diff --git a/sdk/injector.cpp b/sdk/injector.cpp index 38e5f97..3717708 100644 --- a/sdk/injector.cpp +++ b/sdk/injector.cpp @@ -88,3 +88,35 @@ bool CallDllFunc(HANDLE process, LPCWSTR dllPath, HMODULE dllBase, LPCSTR funcNa CloseHandle(hThread); return true; } + +bool CallDllFuncEx(HANDLE process, LPCWSTR dllPath, HMODULE dllBase, LPCSTR funcName, LPVOID parameter, size_t sz, + DWORD *ret) +{ + void *pFunc = GetFuncAddr(dllPath, dllBase, funcName); + if (pFunc == NULL) { + return false; + } + + LPVOID pRemoteAddress = VirtualAllocEx(process, NULL, sz, MEM_COMMIT, PAGE_READWRITE); + if (pRemoteAddress == NULL) { + MessageBox(NULL, L"申请内存失败", L"CallDllFuncEx", 0); + return NULL; + } + + WriteProcessMemory(process, pRemoteAddress, parameter, sz, NULL); + + HANDLE hThread = CreateRemoteThread(process, NULL, 0, (LPTHREAD_START_ROUTINE)pFunc, pRemoteAddress, 0, NULL); + if (hThread == NULL) { + VirtualFree(pRemoteAddress, 0, MEM_RELEASE); + MessageBox(NULL, L"远程调用失败", L"CallDllFuncEx", 0); + return false; + } + WaitForSingleObject(hThread, INFINITE); + VirtualFree(pRemoteAddress, 0, MEM_RELEASE); + if (ret != NULL) { + GetExitCodeThread(hThread, ret); + } + + CloseHandle(hThread); + return true; +} diff --git a/sdk/injector.h b/sdk/injector.h index 67d33a5..e212a0e 100644 --- a/sdk/injector.h +++ b/sdk/injector.h @@ -5,3 +5,5 @@ HANDLE InjectDll(DWORD pid, LPCWSTR dllPath, HMODULE *injectedBase); bool EjectDll(HANDLE process, HMODULE dllBase); bool CallDllFunc(HANDLE process, LPCWSTR dllPath, HMODULE dllBase, LPCSTR funcName, LPVOID parameter, DWORD *ret); +bool CallDllFuncEx(HANDLE process, LPCWSTR dllPath, HMODULE dllBase, LPCSTR funcName, LPVOID parameter, size_t sz, + DWORD *ret); diff --git a/sdk/sdk.cpp b/sdk/sdk.cpp index 3073711..b720a4d 100644 --- a/sdk/sdk.cpp +++ b/sdk/sdk.cpp @@ -1,10 +1,10 @@ #include "Shlwapi.h" #include "framework.h" +#include #include #include #include "injector.h" -#include "log.h" #include "sdk.h" #include "util.h" @@ -17,7 +17,6 @@ static WCHAR spyDllPath[MAX_PATH] = { 0 }; static int GetDllPath(bool debug, wchar_t *dllPath) { - InitLogger(); GetModuleFileName(GetModuleHandle(WECHATSDKDLL), spyDllPath, MAX_PATH); PathRemoveFileSpec(spyDllPath); if (debug) { @@ -27,7 +26,7 @@ static int GetDllPath(bool debug, wchar_t *dllPath) } if (!PathFileExists(spyDllPath)) { - LOG_ERROR("DLL does not exists: {}.", Wstring2String(spyDllPath)); + MessageBox(NULL, spyDllPath, L"文件不存在", 0); return ERROR_FILE_NOT_FOUND; } @@ -46,26 +45,30 @@ int WxInitSDK(bool debug, int port) status = OpenWeChat(&wcPid); if (status != 0) { - LOG_ERROR("OpenWeChat failed: {}.", status); + MessageBox(NULL, L"打开微信失败", L"WxInitSDK", 0); return