cyonjan/PyWxDump
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

使用python重构

Browse Source
This commit is contained in:
xaoyo 2023-08-21 23:55:59 +08:00
parent 6bc3ea3ba9
commit 140cbe61ed
8 changed files with 523 additions and 877 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

698
Program.cs
View File

@ -1,698 +0,0 @@
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Text;
namespace WeChatGetKey
{
internal class Program
{
private static void Main(string[] args)
{
try
{
Program.ReadTest();
}
catch (Exception ex)
{
Console.WriteLine("Error"+ ex.Message);
}
finally
{
//Console.ReadKey();
}
Console.WriteLine("[+] Done");
}
private static void ReadTest()
{
List<int> SupportList = null;
Process WeChatProcess = null;
foreach (Process ProcessesName in Process.GetProcessesByName("WeChat"))
{
WeChatProcess = ProcessesName;
Console.WriteLine("[+] WeChatProcessPID: " + WeChatProcess.Id.ToString());
foreach (object obj in WeChatProcess.Modules)
{
ProcessModule processModule = (ProcessModule)obj;
if (processModule.ModuleName == "WeChatWin.dll")
{
Program.WeChatWinBaseAddress = processModule.BaseAddress;
string FileVersion = processModule.FileVersionInfo.FileVersion;
Console.WriteLine("[+] WeChatVersion: " + FileVersion);
if (!Program.VersionList.TryGetValue(FileVersion, out SupportList))
{
Console.WriteLine("[-] WeChat Current Version Is: " + FileVersion + " Not Support");
return;
}
break;
}
}
if (SupportList == null)
{
Console.WriteLine("[-] WeChat Base Address Get Faild");
}
else
{
Int64 WeChatKey = (Int64)Program.WeChatWinBaseAddress + SupportList[4];
string HexKey = Program.GetHex(WeChatProcess.Handle, (IntPtr)WeChatKey);
if (string.IsNullOrWhiteSpace(HexKey))
{
Console.WriteLine("[-] WeChat Is Run, But Maybe No Login");
return;
}
else
{
Int64 WeChatName = (Int64)Program.WeChatWinBaseAddress + SupportList[0];
Console.WriteLine("[+] WeChatName: " + Program.GetName(WeChatProcess.Handle, (IntPtr)WeChatName, 100));
Int64 WeChatAccount = (Int64)Program.WeChatWinBaseAddress + SupportList[1];
string Account = Program.GetMobile(WeChatProcess.Handle, (IntPtr)WeChatAccount);
if (string.IsNullOrWhiteSpace(Account))
{
Console.WriteLine("[-] WeChatAccount: Maybe User Is No Set Account");
}
else
{
Console.WriteLine("[+] WeChatAccount: " + Program.GetAccount(WeChatProcess.Handle, (IntPtr)WeChatAccount, 100));
}
Int64 WeChatMobile = (Int64)Program.WeChatWinBaseAddress + SupportList[2];
string Mobile = Program.GetMobile(WeChatProcess.Handle, (IntPtr)WeChatMobile);
if (string.IsNullOrWhiteSpace(Mobile))
{
Console.WriteLine("[-] WeChatMobile: Maybe User Is No Binding Mobile");
}
else
{
Console.WriteLine("[+] WeChatMobile: " + Program.GetMobile(WeChatProcess.Handle, (IntPtr)WeChatMobile, 100));
}
Int64 WeChatMail = (Int64)Program.WeChatWinBaseAddress + SupportList[3];
string Mail = Program.GetMail(WeChatProcess.Handle, (IntPtr)WeChatMail);
if (string.IsNullOrWhiteSpace(Mail) != false) { }
else
{
Console.WriteLine("[+] WeChatMail: " + Program.GetMail(WeChatProcess.Handle, (IntPtr)WeChatMail, 100));
}
Console.WriteLine("[+] WeChatKey: " + HexKey);
}
}
}
if (WeChatProcess == null)
{
Console.WriteLine("[-] WeChat No Run");
return;
}
}
private static string GetName(IntPtr hProcess, IntPtr lpBaseAddress, int nSize = 100)
{
byte[] array = new byte[nSize];
if (Program.ReadProcessMemory(hProcess, lpBaseAddress, array, nSize, 0) == 0)
{
return "";
}
string text = "";
foreach (char c in Encoding.UTF8.GetString(array))
{
if (c == '\0')
{
break;
}
text += c.ToString();
}
return text;
}
private static string GetAccount(IntPtr hProcess, IntPtr lpBaseAddress, int nSize = 100)
{
byte[] array = new byte[nSize];
if (Program.ReadProcessMemory(hProcess, lpBaseAddress, array, nSize, 0) == 0)
{
return "";
}
string text = "";
foreach (char c in Encoding.UTF8.GetString(array))
{
if (c == '\0')
{
break;
}
text += c.ToString();
}
return text;
}
private static string GetMobile(IntPtr hProcess, IntPtr lpBaseAddress, int nSize = 100)
{
byte[] array = new byte[nSize];
if (Program.ReadProcessMemory(hProcess, lpBaseAddress, array, nSize, 0) == 0)
{
return "";
}
string text = "";
foreach (char c in Encoding.UTF8.GetString(array))
{
if (c == '\0')
{
break;
}
text += c.ToString();
}
return text;
}
private static string GetMail(IntPtr hProcess, IntPtr lpBaseAddress, int nSize = 100)
{
byte[] array = new byte[nSize];
if (Program.ReadProcessMemory(hProcess, lpBaseAddress, array, nSize, 0) == 0)
{
return "";
}
string text = "";
foreach (char c in Encoding.UTF8.GetString(array))
{
if (c == '\0')
{
break;
}
text += c.ToString();
}
return text;
}
//private static string GetHex(IntPtr hProcess, IntPtr lpBaseAddress)
//{
// byte[] array = new byte[4];
// if (Program.ReadProcessMemory(hProcess, lpBaseAddress, array, 4, 0) == 0)
// {
// return "";
// }
// int num = 32;
// byte[] array2 = new byte[num];
// IntPtr lpBaseAddress2 = (IntPtr)(((int)array[3] << 24) + ((int)array[2] << 16) + ((int)array[1] << 8) + (int)array[0]);
// if (Program.ReadProcessMemory(hProcess, lpBaseAddress2, array2, num, 0) == 0)
// {
// return "";
// }
// return Program.bytes2hex(array2);
//}
private static string GetHex(IntPtr hProcess, IntPtr lpBaseAddress)
{
byte[] array = new byte[8];
if (Program.ReadProcessMemory(hProcess, lpBaseAddress, array, 8, 0) == 0)
{
return "";
}
int num = 32;
byte[] array2 = new byte[num];
IntPtr lpBaseAddress2 = (IntPtr)(((long)array[7] << 56) + ((long)array[6] << 48) + ((long)array[5] << 40) + ((long)array[4] << 32) + ((long)array[3] << 24) + ((long)array[2] << 16) + ((long)array[1] << 8) + (long)array[0]);
if (Program.ReadProcessMemory(hProcess, lpBaseAddress2, array2, num, 0) == 0)
{
return "";
}
return Program.bytes2hex(array2);
}
private static string bytes2hex(byte[] bytes)
{
return BitConverter.ToString(bytes, 0).Replace("-", string.Empty).ToLower().ToUpper();
}
[DllImport("kernel32.dll")]
public static extern int OpenProcess(int dwDesiredAccess, bool bInheritHandle, int dwProcessId);
[DllImport("kernel32.dll")]
public static extern int GetModuleHandleA(string moduleName);
[DllImport("kernel32.dll")]
public static extern int ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, int nSize, int lpNumberOfBytesRead);
public static Dictionary<string, List<int>> VersionList = new Dictionary<string, List<int>>
{
{
"3.2.1.154",
new List<int>
{
328121948,
328122328,
328123056,
328121976,
328123020
}
},
{
"3.3.0.115",
new List<int>
{
31323364,
31323744,
31324472,
31323392,
31324436
}
},
{
"3.3.0.84",
new List<int>
{
31315212,
31315592,
31316320,
31315240,
31316284
}
},
{
"3.3.0.93",
new List<int>
{
31323364,
31323744,
31324472,
31323392,
31324436
}
},
{
"3.3.5.34",
new List<int>
{
30603028,
30603408,
30604120,
30603056,
30604100
}
},
{
"3.3.5.42",
new List<int>
{
30603012,
30603392,
30604120,
30603040,
30604084
}
},
{
"3.3.5.46",
new List<int>
{
30578372,
30578752,
30579480,
30578400,
30579444
}
},
{
"3.4.0.37",
new List<int>
{
31608116,
31608496,
31609224,
31608144,
31609188
}
},
{
"3.4.0.38",
new List<int>
{
31604044,
31604424,
31605152,
31604072,
31605116
}
},
{
"3.4.0.50",
new List<int>
{
31688500,
31688880,
31689608,
31688528,
31689572
}
},
{
"3.4.0.54",
new List<int>
{
31700852,
31701248,
31700920,
31700880,
31701924
}
},
{
"3.4.5.27",
new List<int>
{
32133788,
32134168,
32134896,
32133816,
32134860
}
},
{
"3.4.5.45",
new List<int>
{
32147012,
32147392,
32147064,
32147040,
32148084
}
},
{
"3.5.0.20",
new List<int>
{
35494484,
35494864,
35494536,
35494512,
35495556
}
},
{
"3.5.0.29",
new List<int>
{
35507980,
35508360,
35508032,
35508008,
35509052
}
},
{
"3.5.0.33",
new List<int>
{
35512140,
35512520,
35512192,
35512168,
35513212
}
},
{
"3.5.0.39",
new List<int>
{
35516236,
35516616,
35516288,
35516264,
35517308
}
},
{
"3.5.0.42",
new List<int>
{
35512140,
35512520,
35512192,
35512168,
35513212
}
},
{
"3.5.0.44",
new List<int>
{
35510836,
35511216,
35510896,
35510864,
35511908
}
},
{
"3.5.0.46",
new List<int>
{
35506740,
35507120,
35506800,
35506768,
35507812
}
},
{
"3.6.0.18",
new List<int>
{
35842996,
35843376,
35843048,
35843024,
35844068
}
},
{
"3.6.5.7",
new List<int>
{
35864356,
35864736,
35864408,
35864384,
35865428
}
},
{
"3.6.5.16",
new List<int>
{
35909428,
35909808,
35909480,
35909456,
35910500
}
},
{
"3.7.0.26",
new List<int>
{
37105908,
37106288,
37105960,
37105936,
37106980
}
},
{
"3.7.0.29",
new List<int>
{
37105908,
37106288,
37105960,
37105936,
37106980
}
},
{
"3.7.0.30",
new List<int>
{
37118196,
37118576,
37118248,
37118224,
37119268
}
},
{
"3.7.5.11",
new List<int>
{
37883280,
37884088,
37883136,
37883008,
37884052
}
},
{
"3.7.5.23",
new List<int>
{
37895736,
37896544,
37895592,
37883008,
37896508
}
},
{
"3.7.5.27",
new List<int>
{
37895736,
37896544,
37895592,
37895464,
37896508
}
},
{
"3.7.5.31",
new List<int>
{
37903928,
37904736,
37903784,
37903656,
37904700
}
},
{
"3.7.6.24",
new List<int>
{
38978840,
38979648,
38978696,
38978604,
38979612
}
},
{
"3.7.6.29",
new List<int>
{
38986376,
38987184,
38986232,
38986104,
38987148
}
},
{
"3.7.6.44",
new List<int>
{
39016520,
39017328,
39016376,
38986104,
39017292
}
},
{
"3.8.0.31",
new List<int>
{
46064088,
46064912,
46063944,
38986104,
46064876
}
},
{
"3.8.0.33",
new List<int>
{
46059992,
46060816,
46059848,
38986104,
46060780
}
},
{
"3.8.0.41",
new List<int>
{
46064024,
46064848,
46063880,
38986104,
46064812
}
},
{
"3.8.1.26",
new List<int>
{
46409448,
46410272,
46409304,
38986104,
46410236
}
},
{
"3.9.0.28",
new List<int>
{
48418376,
48419280,
48418232,
38986104,
48419244
}
},
{
"3.9.2.23",
new List<int>
{
50320784,
50321712,
50320640,
38986104,
50321676
}
},
{
"3.9.2.26",
new List<int>
{
50329040,
50329968,
50328896,
38986104,
50329932
}
},
{
"3.9.5.91",
new List<int>
{
61654904,
61654680,
61654712,
38986104,
61656176
}
},
{
"3.9.6.19",
new List<int>
{
61997688,
61997464,
61997496,
38986104,
61998960
}
},
{ "3.9.6.33",
new List<int>
{
62030600,
62031936,
62030408,
38986104,
62031872
}
}
};
private static IntPtr WeChatWinBaseAddress = IntPtr.Zero;
}
}

