Fix merge issues
This commit is contained in:
Changhua
parent
23b7f17c5d
commit
bf8e6bddb9
@ -1,5 +1,5 @@
|
||||
#include "Shlwapi.h"
|
||||
#include "../sdk/framework.h"
|
||||
#include "framework.h"
|
||||
#include <codecvt>
|
||||
#include <locale>
|
||||
#include <string.h>
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
#pragma once
|
||||
|
||||
#include <string>
|
||||
#include <minwindef.h>
|
||||
|
||||
#include "spy_types.h"
|
||||
|
||||
|
||||
Binary file not shown.
Binary file not shown.
@ -25,30 +25,19 @@
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
|
||||
<ConfigurationType>DynamicLibrary</ConfigurationType>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<PlatformToolset>v142</PlatformToolset>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<<<<<<< HEAD
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
|
||||
<ConfigurationType>DynamicLibrary</ConfigurationType>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<WholeProgramOptimization>true</WholeProgramOptimization>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
|
||||
=======
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Dev|x64'" Label="Configuration">
|
||||
>>>>>>> master
|
||||
<ConfigurationType>DynamicLibrary</ConfigurationType>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<PlatformToolset>v142</PlatformToolset>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
|
||||
<ConfigurationType>DynamicLibrary</ConfigurationType>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<PlatformToolset>v142</PlatformToolset>
|
||||
<WholeProgramOptimization>true</WholeProgramOptimization>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
@ -104,7 +93,6 @@
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>Use</PrecompiledHeader>
|
||||
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Windows</SubSystem>
|
||||
@ -154,21 +142,11 @@ xcopy /y $(OutDir)$(TargetFileName) $(SolutionDir)..\clients\python\wcferry</Com
|
||||
<ClInclude Include="sdk.h" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="..\com\log.cpp">
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<ClCompile Include="..\com\util.cpp">
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<ClCompile Include="dllmain.cpp">
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<ClCompile Include="injector.cpp">
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<ClCompile Include="sdk.cpp">
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<ClCompile Include="..\com\log.cpp" />
|
||||
<ClCompile Include="..\com\util.cpp" />
|
||||
<ClCompile Include="dllmain.cpp" />
|
||||
<ClCompile Include="injector.cpp" />
|
||||
<ClCompile Include="sdk.cpp" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<None Include="sdk.def" />
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
#include <string>
|
||||
|
||||
#include "injector.h"
|
||||
#include "../com/util.h"
|
||||
#include "util.h"
|
||||
|
||||
using namespace std;
|
||||
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
|
||||
#include "injector.h"
|
||||
#include "sdk.h"
|
||||
#include "../com/util.h"
|
||||
#include "util.h"
|
||||
|
||||
static BOOL injected = false;
|
||||
static HANDLE wcProcess = NULL;
|
||||
|
||||
Binary file not shown.
@ -26,30 +26,19 @@
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
|
||||
<ConfigurationType>DynamicLibrary</ConfigurationType>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<PlatformToolset>v142</PlatformToolset>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<<<<<<< HEAD
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
|
||||
<ConfigurationType>DynamicLibrary</ConfigurationType>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<WholeProgramOptimization>true</WholeProgramOptimization>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
|
||||
=======
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Dev|x64'" Label="Configuration">
|
||||
>>>>>>> master
|
||||
<ConfigurationType>DynamicLibrary</ConfigurationType>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<PlatformToolset>v142</PlatformToolset>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
|
||||
<ConfigurationType>DynamicLibrary</ConfigurationType>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<PlatformToolset>v142</PlatformToolset>
|
||||
<WholeProgramOptimization>true</WholeProgramOptimization>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
@ -85,6 +74,7 @@
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Dev|x64'" Label="Vcpkg">
|
||||
<VcpkgUseStatic>true</VcpkgUseStatic>
|
||||
<VcpkgConfiguration>Release</VcpkgConfiguration>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Label="Vcpkg" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<VcpkgUseStatic>true</VcpkgUseStatic>
|
||||
@ -102,7 +92,7 @@
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)com;$(SolutionDir)rpc;$(SolutionDir)rpc\nanopb;$(SolutionDir)rpc\proto;$(SolutionDir)smc;$(SolutionDir)spy;C:\Tools\vcpkg\installed\x64-windows-static\include</AdditionalIncludeDirectories>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<OmitFramePointers>false</OmitFramePointers>
|
||||
<RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
|
||||
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
|
||||
<FunctionLevelLinking>true</FunctionLevelLinking>
|
||||
<PrecompiledHeaderOutputFile />
|
||||
<DisableSpecificWarnings>4251;4731;4819</DisableSpecificWarnings>
|
||||
@ -120,7 +110,7 @@
|
||||
</Link>
|
||||
<PreBuildEvent>
|
||||
<Command>cd $(SolutionDir)rpc\proto
|
||||
F:\C++\vcpkg\installed\x64-windows-static\tools\protobuf\protoc.exe --nanopb_out=. wcf.proto</Command>
|
||||
$(SolutionDir)rpc\tool\protoc --nanopb_out=. wcf.proto</Command>
|
||||
</PreBuildEvent>
|
||||
<PreBuildEvent>
|
||||
<Message>Generating PB files</Message>
|
||||
@ -255,7 +245,6 @@ xcopy /y $(OutDir)$(TargetFileName) $(SolutionDir)..\clients\python\wcferry</Com
|
||||
<ClInclude Include="spy_types.h" />
|
||||
<ClInclude Include="sqlite3.h" />
|
||||
<ClInclude Include="user_info.h" />
|
||||
<ClInclude Include="wechat_function.h" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="..\com\log.cpp" />
|
||||
|
||||
@ -87,9 +87,6 @@
|
||||
<ClInclude Include="..\com\util.h">
|
||||
<Filter>头文件</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="wechat_function.h">
|
||||
<Filter>头文件</Filter>
|
||||
</ClInclude>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="dllmain.cpp">
|
||||
|
||||
@ -4,14 +4,11 @@
|
||||
#include <sstream>
|
||||
|
||||
#include "spy.h"
|
||||
|
||||
BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
|
||||
{
|
||||
switch (ul_reason_for_call) {
|
||||
case DLL_PROCESS_ATTACH:
|
||||
//PortPath_t p;
|
||||
//p.port = 1234;
|
||||
////p.path = "";
|
||||
//InitSpy(&p);
|
||||
case DLL_THREAD_ATTACH:
|
||||
case DLL_THREAD_DETACH:
|
||||
case DLL_PROCESS_DETACH:
|
||||
|
||||
@ -1,53 +1,48 @@
|
||||
#include <iterator>
|
||||
|
||||
#include "exec_sql.h"
|
||||
<<<<<<< HEAD
|
||||
#include "load_calls.h"
|
||||
=======
|
||||
#include "log.h"
