From 44a259775f8280e75cad99bb736a3f369bfda9df Mon Sep 17 00:00:00 2001 From: Changhua Date: Sun, 30 Jul 2023 23:26:20 +0800 Subject: [PATCH] Refactoring --- WeChatFerry/spy/Spy.vcxproj | 6 +- WeChatFerry/spy/Spy.vcxproj.filters | 10 +-- .../spy/{decrypt_image.cpp => funcs.cpp} | 79 ++++++++++++++++++- WeChatFerry/spy/{decrypt_image.h => funcs.h} | 2 + WeChatFerry/spy/pyq.cpp | 77 ------------------ WeChatFerry/spy/pyq.h | 5 -- WeChatFerry/spy/rpc_server.cpp | 3 +- 7 files changed, 84 insertions(+), 98 deletions(-) rename WeChatFerry/spy/{decrypt_image.cpp => funcs.cpp} (50%) rename WeChatFerry/spy/{decrypt_image.h => funcs.h} (63%) delete mode 100644 WeChatFerry/spy/pyq.cpp delete mode 100644 WeChatFerry/spy/pyq.h diff --git a/WeChatFerry/spy/Spy.vcxproj b/WeChatFerry/spy/Spy.vcxproj index 0b34661..973b9d2 100644 --- a/WeChatFerry/spy/Spy.vcxproj +++ b/WeChatFerry/spy/Spy.vcxproj @@ -227,13 +227,12 @@ $(SolutionDir)rpc\tool\protoc --nanopb_out=. wcf.proto - + - @@ -252,13 +251,12 @@ $(SolutionDir)rpc\tool\protoc --nanopb_out=. wcf.proto - + - diff --git a/WeChatFerry/spy/Spy.vcxproj.filters b/WeChatFerry/spy/Spy.vcxproj.filters index 967ac9d..f8b47c4 100644 --- a/WeChatFerry/spy/Spy.vcxproj.filters +++ b/WeChatFerry/spy/Spy.vcxproj.filters @@ -81,7 +81,7 @@ 头文件 - + 头文件 @@ -90,9 +90,6 @@ 头文件 - - 头文件 - @@ -146,15 +143,12 @@ 源文件 - + 源文件 源文件 - - 源文件 - diff --git a/WeChatFerry/spy/decrypt_image.cpp b/WeChatFerry/spy/funcs.cpp similarity index 50% rename from WeChatFerry/spy/decrypt_image.cpp rename to WeChatFerry/spy/funcs.cpp index 8be811d..aa940cd 100644 --- a/WeChatFerry/spy/decrypt_image.cpp +++ b/WeChatFerry/spy/funcs.cpp @@ -1,9 +1,12 @@ -#pragma warning( disable: 4244 ) +#pragma warning(disable : 4244) +#include "framework.h" #include -#include "decrypt_image.h" +#include "funcs.h" #include "log.h" +#include "spy_types.h" +#include "util.h" #define HEADER_PNG1 0x89 #define HEADER_PNG2 0x50 @@ -14,6 +17,16 @@ using namespace std; +extern bool gIsListeningPyq; +extern WxCalls_t g_WxCalls; +extern DWORD g_WeChatWinDllAddr; + +typedef struct RawVector { + DWORD start; + DWORD finish; + DWORD end; +} RawVector_t; + static string get_key(uint8_t header1, uint8_t header2, uint8_t *key) { // PNG? @@ -77,3 +90,65 @@ bool DecryptImage(string src, string dst) return true; } + +static int GetFirstPage() +{ + int rv = -1; + DWORD pyqCall1 = g_WeChatWinDllAddr + g_WxCalls.pyq.call1; + DWORD pyqCall2 = g_WeChatWinDllAddr + g_WxCalls.pyq.call2; + + char buf[0xB44] = { 0 }; + __asm { + pushad; + call pyqCall1; + push 0x1; + lea ecx, buf; + push ecx; + mov ecx, eax; + call pyqCall2; + mov rv, eax; + popad; + } + + return rv; +} + +static int GetNextPage(uint64_t id) +{ + int rv = -1; + DWORD pyqCall1 = g_WeChatWinDllAddr + g_WxCalls.pyq.call1; + DWORD pyqCall3 = g_WeChatWinDllAddr + g_WxCalls.pyq.call3; + + RawVector_t tmp = { 0 }; + + __asm { + pushad; + call pyqCall1; + lea ecx, tmp; + push ecx; + mov