cyonjan/WeChatFerry
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactoring

Browse Source
This commit is contained in:
Changhua 2023-07-30 23:26:20 +08:00
parent ece70cbaf1
commit 44a259775f
7 changed files with 84 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
WeChatFerry/spy/Spy.vcxproj
View File

@ -227,13 +227,12 @@ $(SolutionDir)rpc\tool\protoc --nanopb_out=. wcf.proto</Command>
<ClInclude Include="..\rpc\pb_util.h" />
<ClInclude Include="..\rpc\proto\wcf.pb.h" />
<ClInclude Include="chatroom_mgmt.h" />
<ClInclude Include="decrypt_image.h" />
<ClInclude Include="funcs.h" />
<ClInclude Include="exec_sql.h" />
<ClInclude Include="framework.h" />
<ClInclude Include="contact_mgmt.h" />
<ClInclude Include="load_calls.h" />
<ClInclude Include="log.h" />
<ClInclude Include="pyq.h" />
<ClInclude Include="receive_msg.h" />
<ClInclude Include="receive_transfer.h" />
<ClInclude Include="resource.h" />
@ -252,13 +251,12 @@ $(SolutionDir)rpc\tool\protoc --nanopb_out=. wcf.proto</Command>
<ClCompile Include="..\rpc\pb_util.cpp" />
<ClCompile Include="..\rpc\proto\wcf.pb.c" />
<ClCompile Include="chatroom_mgmt.cpp" />
<ClCompile Include="decrypt_image.cpp" />
<ClCompile Include="funcs.cpp" />
<ClCompile Include="dllmain.cpp" />
<ClCompile Include="exec_sql.cpp" />
<ClCompile Include="contact_mgmt.cpp" />
<ClCompile Include="load_calls.cpp" />
<ClCompile Include="log.cpp" />
<ClCompile Include="pyq.cpp" />
<ClCompile Include="receive_msg.cpp" />
<ClCompile Include="receive_transfer.cpp" />
<ClCompile Include="rpc_server.cpp" />

10
WeChatFerry/spy/Spy.vcxproj.filters
View File

@ -81,7 +81,7 @@
<ClInclude Include="resource.h">
<Filter>头文件</Filter>
</ClInclude>
<ClInclude Include="decrypt_image.h">
<ClInclude Include="funcs.h">
<Filter>头文件</Filter>
</ClInclude>
<ClInclude Include="receive_transfer.h">
@ -90,9 +90,6 @@
<ClInclude Include="sqlite3.h">
<Filter>头文件</Filter>
</ClInclude>
<ClInclude Include="pyq.h">
<Filter>头文件</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<ClCompile Include="dllmain.cpp">
@ -146,15 +143,12 @@
<ClCompile Include="user_info.cpp">
<Filter>源文件</Filter>
</ClCompile>
<ClCompile Include="decrypt_image.cpp">
<ClCompile Include="funcs.cpp">
<Filter>源文件</Filter>
</ClCompile>
<ClCompile Include="receive_transfer.cpp">
<Filter>源文件</Filter>
</ClCompile>
<ClCompile Include="pyq.cpp">
<Filter>源文件</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<None Include="spy.def">

79
WeChatFerry/spy/decrypt_image.cpp → WeChatFerry/spy/funcs.cpp
View File

@ -1,9 +1,12 @@
#pragma warning( disable: 4244 )
#pragma warning(disable : 4244)
#include "framework.h"
#include <fstream>
#include "decrypt_image.h"
#include "funcs.h"
#include "log.h"
#include "spy_types.h"
#include "util.h"
#define HEADER_PNG1 0x89
#define HEADER_PNG2 0x50
@ -14,6 +17,16 @@
using namespace std;
extern bool gIsListeningPyq;
extern WxCalls_t g_WxCalls;
extern DWORD g_WeChatWinDllAddr;
typedef struct RawVector {
DWORD start;
DWORD finish;
DWORD end;
} RawVector_t;
static string get_key(uint8_t header1, uint8_t header2, uint8_t *key)
{
// PNG?
@ -77,3 +90,65 @@ bool DecryptImage(string src, string dst)
return true;
}
static int GetFirstPage()
{
int rv = -1;
DWORD pyqCall1 = g_WeChatWinDllAddr + g_WxCalls.pyq.call1;
DWORD pyqCall2 = g_WeChatWinDllAddr + g_WxCalls.pyq.call2;
char buf[0xB44] = { 0 };
__asm {
pushad;
call pyqCall1;
push 0x1;
lea ecx, buf;
push ecx;
mov ecx, eax;
call pyqCall2;
mov rv, eax;
popad;
}
return rv;
}
static int GetNextPage(uint64_t id)
{
int rv = -1;
DWORD pyqCall1 = g_WeChatWinDllAddr + g_WxCalls.pyq.call1;
DWORD pyqCall3 = g_WeChatWinDllAddr + g_WxCalls.pyq.call3;
RawVector_t tmp = { 0 };
__asm {
pushad;
call pyqCall1;
lea ecx, tmp;
push ecx;
mov ebx, dword ptr [id + 0x04];
push ebx;
mov edi, dword ptr [id]
push edi;
mov ecx, eax;
call pyqCall3;
mov rv, eax;
popad;
}
return rv;
}
int RefreshPyq(uint64_t id)
{
if (!gIsListeningPyq) {
LOG_ERROR("没有启动朋友圈消息接收参考enable_receiving_msg");
return -1;
}
if (id == 0) {
return GetFirstPage();
}
return GetNextPage(id);
}

2
WeChatFerry/spy/decrypt_image.h → WeChatFerry/spy/funcs.h
View File

@ -1,5 +1,7 @@
#pragma once
#include "stdint.h"
#include <string>
bool DecryptImage(std::string src, std::string dst);
int RefreshPyq(uint64_t id);

77
WeChatFerry/spy/pyq.cpp
View File

@ -1,77 +0,0 @@
#include "framework.h"
#include "log.h"
#include "spy_types.h"
#include "util.h"
extern bool gIsListeningPyq;
extern WxCalls_t g_WxCalls;
extern DWORD g_WeChatWinDllAddr;
typedef struct RawVector {
DWORD start;
DWORD finish;
DWORD end;
} RawVector_t;
static int GetFirstPage()
{
int rv = -1;
DWORD pyqCall1 = g_WeChatWinDllAddr + g_WxCalls.pyq.call1;
DWORD pyqCall2 = g_WeChatWinDllAddr + g_WxCalls.pyq.call2;
char buf[0xB44] = { 0 };
__asm {
pushad;
call pyqCall1;
push 0x1;
lea ecx, buf;
push ecx;
mov ecx, eax;
call pyqCall2;
mov rv, eax;
popad;
}
return rv;
}
static int GetNextPage(uint64_t id)
{
int rv = -1;
DWORD pyqCall1 = g_WeChatWinDllAddr + g_WxCalls.pyq.call1;
DWORD pyqCall3 = g_WeChatWinDllAddr + g_WxCalls.pyq.call3;
RawVector_t tmp = { 0 };
__asm {
pushad;
call pyqCall1;
lea ecx, tmp;
push ecx;
mov ebx, dword ptr [id + 0x04];
push ebx;
mov edi, dword ptr [id]
push edi;
mov ecx, eax;
call pyqCall3;
mov rv, eax;
popad;
}
return rv;
}
int RefreshPyq(uint64_t id)
{
if (!gIsListeningPyq) {
LOG_ERROR("没有启动朋友圈消息接收参考enable_receiving_msg");
return -1;
}
if (id == 0) {
return GetFirstPage();
}
return GetNextPage(id);
}

5
WeChatFerry/spy/pyq.h
View File

@ -1,5 +0,0 @@
#pragma once
#include "stdint.h"
int RefreshPyq(uint64_t id);

3
WeChatFerry/spy/rpc_server.cpp
View File

@ -18,12 +18,11 @@
#include "chatroom_mgmt.h"
#include "contact_mgmt.h"
#include "decrypt_image.h"
#include "exec_sql.h"
#include "funcs.h"
#include "log.h"
#include "pb_types.h"
#include "pb_util.h"
#include "pyq.h"
#include "receive_msg.h"
#include "receive_transfer.h"
#include "rpc_server.h"