From 8045ced67bc9810fd3033e3cc5d4eb717687aab8 Mon Sep 17 00:00:00 2001 From: xaoyo Date: Tue, 10 Oct 2023 21:16:13 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E6=B3=A8=E9=87=8A=EF=BC=8C?= =?UTF-8?q?=E4=BC=98=E5=8C=96=E4=BB=A3=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Program/get_wx_info.py | 27 +++++++++++++++++---------- README.md | 6 +++--- 2 files changed, 20 insertions(+), 13 deletions(-) diff --git a/Program/get_wx_info.py b/Program/get_wx_info.py index 83d93d0..26bc6f7 100644 --- a/Program/get_wx_info.py +++ b/Program/get_wx_info.py @@ -15,14 +15,16 @@ ReadProcessMemory = ctypes.windll.kernel32.ReadProcessMemory void_p = ctypes.c_void_p -def get_info_without_key(pid, address, n_size=64): +# 读取内存中的字符串(非key部分) +def get_info_without_key(h_process, address, n_size=64): array = ctypes.create_string_buffer(n_size) - if ReadProcessMemory(void_p(pid), void_p(address), array, n_size, 0) == 0: return "None" + if ReadProcessMemory(h_process, void_p(address), array, n_size, 0) == 0: return "None" array = bytes(array).split(b"\x00")[0] if b"\x00" in array else bytes(array) text = array.decode('utf-8', errors='ignore') return text.strip() if text.strip() != "" else "None" +# 读取内存中的key def get_key(h_process, address): array = ctypes.create_string_buffer(8) if ReadProcessMemory(h_process, void_p(address), array, 8, 0) == 0: return "None" @@ -33,13 +35,15 @@ def get_key(h_process, address): return key_string +# 读取文件版本 def get_file_version(file_path): info = win32api.GetFileVersionInfo(file_path, "\\") - ms,ls = info['FileVersionMS'],info['FileVersionLS'] + ms, ls = info['FileVersionMS'], info['FileVersionLS'] file_version = f"{win32api.HIWORD(ms)}.{win32api.LOWORD(ms)}.{win32api.HIWORD(ls)}.{win32api.LOWORD(ls)}" return file_version +# 读取微信信息(key, name, account, mobile, mail) def read_info(version_list): wechat_process = [] result = [] @@ -88,13 +92,16 @@ def read_info(version_list): if __name__ == "__main__": + # 读取微信各版本偏移 version_list = json.load(open("version_list.json", "r", encoding="utf-8")) - result = read_info(version_list) - if isinstance(result, str): + result = read_info(version_list) # 读取微信信息 + + print("=" * 32) + if isinstance(result, str): # 输出报错 print(result) - else: - print("=" * 32) - for i in result: - for k, v in i.items(): + else: # 输出结果 + for i, rlt in enumerate(result): + for k, v in rlt.items(): print(f"[+] {k:>7}: {v}") - print("=" * 32) + print(end="-" * 32 + "\n" if i != len(result) - 1 else "") + print("=" * 32) diff --git a/README.md b/README.md index a0b1939..e285bb2 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ #
PyWxDump
-* 更新日志(如果有[version_list.json](./Program/version_list.json)缺少的版本,请帮忙添加。) +* 更新日志(发现[version_list.json](./Program/version_list.json)缺失或错误,请提交[issues](https://github.com/xaoyaoo/PyWxDump/issues))。) * 2023.10.09 获取key基址偏移可以根据微信文件夹获取,不需要输入key * 2023.10.09 优化代码,删减没必要代码,重新修改获取基址代码,加快运行速度(需要安装新的库 pymem) * 2023.10.07 修改获取基址内存搜索方式,防止进入死循环 @@ -15,8 +15,8 @@ 该分支是[SharpWxDump](https://github.com/AdminTest0/SharpWxDump)的经过重构python语言版本,同时添加了一些新的功能。 -*如果觉得好用的话的话,帮忙点个[![Star](https://img.shields.io/github/stars/xaoyaoo/PyWxDump.svg?style=social&label=Star)](https://github.com/xaoyaoo/PyWxDump/) -呗* +超想要star,走过路过帮忙点[![Star](https://img.shields.io/github/stars/xaoyaoo/PyWxDump.svg?style=social&label=Star)](https://github.com/xaoyaoo/PyWxDump/) +呗,谢谢啦~ ## 二、使用方法