196
Program/Program.py Normal file
View File

@ -0,0 +1,196 @@
# -*- coding: utf-8 -*-#
# -------------------------------------------------------------------------------
# Name: getwxinfo.py
# Description:
# Author: xaoyaoo
# Date: 2023/08/21
# -------------------------------------------------------------------------------
import binascii
import json
import ctypes
import psutil
def get_name(pid, base_address, n_size=100):
array = (ctypes.c_byte * n_size)()
if ctypes.windll.kernel32.ReadProcessMemory(ctypes.c_void_p(pid), ctypes.c_void_p(base_address), array, n_size,
0) == 0:
return ""
null_index = n_size
for i in range(n_size):
if array[i] == 0:
null_index = i
break
text = ctypes.string_at(ctypes.byref(array), null_index).decode('utf-8', errors='ignore')
return text
def get_account(pid, base_address, n_size=100):
array = (ctypes.c_byte * n_size)()
if ctypes.windll.kernel32.ReadProcessMemory(ctypes.c_void_p(pid), ctypes.c_void_p(base_address), array, n_size,
0) == 0:
return ""
null_index = n_size
for i in range(n_size):
if array[i] == 0:
null_index = i
break
text = ctypes.string_at(ctypes.byref(array), null_index).decode('utf-8', errors='ignore')
return text
def get_mobile(pid, base_address, n_size=100):
array = (ctypes.c_byte * n_size)()
if ctypes.windll.kernel32.ReadProcessMemory(ctypes.c_void_p(pid), ctypes.c_void_p(base_address), array, n_size,
0) == 0:
return ""
null_index = n_size
for i in range(n_size):
if array[i] == 0:
null_index = i
break
text = ctypes.string_at(ctypes.byref(array), null_index).decode('utf-8', errors='ignore')
return text
def get_mail(pid, base_address, n_size=100):
array = (ctypes.c_byte * n_size)()
if ctypes.windll.kernel32.ReadProcessMemory(ctypes.c_void_p(pid), ctypes.c_void_p(base_address), array, n_size,
0) == 0:
return ""
null_index = n_size
for i in range(n_size):
if array[i] == 0:
null_index = i
break
text = ctypes.string_at(ctypes.byref(array), null_index).decode('utf-8', errors='ignore')
return text
def get_hex(h_process, lp_base_address):
array = ctypes.create_string_buffer(8)
if ctypes.windll.kernel32.ReadProcessMemory(h_process, ctypes.c_void_p(lp_base_address), array, 8, 0) == 0:
return ""
num = 32
array2 = (ctypes.c_ubyte * num)()
lp_base_address2 = (
(int(binascii.hexlify(array[7]), 16) << 56) +
(int(binascii.hexlify(array[6]), 16) << 48) +
(int(binascii.hexlify(array[5]), 16) << 40) +
(int(binascii.hexlify(array[4]), 16) << 32) +
(int(binascii.hexlify(array[3]), 16) << 24) +
(int(binascii.hexlify(array[2]), 16) << 16) +
(int(binascii.hexlify(array[1]), 16) << 8) +
int(binascii.hexlify(array[0]), 16)
)
if ctypes.windll.kernel32.ReadProcessMemory(h_process, ctypes.c_void_p(lp_base_address2), ctypes.byref(array2), num,
0) == 0:
return ""
hex_string = binascii.hexlify(bytes(array2))
return hex_string.decode('utf-8')
def get_file_version(file_path):
import win32api
info = win32api.GetFileVersionInfo(file_path, "\\")
