From 89c676a1b81858b2018f022d83aa84344c1b6467 Mon Sep 17 00:00:00 2001 From: Changhua Date: Tue, 18 Feb 2025 02:09:22 +0800 Subject: [PATCH] feat(message): impl receive pyq message --- WeChatFerry/spy/message_handler.cpp | 28 +++++++++++----------------- WeChatFerry/spy/message_handler.h | 2 +- WeChatFerry/spy/offsets.h | 8 ++++++++ 3 files changed, 20 insertions(+), 18 deletions(-) diff --git a/WeChatFerry/spy/message_handler.cpp b/WeChatFerry/spy/message_handler.cpp index db3cc1f..64c29cc 100644 --- a/WeChatFerry/spy/message_handler.cpp +++ b/WeChatFerry/spy/message_handler.cpp @@ -16,14 +16,6 @@ extern QWORD g_WeChatWinDllAddr; -#define OS_PYQ_MSG_START 0x30 -#define OS_PYQ_MSG_END 0x38 -#define OS_PYQ_MSG_TS 0x38 -#define OS_PYQ_MSG_XML 0x9B8 -#define OS_PYQ_MSG_SENDER 0x18 -#define OS_PYQ_MSG_CONTENT 0x48 -#define OS_PYQ_MSG_CALL 0x2E42C90 - namespace message { @@ -91,14 +83,14 @@ QWORD Handler::PrintWxLog(QWORD a1, QWORD a2, QWORD a3, QWORD a4, QWORD a5, QWOR return p; } -void Handler::DispatchPyq(QWORD arg1, QWORD arg2, QWORD arg3) +QWORD Handler::DispatchPyq(QWORD arg1, QWORD arg2, QWORD arg3) { auto &handler = getInstance(); - QWORD startAddr = *(QWORD *)(arg2 + OS_PYQ_MSG_START); - QWORD endAddr = *(QWORD *)(arg2 + OS_PYQ_MSG_END); + QWORD startAddr = *(QWORD *)(arg2 + OsRecv::PYQ_START); + QWORD endAddr = *(QWORD *)(arg2 + OsRecv::PYQ_END); if (startAddr == 0) { - return; + return 0; } while (startAddr < endAddr) { @@ -108,10 +100,10 @@ void Handler::DispatchPyq(QWORD arg1, QWORD arg2, QWORD arg3) wxMsg.is_self = false; wxMsg.is_group = false; wxMsg.id = util::get_qword(startAddr); - wxMsg.ts = util::get_dword(startAddr + OS_PYQ_MSG_TS); - wxMsg.xml = util::get_str_by_wstr_addr(startAddr + OS_PYQ_MSG_XML); - wxMsg.sender = util::get_str_by_wstr_addr(startAddr + OS_PYQ_MSG_SENDER); - wxMsg.content = util::get_str_by_wstr_addr(startAddr + OS_PYQ_MSG_CONTENT); + wxMsg.ts = util::get_dword(startAddr + OsRecv::PYQ_TS); + wxMsg.xml = util::get_str_by_wstr_addr(startAddr + OsRecv::PYQ_XML); + wxMsg.sender = util::get_str_by_wstr_addr(startAddr + OsRecv::PYQ_SENDER); + wxMsg.content = util::get_str_by_wstr_addr(startAddr + OsRecv::PYQ_CONTENT); { std::unique_lock lock(handler.mutex_); @@ -121,6 +113,8 @@ void Handler::DispatchPyq(QWORD arg1, QWORD arg2, QWORD arg3) handler.cv_.notify_all(); startAddr += 0x1618; } + + return handler.realRecvPyq(arg1, arg2, arg3); } Handler &Handler::getInstance() @@ -243,7 +237,7 @@ int Handler::ListenPyq() { if (isListeningPyq) return 1; - funcRecvPyq = reinterpret_cast(g_WeChatWinDllAddr + OS_PYQ_MSG_CALL); + funcRecvPyq = reinterpret_cast(g_WeChatWinDllAddr + OsRecv::PYQ_CALL); if (InitializeHook() != MH_OK) return -1; if (MH_CreateHook(funcRecvPyq, &DispatchPyq, reinterpret_cast(&realRecvPyq)) != MH_OK) return -1; if (MH_EnableHook(funcRecvPyq) != MH_OK) return -1; diff --git a/WeChatFerry/spy/message_handler.h b/WeChatFerry/spy/message_handler.h index 2937b11..53e3d1a 100644 --- a/WeChatFerry/spy/message_handler.h +++ b/WeChatFerry/spy/message_handler.h @@ -68,7 +68,7 @@ private: static QWORD DispatchMsg(QWORD arg1, QWORD arg2); static QWORD PrintWxLog(QWORD a1, QWORD a2, QWORD a3, QWORD a4, QWORD a5, QWORD a6, QWORD a7, QWORD a8, QWORD a9, QWORD a10, QWORD a11, QWORD a12); - static void DispatchPyq(QWORD arg1, QWORD arg2, QWORD arg3); + static QWORD DispatchPyq(QWORD arg1, QWORD arg2, QWORD arg3); }; } // namespace message diff --git a/WeChatFerry/spy/offsets.h b/WeChatFerry/spy/offsets.h index ca7ba91..db446de 100644 --- a/WeChatFerry/spy/offsets.h +++ b/WeChatFerry/spy/offsets.h @@ -38,6 +38,14 @@ namespace Message constexpr uint64_t THUMB = 0x280; // 缩略图路径 constexpr uint64_t EXTRA = 0x2A0; // 原图路径 constexpr uint64_t XML = 0x308; // 消息 XML + + constexpr uint64_t PYQ_CALL = 0x2E56080; // 接收朋友圈 Call + constexpr uint64_t PYQ_START = 0x30; // 开始地址 + constexpr uint64_t PYQ_END = 0x38; // 结束地址 + constexpr uint64_t PYQ_SENDER = 0x18; // 发布者 + constexpr uint64_t PYQ_TS = 0x38; // 时间戳 + constexpr uint64_t PYQ_CONTENT = 0x48; // 文本内容 + constexpr uint64_t PYQ_XML = 0x9B8; // 其他内容 } } }