|
||||
>>>>>>> master
|
||||
#include "sqlite3.h"
|
||||
#include "util.h"
|
||||
|
||||
#define OFFSET_DB_INSTANCE 0x2FFDDC8
|
||||
#define OFFSET_DB_MICROMSG 0x68
|
||||
#define OFFSET_DB_CHAT_MSG 0x1C0
|
||||
#define OFFSET_DB_MISC 0x3D8
|
||||
#define OFFSET_DB_EMOTION 0x558
|
||||
#define OFFSET_DB_MEDIA 0x9B8
|
||||
#define OFFSET_DB_BIZCHAT_MSG 0x1120
|
||||
#define OFFSET_DB_FUNCTION_MSG 0x11B0
|
||||
#define OFFSET_DB_NAME 0x14
|
||||
#define OFFSET_DB_MSG_MGR 0x30403B8
|
||||
#define OFFSET_DB_INSTANCE 0x5A40598
|
||||
#define OFFSET_DB_MICROMSG 0xb8
|
||||
#define OFFSET_DB_CHAT_MSG 0x2c8
|
||||
#define OFFSET_DB_MISC 0x5f0
|
||||
#define OFFSET_DB_EMOTION 0x15f0
|
||||
#define OFFSET_DB_MEDIA 0xF48
|
||||
#define OFFSET_DB_BIZCHAT_MSG 0x1A70
|
||||
#define OFFSET_DB_FUNCTION_MSG 0x1b98
|
||||
#define OFFSET_DB_NAME 0x28
|
||||
#define OFFSET_DB_MSG_MGR 0x5ABB5D8
|
||||
|
||||
extern UINT64 g_WeChatWinDllAddr;
|
||||
|
||||
typedef map<string, DWORD> dbMap_t;
|
||||
typedef map<string, QWORD> dbMap_t;
|
||||
static dbMap_t dbMap;
|
||||
#if 0
|
||||
static void GetDbHandle(DWORD base, DWORD offset)
|
||||
|
||||
static void GetDbHandle(QWORD base, QWORD offset)
|
||||
{
|
||||
wchar_t *wsp;
|
||||
wsp = (wchar_t *)(*(DWORD *)(base + offset + OFFSET_DB_NAME));
|
||||
wchar_t *wsp = (wchar_t *)(*(QWORD *)(base + offset + OFFSET_DB_NAME));
|
||||
string dbname = Wstring2String(wstring(wsp));
|
||||
dbMap[dbname] = GET_DWORD(base + offset);
|
||||
dbMap[dbname] = GET_QWORD(base + offset);
|
||||
}
|
||||
|
||||
static void GetMsgDbHandle(DWORD msgMgrAddr)
|
||||
static void GetMsgDbHandle(QWORD msgMgrAddr)
|
||||
{
|
||||
DWORD dbIndex = GET_DWORD(msgMgrAddr + 0x38);
|
||||
DWORD pStart = GET_DWORD(msgMgrAddr + 0x2C);
|
||||
QWORD dbIndex = GET_QWORD(msgMgrAddr + 0x68);
|
||||
QWORD pStart = GET_QWORD(msgMgrAddr + 0x50);
|
||||
for (uint32_t i = 0; i < dbIndex; i++) {
|
||||
DWORD dbAddr = GET_DWORD(pStart + i * 0x04);
|
||||
QWORD dbAddr = GET_QWORD(pStart + i * 0x08);
|
||||
if (dbAddr) {
|
||||
// MSGi.db
|
||||
string dbname = Wstring2String(GET_WSTRING(dbAddr));
|
||||
dbMap[dbname] = GET_DWORD(dbAddr + 0x60);
|
||||
dbMap[dbname] = GET_QWORD(dbAddr + 0x78);
|
||||
|
||||
// MediaMsgi.db
|
||||
DWORD mmdbAddr = GET_DWORD(dbAddr + 0x14);
|
||||
string mmdbname = Wstring2String(GET_WSTRING(mmdbAddr + 0x4C));
|
||||
dbMap[mmdbname] = GET_DWORD(mmdbAddr + 0x38);
|
||||
QWORD mmdbAddr = GET_QWORD(dbAddr + 0x20);
|
||||
string mmdbname = Wstring2String(GET_WSTRING(mmdbAddr + 0x78));
|
||||
dbMap[mmdbname] = GET_QWORD(mmdbAddr + 0x50);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -56,7 +51,7 @@ dbMap_t GetDbHandles()
|
||||
{
|
||||
dbMap.clear();
|
||||
|
||||
DWORD dbInstanceAddr = GET_DWORD(g_WeChatWinDllAddr + OFFSET_DB_INSTANCE);
|
||||
QWORD dbInstanceAddr = GET_QWORD(g_WeChatWinDllAddr + OFFSET_DB_INSTANCE);
|
||||
|
||||
GetDbHandle(dbInstanceAddr, OFFSET_DB_MICROMSG); // MicroMsg.db
|
||||
GetDbHandle(dbInstanceAddr, OFFSET_DB_CHAT_MSG); // ChatMsg.db
|
||||
@ -65,7 +60,7 @@ dbMap_t GetDbHandles()
|
||||
GetDbHandle(dbInstanceAddr, OFFSET_DB_MEDIA); // Media.db
|
||||
GetDbHandle(dbInstanceAddr, OFFSET_DB_FUNCTION_MSG); // Function.db
|
||||
|
||||
GetMsgDbHandle(GET_DWORD(g_WeChatWinDllAddr + OFFSET_DB_MSG_MGR)); // MSGi.db & MediaMsgi.db
|
||||
GetMsgDbHandle(GET_QWORD(g_WeChatWinDllAddr + OFFSET_DB_MSG_MGR)); // MSGi.db & MediaMsgi.db
|
||||
|
||||
return dbMap;
|
||||
}
|
||||
@ -137,7 +132,13 @@ DbRows_t ExecDbQuery(const string db, const string sql)
|
||||
dbMap = GetDbHandles();
|
||||
}
|
||||
|
||||
DWORD *stmt;
|
||||
QWORD *stmt;
|
||||
QWORD handle = dbMap[db];
|
||||
if (handle == 0) {
|
||||
LOG_WARN("Empty handle, retrying...");
|
||||
dbMap = GetDbHandles();
|
||||
}
|
||||
|
||||
int rc = func_prepare(dbMap[db], sql.c_str(), -1, &stmt, 0);
|
||||
if (rc != SQLITE_OK) {
|
||||
return rows;
|
||||
@ -166,16 +167,16 @@ DbRows_t ExecDbQuery(const string db, const string sql)
|
||||
|
||||
int GetLocalIdandDbidx(uint64_t id, uint64_t *localId, uint32_t *dbIdx)
|
||||
{
|
||||
DWORD msgMgrAddr = GET_DWORD(g_WeChatWinDllAddr + OFFSET_DB_MSG_MGR);
|
||||
DWORD dbIndex = GET_DWORD(msgMgrAddr + 0x38);
|
||||
DWORD pStart = GET_DWORD(msgMgrAddr + 0x2C);
|
||||
QWORD msgMgrAddr = GET_QWORD(g_WeChatWinDllAddr + OFFSET_DB_MSG_MGR);
|
||||
int dbIndex = (int)GET_QWORD(msgMgrAddr + 0x68); // 总不能 int 还不够吧?
|
||||
QWORD pStart = GET_QWORD(msgMgrAddr + 0x50);
|
||||
|
||||
*dbIdx = 0;
|
||||
for (int i = dbIndex - 1; i >= 0; i--) { // 从后往前遍历
|
||||
DWORD dbAddr = GET_DWORD(pStart + i * 0x04);
|
||||
QWORD dbAddr = GET_QWORD(pStart + i * 0x08);
|
||||
if (dbAddr) {
|
||||
string dbname = Wstring2String(GET_WSTRING(dbAddr));
|
||||
dbMap[dbname] = GET_DWORD(dbAddr + 0x60);
|
||||
dbMap[dbname] = GET_QWORD(dbAddr + 0x78);
|
||||
string sql = "SELECT localId FROM MSG WHERE MsgSvrID=" + to_string(id) + ";";
|
||||
DbRows_t rows = ExecDbQuery(dbname, sql);
|
||||
if (rows.empty()) {
|
||||
@ -191,7 +192,7 @@ int GetLocalIdandDbidx(uint64_t id, uint64_t *localId, uint32_t *dbIdx)
|
||||
}
|
||||
|
||||
*localId = strtoull((const char *)(field.content.data()), NULL, 10);
|
||||
*dbIdx = GET_DWORD(GET_DWORD(dbAddr + 0x18) + 0x144);
|
||||
*dbIdx = (uint32_t)(GET_QWORD(GET_QWORD(dbAddr + 0x28) + 0x1E8) >> 32);
|
||||
|
||||
return 0;
|
||||
}
|
||||
@ -202,10 +203,10 @@ int GetLocalIdandDbidx(uint64_t id, uint64_t *localId, uint32_t *dbIdx)
|
||||
|
||||
vector<uint8_t> GetAudioData(uint64_t id)
|
||||
{
|
||||
DWORD msgMgrAddr = GET_DWORD(g_WeChatWinDllAddr + OFFSET_DB_MSG_MGR);
|
||||
DWORD dbIndex = GET_DWORD(msgMgrAddr + 0x38);
|
||||
QWORD msgMgrAddr = GET_QWORD(g_WeChatWinDllAddr + OFFSET_DB_MSG_MGR);
|
||||
int dbIndex = (int)GET_QWORD(msgMgrAddr + 0x68);
|
||||
|
||||
string sql = "SELECT Buf from Media WHERE Reserved0=" + to_string(id) + ";";
|
||||
string sql = "SELECT Buf FROM Media WHERE Reserved0=" + to_string(id) + ";";
|
||||
for (int i = dbIndex - 1; i >= 0; i--) {
|
||||
string dbname = "MediaMSG" + to_string(i) + ".db";
|
||||
DbRows_t rows = ExecDbQuery(dbname, sql);
|
||||
@ -229,4 +230,3 @@ vector<uint8_t> GetAudioData(uint64_t id)
|
||||
|
||||
return vector<uint8_t>();
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -10,7 +10,6 @@
|
||||
#include "log.h"
|
||||
#include "spy_types.h"
|
||||
#include "util.h"
|
||||
#include "wechat_function.h"
|
||||
|
||||
using namespace std;
|
||||
namespace fs = std::filesystem;
|
||||
@ -50,13 +49,8 @@ typedef QWORD (*PushAttachTask_t)(QWORD, QWORD, QWORD, QWORD);
|
||||
typedef QWORD (*GetOCRManager_t)();
|
||||
typedef QWORD (*DoOCRTask_t)(QWORD, QWORD, QWORD, QWORD, QWORD, QWORD);
|
||||
|
||||
<<<<<<< HEAD
|
||||
int IsLogin(void) { return (int)GET_UINT64(g_WeChatWinDllAddr + offset::wcf_kLoginStatu); }
|
||||
=======
|
||||
int IsLogin(void) { return (int)GET_QWORD(g_WeChatWinDllAddr + OS_LOGIN_STATUS); }
|
||||
>>>>>>> master
|
||||
|
||||
#if 0
|
||||
static string get_key(uint8_t header1, uint8_t header2, uint8_t *key)
|
||||
{
|
||||
// PNG?