ms = info['FileVersionMS']
ls = info['FileVersionLS']
file_version = f"{win32api.HIWORD(ms)}.{win32api.LOWORD(ms)}.{win32api.HIWORD(ls)}.{win32api.LOWORD(ls)}"
# version = parse(file_version)
return file_version
def read_test(version_list):
support_list = None
wechat_process = None
rd = []
for process in psutil.process_iter(['name', 'exe', 'pid', 'cmdline']):
if process.info['name'] == 'WeChat.exe':
tmp_rd = {}
wechat_process = process
tmp_rd['pid'] = wechat_process.pid
# print("[+] WeChatProcessPID: " + str(wechat_process.info['pid']))
wechat_win_base_address = 0
for module in wechat_process.memory_maps(grouped=False):
if module.path and 'WeChatWin.dll' in module.path:
wechat_win_base_address = module.addr
wechat_win_base_address = int(wechat_win_base_address, 16)
file_version = get_file_version(module.path)
file_version_str = str(file_version)
tmp_rd['version'] = file_version_str
# print("[+] WeChatVersion: " + file_version_str)
if file_version_str not in version_list:
return "[-] WeChat Current Version Is: " + file_version_str + " Not Supported"
else:
support_list = version_list[file_version_str]
support_list = list(support_list)
break
Handle = ctypes.windll.kernel32.OpenProcess(0x1F0FFF, False, wechat_process.pid)
if support_list is None:
return "[-] WeChat Base Address Get Failed"
else:
wechat_key = wechat_win_base_address + support_list[4]
hex_key = get_hex(Handle, wechat_key)
tmp_rd['key'] = hex_key.strip()
if hex_key.strip() == "":
return "[-] WeChat Is Running, But Maybe Not Logged In"
else:
wechat_name = wechat_win_base_address + support_list[0]
tmp_rd['name'] = get_name(Handle, wechat_name, 100).strip()
wechat_account = wechat_win_base_address + support_list[1]
account = get_account(Handle, wechat_account, 100).strip()
if account.strip() == "":
tmp_rd['account'] = "None"
else:
tmp_rd['account'] = account
wechat_mobile = wechat_win_base_address + support_list[2]
mobile = get_mobile(Handle, wechat_mobile, 100).strip()
if mobile.strip() == "":
tmp_rd['mobile'] = "None"
else:
tmp_rd['mobile'] = mobile
wechat_mail = wechat_win_base_address + support_list[3]
mail = get_mail(Handle, wechat_mail, 100).strip()
if mail.strip() != "":
tmp_rd['mail'] = mail
else:
tmp_rd['mail'] = "None"
rd.append(tmp_rd)
if wechat_process is None:
return "[-] WeChat No Run"
return rd
if __name__ == "__main__":
version_list = json.load(open("version_list.json", "r", encoding="utf-8"))
rd = read_test(version_list)
for i in rd:
for k, v in i.items():
print(f"[+] {k}: {v}")
print("=====================================")

11
Program/__init__.py Normal file
View File

@ -0,0 +1,11 @@
# -*- coding: utf-8 -*-#
# -------------------------------------------------------------------------------
# Name: __init__.py.py
# Description:
# Author: xaoyaoo
# Date: 2023/08/21
# -------------------------------------------------------------------------------
if __name__ == '__main__':
pass