ebx, dword ptr [id + 0x04]; + push ebx; + mov edi, dword ptr [id] + push edi; + mov ecx, eax; + call pyqCall3; + mov rv, eax; + popad; + } + + return rv; +} + +int RefreshPyq(uint64_t id) +{ + if (!gIsListeningPyq) { + LOG_ERROR("没有启动朋友圈消息接收,参考:enable_receiving_msg"); + return -1; + } + + if (id == 0) { + return GetFirstPage(); + } + + return GetNextPage(id); +} diff --git a/WeChatFerry/spy/decrypt_image.h b/WeChatFerry/spy/funcs.h similarity index 63% rename from WeChatFerry/spy/decrypt_image.h rename to WeChatFerry/spy/funcs.h index 727726c..7c4f739 100644 --- a/WeChatFerry/spy/decrypt_image.h +++ b/WeChatFerry/spy/funcs.h @@ -1,5 +1,7 @@ #pragma once +#include "stdint.h" #include bool DecryptImage(std::string src, std::string dst); +int RefreshPyq(uint64_t id); diff --git a/WeChatFerry/spy/pyq.cpp b/WeChatFerry/spy/pyq.cpp deleted file mode 100644 index 7172318..0000000 --- a/WeChatFerry/spy/pyq.cpp +++ /dev/null @@ -1,77 +0,0 @@ -#include "framework.h" - -#include "log.h" -#include "spy_types.h" -#include "util.h" - -extern bool gIsListeningPyq; -extern WxCalls_t g_WxCalls; -extern DWORD g_WeChatWinDllAddr; - -typedef struct RawVector { - DWORD start; - DWORD finish; - DWORD end; -} RawVector_t; - -static int GetFirstPage() -{ - int rv = -1; - DWORD pyqCall1 = g_WeChatWinDllAddr + g_WxCalls.pyq.call1; - DWORD pyqCall2 = g_WeChatWinDllAddr + g_WxCalls.pyq.call2; - - char buf[0xB44] = { 0 }; - __asm { - pushad; - call pyqCall1; - push 0x1; - lea ecx, buf; - push ecx; - mov ecx, eax; - call pyqCall2; - mov rv, eax; - popad; - } - - return rv; -} - -static int GetNextPage(uint64_t id) -{ - int rv = -1; - DWORD pyqCall1 = g_WeChatWinDllAddr + g_WxCalls.pyq.call1; - DWORD pyqCall3 = g_WeChatWinDllAddr + g_WxCalls.pyq.call3; - - RawVector_t tmp = { 0 }; - - __asm { - pushad; - call pyqCall1; - lea ecx, tmp; - push ecx; - mov ebx, dword ptr [id + 0x04]; - push ebx; - mov edi, dword ptr [id] - push edi; - mov ecx, eax; - call pyqCall3; - mov rv, eax; - popad; - } - - return rv; -} - -int RefreshPyq(uint64_t id) -{ - if (!gIsListeningPyq) { - LOG_ERROR("没有启动朋友圈消息接收,参考:enable_receiving_msg"); - return -1; - } - - if (id == 0) { - return GetFirstPage(); - } - - return GetNextPage(id); -} diff --git a/WeChatFerry/spy/pyq.h b/WeChatFerry/spy/pyq.h deleted file mode 100644 index 13d7eeb..0000000 --- a/WeChatFerry/spy/pyq.h +++ /dev/null @@ -1,5 +0,0 @@ -#pragma once - -#include "stdint.h" - -int RefreshPyq(uint64_t id); diff --git a/WeChatFerry/spy/rpc_server.cpp b/WeChatFerry/spy/rpc_server.cpp index 32a1686..2e08bae 100644 --- a/WeChatFerry/spy/rpc_server.cpp +++ b/WeChatFerry/spy/rpc_server.cpp @@ -18,12 +18,11 @@ #include "chatroom_mgmt.h" #include "contact_mgmt.h" -#include "decrypt_image.h" #include "exec_sql.h" +#include "funcs.h" #include "log.h" #include "pb_types.h" #include "pb_util.h" -#include "pyq.h" #include "receive_msg.h" #include "receive_transfer.h" #include "rpc_server.h"