|
||||
@ -83,6 +77,7 @@ static string get_key(uint8_t header1, uint8_t header2, uint8_t *key)
|
||||
string DecryptImage(string src, string dir)
|
||||
{
|
||||
if (!fs::exists(src)) {
|
||||
LOG_ERROR("File not exists: {}", src);
|
||||
return "";
|
||||
}
|
||||
|
||||
@ -276,56 +271,7 @@ int DownloadAttach(QWORD id, string thumb, string extra)
|
||||
return status;
|
||||
}
|
||||
|
||||
<<<<<<< HEAD
|
||||
int RevokeMsg(uint64_t id)
|
||||
{
|
||||
int status = -1;
|
||||
uint64_t localId;
|
||||
uint32_t dbIdx;
|
||||
if (GetLocalIdandDbidx(id, &localId, &dbIdx) != 0) {
|
||||
LOG_ERROR("Failed to get localId, Please check id: {}", to_string(id));
|
||||
return status;
|
||||
}
|
||||
|
||||
char chat_msg[0x2D8] = { 0 };
|
||||
|
||||
DWORD rmCall1 = g_WeChatWinDllAddr + g_WxCalls.rm.call1;
|
||||
DWORD rmCall2 = g_WeChatWinDllAddr + g_WxCalls.rm.call2;
|
||||
DWORD rmCall3 = g_WeChatWinDllAddr + g_WxCalls.rm.call3;
|
||||
DWORD rmCall4 = g_WeChatWinDllAddr + g_WxCalls.rm.call4;
|
||||
DWORD rmCall5 = g_WeChatWinDllAddr + g_WxCalls.rm.call5;
|
||||
|
||||
__asm {
|
||||
pushad;
|
||||
pushfd;
|
||||
lea ecx, chat_msg;
|
||||
call rmCall1;
|
||||
call rmCall2;
|
||||
push dword ptr [dbIdx];
|
||||
lea ecx, chat_msg;
|
||||
push dword ptr [localId];
|
||||
call rmCall3;
|
||||
add esp, 0x8;
|
||||
call rmCall2;
|
||||
lea ecx, chat_msg;
|
||||
push ecx;
|
||||
mov ecx, eax;
|
||||
call rmCall4;
|
||||
mov status, eax;
|
||||
lea ecx, chat_msg;
|
||||
push 0x0;
|
||||
call rmCall5;
|
||||
popfd;
|
||||
popad;
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
string GetAudio(uint64_t id, string dir)
|
||||
=======
|
||||
string GetAudio(QWORD id, string dir)
|
||||
>>>>>>> master
|
||||
{
|
||||
string mp3path = (dir.back() == '\\' || dir.back() == '/') ? dir : (dir + "/");
|
||||
mp3path += to_string(id) + ".mp3";
|
||||
|
||||
@ -1,58 +0,0 @@
|
||||
#include <iostream>
|
||||
#include <map>
|
||||
|
||||
#include "load_calls.h"
|
||||
|
||||
#define SUPPORT_VERSION L"3.9.10.27"
|
||||
|
||||
WxCalls_t wxCalls = {
|
||||
//0x5AB8A2C, // Login Status
|
||||
//{ 0x5AB7FB8, 0x5AB8098, 0x5AB7FD8, 0x5A7E190 }, // User Info: wxid, nickname, mobile, home
|
||||
//{ 0x1C1E690, 0x238DDD0, 0x1C1FF10 }, // Send Text Message
|
||||
///* Receive Message:
|
||||
// Hook, call, msgId, type, isSelf, ts, roomId, content, wxid, sign, thumb, extra, msgXml */
|
||||
//{ 0x00, 0x2205510, 0x30, 0x38, 0x3C, 0x44, 0x48, 0x88, 0x240, 0x260, 0x280, 0x2A0, 0x308 },
|
||||
//{ 0x1C28800, 0x1C1FF10, 0x1C1E690, 0x2383560 }, // Send Image Message
|
||||
//{ 0x1C28800, 0x1C1FF10, 0x1C23630, 0x21969E0 }, // Send File Message
|
||||
//{ 0xB8A70, 0x3ED5E0, 0x107F00, 0x3ED7B0, 0x2386FE4 }, // Send xml Message
|
||||
//{ 0x771980, 0x4777E0, 0x239E888 }, // Send Emotion Message
|
||||
///* Get Contacts:
|
||||
// call1, call2, wxId, Code, Remark,Name, Gender, Country, Province, City*/
|
||||
//{ 0x75A4A0, 0xC089F0, 0x10, 0x24, 0x58, 0x6C, 0x0E, 0x00, 0x00, 0x00 },
|
||||
///* Exec Sql:
|
||||
// Exec, base, start, end, slot, name*/
|
||||
//{ 0x141BDF0, 0x2366934, 0x1428, 0x142C, 0x3C, 0x50 },
|
||||
//{ 0xA17D50, 0xF59E40, 0xA18BD0, 0xA17E70 }, // Accept New Friend application
|
||||
//{ 0x78CF20, 0xF59E40, 0xBD1DC0 }, // Add chatroom members
|
||||
//{ 0x78CF20, 0xF59E40, 0xBD22A0 }, // Delete chatroom members
|
||||
//{ 0x7B2E60, 0x15E2C20, 0x79C250 }, // Receive transfer
|
||||
///* Receive PYQ
|
||||
// hook, call, call1, call2, call3, start, end, ts, wxid, content, xml, step*/
|
||||
//{ 0x14F9E15, 0x14FA0A0, 0xC39680, 0x14E2140, 0x14E21E0, 0x20, 0x24, 0x2C, 0x18, 0x3C, 0x384, 0xB48 },
|
||||
///* call1, call2, call3, call4, call5, call6*/
|
||||
//{ 0x76F010, 0x792700, 0xBC0370, 0x80F110, 0x82BB40, 0x756E30},
|
||||
///* call1, call2, call3, call4, call5*/
|
||||
//{0x76F010, 0x792700, 0xBC0370, 0xBB5F70, 0x756E30},
|
||||
//{0x1C27D50, 0x1C27120, 0x1C23630, 0x21A09C0}, // Send Rich Text Message
|
||||
///* call1, call2, call3 */
|
||||
//{0x931730, 0x1D58751, 0x1421940},
|
||||
///* call1, call2, call3, call4, call5, call6, call7, call8*/
|
||||
//{0x78CB40, 0x7F99D0, 0x78CF20, 0x78CEF0, 0xF59E40, 0xBD1A00, 0x7FA980, 0x755060},
|
||||
///* call1, call2, call3 */
|
||||
//{0x80A800, 0x80F270, 0x13DA3E0},
|
||||
///* call1, call2 */
|
||||
//{0xF59E40, 0xCE6730},
|
||||
///* call1, call2, url */
|
||||
//{0xAE9DB0, 0xCDA6F0, 0x3040DE8}
|
||||
};
|
||||
|
||||
int LoadCalls(const wchar_t *version, WxCalls_t *calls)
|
||||
{
|
||||
if (wcscmp(version, SUPPORT_VERSION) != 0) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
memcpy_s(calls, sizeof(WxCalls_t), &wxCalls, sizeof(WxCalls_t));
|
||||
|
||||
return 0;
|
||||
}
|
||||
@ -10,7 +10,6 @@
|
||||
#include "receive_msg.h"
|
||||
#include "user_info.h"
|
||||
#include "util.h"
|
||||
#include "wechat_function.h"
|
||||
|
||||
// Defined in rpc_server.cpp
|
||||
extern bool gIsLogging, gIsListening, gIsListeningPyq;
|
||||
@ -99,17 +98,6 @@ static QWORD DispatchMsg(QWORD arg1, QWORD arg2)
|
||||
{
|
||||
WxMsg_t wxMsg = { 0 };
|
||||
try {
|
||||
<<<<<<< HEAD
|
||||
wxMsg.id = GET_QWORD(arg2 + offset::wcf_msgId);
|
||||
wxMsg.type = GET_DWORD(arg2 + offset::wcf_type);
|
||||
wxMsg.is_self = GET_DWORD(arg2 + offset::wcf_isSelf);
|
||||
wxMsg.ts = GET_DWORD(arg2 + offset::wcf_ts);
|
||||
wxMsg.content = GetStringByWstrAddr(arg2 + offset::wcf_content);
|
||||
wxMsg.sign = GetStringByWstrAddr(arg2 + offset::wcf_sign);
|
||||
wxMsg.xml = GetStringByWstrAddr(arg2 + offset::wcf_msgXml);
|
||||
|
||||
string roomid = GetStringByWstrAddr(arg2 + offset::wcf_roomId);
|
||||
=======
|
||||
wxMsg.id = GET_QWORD(arg2 + OS_RECV_MSG_ID);
|
||||
wxMsg.type = GET_DWORD(arg2 + OS_RECV_MSG_TYPE);
|
||||
wxMsg.is_self = GET_DWORD(arg2 + OS_RECV_MSG_SELF);
|
||||
@ -120,17 +108,12 @@ static QWORD DispatchMsg(QWORD arg1, QWORD arg2)
|
||||
|
||||
string roomid = GetStringByWstrAddr(arg2 + OS_RECV_MSG_ROOMID);
|
||||
wxMsg.roomid = roomid;
|
||||
>>>>>>> master
|
||||
if (roomid.find("@chatroom") != string::npos) { // 群 ID 的格式为 xxxxxxxxxxx@chatroom
|
||||
wxMsg.is_group = true;
|
||||
if (wxMsg.is_self) {
|
||||
wxMsg.sender = GetSelfWxid();
|
||||
} else {
|
||||
<<<<<<< HEAD
|
||||
wxMsg.sender = GetStringByWstrAddr(arg2 + offset::wcf_wxid);
|
||||
=======
|
||||
wxMsg.sender = GetStringByWstrAddr(arg2 + OS_RECV_MSG_WXID);
|
||||
>>>>>>> master
|
||||
}
|
||||
} else {
|
||||
wxMsg.is_group = false;
|
||||
@ -141,21 +124,13 @@ static QWORD DispatchMsg(QWORD arg1, QWORD arg2)
|
||||
}
|
||||
}
|
||||
|
||||
<<<<<<< HEAD
|
||||
wxMsg.thumb = GetStringByWstrAddr(arg2 + offset::wcf_thumb);
|
||||
=======
|
||||
wxMsg.thumb = GetStringByWstrAddr(arg2 + OS_RECV_MSG_THUMB);
|
||||
>>>>>>> master
|
||||
if (!wxMsg.thumb.empty()) {
|
||||
wxMsg.thumb = GetHomePath() + wxMsg.thumb;
|
||||
replace(wxMsg.thumb.begin(), wxMsg.thumb.end(), '\\', '/');
|
||||
}
|
||||
|
||||
<<<<<<< HEAD
|
||||
wxMsg.extra = GetStringByWstrAddr(arg2 + offset::wcf_extra);
|
||||
=======
|
||||
wxMsg.extra = GetStringByWstrAddr(arg2 + OS_RECV_MSG_EXTRA);
|
||||
>>>>>>> master
|
||||
if (!wxMsg.extra.empty()) {
|
||||
wxMsg.extra = GetHomePath() + wxMsg.extra;
|
||||
replace(wxMsg.extra.begin(), wxMsg.extra.end(), '\\', '/');
|
||||
@ -305,11 +280,7 @@ void ListenMessage()
|
||||
LOG_WARN("gIsListening");
|
||||
return;
|
||||
}
|
||||
<<<<<<< HEAD
|
||||
funcRecvMsg = (funcRecvMsg_t)(g_WeChatWinDllAddr + offset::wcf_HookCall);
|
||||
=======
|
||||
funcRecvMsg = (RecvMsg_t)(g_WeChatWinDllAddr + OS_RECV_MSG_CALL);
|
||||
>>>>>>> master
|
||||
|
||||
status = InitializeHook();
|
||||
if (status != MH_OK) {
|
||||
@ -352,190 +323,6 @@ void UnListenMessage()
|
||||
LOG_ERROR("MH_Uninitialize failed: {}", to_string(status));
|
||||
return;
|
||||
}
|
||||
<<<<<<< HEAD
|
||||
|
||||
gIsListening = false;
|
||||
}
|
||||
|
||||
void ListenPyq() { }
|
||||
|
||||
void UnListenPyq() { }
|
||||
|
||||
#if 0
|
||||
// static DWORD reg_buffer = 0;
|
||||
// static DWORD recvMsgHookAddr = 0;
|
||||
// static DWORD recvMsgCallAddr = 0;
|
||||
// static DWORD recvMsgJumpBackAddr = 0;
|
||||
// static CHAR recvMsgBackupCode[5] = { 0 };
|
||||
|
||||
// static DWORD recvPyqHookAddr = 0;
|
||||
// static DWORD recvPyqCallAddr = 0;
|
||||
// static DWORD recvPyqJumpBackAddr = 0;
|
||||
// static CHAR recvPyqBackupCode[5] = { 0 };
|
||||
|
||||
void HookAddress(DWORD hookAddr, LPVOID funcAddr, CHAR recvMsgBackupCode[5])
|
||||
{
|
||||
// 组装跳转数据
|
||||
BYTE jmpCode[5] = { 0 };
|
||||
jmpCode[0] = 0xE9;
|
||||
|
||||
// 计算偏移
|
||||
*(DWORD *)&jmpCode[1] = (DWORD)funcAddr - hookAddr - 5;
|
||||
|
||||
// 备份原来的代码
|
||||
ReadProcessMemory(GetCurrentProcess(), (LPVOID)hookAddr, recvMsgBackupCode, 5, 0);
|
||||
// 写入新的代码
|
||||
WriteProcessMemory(GetCurrentProcess(), (LPVOID)hookAddr, jmpCode, 5, 0);
|
||||
}
|
||||
|
||||
void UnHookAddress(DWORD hookAddr, CHAR restoreCode[5])
|
||||
{
|
||||
WriteProcessMemory(GetCurrentProcess(), (LPVOID)hookAddr, restoreCode, 5, 0);
|
||||
}
|
||||
|
||||
void DispatchMsg(DWORD reg)
|
||||
{
|
||||
WxMsg_t wxMsg;
|
||||
try {
|
||||
wxMsg.id = GET_QWORD(reg + offset::wcf_msgId);
|
||||
wxMsg.type = GET_DWORD(reg + offset::wcf_type);
|
||||
wxMsg.is_self = GET_DWORD(reg + offset::wcf_isSelf);
|
||||
wxMsg.ts = GET_DWORD(reg + offset::wcf_ts);
|
||||
wxMsg.content = GetStringByWstrAddr(reg + offset::wcf_content);
|
||||
wxMsg.sign = GetStringByStrAddr(reg + offset::wcf_sign);
|
||||
wxMsg.xml = GetStringByStrAddr(reg + offset::wcf_msgXml);
|
||||
|
||||
string roomid = GetStringByWstrAddr(reg + offset::wcf_roomId);
|
||||
if (roomid.find("@chatroom") != string::npos) { // 群 ID 的格式为 xxxxxxxxxxx@chatroom
|
||||
wxMsg.is_group = true;
|
||||
wxMsg.roomid = roomid;
|
||||
if (wxMsg.is_self) {
|
||||
wxMsg.sender = GetSelfWxid();
|
||||
} else {
|
||||
wxMsg.sender = GetStringByStrAddr(reg + offset::wcf_wxid);
|
||||
}
|
||||
} else {
|
||||
wxMsg.is_group = false;
|
||||
if (wxMsg.is_self) {
|
||||
wxMsg.sender = GetSelfWxid();
|
||||
} else {
|
||||
wxMsg.sender = roomid;
|
||||
}
|
||||
}
|
||||
|
||||
wxMsg.thumb = GetStringByStrAddr(reg + offset::wcf_thumb);
|
||||
if (!wxMsg.thumb.empty()) {
|
||||
wxMsg.thumb = GetHomePath() + wxMsg.thumb;
|
||||
replace(wxMsg.thumb.begin(), wxMsg.thumb.end(), '\\', '/');
|
||||
}
|
||||
|
||||
wxMsg.extra = GetStringByStrAddr(reg + offset::wcf_extra);
|
||||
if (!wxMsg.extra.empty()) {
|
||||
wxMsg.extra = GetHomePath() + wxMsg.extra;
|
||||
replace(wxMsg.extra.begin(), wxMsg.extra.end(), '\\', '/');
|
||||
}
|
||||
} catch (const std::exception &e) {
|
||||
LOG_ERROR(GB2312ToUtf8(e.what()));
|
||||
} catch (...) {
|
||||
LOG_ERROR("Unknow exception.");
|
||||
}
|
||||
|
||||
{
|
||||
unique_lock<mutex> lock(gMutex);
|
||||
gMsgQueue.push(wxMsg); // 推送到队列
|
||||
}
|
||||
|
||||
gCV.notify_all(); // 通知各方消息就绪
|
||||
}
|
||||
|
||||
__declspec(naked) void RecieveMsgFunc()
|
||||
{
|
||||
__asm {
|
||||
pushad
|
||||
pushfd
|
||||
push ecx
|
||||
call DispatchMsg
|
||||
add esp, 0x4
|
||||
popfd
|
||||
popad
|
||||
call recvMsgCallAddr // 这个为被覆盖的call
|
||||
jmp recvMsgJumpBackAddr // 跳回被HOOK指令的下一条指令
|
||||
}
|
||||
}
|
||||
|
||||
void ListenMessage()
|
||||
{
|
||||
// DbgMsg("ListenMessage");
|
||||
// OutputDebugString(L"ListenMessage\n");
|
||||
// MessageBox(NULL, L"ListenMessage", L"ListenMessage", 0);
|
||||
if (gIsListening || (g_WeChatWinDllAddr == 0)) {
|
||||
return;
|
||||
}
|
||||
|
||||
recvMsgHookAddr = g_WeChatWinDllAddr + offset::wcf_hook;
|
||||
recvMsgCallAddr = g_WeChatWinDllAddr + offset::wcf_call;
|
||||
recvMsgJumpBackAddr = recvMsgHookAddr + 5;
|
||||
|
||||
HookAddress(recvMsgHookAddr, RecieveMsgFunc, recvMsgBackupCode);
|
||||
gIsListening = true;
|
||||
}
|
||||
|
||||
void UnListenMessage()
|
||||
{
|
||||
if (!gIsListening) {
|
||||
return;
|
||||
}
|
||||
UnHookAddress(recvMsgHookAddr, recvMsgBackupCode);
|
||||
gIsListening = false;
|
||||
}
|
||||
|
||||
void DispatchPyq(DWORD reg)
|
||||
{
|
||||
DWORD startAddr = *(DWORD *)(reg + g_WxCalls.pyq.start);
|
||||
DWORD endAddr = *(DWORD *)(reg + g_WxCalls.pyq.end);
|
||||
|
||||
if (startAddr == 0) {
|
||||
return;
|
||||
}
|
||||
|
||||
while (startAddr < endAddr) {
|
||||
WxMsg_t wxMsg;
|
||||
|
||||
wxMsg.type = 0x00; // 朋友圈消息
|
||||
wxMsg.is_self = false;
|
||||
wxMsg.is_group = false;
|
||||
wxMsg.id = GET_QWORD(startAddr);
|
||||
wxMsg.ts = GET_DWORD(startAddr + g_WxCalls.pyq.ts);
|
||||
wxMsg.xml = GetStringByWstrAddr(startAddr + g_WxCalls.pyq.xml);
|
||||
wxMsg.sender = GetStringByWstrAddr(startAddr + g_WxCalls.pyq.wxid);
|
||||
wxMsg.content = GetStringByWstrAddr(startAddr + g_WxCalls.pyq.content);
|
||||
|
||||
{
|
||||
unique_lock<mutex> lock(gMutex);
|
||||
gMsgQueue.push(wxMsg); // 推送到队列
|
||||
}
|
||||
|
||||
gCV.notify_all(); // 通知各方消息就绪
|
||||
|
||||
startAddr += g_WxCalls.pyq.step;
|
||||
}
|
||||
}
|
||||
|
||||
__declspec(naked) void RecievePyqFunc()
|
||||
{
|
||||
__asm {
|
||||
pushad
|
||||
pushfd
|
||||
push [esp + 0x24]
|
||||
call DispatchPyq
|
||||
add esp, 0x4
|
||||
popfd
|
||||
popad
|
||||
call recvPyqCallAddr // 这个为被覆盖的call
|
||||
jmp recvPyqJumpBackAddr // 跳回被HOOK指令的下一条指令
|
||||
}
|
||||
=======
|
||||
>>>>>>> master
|
||||
}
|
||||
|
||||
void ListenPyq()
|
||||
|
||||
@ -214,7 +214,7 @@ bool func_get_audio_msg(uint64_t id, char *dir, uint8_t *out, size_t *len)
|
||||
|
||||
return true;
|
||||
}
|
||||
#endif
|
||||
|
||||
bool func_send_txt(TextMsg txt, uint8_t *out, size_t *len)
|
||||
{
|
||||
Response rsp = Response_init_default;
|
||||
@ -383,7 +383,6 @@ bool func_send_rich_txt(RichText rt, uint8_t *out, size_t *len)
|
||||
return true;
|
||||
}
|
||||
|
||||
#if 0
|
||||
bool func_send_pat_msg(char *roomid, char *wxid, uint8_t *out, size_t *len)
|
||||
{
|
||||
Response rsp = Response_init_default;
|
||||
@ -429,7 +428,7 @@ bool func_forward_msg(uint64_t id, char *receiver, uint8_t *out, size_t *len)
|
||||
|
||||
return true;
|
||||
}
|
||||
#endif
|
||||
|
||||
static void PushMessage()
|
||||
{
|
||||
static uint8_t buffer[G_BUF_SIZE] = { 0 };
|
||||
@ -546,7 +545,6 @@ bool func_disable_recv_txt(uint8_t *out, size_t *len)
|
||||
return true;
|
||||
}
|
||||
|
||||
#if 0
|
||||
bool func_exec_db_query(char *db, char *sql, uint8_t *out, size_t *len)
|
||||
{
|
||||
Response rsp = Response_init_default;
|
||||
@ -573,55 +571,6 @@ bool func_exec_db_query(char *db, char *sql, uint8_t *out, size_t *len)
|
||||
return true;
|
||||
}
|
||||
|
||||
<<<<<<< HEAD
|
||||
bool func_accept_friend(char *v3, char *v4, int32_t scene, uint8_t *out, size_t *len)
|
||||
{
|
||||
Response rsp = Response_init_default;
|
||||
rsp.func = Functions_FUNC_ACCEPT_FRIEND;
|
||||
rsp.which_msg = Response_status_tag;
|
||||
|
||||
if ((v3 == NULL) || (v4 == NULL)) {
|
||||
rsp.msg.status = -1;
|
||||
LOG_ERROR("Empty V3 or V4.");
|
||||
} else {
|
||||
rsp.msg.status = AcceptNewFriend(v3, v4, scene);
|
||||
}
|
||||
|
||||
pb_ostream_t stream = pb_ostream_from_buffer(out, *len);
|
||||
if (!pb_encode(&stream, Response_fields, &rsp)) {
|
||||
LOG_ERROR("Encoding failed: {}", PB_GET_ERROR(&stream));
|
||||
return false;
|
||||
}
|
||||
*len = stream.bytes_written;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
bool func_receive_transfer(char *wxid, char *tfid, char *taid, uint8_t *out, size_t *len)
|
||||
{
|
||||
Response rsp = Response_init_default;
|
||||
rsp.func = Functions_FUNC_RECV_TRANSFER;
|
||||
rsp.which_msg = Response_status_tag;
|
||||
|
||||
if ((wxid == NULL) || (tfid == NULL) || (taid == NULL)) {
|
||||
rsp.msg.status = -1;
|
||||
LOG_ERROR("Empty wxid, tfid or taid.");
|
||||
} else {
|
||||
rsp.msg.status = ReceiveTransfer(wxid, tfid, taid);
|
||||
}
|
||||
|
||||
pb_ostream_t stream = pb_ostream_from_buffer(out, *len);
|
||||
if (!pb_encode(&stream, Response_fields, &rsp)) {
|
||||
LOG_ERROR("Encoding failed: {}", PB_GET_ERROR(&stream));
|
||||
return false;
|
||||
}
|
||||
*len = stream.bytes_written;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
=======
|
||||
>>>>>>> master
|
||||
bool func_refresh_pyq(uint64_t id, uint8_t *out, size_t *len)
|
||||
{
|
||||
Response rsp = Response_init_default;
|
||||
@ -697,8 +646,6 @@ bool func_refresh_qrcode(uint8_t *out, size_t *len)
|
||||
|
||||
return true;
|
||||
}
|
||||
<<<<<<< HEAD
|
||||
=======
|
||||
|
||||
bool func_receive_transfer(char *wxid, char *tfid, char *taid, uint8_t *out, size_t *len)
|
||||
{
|
||||
@ -770,7 +717,6 @@ bool func_get_contact_info(string wxid, uint8_t *out, size_t *len)
|
||||
return true;
|
||||
}
|
||||
#endif
|
||||
>>>>>>> master
|
||||
|
||||
bool func_decrypt_image(DecPath dec, uint8_t *out, size_t *len)
|
||||
{
|
||||
@ -893,11 +839,7 @@ bool func_invite_room_members(char *roomid, char *wxids, uint8_t *out, size_t *l
|
||||
|
||||
return true;
|
||||
}
|
||||
<<<<<<< HEAD
|
||||
#endif
|
||||
=======
|
||||
|
||||
>>>>>>> master
|
||||
static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len)
|
||||
{
|
||||
bool ret = false;
|
||||
@ -944,7 +886,6 @@ static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len
|
||||
ret = func_get_audio_msg(req.msg.am.id, req.msg.am.dir, out, out_len);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
case Functions_FUNC_SEND_TXT: {
|
||||
ret = func_send_txt(req.msg.txt, out, out_len);
|
||||
break;
|
||||
@ -961,7 +902,6 @@ static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len
|
||||
ret = func_send_rich_txt(req.msg.rt, out, out_len);
|
||||
break;
|
||||
}
|
||||
#if 0
|
||||
case Functions_FUNC_SEND_PAT_MSG: {
|
||||
ret = func_send_pat_msg(req.msg.pm.roomid, req.msg.pm.wxid, out, out_len);
|
||||
break;
|
||||
@ -970,14 +910,11 @@ static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len
|
||||
ret = func_forward_msg(req.msg.fm.id, req.msg.fm.receiver, out, out_len);
|
||||
break;
|
||||
}
|
||||
<<<<<<< HEAD
|
||||
=======
|
||||
case Functions_FUNC_SEND_EMOTION: {
|
||||
ret = func_send_emotion(req.msg.file.path, req.msg.file.receiver, out, out_len);
|
||||
break;
|
||||
}
|
||||
#if 0
|
||||
>>>>>>> master
|
||||
case Functions_FUNC_SEND_XML: {
|
||||
ret = func_send_xml(req.msg.xml, out, out_len);
|
||||
break;
|
||||
@ -991,22 +928,10 @@ static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len
|
||||
ret = func_disable_recv_txt(out, out_len);
|
||||
break;
|
||||
}
|
||||
#if 0
|
||||
case Functions_FUNC_EXEC_DB_QUERY: {
|
||||
ret = func_exec_db_query(req.msg.query.db, req.msg.query.sql, out, out_len);
|
||||
break;
|
||||
}
|
||||
<<<<<<< HEAD
|
||||
case Functions_FUNC_ACCEPT_FRIEND: {
|
||||
ret = func_accept_friend(req.msg.v.v3, req.msg.v.v4, req.msg.v.scene, out, out_len);
|
||||
break;
|
||||
}
|
||||
case Functions_FUNC_RECV_TRANSFER: {
|
||||
ret = func_receive_transfer(req.msg.tf.wxid, req.msg.tf.tfid, req.msg.tf.taid, out, out_len);
|
||||
break;
|
||||
}
|
||||
=======
|
||||
>>>>>>> master
|
||||
case Functions_FUNC_REFRESH_PYQ: {
|
||||
ret = func_refresh_pyq(req.msg.ui64, out, out_len);
|
||||
break;
|
||||
@ -1027,8 +952,6 @@ static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len
|
||||
ret = func_refresh_qrcode(out, out_len);
|
||||
break;
|
||||
}
|
||||
<<<<<<< HEAD
|
||||
=======
|
||||
#if 0
|
||||
case Functions_FUNC_ACCEPT_FRIEND: {
|
||||
ret = func_accept_friend(req.msg.v.v3, req.msg.v.v4, req.msg.v.scene, out, out_len);
|
||||
@ -1039,7 +962,6 @@ static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
>>>>>>> master
|
||||
case Functions_FUNC_DECRYPT_IMAGE: {
|
||||
ret = func_decrypt_image(req.msg.dec, out, out_len);
|
||||
break;
|
||||
|
||||
@ -7,7 +7,6 @@
|
||||
#include "send_msg.h"
|
||||
#include "spy_types.h"
|
||||
#include "util.h"
|
||||
#include "wechat_function.h"
|
||||
|
||||
extern HANDLE g_hEvent;
|
||||
extern QWORD g_WeChatWinDllAddr;
|
||||
@ -15,13 +14,6 @@ extern string GetSelfWxid(); // Defined in spy.cpp
|
||||
|
||||
#define SRTM_SIZE 0x3F0
|
||||
|
||||
<<<<<<< HEAD
|
||||
typedef QWORD (*funcSendTextMsg_t)(QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD);
|
||||
typedef QWORD (*funcSendImageMsg_t)(QWORD, QWORD, QWORD, QWORD, QWORD);
|
||||
typedef QWORD (*funcSendFileMsg_t)(QWORD, QWORD, QWORD, QWORD, QWORD, QWORD *, QWORD, QWORD *, QWORD, QWORD *, QWORD,
|
||||
QWORD);
|
||||
typedef QWORD (*funcSendRichTextMsg_t)(QWORD, QWORD, QWORD);
|
||||
=======
|
||||
#define OS_NEW 0x1C28800
|
||||
#define OS_FREE 0x1C1FF10
|
||||
#define OS_SEND_MSG_MGR 0x1C1E690
|
||||
@ -50,7 +42,6 @@ typedef QWORD (*SendPatMsg_t)(QWORD, QWORD);
|
||||
typedef QWORD (*ForwardMsg_t)(QWORD, QWORD, QWORD, QWORD);
|
||||
typedef QWORD (*GetEmotionMgr_t)();
|
||||
typedef QWORD (*SendEmotion_t)(QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD);
|
||||
>>>>>>> master
|
||||
|
||||
void SendTextMessage(string wxid, string msg, string atWxids)
|
||||
{
|
||||
@ -78,17 +69,10 @@ void SendTextMessage(string wxid, string msg, string atWxids)
|
||||
|
||||
QWORD wxAters = (QWORD) & ((RawVector_t *)&vWxAtWxids)->start;
|
||||
|
||||
<<<<<<< HEAD
|
||||
char buffer[0x460] = { 0 };
|
||||
funcSendMsgMgr_t funcSendMsgMgr = (funcSendMsgMgr_t)(g_WeChatWinDllAddr + offset::kGetSendMessageMgr);
|
||||
funcSendTextMsg_t funcSendTextMsg = (funcSendTextMsg_t)(g_WeChatWinDllAddr + offset::kSendTextMsg);
|
||||
funcFree_t funcFree = (funcFree_t)(g_WeChatWinDllAddr + offset::kFreeChatMsg);
|
||||
=======
|
||||
char buffer[0x460] = { 0 };
|
||||
SendMsgMgr_t funcSendMsgMgr = (SendMsgMgr_t)(g_WeChatWinDllAddr + OS_SEND_MSG_MGR);
|
||||
SendTextMsg_t funcSendTextMsg = (SendTextMsg_t)(g_WeChatWinDllAddr + OS_SEND_TEXT);
|
||||
Free_t funcFree = (Free_t)(g_WeChatWinDllAddr + OS_FREE);
|
||||
>>>>>>> master
|
||||
funcSendMsgMgr();
|
||||
success = funcSendTextMsg((QWORD)(&buffer), (QWORD)(&wxWxid), (QWORD)(&wxMsg), wxAters, 1, 1, 0, 0);
|
||||
funcFree((QWORD)(&buffer));
|
||||
@ -102,17 +86,10 @@ void SendImageMessage(string wxid, string path)
|
||||
WxString wxWxid(wsWxid);
|
||||
WxString wxPath(wsPath);
|
||||
|
||||
<<<<<<< HEAD
|
||||
funcNew_t funcNew = (funcNew_t)(g_WeChatWinDllAddr + offset::kNewChatMsgByDownloadMgr);
|
||||
funcFree_t funcFree = (funcFree_t)(g_WeChatWinDllAddr + offset::kFreeChatMsg);
|
||||
funcSendMsgMgr_t funcSendMsgMgr = (funcSendMsgMgr_t)(g_WeChatWinDllAddr + offset::kGetSendMessageMgr);
|
||||
funcSendImageMsg_t funcSendImage = (funcSendImageMsg_t)(g_WeChatWinDllAddr + offset::kSendImageMsg);
|
||||
=======
|
||||
New_t funcNew = (New_t)(g_WeChatWinDllAddr + OS_NEW);
|
||||
Free_t funcFree = (Free_t)(g_WeChatWinDllAddr + OS_FREE);
|
||||
SendMsgMgr_t funcSendMsgMgr = (SendMsgMgr_t)(g_WeChatWinDllAddr + OS_SEND_MSG_MGR);
|
||||
SendImageMsg_t funcSendImage = (SendImageMsg_t)(g_WeChatWinDllAddr + OS_SEND_IMAGE);
|
||||
>>>>>>> master
|
||||
|
||||
char msg[0x460] = { 0 };
|
||||
char msgTmp[0x460] = { 0 };
|
||||
@ -139,17 +116,10 @@ void SendFileMessage(string wxid, string path)
|
||||
WxString wxWxid(wsWxid);
|
||||
WxString wxPath(wsPath);
|
||||
|
||||
<<<<<<< HEAD
|
||||
funcNew_t funcNew = (funcNew_t)(g_WeChatWinDllAddr + offset::kChatMsgInstanceCounter);
|
||||
funcFree_t funcFree = (funcFree_t)(g_WeChatWinDllAddr + offset::kFreeChatMsg);
|
||||
funcGetAppMsgMgr_t funcGetAppMsgMgr = (funcGetAppMsgMgr_t)(g_WeChatWinDllAddr + offset::kGetAppMsgMgr);
|
||||
funcSendFileMsg_t funcSendFile = (funcSendFileMsg_t)(g_WeChatWinDllAddr + offset::kSendFileMsg);
|
||||
=======
|
||||
New_t funcNew = (New_t)(g_WeChatWinDllAddr + OS_NEW);
|
||||
Free_t funcFree = (Free_t)(g_WeChatWinDllAddr + OS_FREE);
|
||||
GetAppMsgMgr_t funcGetAppMsgMgr = (GetAppMsgMgr_t)(g_WeChatWinDllAddr + OS_GET_APP_MSG_MGR);
|
||||
SendFileMsg_t funcSendFile = (SendFileMsg_t)(g_WeChatWinDllAddr + OS_SEND_FILE);
|
||||
>>>>>>> master
|
||||
|
||||
char msg[0x460] = { 0 };
|
||||
QWORD tmp1[4] = { 0 };
|
||||
@ -166,25 +136,10 @@ int SendRichTextMessage(RichText_t &rt)
|
||||
{ // TODO: Fix memory leak
|
||||
QWORD status = -1;
|
||||
|
||||
<<<<<<< HEAD
|
||||
wstring receiver = String2Wstring(rt.receiver);
|
||||
wstring title = String2Wstring(rt.title);
|
||||
wstring url = String2Wstring(rt.url);
|
||||
wstring thumburl = String2Wstring(rt.thumburl);
|
||||
wstring account = String2Wstring(rt.account);
|
||||
wstring name = String2Wstring(rt.name);
|
||||
wstring digest = String2Wstring(rt.digest);
|
||||
|
||||
funcNew_t funcNew = (funcNew_t)(g_WeChatWinDllAddr + offset::kNewRChatMsg);
|
||||
funcFree_t funcFree = (funcFree_t)(g_WeChatWinDllAddr + offset::kFreeRChatMsg);
|
||||
funcGetAppMsgMgr_t funcGetAppMsgMgr = (funcGetAppMsgMgr_t)(g_WeChatWinDllAddr + offset::kGetAppMsgMgr);
|
||||
funcSendRichTextMsg_t funcForwordPublicMsg = (funcSendRichTextMsg_t)(g_WeChatWinDllAddr + offset::kSendRichTextMsg);
|
||||
=======
|
||||
New_t funcNew = (New_t)(g_WeChatWinDllAddr + OS_RTM_NEW);
|
||||
Free_t funcFree = (Free_t)(g_WeChatWinDllAddr + OS_RTM_FREE);
|
||||
GetAppMsgMgr_t funcGetAppMsgMgr = (GetAppMsgMgr_t)(g_WeChatWinDllAddr + OS_GET_APP_MSG_MGR);
|
||||
SendRichTextMsg_t funcForwordPublicMsg = (SendRichTextMsg_t)(g_WeChatWinDllAddr + OS_SEND_RICH_TEXT);
|
||||
>>>>>>> master
|
||||
|
||||
char *buff = (char *)HeapAlloc(GetProcessHeap(), 0, SRTM_SIZE);
|
||||
if (buff == NULL) {
|
||||
@ -216,8 +171,6 @@ int SendRichTextMessage(RichText_t &rt)
|
||||
return (int)status;
|
||||
}
|
||||
|
||||
<<<<<<< HEAD
|
||||
=======
|
||||
int SendPatMessage(string roomid, string wxid)
|
||||
{
|
||||
QWORD status = -1;
|
||||
@ -275,7 +228,6 @@ void SendEmotionMessage(string wxid, string path)
|
||||
SendEmotion(mgr, (QWORD)pWxPath, (QWORD)buff, (QWORD)pWxWxid, 2, (QWORD)buff, 0, (QWORD)buff);
|
||||
}
|
||||
|
||||
>>>>>>> master
|
||||
#if 0
|
||||
void SendXmlMessage(string receiver, string xml, string path, int type)
|
||||
{
|
||||
@ -342,206 +294,4 @@ void SendXmlMessage(string receiver, string xml, string path, int type)
|
||||
popad;
|
||||
}
|
||||
}
|
||||
<<<<<<< HEAD
|
||||
|
||||
void SendEmotionMessage(string wxid, string path)
|
||||
{
|
||||
if (g_WeChatWinDllAddr == 0) {
|
||||
return;
|
||||
}
|
||||
|
||||
char buffer[0x1C] = { 0 };
|
||||
wstring wsWxid = String2Wstring(wxid);
|
||||
wstring wsPath = String2Wstring(path);
|
||||
|
||||
WxString wxWxid(wsWxid);
|
||||
WxString wxPath(wsPath);
|
||||
WxString nullbuffer;
|
||||
|
||||
// 发送文件Call地址 = 微信基址 + 偏移
|
||||
DWORD sendCall1 = g_WeChatWinDllAddr + g_WxCalls.sendEmo.call1;
|
||||
DWORD sendCall2 = g_WeChatWinDllAddr + g_WxCalls.sendEmo.call2;
|
||||
DWORD sendCall3 = g_WeChatWinDllAddr + g_WxCalls.sendEmo.call3;
|
||||
|
||||
__asm {
|
||||
pushad;
|
||||
pushfd;
|
||||
mov ebx, dword ptr[sendCall3];
|
||||
lea eax, buffer;
|
||||
push eax;
|
||||
push 0x0;
|
||||
sub esp, 0x14;
|
||||
mov esi, esp;
|
||||
mov dword ptr [esi], 0x0;
|
||||
mov dword ptr [esi+0x4], 0x0;
|
||||
mov dword ptr [esi+0x8], 0x0;
|
||||
mov dword ptr [esi+0xC], 0x0;
|
||||
mov dword ptr [esi+0x10], 0x0;
|
||||
push 0x2;
|
||||
lea eax, wxWxid;
|
||||
sub esp, 0x14;
|
||||
mov ecx, esp;
|
||||
push eax;
|
||||
call sendCall1;
|
||||
sub esp, 0x14;
|
||||
mov esi, esp;
|
||||
mov dword ptr [esi], 0x0;
|
||||
mov dword ptr [esi+0x4], 0x0;
|
||||
mov dword ptr [esi+0x8], 0x0;
|
||||
mov dword ptr [esi+0xC], 0x0;
|
||||
mov dword ptr [esi+0x10], 0x0;
|
||||
sub esp, 0x14;
|
||||
mov ecx, esp;
|
||||
lea eax, wxPath;
|
||||
push eax;
|
||||
call sendCall1;
|
||||
mov ecx, ebx;
|
||||
call sendCall2;
|
||||
popfd;
|
||||
popad;
|
||||
}
|
||||
}
|
||||
|
||||
int SendRichTextMessage(RichText_t &rt)
|
||||
{
|
||||
int status = -1;
|
||||
char buff[0x238] = { 0 };
|
||||
|
||||
DWORD rtCall3 = g_WeChatWinDllAddr + g_WxCalls.rt.call3;
|
||||
DWORD rtCall2 = g_WeChatWinDllAddr + g_WxCalls.rt.call2;
|
||||
DWORD rtCall1 = g_WeChatWinDllAddr + g_WxCalls.rt.call1;
|
||||
DWORD rtCall5 = g_WeChatWinDllAddr + g_WxCalls.rt.call5;
|
||||
DWORD rtCall4 = g_WeChatWinDllAddr + g_WxCalls.rt.call4;
|
||||
|
||||
__asm {
|
||||
pushad;
|
||||
pushfd;
|
||||
lea ecx,buff;
|
||||
call rtCall1;
|
||||
popfd;
|
||||
popad;
|
||||
}
|
||||
|
||||
wstring receiver = String2Wstring(rt.receiver);
|
||||
wstring title = String2Wstring(rt.title);
|
||||
wstring url = String2Wstring(rt.url);
|
||||
wstring thumburl = String2Wstring(rt.thumburl);
|
||||
wstring account = String2Wstring(rt.account);
|
||||
wstring name = String2Wstring(rt.name);
|
||||
