From e59130b67b52b40ea03ef2f5a7c8422ffb58c9ce Mon Sep 17 00:00:00 2001 From: xaoyaoo Date: Thu, 14 Dec 2023 16:31:04 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=A4=9A=E5=BC=80=E5=BE=AE?= =?UTF-8?q?=E4=BF=A1=E6=97=A0=E6=B3=95=E8=8E=B7=E5=8F=96key=E7=9A=84bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- doc/FAQ.md | 2 +- pywxdump/api/__init__.py | 11 +++++++++++ pywxdump/wx_info/get_wx_info.py | 22 ++++++++++++++-------- 3 files changed, 26 insertions(+), 9 deletions(-) create mode 100644 pywxdump/api/__init__.py diff --git a/doc/FAQ.md b/doc/FAQ.md index 26e1d64..f61c5df 100644 --- a/doc/FAQ.md +++ b/doc/FAQ.md @@ -20,7 +20,7 @@ - ### 三、每台电脑上微信账户的key是不是永远不会变? -1. 同一设备,同一微信,不删除数据情况下,key(密钥)相同 +1. 同一设备,同一微信号,不删除数据情况下,key(密钥)相同 - ### 四、刚打开就闪退的问题 diff --git a/pywxdump/api/__init__.py b/pywxdump/api/__init__.py new file mode 100644 index 0000000..c06ef57 --- /dev/null +++ b/pywxdump/api/__init__.py @@ -0,0 +1,11 @@ +# -*- coding: utf-8 -*-# +# ------------------------------------------------------------------------------- +# Name: __init__.py +# Description: +# Author: xaoyaoo +# Date: 2023/12/14 +# ------------------------------------------------------------------------------- + + +if __name__ == '__main__': + pass diff --git a/pywxdump/wx_info/get_wx_info.py b/pywxdump/wx_info/get_wx_info.py index ede7dd7..8aeb86e 100644 --- a/pywxdump/wx_info/get_wx_info.py +++ b/pywxdump/wx_info/get_wx_info.py @@ -157,7 +157,7 @@ def get_info_filePath(wxid="all"): return filePath if os.path.exists(filePath) else "None" -def get_key(db_path, addr_len): +def get_key(pid, db_path, addr_len): def read_key_bytes(h_process, address, address_len=8): array = ctypes.create_string_buffer(address_len) if ReadProcessMemory(h_process, void_p(address), array, address_len, 0) == 0: return "None" @@ -190,7 +190,7 @@ def get_key(db_path, addr_len): phone_type2 = "android\x00" phone_type3 = "ipad\x00" - pm = pymem.Pymem("WeChat.exe") + pm = pymem.Pymem(pid) module_name = "WeChatWin.dll" MicroMsg_path = os.path.join(db_path, "MSG", "MicroMsg.db") @@ -198,11 +198,17 @@ def get_key(db_path, addr_len): type1_addrs = pm.pattern_scan_module(phone_type1.encode(), module_name, return_multiple=True) type2_addrs = pm.pattern_scan_module(phone_type2.encode(), module_name, return_multiple=True) type3_addrs = pm.pattern_scan_module(phone_type3.encode(), module_name, return_multiple=True) - type_addrs = type1_addrs if len(type1_addrs) >= 2 else type2_addrs if len(type2_addrs) >= 2 else type3_addrs if len( - type3_addrs) >= 2 else "None" - # print(type_addrs) - if type_addrs == "None": - return "None" + + # print(type1_addrs, type2_addrs, type3_addrs) + + type_addrs = [] + if len(type1_addrs) >= 2: type_addrs += type1_addrs + if len(type2_addrs) >= 2: type_addrs += type2_addrs + if len(type3_addrs) >= 2: type_addrs += type3_addrs + if len(type_addrs) == 0: return "None" + + type_addrs.sort() # 从小到大排序 + for i in type_addrs[::-1]: for j in range(i, i - 2000, -addr_len): key_bytes = read_key_bytes(pm.process_handle, j, addr_len) @@ -269,7 +275,7 @@ def read_info(version_list, is_logging=False): tmp_rd['wxid'] = get_info_wxid(Handle) tmp_rd['filePath'] = get_info_filePath(tmp_rd['wxid']) if tmp_rd['wxid'] != "None" else "None" - tmp_rd['key'] = get_key(tmp_rd['filePath'], addrLen) if tmp_rd['filePath'] != "None" else "None" + tmp_rd['key'] = get_key(tmp_rd['pid'], tmp_rd['filePath'], addrLen) if tmp_rd['filePath'] != "None" else "None" result.append(tmp_rd) if is_logging: