cyonjan/WeChatFerry
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix sendXML

Browse Source
This commit is contained in:
Changhua 2024-11-01 00:29:11 +08:00
parent da07270461
commit b05756fec3
1 changed files with 15 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
WeChatFerry/spy/send_msg.cpp
View File

@ -1,4 +1,5 @@
#include "framework.h" 
#include "framework.h"
#include <sstream> #include <sstream>
#include <vector> #include <vector>
@ -28,7 +29,7 @@ extern string GetSelfWxid(); // Defined in spy.cpp
#define OS_FORWARD_MSG 0x22C60E0 #define OS_FORWARD_MSG 0x22C60E0
#define OS_GET_EMOTION_MGR 0x1BCEF10 #define OS_GET_EMOTION_MGR 0x1BCEF10
#define OS_SEND_EMOTION 0x21B52D5 #define OS_SEND_EMOTION 0x21B52D5
#define OS_XML_BUGSIGN 0x24F0D70 #define OS_XML_BUFSIGN 0x24F0D70
#define OS_SEND_XML 0x20CF360 #define OS_SEND_XML 0x20CF360
typedef QWORD (*New_t)(QWORD); typedef QWORD (*New_t)(QWORD);
@ -45,8 +46,8 @@ typedef QWORD (*ForwardMsg_t)(QWORD, QWORD, QWORD, QWORD);
typedef QWORD (*GetEmotionMgr_t)(); typedef QWORD (*GetEmotionMgr_t)();
typedef QWORD (*SendEmotion_t)(QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD); typedef QWORD (*SendEmotion_t)(QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD);
typedef QWORD (*__XmlBufSignFunc)(QWORD, QWORD, QWORD); typedef QWORD (*XmlBufSign_t)(QWORD, QWORD, QWORD);
typedef QWORD (*__SendXmlMsgFunc)(QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD); typedef QWORD (*SendXmlMsg_t)(QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD);
void SendTextMessage(string wxid, string msg, string atWxids) void SendTextMessage(string wxid, string msg, string atWxids)
{ {
@ -242,33 +243,31 @@ void SendXmlMessage(string receiver, string xml, string path, QWORD type)
New_t funcNew = (New_t)(g_WeChatWinDllAddr + OS_NEW); New_t funcNew = (New_t)(g_WeChatWinDllAddr + OS_NEW);
Free_t funcFree = (Free_t)(g_WeChatWinDllAddr + OS_FREE); Free_t funcFree = (Free_t)(g_WeChatWinDllAddr + OS_FREE);
DWORD xmlBufSign = g_WeChatWinDllAddr + OS_XML_BUGSIGN; XmlBufSign_t xmlBufSign = (XmlBufSign_t)(g_WeChatWinDllAddr + OS_XML_BUFSIGN);
DWORD sendXmlMsg = g_WeChatWinDllAddr + OS_SEND_XML; SendXmlMsg_t sendXmlMsg = (SendXmlMsg_t)(g_WeChatWinDllAddr + OS_SEND_XML);
__XmlBufSignFunc xmlBufSignFunc = (__XmlBufSignFunc)xmlBufSign;
__SendXmlMsgFunc sendXmlMsgFunc = (__SendXmlMsgFunc)sendXmlMsg;
char buff[0x500] = { 0 }; char buff[0x500] = { 0 };
char buff2[0x500] = { 0 }; char buff2[0x500] = { 0 };
char nullBuf[0x1C] = { 0 }; char nullBuf[0x1C] = { 0 };
DWORD pBuf = (DWORD)(&buff); QWORD pBuf = (QWORD)(&buff);
DWORD pBuf2 = (DWORD)(&buff2); QWORD pBuf2 = (QWORD)(&buff2);
funcNew(pBuf); funcNew(pBuf);
funcNew(pBuf2); funcNew(pBuf2);
DWORD sbuf[4] = { 0, 0, 0, 0 }; QWORD sbuf[4] = { 0, 0, 0, 0 };
DWORD sign = xmlBufSignFunc(pBuf2, (DWORD)(&sbuf), 0x1); QWORD sign = xmlBufSign(pBuf2, (QWORD)(&sbuf), 0x1);
WxString *pReceiver = NewWxStringFromStr(receiver); WxString *pReceiver = NewWxStringFromStr(receiver);
WxString *pXml = NewWxStringFromStr(xml); WxString *pXml = NewWxStringFromStr(xml);
WxString *pPath = NewWxStringFromStr(path); WxString *pPath = NewWxStringFromStr(path);
WxString *pSender = NewWxStringFromStr(GetSelfWxid()); WxString *pSender = NewWxStringFromStr(GetSelfWxid());
sendXmlMsgFunc(pBuf, (QWORD)pSender, (QWORD)pReceiver, (QWORD)pXml, (QWORD)pPath, (QWORD)(&nullBuf), type, 0x4, sendXmlMsg(pBuf, (QWORD)pSender, (QWORD)pReceiver, (QWORD)pXml, (QWORD)pPath, (QWORD)(&nullBuf), type, 0x4, sign,
sign, pBuf2); pBuf2);
funcFree((QWORD)&buff)); funcFree((QWORD)&buff);
funcFree((QWORD)&buff2)); funcFree((QWORD)&buff2);
} }