303
Program/version_list.json Normal file
View File

@ -0,0 +1,303 @@
{
"3.2.1.154": [
328121948,
328122328,
328123056,
328121976,
328123020
],
"3.3.0.115": [
31323364,
31323744,
31324472,
31323392,
31324436
],
"3.3.0.84": [
31315212,
31315592,
31316320,
31315240,
31316284
],
"3.3.0.93": [
31323364,
31323744,
31324472,
31323392,
31324436
],
"3.3.5.34": [
30603028,
30603408,
30604120,
30603056,
30604100
],
"3.3.5.42": [
30603012,
30603392,
30604120,
30603040,
30604084
],
"3.3.5.46": [
30578372,
30578752,
30579480,
30578400,
30579444
],
"3.4.0.37": [
31608116,
31608496,
31609224,
31608144,
31609188
],
"3.4.0.38": [
31604044,
31604424,
31605152,
31604072,
31605116
],
"3.4.0.50": [
31688500,
31688880,
31689608,
31688528,
31689572
],
"3.4.0.54": [
31700852,
31701248,
31700920,
31700880,
31701924
],
"3.4.5.27": [
32133788,
32134168,
32134896,
32133816,
32134860
],
"3.4.5.45": [
32147012,
32147392,
32147064,
32147040,
32148084
],
"3.5.0.20": [
35494484,
35494864,
35494536,
35494512,
35495556
],
"3.5.0.29": [
35507980,
35508360,
35508032,
35508008,
35509052
],
"3.5.0.33": [
35512140,
35512520,
35512192,
35512168,
35513212
],
"3.5.0.39": [
35516236,
35516616,
35516288,
35516264,
35517308
],
"3.5.0.42": [
35512140,
35512520,
35512192,
35512168,
35513212
],
"3.5.0.44": [
35510836,
35511216,
35510896,
35510864,
35511908
],
"3.5.0.46": [
35506740,
35507120,
35506800,
35506768,
35507812
],
"3.6.0.18": [
35842996,
35843376,
35843048,
35843024,
35844068
],
"3.6.5.7": [
35864356,
35864736,
35864408,
35864384,
35865428
],
"3.6.5.16": [
35909428,
35909808,
35909480,
35909456,
35910500
],
"3.7.0.26": [
37105908,
37106288,
37105960,
37105936,
37106980
],
"3.7.0.29": [
37105908,
37106288,
37105960,
37105936,
37106980
],
"3.7.0.30": [
37118196,
37118576,
37118248,
37118224,
37119268
],
"3.7.5.11": [
37883280,
37884088,
37883136,
37883008,
37884052
],
"3.7.5.23": [
37895736,
37896544,
37895592,
37883008,
37896508
],
"3.7.5.27": [
37895736,
37896544,
37895592,
37895464,
37896508
],
"3.7.5.31": [
37903928,
37904736,
37903784,
37903656,
37904700
],
"3.7.6.24": [
38978840,
38979648,
38978696,
38978604,
38979612
],
"3.7.6.29": [
38986376,
38987184,
38986232,
38986104,
38987148
],
"3.7.6.44": [
39016520,
39017328,
39016376,
38986104,
39017292
],
"3.8.0.31": [
46064088,
46064912,
46063944,
38986104,
46064876
],
"3.8.0.33": [
46059992,
46060816,
46059848,
38986104,
46060780
],
"3.8.0.41": [
46064024,
46064848,
46063880,
38986104,
46064812
],
"3.8.1.26": [
46409448,
46410272,
46409304,
38986104,
46410236
],
"3.9.0.28": [
48418376,
48419280,
48418232,
38986104,
48419244
],
"3.9.2.23": [
50320784,
50321712,
50320640,
38986104,
50321676
],
"3.9.2.26": [
50329040,
50329968,
50328896,
38986104,
50329932
],
"3.9.5.91": [
61654904,
61654680,
61654712,
38986104,
61656176
],
"3.9.6.19": [
61997688,
61997464,
61997496,
38986104,
61998960
],
"3.9.6.33": [
62030600,
62031936,
62030408,
38986104,
62031872
]
}

36
Properties/AssemblyInfo.cs
View File

@ -1,36 +0,0 @@
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
// 有关程序集的一般信息由以下
// 控制。更改这些特性值可修改
// 与程序集关联的信息。
[assembly: AssemblyTitle("SharpWxDump")]
[assembly: AssemblyDescription("")]
[assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("")]
[assembly: AssemblyProduct("SharpWxDump")]
[assembly: AssemblyCopyright("Copyright © 2022")]
[assembly: AssemblyTrademark("")]
[assembly: AssemblyCulture("")]
// 将 ComVisible 设置为 false 会使此程序集中的类型
//对 COM 组件不可见。如果需要从 COM 访问此程序集中的类型
//请将此类型的 ComVisible 特性设置为 true。
[assembly: ComVisible(false)]
// 如果此项目向 COM 公开,则下列 GUID 用于类型库的 ID
[assembly: Guid("9a708a39-ed10-4d57-b23d-76b1847f7e90")]
// 程序集的版本信息由下列四个值组成:
//
// 主版本
// 次版本
// 生成号
// 修订号
//
//可以指定所有这些值,也可以使用“生成号”和“修订号”的默认值
//通过使用 "*",如下所示:
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("1.0.0.0")]
[assembly: AssemblyFileVersion("1.0.0.0")]

59
README.md
View File

@ -1,58 +1,24 @@
## SharpWxDump
如何获取指定版本基址https://github.com/AdminTest0/SharpWxDump/blob/master/CE%E8%8E%B7%E5%8F%96%E5%9F%BA%E5%9D%80.md
## 3.9.2.26之后的版本请使用x64版本(已更新)
感谢hallejuyahaha师傅更新x64版本https://github.com/AdminTest0/SharpWxDump/issues/48
## 特别说明
该分支是<a href="https://github.com/AdminTest0/SharpWxDump">SharpWxDump</a>的python语言版本。
同时添加了一些新的功能。
## 3.9.2.26之前的版本请使用x86编译
**使用方法**
```
cd Program
python3 Program.py
x86的最后版本代码https://github.com/AdminTest0/SharpWxDump/commit/bddb843c08f3fc2225df486f81a2bbeed84557e3?diff=split
**2023/05/08 更新内容新增支持3.9.2.26版本**
**2023/03/26 更新内容新增支持3.9.2.23版本**
**2023/02/08 更新内容新增支持3.9.0.28版本**
**2022/12/17 更新内容新增支持3.8.1.26版本**
**2022/11/18 更新内容新增支持3.8.0.41版本**
**2022/11/14 更新内容新增支持3.8.0.33版本**
**2022/11/10 更新内容新增支持3.8.0.31版本**
**2022/09/19 更新内容新增支持3.7.6.44版本**
**2022/08/26 更新内容新增支持3.7.6.29版本**
**2022/08/20 更新内容新增支持3.7.6.24版本**
**2022/08/08 更新内容**
1. 修改部分代码(未运行、运行未登录、已登录),方便实战中判断情况
![1](https://user-images.githubusercontent.com/33925462/183328570-af92417f-ffd0-479d-b320-74e64bc71171.png)
**2022/08/07 更新内容**
1. 新增支持3.7.5.27版本
2. 新增支持3.7.5.31版本
3. 修改获取邮箱功能低于3.7.0.30版本会直接返回邮箱地址大于3.7.0.30版本则不显示任何信息
![1](https://user-images.githubusercontent.com/33925462/183289054-05321b52-67b3-4349-98eb-74584e579579.jpg)
**2022/07/23 更新内容**
1. 修复部分场景报错:登录微信后仍然提示:[-] WeChat Base Address Get Faild
2. 如果还是报错,**请用x86编译**
# 也可以import 调用
import Program
Program.read_test(version)
```
**支持功能**
1. 支持微信多开场景,获取多用户信息等
2. 微信需要登录状态才能获取数据库密钥
3. 没有动态获取功能,已将偏移地址写入代码内,会不定期更新,**如有需要的版本请提交Issues**
4. **请用x86编译生成**
3. 没有动态获取功能已将偏移地址写入version_list.josn内会不定期更新**如有需要的版本请提交Issues**
![image](https://user-images.githubusercontent.com/33925462/179410099-c0f52c1c-b552-4a51-9822-7440b097bca4.png)
@ -77,6 +43,7 @@ x86的最后版本代码https://github.com/AdminTest0/SharpWxDump/commit/bddb
数据库解密脚本https://mp.weixin.qq.com/s/4DbXOS5jDjJzM2PN0Mp2JA
## 免责声明
本项目仅允许在授权情况下对数据库进行备份,严禁用于非法目的,否则自行承担所有相关责任。使用该工具则代表默认同意该条款;

66
SharpWxDump.csproj
View File

@ -1,66 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
<ProjectGuid>{9A708A39-ED10-4D57-B23D-76B1847F7E90}</ProjectGuid>
<OutputType>Exe</OutputType>
<RootNamespace>SharpWxDump</RootNamespace>
<AssemblyName>SharpWxDump</AssemblyName>
<TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
<FileAlignment>512</FileAlignment>
<Deterministic>true</Deterministic>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<PlatformTarget>AnyCPU</PlatformTarget>
<DebugSymbols>true</DebugSymbols>
<DebugType>full</DebugType>
<Optimize>false</Optimize>
<OutputPath>bin\Debug\</OutputPath>
<DefineConstants>DEBUG;TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
<PlatformTarget>AnyCPU</PlatformTarget>
<DebugType>pdbonly</DebugType>
<Optimize>true</Optimize>
<OutputPath>bin\Release\</OutputPath>
<DefineConstants>TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Debug|x86'">
<DebugSymbols>true</DebugSymbols>
<OutputPath>bin\x86\Debug\</OutputPath>
<DefineConstants>DEBUG;TRACE</DefineConstants>
<DebugType>full</DebugType>
<PlatformTarget>x86</PlatformTarget>
<LangVersion>7.3</LangVersion>
<ErrorReport>prompt</ErrorReport>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Release|x86'">
<OutputPath>bin\x86\Release\</OutputPath>
<DefineConstants>TRACE</DefineConstants>
<Optimize>true</Optimize>
<DebugType>pdbonly</DebugType>
<PlatformTarget>x86</PlatformTarget>
<LangVersion>7.3</LangVersion>
<ErrorReport>prompt</ErrorReport>
</PropertyGroup>
<ItemGroup>
<Reference Include="System" />
<Reference Include="System.Core" />
<Reference Include="System.Xml.Linq" />
<Reference Include="System.Data.DataSetExtensions" />
<Reference Include="Microsoft.CSharp" />
<Reference Include="System.Data" />
<Reference Include="System.Xml" />
</ItemGroup>
<ItemGroup>
<Compile Include="Program.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
</Project>

31
SharpWxDump.sln
View File

@ -1,31 +0,0 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 16
VisualStudioVersion = 16.0.32510.428
MinimumVisualStudioVersion = 10.0.40219.1
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SharpWxDump", "SharpWxDump.csproj", "{9A708A39-ED10-4D57-B23D-76B1847F7E90}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Debug|x86 = Debug|x86
Release|Any CPU = Release|Any CPU
Release|x86 = Release|x86
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{9A708A39-ED10-4D57-B23D-76B1847F7E90}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{9A708A39-ED10-4D57-B23D-76B1847F7E90}.Debug|Any CPU.Build.0 = Debug|Any CPU
{9A708A39-ED10-4D57-B23D-76B1847F7E90}.Debug|x86.ActiveCfg = Debug|x86
{9A708A39-ED10-4D57-B23D-76B1847F7E90}.Debug|x86.Build.0 = Debug|x86
{9A708A39-ED10-4D57-B23D-76B1847F7E90}.Release|Any CPU.ActiveCfg = Release|Any CPU
{9A708A39-ED10-4D57-B23D-76B1847F7E90}.Release|Any CPU.Build.0 = Release|Any CPU
{9A708A39-ED10-4D57-B23D-76B1847F7E90}.Release|x86.ActiveCfg = Release|x86
{9A708A39-ED10-4D57-B23D-76B1847F7E90}.Release|x86.Build.0 = Release|x86
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {80DA3A70-3223-4AC2-8227-3138A24B74C6}
EndGlobalSection
EndGlobal