status; } Sleep(2000); // 等待微信打开 wcProcess = InjectDll(wcPid, spyDllPath, &spyBase); if (wcProcess == NULL) { - LOG_ERROR("Failed to Inject DLL into WeChat."); + MessageBox(NULL, L"注入失败", L"WxInitSDK", 0); return -1; } - if (!CallDllFunc(wcProcess, spyDllPath, spyBase, "InitSpy", (LPVOID)port, NULL)) { - LOG_ERROR("Failed to InitSpy."); + PortPath_t pp = { 0 }; + pp.port = port; + sprintf_s(pp.path, MAX_PATH, "%s", std::filesystem::current_path().string().c_str()); + + if (!CallDllFuncEx(wcProcess, spyDllPath, spyBase, "InitSpy", (LPVOID)&pp, sizeof(PortPath_t), NULL)) { + MessageBox(NULL, L"初始化失败", L"WxInitSDK", 0); return -1; } #ifdef WCF FILE *fd = fopen(WCF_LOCK, "wb"); if (fd == NULL) { - LOG_ERROR("Failed to open {}.", WCF_LOCK); + MessageBox(NULL, L"无法打开lock文件", L"WxInitSDK", 0); return -2; } fwrite((uint8_t *)&debug, sizeof(debug), 1, fd); @@ -83,19 +86,19 @@ int WxDestroySDK() bool debug; DWORD pid = GetWeChatPid(); if (pid == 0) { - LOG_ERROR("WeChat is not running."); + MessageBox(NULL, L"微信未运行", L"WxDestroySDK", 0); return status; } wcProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid); if (wcProcess == NULL) { - LOG_ERROR("WeChat is not running."); + MessageBox(NULL, L"微信未运行", L"WxDestroySDK", 0); return -1; } FILE *fd = fopen(WCF_LOCK, "rb"); if (fd == NULL) { - LOG_ERROR("Failed to open {}.", WCF_LOCK); + MessageBox(NULL, L"无法打开lock文件", L"WxDestroySDK", 0); return -2; } fread((uint8_t *)&debug, sizeof(debug), 1, fd); @@ -111,14 +114,12 @@ int WxDestroySDK() } if (!CallDllFunc(wcProcess, spyDllPath, spyBase, "CleanupSpy", NULL, NULL)) { - LOG_ERROR("Failed to CleanupSpy."); return -1; } if (!EjectDll(wcProcess, spyBase)) { - LOG_ERROR("Failed to Eject DLL."); return -1; // TODO: Unify error codes } - LOG_INFO("WxDestroySDK done."); + return 0; } diff --git a/spy/log.cpp b/spy/log.cpp index 9b432ab..50e8d58 100644 --- a/spy/log.cpp +++ b/spy/log.cpp @@ -1,27 +1,34 @@ +#include + #include "log.h" +#include "util.h" #define LOGGER_NAME "WCF" -#define LOGGER_FILE_NAME "logs/wcf.txt" +#define LOGGER_FILE_NAME "/logs/wcf.txt" #define LOGGER_MAX_SIZE 1024 * 1024 * 10 // 10M #define LOGGER_MAX_FILES 10 // 10 files -void InitLogger() +void InitLogger(std::string path) { - static std::shared_ptr gLogger = nullptr; - if (gLogger != nullptr) { + static std::shared_ptr logger = nullptr; + if (logger != nullptr) { return; } - gLogger = spdlog::rotating_logger_mt(LOGGER_NAME, LOGGER_FILE_NAME, LOGGER_MAX_SIZE, LOGGER_MAX_FILES); - // gLogger = spdlog::stdout_color_mt("console"); + auto filename = std::filesystem::path(path + LOGGER_FILE_NAME).make_preferred().string(); + try { + logger = spdlog::rotating_logger_mt(LOGGER_NAME, filename, LOGGER_MAX_SIZE, LOGGER_MAX_FILES); + } catch (const spdlog::spdlog_ex &ex) { + MessageBox(NULL, String2Wstring(ex.what()).c_str(), L"Init LOGGER ERROR", 0); + } - spdlog::set_default_logger(gLogger); - gLogger->set_pattern("[%Y-%m-%d %H:%M:%S.