wstring digest = String2Wstring(rt.digest);
|
||||
|
||||
WxString wxReceiver(receiver);
|
||||
WxString wxTitle(title);
|
||||
WxString wxUrl(url);
|
||||
WxString wxThumburl(thumburl);
|
||||
WxString wxAccount(account);
|
||||
WxString wxName(name);
|
||||
WxString wxDigest(digest);
|
||||
|
||||
memcpy(&buff[0x4], &wxTitle, sizeof(wxTitle));
|
||||
memcpy(&buff[0x2C], &wxUrl, sizeof(wxUrl));
|
||||
memcpy(&buff[0x6C], &wxThumburl, sizeof(wxThumburl));
|
||||
memcpy(&buff[0x94], &wxDigest, sizeof(wxDigest));
|
||||
memcpy(&buff[0x1A0], &wxAccount, sizeof(wxAccount));
|
||||
memcpy(&buff[0x1B4], &wxName, sizeof(wxName));
|
||||
|
||||
__asm {
|
||||
pushad;
|
||||
pushfd;
|
||||
call rtCall2;
|
||||
lea ecx, buff;
|
||||
push ecx;
|
||||
sub esp, 0x14;
|
||||
mov edi, eax;
|
||||
mov ecx, esp;
|
||||
lea ebx, wxReceiver;
|
||||
push ebx;
|
||||
call rtCall3;
|
||||
mov ecx, edi;
|
||||
call rtCall4;
|
||||
mov status, eax;
|
||||
add ebx, 0x14;
|
||||
lea ecx, buff;
|
||||
push 0x0;
|
||||
call rtCall5;
|
||||
popfd;
|
||||
popad;
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
int SendPatMessage(string roomid, string wxid)
|
||||
{
|
||||
int status = -1;
|
||||
|
||||
wstring wsRoomid = String2Wstring(roomid);
|
||||
wstring wsWxid = String2Wstring(wxid);
|
||||
WxString wxRoomid(wsRoomid);
|
||||
WxString wxWxid(wsWxid);
|
||||
|
||||
DWORD pmCall1 = g_WeChatWinDllAddr + g_WxCalls.pm.call1;
|
||||
DWORD pmCall2 = g_WeChatWinDllAddr + g_WxCalls.pm.call2;
|
||||
DWORD pmCall3 = g_WeChatWinDllAddr + g_WxCalls.pm.call3;
|
||||
|
||||
__asm {
|
||||
pushad;
|
||||
call pmCall1;
|
||||
push pmCall2;
|
||||
push 0x0;
|
||||
push eax;
|
||||
lea ecx, wxRoomid;
|
||||
lea edx, wxWxid;
|
||||
call pmCall3;
|
||||
add esp, 0xc;
|
||||
movzx eax, al;
|
||||
mov status, eax;
|
||||
popad;
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
int ForwardMessage(QWORD msgid, string receiver)
|
||||
{
|
||||
int status = -1;
|
||||
uint32_t dbIdx = 0;
|
||||
QWORD localId = 0;
|
||||
|
||||
if (GetLocalIdandDbidx(msgid, &localId, &dbIdx) != 0) {
|
||||
LOG_ERROR("Failed to get localId, Please check id: {}", to_string(msgid));
|
||||
return status;
|
||||
}
|
||||
|
||||
wstring wsReceiver = String2Wstring(receiver);
|
||||
WxString wxReceiver(wsReceiver);
|
||||
|
||||
DWORD fmCall1 = g_WeChatWinDllAddr + g_WxCalls.fm.call1;
|
||||
DWORD fmCall2 = g_WeChatWinDllAddr + g_WxCalls.fm.call2;
|
||||
|
||||
__asm {
|
||||
pushad;
|
||||
pushfd;
|
||||
mov edx, dword ptr [dbIdx];
|
||||
push edx;
|
||||
mov eax, dword ptr [localId];
|
||||
push eax;
|
||||
sub esp, 0x14;
|
||||
mov ecx, esp;
|
||||
lea esi, wxReceiver;
|
||||
push esi;
|
||||
call fmCall1;
|
||||
xor ecx, ecx;
|
||||
call fmCall2;
|
||||
movzx eax, al;
|
||||
mov status, eax;
|
||||
add esp, 0x1c;
|
||||
popfd;
|
||||
popad;
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
=======
|
||||
>>>>>>> master
|
||||
#endif
|
||||
|
||||
@ -5,10 +5,6 @@
|
||||
#include "spy.h"
|
||||
#include "util.h"
|
||||
|
||||
<<<<<<< HEAD
|
||||
//WxCalls_t g_WxCalls = { 0 };
|
||||
=======
|
||||
>>>>>>> master
|
||||
UINT64 g_WeChatWinDllAddr = 0;
|
||||
|
||||
static bool IsWxVersionMatched(const wchar_t *version)
|
||||
@ -37,19 +33,11 @@ void InitSpy(LPVOID args)
|
||||
return;
|
||||
}
|
||||
LOG_INFO("WeChat version: {}", Wstring2String(version).c_str());
|
||||
<<<<<<< HEAD
|
||||
//if (LoadCalls(version, &g_WxCalls) != 0) { // 加载微信版本对应的Call地址
|
||||
// LOG_ERROR("不支持当前版本");
|
||||
// MessageBox(NULL, L"不支持当前版本", L"错误", 0);
|
||||
// return;
|
||||
//}
|
||||
=======
|
||||
if (!IsWxVersionMatched(version)) {
|
||||
LOG_ERROR("不支持当前版本");
|
||||
MessageBox(NULL, L"不支持当前版本", L"错误", 0);
|
||||
return;
|
||||
}
|
||||
>>>>>>> master
|
||||
|
||||
RpcStartServer(pp->port);
|
||||
}
|
||||
|
||||
@ -2,11 +2,7 @@
|
||||
|
||||
#include "framework.h"
|
||||
|
||||
<<<<<<< HEAD
|
||||
void InitSpy(LPVOID port);
|
||||
=======
|
||||
#define SUPPORT_VERSION L"3.9.10.27"
|
||||
|
||||
void InitSpy(int port);
|
||||
>>>>>>> master
|
||||
void CleanupSpy();
|
||||
|
||||
@ -4,212 +4,6 @@
|
||||
#include <string>
|
||||
|
||||
typedef uint64_t QWORD;
|
||||
<<<<<<< HEAD
|
||||
typedef struct UserInfoCall {
|
||||
DWORD wxid = 0x5AB7FB8;
|
||||
DWORD nickName = 0x5AB8098;
|
||||
DWORD mobile = 0x5AB7FD8;
|
||||
DWORD home = 0x5A7E190;
|
||||
} UserInfoCall_t;
|
||||
|
||||
typedef struct RecvMsg {
|
||||
DWORD hook = 0x00; // Hook地址
|
||||
DWORD call = 0x2205510; // Call地址
|
||||
DWORD msgId = 0x30; // 消息ID地址
|
||||
DWORD type = 0x38; // 消息类型地址
|
||||
DWORD isSelf = 0x3C; // 是否自己发送标志地址
|
||||
DWORD ts = 0x44; // TimeStamp
|
||||
DWORD roomId = 0x48; // 群聊时,为群ID;私聊时,为微信ID
|
||||
DWORD content = 0x88; // 消息内容地址
|
||||
DWORD wxid = 0x240; // 私聊时,为空;群聊时,为发送者微信ID
|
||||
DWORD sign = 0x260; // Sign
|
||||
DWORD thumb = 0x280; // 缩略图
|
||||
DWORD extra = 0x2A0; // 附加数据
|
||||
DWORD msgXml = 0x308; // 消息xml内容地址
|
||||
} RecvMsg_t;
|
||||
|
||||
typedef struct SendText {
|
||||
DWORD call1 = 0x1C1E690;
|
||||
DWORD call2 = 0x238DDD0;
|
||||
DWORD call3 = 0x1C1FF10;
|
||||
};
|
||||
|
||||
typedef struct Sendfile {
|
||||
DWORD call1 = 0x1C28800;
|
||||
DWORD call2 = 0x1C1FF10;
|
||||
DWORD call3 = 0x1C23630;
|
||||
DWORD call4 = 0x21969E0;
|
||||
};
|
||||
typedef struct SendEmo {
|
||||
DWORD call1 = 0x771980;
|
||||
DWORD call2 = 0x4777E0;
|
||||
DWORD call3 = 0x239E888;
|
||||
};
|
||||
|
||||
|
||||
typedef struct SendImage {
|
||||
DWORD call1 = 0x1C28800;
|
||||
DWORD call2 = 0x1C1FF10;
|
||||
DWORD call3 = 0x1C1E690;
|
||||
DWORD call4 = 0x2383560;
|
||||
};
|
||||
|
||||
|
||||
typedef struct Contact {
|
||||
DWORD base;
|
||||
DWORD head;
|
||||
DWORD wxId;
|
||||
DWORD wxCode;
|
||||
DWORD wxRemark;
|
||||
DWORD wxName;
|
||||
DWORD wxGender;
|
||||
DWORD wxCountry;
|
||||
DWORD wxProvince;
|
||||
DWORD wxCity;
|
||||
} Contact_t;
|
||||
|
||||
typedef struct Sql {
|
||||
DWORD exec;
|
||||
DWORD base;
|
||||
DWORD start;
|
||||
DWORD end;
|
||||
DWORD slot;
|
||||
DWORD name;
|
||||
} Sql_t;
|
||||
|
||||
typedef struct NewFriend {
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
DWORD call3;
|
||||
DWORD call4;
|
||||
} NewFriend_t;
|
||||
|
||||
typedef struct AddRoomMember {
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
DWORD call3;
|
||||
} ;
|
||||
|
||||
typedef struct DelRoomMember {
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
DWORD call3;
|
||||
};
|
||||
|
||||
typedef struct Xml {
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
DWORD call3;
|
||||
DWORD call4;
|
||||
DWORD param;
|
||||
} Xml_t;
|
||||
|
||||
typedef struct TF {
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
DWORD call3;
|
||||
} TF_t;
|
||||
|
||||
typedef struct Pyq {
|
||||
DWORD hook;
|
||||
DWORD call;
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
DWORD call3;
|
||||
DWORD start;
|
||||
DWORD end;
|
||||
DWORD ts;
|
||||
DWORD wxid;
|
||||
DWORD content;
|
||||
DWORD xml;
|
||||
DWORD step;
|
||||
} Pyq_t;
|
||||
|
||||
typedef struct DlAttach {
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
