x1dec100 +#define SQLITE3_PREPARE_OFFSET 0x1E2D0C0 +#define SQLITE3_OPEN_OFFSET 0x1e5b090 +#define SQLITE3_BACKUP_STEP_OFFSET 0x1DEC500 +#define SQLITE3_BACKUP_REMAINING_OFFSET 0x1DECC40 +#define SQLITE3_BACKUP_PAGECOUNT_OFFSET 0x1DECC50 +#define SQLITE3_BACKUP_FINISH_OFFSET 0x1DECB40 +#define SQLITE3_SLEEP_OFFSET 0x1e5b8d0 +#define SQLITE3_ERRCODE_OFFSET 0x1e59d30 +#define SQLITE3_CLOSE_OFFSET 0x1e584b0 +#define SQLITE3_STEP_OFFSET 0x1df4f70 +#define SQLITE3_COLUMN_COUNT_OFFSET 0x1df5480 +#define SQLITE3_COLUMN_NAME_OFFSET 0x1df5d70 +#define SQLITE3_COLUMN_TYPE_OFFSET 0x1df5c10 +#define SQLITE3_COLUMN_BLOB_OFFSET 0x1df54c0 +#define SQLITE3_COLUMN_BYTES_OFFSET 0x1df55a0 +#define SQLITE3_FINALIZE_OFFSET 0x1df3f40 typedef int (*Sqlite3_callback)(void*, int, char**, char**);