%e] [%l] [%n] [%s::%#::%!] %v"); + spdlog::set_default_logger(logger); + logger->set_pattern("[%Y-%m-%d %H:%M:%S.%e] [%l] [%n] [%s::%#::%!] %v"); #if SPDLOG_ACTIVE_LEVEL <= SPDLOG_LEVEL_DEBUG spdlog::set_level(spdlog::level::debug); - gLogger->flush_on(spdlog::level::debug); + logger->flush_on(spdlog::level::debug); #else - gLogger->flush_on(spdlog::level::info); + logger->flush_on(spdlog::level::info); #endif LOG_DEBUG("InitLogger with debug level"); } diff --git a/spy/log.h b/spy/log.h index c6a2926..dbc66d5 100644 --- a/spy/log.h +++ b/spy/log.h @@ -1,5 +1,7 @@ #pragma once +#include + #ifdef ENABLE_DEBUG_LOG #include @@ -19,4 +21,4 @@ void log_buffer(uint8_t *buffer, size_t len); #define LOG_WARN(...) SPDLOG_WARN(__VA_ARGS__); #define LOG_ERROR(...) SPDLOG_ERROR(__VA_ARGS__); -void InitLogger(); +void InitLogger(std::string path); diff --git a/spy/spy.cpp b/spy/spy.cpp index 5f7d33e..55c98ba 100644 --- a/spy/spy.cpp +++ b/spy/spy.cpp @@ -1,16 +1,22 @@ -#include "spy.h" +#include + #include "load_calls.h" #include "log.h" #include "rpc_server.h" +#include "spy.h" #include "util.h" WxCalls_t g_WxCalls = { 0 }; DWORD g_WeChatWinDllAddr = 0; -void InitSpy(int port) +void InitSpy(LPVOID args) { wchar_t version[16] = { 0 }; - InitLogger(); + PortPath_t *pp = (PortPath_t *)args; + int port = pp->port; + std::string path(pp->path); + + InitLogger(path); g_WeChatWinDllAddr = (DWORD)GetModuleHandle(L"WeChatWin.dll"); // 获取wechatWin模块地址 if (g_WeChatWinDllAddr == 0) { LOG_ERROR("获取wechatWin.dll模块地址失败"); diff --git a/spy/util.h b/spy/util.h index 147f706..5d5344e 100644 --- a/spy/util.h +++ b/spy/util.h @@ -13,6 +13,11 @@ #define GET_WSTRING(addr) ((WCHAR *)(*(DWORD *)(addr))) #define GET_STRING_FROM_P(addr) ((CHAR *)(addr)) +typedef struct PortPath { + int port; + char path[MAX_PATH]; +} PortPath_t; + DWORD GetWeChatPid(); int OpenWeChat(DWORD *pid); int GetWeChatVersion(wchar_t *version); diff --git a/wcf/main.cpp b/wcf/main.cpp index 98ff667..43d797b 100644 --- a/wcf/main.cpp +++ b/wcf/main.cpp @@ -2,14 +2,11 @@ #include #include -#include "framework.h" - -#include "log.h" #include "sdk.h" void help() { - LOG_INFO("\nUsage: \n启动: wcf.exe start port [debug]\n关闭: wcf.exe stop\nport: 命令端口, 消息端口为命令端口+1\n"); + printf("\nUsage: \n启动: wcf.exe start port [debug]\n关闭: wcf.exe stop\nport: 命令端口, 消息端口为命令端口+1\n"); } int main(int argc, char *argv[]) @@ -34,4 +31,4 @@ int main(int argc, char *argv[]) } return ret; -} \ No newline at end of file +}