DWORD call3;
|
||||
DWORD call4;
|
||||
DWORD call5;
|
||||
DWORD call6;
|
||||
} DlAttach_t;
|
||||
|
||||
typedef struct RevokeMsg {
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
DWORD call3;
|
||||
DWORD call4;
|
||||
DWORD call5;
|
||||
} RevokeMsg_t;
|
||||
|
||||
typedef struct CallRichText {
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
DWORD call3;
|
||||
DWORD call4;
|
||||
} CallRichText_t;
|
||||
|
||||
typedef struct CallPatMsg {
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
DWORD call3;
|
||||
} CallPatMsg_t;
|
||||
|
||||
typedef struct CallInviteCM {
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
DWORD call3;
|
||||
DWORD call4;
|
||||
DWORD call5;
|
||||
DWORD call6;
|
||||
DWORD call7;
|
||||
DWORD call8;
|
||||
} CallInviteCM_t;
|
||||
|
||||
typedef struct CallOcr {
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
DWORD call3;
|
||||
} CallOcr_t;
|
||||
|
||||
typedef struct CallFm {
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
} CallFm_t;
|
||||
|
||||
typedef struct CallRfLoginQr {
|
||||
DWORD call1;
|
||||
DWORD call2;
|
||||
DWORD url;
|
||||
} CallRfLoginQr_t;
|
||||
|
||||
typedef struct WxCalls {
|
||||
//DWORD login = 0x5AB8A2C; // 登录状态
|
||||
//UserInfoCall_t ui; // 用户信息
|
||||
//SendText sendText; // 发送消息
|
||||
//RecvMsg_t recvMsg; // 接收消息
|
||||
//SendImage sendImg; // 发送图片
|
||||
//Sendfile sendFile; // 发送文件
|
||||
//Xml_t sendXml; // 发送XML
|
||||
//SendEmo sendEmo; // 发送表情
|
||||
//Contact_t contact; // 获取联系人
|
||||
//Sql_t sql; // 执行 SQL
|
||||
//NewFriend_t anf; // 通过好友申请
|
||||
//AddRoomMember arm; // 添加群成员
|
||||
//DelRoomMember drm; // 删除群成员
|
||||
//TF_t tf; // 接收转账
|
||||
//Pyq_t pyq; // 接收朋友圈消息
|
||||
//DlAttach_t da; // 下载资源(图片、文件、视频)
|
||||
//RevokeMsg_t rm; // 撤回消息
|
||||
//CallRichText_t rt; // 发送消息卡片
|
||||
//CallPatMsg_t pm; // 发送拍一拍消息
|
||||
//CallInviteCM_t irm; // 邀请群成员
|
||||
//CallOcr_t ocr; // OCR
|
||||
//CallFm_t fm; // 转发消息
|
||||
//CallRfLoginQr_t rlq; // 刷新登录二维码
|
||||
} WxCalls_t;
|
||||
=======
|
||||
>>>>>>> master
|
||||
|
||||
struct WxString {
|
||||
const wchar_t *wptr;
|
||||
|
||||
@ -138,9 +138,9 @@
|
||||
#define SQLITE_NULL 5
|
||||
#define SQLITE_TEXT 3
|
||||
|
||||
#define SQLITE3_EXEC_OFFSET 0x1E24F70
|
||||
#define SQLITE3_EXEC_OFFSET 0x3AFBCE0
|
||||
#define SQLITE3_BACKUP_INIT_OFFSET 0x1DEA900
|
||||
#define SQLITE3_PREPARE_OFFSET 0x1E2B8C0
|
||||
#define SQLITE3_PREPARE_OFFSET 0x3B03990
|
||||
#define SQLITE3_OPEN_OFFSET 0x1E598B0
|
||||
#define SQLITE3_BACKUP_STEP_OFFSET 0x1DEAD00
|
||||
#define SQLITE3_BACKUP_REMAINING_OFFSET 0x1DEB440
|
||||
@ -149,46 +149,46 @@
|
||||
#define SQLITE3_SLEEP_OFFSET 0x1E5A0F0
|
||||
#define SQLITE3_ERRCODE_OFFSET 0x1E58550
|
||||
#define SQLITE3_CLOSE_OFFSET 0x1E56CD0
|
||||
#define SQLITE3_STEP_OFFSET 0x1DF3770
|
||||
#define SQLITE3_COLUMN_COUNT_OFFSET 0x1DF3C80
|
||||
#define SQLITE3_COLUMN_NAME_OFFSET 0x1DF4570
|
||||
#define SQLITE3_COLUMN_TYPE_OFFSET 0x1DF4410
|
||||
#define SQLITE3_COLUMN_BLOB_OFFSET 0x1DF3CC0
|
||||
#define SQLITE3_COLUMN_BYTES_OFFSET 0x1DF3DA0
|
||||
#define SQLITE3_FINALIZE_OFFSET 0x1DF2740
|
||||
#define SQLITE3_STEP_OFFSET 0x3ABFCE0
|
||||
#define SQLITE3_COLUMN_COUNT_OFFSET 0x3AC0500
|
||||
#define SQLITE3_COLUMN_NAME_OFFSET 0x3AC0F00
|
||||
#define SQLITE3_COLUMN_TYPE_OFFSET 0x3AC0D50
|
||||
#define SQLITE3_COLUMN_BLOB_OFFSET 0x3AC0530
|
||||
#define SQLITE3_COLUMN_BYTES_OFFSET 0x3AC0620
|
||||
#define SQLITE3_FINALIZE_OFFSET 0x3ABED90
|
||||
|
||||
typedef int (*Sqlite3_callback)(void *, int, char **, char **);
|
||||
|
||||
typedef int(__cdecl *Sqlite3_exec)(DWORD, /* An open database */
|
||||
typedef int(__cdecl *Sqlite3_exec)(QWORD, /* An open database */
|
||||
const char *sql, /* SQL to be evaluated */
|
||||
Sqlite3_callback, /* Callback function */
|
||||
void *, /* 1st argument to callback */
|
||||
char **errmsg /* Error msg written here */
|
||||
);
|
||||
typedef DWORD(__cdecl *Sqlite3_backup_init)(DWORD *pDest, /* Destination database handle */
|
||||
typedef QWORD(__cdecl *Sqlite3_backup_init)(QWORD *pDest, /* Destination database handle */
|
||||
const char *zDestName, /* Destination database name */
|
||||
DWORD *pSource, /* Source database handle */
|
||||
QWORD *pSource, /* Source database handle */
|
||||
const char *zSourceName /* Source database name */
|
||||
);
|
||||
typedef int(__cdecl *Sqlite3_prepare)(DWORD db, /* Database handle */
|
||||
typedef int(__cdecl *Sqlite3_prepare)(QWORD db, /* Database handle */
|
||||
const char *zSql, /* SQL statement, UTF-8 encoded */
|
||||
int nByte, /* Maximum length of zSql in bytes. */
|
||||
DWORD **ppStmt, /* OUT: Statement handle */
|
||||
QWORD **ppStmt, /* OUT: Statement handle */
|
||||
const char **pzTail /* OUT: Pointer to unused portion of zSql */
|
||||
);
|
||||
typedef int(__cdecl *Sqlite3_open)(const char *filename, DWORD **ppDb);
|
||||
typedef int(__cdecl *Sqlite3_backup_step)(DWORD *p, int nPage);
|
||||
typedef int(__cdecl *Sqlite3_backup_remaining)(DWORD *p);
|
||||
typedef int(__cdecl *Sqlite3_backup_pagecount)(DWORD *p);
|
||||
typedef int(__cdecl *Sqlite3_backup_finish)(DWORD *p);
|
||||
typedef int(__cdecl *Sqlite3_open)(const char *filename, QWORD **ppDb);
|
||||
typedef int(__cdecl *Sqlite3_backup_step)(QWORD *p, int nPage);
|
||||
typedef int(__cdecl *Sqlite3_backup_remaining)(QWORD *p);
|
||||
typedef int(__cdecl *Sqlite3_backup_pagecount)(QWORD *p);
|
||||
typedef int(__cdecl *Sqlite3_backup_finish)(QWORD *p);
|
||||
typedef int(__cdecl *Sqlite3_sleep)(int);
|
||||
typedef int(__cdecl *Sqlite3_errcode)(DWORD *db);
|
||||
typedef int(__cdecl *Sqlite3_close)(DWORD *);
|
||||
typedef int(__cdecl *Sqlite3_errcode)(QWORD *db);
|
||||
typedef int(__cdecl *Sqlite3_close)(QWORD *);
|
||||
|
||||
typedef int(__cdecl *Sqlite3_step)(DWORD *);
|
||||
typedef int(__cdecl *Sqlite3_column_count)(DWORD *pStmt);
|
||||
typedef const char *(__cdecl *Sqlite3_column_name)(DWORD *, int N);
|
||||
typedef int(__cdecl *Sqlite3_column_type)(DWORD *, int iCol);
|
||||
typedef const void *(__cdecl *Sqlite3_column_blob)(DWORD *, int iCol);
|
||||
typedef int(__cdecl *Sqlite3_column_bytes)(DWORD *, int iCol);
|
||||
typedef int(__cdecl *Sqlite3_finalize)(DWORD *pStmt);
|
||||
typedef int(__cdecl *Sqlite3_step)(QWORD *);
|
||||
typedef int(__cdecl *Sqlite3_column_count)(QWORD *pStmt);
|
||||
typedef const char *(__cdecl *Sqlite3_column_name)(QWORD *, int N);
|
||||
typedef int(__cdecl *Sqlite3_column_type)(QWORD *, int iCol);
|
||||
typedef const void *(__cdecl *Sqlite3_column_blob)(QWORD *, int iCol);
|
||||
typedef int(__cdecl *Sqlite3_column_bytes)(QWORD *, int iCol);
|
||||
typedef int(__cdecl *Sqlite3_finalize)(QWORD *pStmt);
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
#include "user_info.h"
|
||||
#include "log.h"
|
||||
#include "util.h"
|
||||
#include "wechat_function.h"
|
||||
|
||||
extern UINT64 g_WeChatWinDllAddr;
|
||||
|
||||
@ -15,11 +14,7 @@ static char home[MAX_PATH] = { 0 };
|
||||
string GetHomePath()
|
||||
{
|
||||
if (home[0] == 0) {
|
||||
<<<<<<< HEAD
|
||||
string path = