From af477194b51c4fb30086df8b045992782ecf32ea Mon Sep 17 00:00:00 2001 From: Changhua Date: Thu, 23 Nov 2023 22:58:29 +0800 Subject: [PATCH] Refactoring --- WeChatFerry/spy/chatroom_mgmt.cpp | 34 +++---- WeChatFerry/spy/contact_mgmt.cpp | 18 ++-- WeChatFerry/spy/funcs.cpp | 12 +-- WeChatFerry/spy/receive_transfer.cpp | 20 ++--- WeChatFerry/spy/send_msg.cpp | 128 +++++++++------------------ WeChatFerry/spy/spy_types.h | 29 ++++-- 6 files changed, 89 insertions(+), 152 deletions(-) diff --git a/WeChatFerry/spy/chatroom_mgmt.cpp b/WeChatFerry/spy/chatroom_mgmt.cpp index e064178..a61081a 100644 --- a/WeChatFerry/spy/chatroom_mgmt.cpp +++ b/WeChatFerry/spy/chatroom_mgmt.cpp @@ -1,4 +1,4 @@ -#include "framework.h" +#include "framework.h" #include #include @@ -24,24 +24,18 @@ int AddChatroomMember(string roomid, string wxids) DWORD addRoomMemberCall2 = g_WeChatWinDllAddr + g_WxCalls.arm.call2; DWORD addRoomMemberCall3 = g_WeChatWinDllAddr + g_WxCalls.arm.call3; - DWORD temp = 0; - WxString_t txtRoomid = { 0 }; - wstring wsRoomid = String2Wstring(roomid); - txtRoomid.text = (wchar_t *)wsRoomid.c_str(); - txtRoomid.size = wsRoomid.size(); - txtRoomid.capacity = wsRoomid.capacity(); + DWORD temp = 0; + wstring wsRoomid = String2Wstring(roomid); + WxString txtRoomid(wsRoomid); vector vMembers; - vector vTxtMembers; + vector vTxtMembers; wstringstream wss(String2Wstring(wxids)); while (wss.good()) { wstring wstr; getline(wss, wstr, L','); vMembers.push_back(wstr); - WxString_t txtMember = { 0 }; - txtMember.text = (wchar_t *)vMembers.back().c_str(); - txtMember.size = vMembers.back().size(); - txtMember.capacity = vMembers.back().capacity(); + WxString txtMember(vMembers.back()); vTxtMembers.push_back(txtMember); } @@ -84,24 +78,18 @@ int DelChatroomMember(string roomid, string wxids) DWORD delRoomMemberCall2 = g_WeChatWinDllAddr + g_WxCalls.drm.call2; DWORD delRoomMemberCall3 = g_WeChatWinDllAddr + g_WxCalls.drm.call3; - DWORD temp = 0; - WxString_t txtRoomid = { 0 }; - wstring wsRoomid = String2Wstring(roomid); - txtRoomid.text = (wchar_t *)wsRoomid.c_str(); - txtRoomid.size = wsRoomid.size(); - txtRoomid.capacity = wsRoomid.capacity(); + DWORD temp = 0; + wstring wsRoomid = String2Wstring(roomid); + WxString txtRoomid(wsRoomid); vector vMembers; - vector vTxtMembers; + vector vTxtMembers; wstringstream wss(String2Wstring(wxids)); while (wss.good()) { wstring wstr; getline(wss, wstr, L','); vMembers.push_back(wstr); - WxString_t txtMember = { 0 }; - txtMember.text = (wchar_t *)vMembers.back().c_str(); - txtMember.size = vMembers.back().size(); - txtMember.capacity = vMembers.back().capacity(); + WxString txtMember(vMembers.back()); vTxtMembers.push_back(txtMember); } diff --git a/WeChatFerry/spy/contact_mgmt.cpp b/WeChatFerry/spy/contact_mgmt.cpp index bb9780b..f985de5 100644 --- a/WeChatFerry/spy/contact_mgmt.cpp +++ b/WeChatFerry/spy/contact_mgmt.cpp @@ -5,6 +5,7 @@ #include "log.h" #include "util.h" +using namespace std; extern WxCalls_t g_WxCalls; extern DWORD g_WeChatWinDllAddr; @@ -90,7 +91,7 @@ vector GetContacts() return contacts; } -int AcceptNewFriend(std::string v3, std::string v4, int scene) +int AcceptNewFriend(string v3, string v4, int scene) { int success = 0; @@ -103,18 +104,11 @@ int AcceptNewFriend(std::string v3, std::string v4, int scene) char nullbuffer[0x3CC] = { 0 }; LOG_DEBUG("\nv3: {}\nv4: {}\nscene: {}", v3, v4, scene); - WxString_t wxV3 = { 0 }; - WxString_t wxV4 = { 0 }; - std::wstring wsV3 = String2Wstring(v3); - std::wstring wsV4 = String2Wstring(v4); - wxV3.text = (wchar_t *)wsV3.c_str(); - wxV3.size = wsV3.size(); - wxV3.capacity = wsV3.capacity(); - - wxV4.text = (wchar_t *)wsV4.c_str(); - wxV4.size = wsV4.size(); - wxV4.capacity = wsV4.capacity(); + wstring wsV3 = String2Wstring(v3); + wstring wsV4 = String2Wstring(v4); + WxString wxV3(wsV3); + WxString wxV4(wsV4); __asm { pushad; diff --git a/WeChatFerry/spy/funcs.cpp b/WeChatFerry/spy/funcs.cpp index b6206dc..45902a3 100644 --- a/WeChatFerry/spy/funcs.cpp +++ b/WeChatFerry/spy/funcs.cpp @@ -260,16 +260,8 @@ string DownloadAttach(uint64_t id, string thumb, string extra) wstring wsSavePath = String2Wstring(save_path); wstring wsThumbPath = String2Wstring(thumb_path); - WxString_t wxSavePath = { 0 }; - WxString_t wxThumbPath = { 0 }; - - wxSavePath.text = (wchar_t *)wsSavePath.c_str(); - wxSavePath.size = wsSavePath.size(); - wxSavePath.capacity = wsSavePath.capacity(); - - wxThumbPath.text = (wchar_t *)wsThumbPath.c_str(); - wxThumbPath.size = wsThumbPath.size(); - wxThumbPath.capacity = wsThumbPath.capacity(); + WxString wxSavePath(wsSavePath); + WxString wxThumbPath(wsThumbPath); int temp = 1; memcpy(&buff[0x19C], &wxThumbPath, sizeof(wxThumbPath)); diff --git a/WeChatFerry/spy/receive_transfer.cpp b/WeChatFerry/spy/receive_transfer.cpp index 6e1f006..a31960d 100644 --- a/WeChatFerry/spy/receive_transfer.cpp +++ b/WeChatFerry/spy/receive_transfer.cpp @@ -17,22 +17,12 @@ int ReceiveTransfer(string wxid, string transferid, string transactionid) char payInfo[0x134] = { 0 }; wstring wsWxid = String2Wstring(wxid); - WxString_t wxWxid = { 0 }; - wxWxid.text = (wchar_t *)wsWxid.c_str(); - wxWxid.size = wsWxid.size(); - wxWxid.capacity = wsWxid.capacity(); + wstring wsTfid = String2Wstring(transferid); + wstring wsTaid = String2Wstring(transactionid); - wstring wsTfid = String2Wstring(transferid); - WxString_t wxTfid = { 0 }; - wxTfid.text = (wchar_t *)wsTfid.c_str(); - wxTfid.size = wsTfid.size(); - wxTfid.capacity = wsTfid.capacity(); - - wstring wsTaid = String2Wstring(transactionid); - WxString_t wxTaid = { 0 }; - wxTaid.text = (wchar_t *)wsTaid.c_str(); - wxTaid.size = wsTaid.size(); - wxTaid.capacity = wsTaid.capacity(); + WxString wxWxid(wsWxid); + WxString wxTfid(wsTfid); + WxString wxTaid(wsTaid); LOG_DEBUG("Receiving transfer, from: {}, transferid: {}, transactionid: {}", wxid, transferid, transactionid); __asm { diff --git a/WeChatFerry/spy/send_msg.cpp b/WeChatFerry/spy/send_msg.cpp index 795f6bf..5088b9d 100644 --- a/WeChatFerry/spy/send_msg.cpp +++ b/WeChatFerry/spy/send_msg.cpp @@ -15,8 +15,6 @@ void SendTextMessage(string wxid, string msg, string atWxids) { int success = 0; char buffer[0x2D8] = { 0 }; - WxString_t wxMsg = { 0 }; - WxString_t wxWxid = { 0 }; // 发送消息Call地址 = 微信基址 + 偏移 DWORD sendCall1 = g_WeChatWinDllAddr + g_WxCalls.sendText.call1; @@ -25,16 +23,10 @@ void SendTextMessage(string wxid, string msg, string atWxids) wstring wsWxid = String2Wstring(wxid); wstring wsMsg = String2Wstring(msg); + WxString wxMsg(wsMsg); + WxString wxWxid(wsWxid); - wxMsg.text = (wchar_t *)wsMsg.c_str(); - wxMsg.size = wsMsg.size(); - wxMsg.capacity = wsMsg.capacity(); - - wxWxid.text = (wchar_t *)wsWxid.c_str(); - wxWxid.size = wsWxid.size(); - wxWxid.capacity = wsWxid.capacity(); - - vector vTxtAtWxids; + vector vWxAtWxids; if (!atWxids.empty()) { vector vAtWxids; wstringstream wss(String2Wstring(atWxids)); @@ -42,11 +34,8 @@ void SendTextMessage(string wxid, string msg, string atWxids) wstring wstr; getline(wss, wstr, L','); vAtWxids.push_back(wstr); - WxString_t txtAtWxid = { 0 }; - txtAtWxid.text = (wchar_t *)vAtWxids.back().c_str(); - txtAtWxid.size = vAtWxids.back().size(); - txtAtWxid.capacity = vAtWxids.back().capacity(); - vTxtAtWxids.push_back(txtAtWxid); + WxString wxAtWxid(vAtWxids.back()); + vWxAtWxids.push_back(wxAtWxid); } } @@ -58,7 +47,7 @@ void SendTextMessage(string wxid, string msg, string atWxids) push 0x0; push 0x0; push 0x1; - lea eax, vTxtAtWxids; + lea eax, vWxAtWxids; push eax; lea eax, wxMsg; push eax; @@ -78,23 +67,16 @@ void SendImageMessage(string wxid, string path) if (g_WeChatWinDllAddr == 0) { return; } - int success = 0; - DWORD tmpEAX = 0; - char buf[0x2D8] = { 0 }; - WxString_t imgWxid = { 0 }; - WxString_t imgPath = { 0 }; - WxString_t nullbuffer = { 0 }; + int success = 0; + DWORD tmpEAX = 0; + char buf[0x2D8] = { 0 }; wstring wsWxid = String2Wstring(wxid); - wstring wspath = String2Wstring(path); + wstring wsPath = String2Wstring(path); - imgWxid.text = (wchar_t *)wsWxid.c_str(); - imgWxid.size = wsWxid.size(); - imgWxid.capacity = wsWxid.capacity(); - - imgPath.text = (wchar_t *)wspath.c_str(); - imgPath.size = wspath.size(); - imgPath.capacity = wspath.capacity(); + WxString wxWxid(wsWxid); + WxString wxPath(wsPath); + WxString nullbuffer; // 发送图片Call地址 = 微信基址 + 偏移 DWORD sendCall1 = g_WeChatWinDllAddr + g_WxCalls.sendImg.call1; @@ -109,11 +91,11 @@ void SendImageMessage(string wxid, string path) mov tmpEAX,eax; lea eax,nullbuffer; mov ecx,esp; - lea edi,imgPath; + lea edi,wxPath; push eax; call sendCall2; mov ecx,dword ptr [tmpEAX]; - lea eax,imgWxid; + lea eax,wxWxid; push edi; push eax; lea eax,buf; @@ -131,23 +113,16 @@ void SendFileMessage(string wxid, string path) if (g_WeChatWinDllAddr == 0) { return; } - int success = 0; - DWORD tmpEAX = 0; - char buffer[0x2D8] = { 0 }; - WxString_t fileWxid = { 0 }; - WxString_t filePath = { 0 }; - WxString_t nullbuffer = { 0 }; + int success = 0; + DWORD tmpEAX = 0; + char buffer[0x2D8] = { 0 }; wstring wsWxid = String2Wstring(wxid); - wstring wspath = String2Wstring(path); + wstring wsPath = String2Wstring(path); - fileWxid.text = (wchar_t *)wsWxid.c_str(); - fileWxid.size = wsWxid.size(); - fileWxid.capacity = wsWxid.capacity(); - - filePath.text = (wchar_t *)wspath.c_str(); - filePath.size = wspath.size(); - filePath.capacity = wspath.capacity(); + WxString wxWxid(wsWxid); + WxString wxPath(wsPath); + WxString nullbuffer; // 发送文件Call地址 = 微信基址 + 偏移 DWORD sendCall1 = g_WeChatWinDllAddr + g_WxCalls.sendFile.call1; @@ -174,12 +149,12 @@ void SendFileMessage(string wxid, string path) mov dword ptr[edi + 0xc], 0; mov dword ptr[edi + 0x10], 0; sub esp, 0x14; - lea eax, filePath; + lea eax, wxPath; mov ecx, esp; push eax; call sendCall2; sub esp, 0x14; - lea eax, fileWxid; + lea eax, wxWxid; mov ecx, esp; push eax; call sendCall2; @@ -209,35 +184,22 @@ void SendXmlMessage(string receiver, string xml, string path, int type) DWORD sendXmlCall4 = g_WeChatWinDllAddr + g_WxCalls.sendXml.call4; DWORD sendXmlParam = g_WeChatWinDllAddr + g_WxCalls.sendXml.param; - char buffer[0xFF0] = { 0 }; - char nullBuf[0x1C] = { 0 }; - WxString_t wxReceiver = { 0 }; - WxString_t wxXml = { 0 }; - WxString_t wxPath = { 0 }; - WxString_t wxNull = { 0 }; - WxString_t wxSender = { 0 }; + char buffer[0xFF0] = { 0 }; + char nullBuf[0x1C] = { 0 }; wstring wsSender = String2Wstring(GetSelfWxid()); wstring wsReceiver = String2Wstring(receiver); wstring wsXml = String2Wstring(xml); - wxReceiver.text = (wchar_t *)wsReceiver.c_str(); - wxReceiver.size = wsReceiver.size(); - wxReceiver.capacity = wsReceiver.capacity(); - - wxXml.text = (wchar_t *)wsXml.c_str(); - wxXml.size = wsXml.size(); - wxXml.capacity = wsXml.capacity(); - - wxSender.text = (wchar_t *)wsSender.c_str(); - wxSender.size = wsSender.size(); - wxSender.capacity = wsSender.capacity(); + WxString wxPath; + WxString wxNull; + WxString wxXml(wsXml); + WxString wxSender(wsSender); + WxString wxReceiver(wsReceiver); if (!path.empty()) { - wstring wsPath = String2Wstring(path); - wxPath.text = (wchar_t *)wsPath.c_str(); - wxPath.size = wsPath.size(); - wxPath.capacity = wsPath.capacity(); + wstring wsPath = String2Wstring(path); + wxPath = WxString(wsPath); } DWORD sendtype = type; @@ -281,21 +243,13 @@ void SendEmotionMessage(string wxid, string path) return; } - char buffer[0x1C] = { 0 }; - WxString_t emoWxid = { 0 }; - WxString_t emoPath = { 0 }; - WxString_t nullbuffer = { 0 }; + char buffer[0x1C] = { 0 }; + wstring wsWxid = String2Wstring(wxid); + wstring wsPath = String2Wstring(path); - wstring wsWxid = String2Wstring(wxid); - wstring wspath = String2Wstring(path); - - emoWxid.text = (wchar_t *)wsWxid.c_str(); - emoWxid.size = wsWxid.size(); - emoWxid.capacity = wsWxid.capacity(); - - emoPath.text = (wchar_t *)wspath.c_str(); - emoPath.size = wspath.size(); - emoPath.capacity = wspath.capacity(); + WxString wxWxid(wsWxid); + WxString wxPath(wsPath); + WxString nullbuffer; // 发送文件Call地址 = 微信基址 + 偏移 DWORD sendCall1 = g_WeChatWinDllAddr + g_WxCalls.sendEmo.call1; @@ -317,7 +271,7 @@ void SendEmotionMessage(string wxid, string path) mov dword ptr [esi+0xC], 0x0; mov dword ptr [esi+0x10], 0x0; push 0x2; - lea eax, emoWxid; + lea eax, wxWxid; sub esp, 0x14; mov ecx, esp; push eax; @@ -331,7 +285,7 @@ void SendEmotionMessage(string wxid, string path) mov dword ptr [esi+0x10], 0x0; sub esp, 0x14; mov ecx, esp; - lea eax, emoPath; + lea eax, wxPath; push eax; call sendCall1; mov ecx, ebx; diff --git a/WeChatFerry/spy/spy_types.h b/WeChatFerry/spy/spy_types.h index 0315eb1..ffe6bd0 100644 --- a/WeChatFerry/spy/spy_types.h +++ b/WeChatFerry/spy/spy_types.h @@ -1,6 +1,7 @@ #pragma once #include "framework.h" +#include typedef struct UserInfoCall { DWORD wxid; @@ -102,7 +103,7 @@ typedef struct Pyq { DWORD step; } Pyq_t; -typedef struct DlAttach{ +typedef struct DlAttach { DWORD call1; DWORD call2; DWORD call3; @@ -130,9 +131,27 @@ typedef struct WxCalls { DlAttach_t da; // 下载资源(图片、文件、视频) } WxCalls_t; -typedef struct WxString { - wchar_t *text; +struct WxString { + const wchar_t *wptr; DWORD size; DWORD capacity; - char fill[8]; -} WxString_t; + const char *ptr; + DWORD clen; + WxString() + { + wptr = NULL; + size = 0; + capacity = 0; + ptr = NULL; + clen = 0; + } + + WxString(std::wstring &ws) + { + wptr = ws.c_str(); + size = ws.size(); + capacity = ws.capacity(); + ptr = NULL; + clen = 0; + } +};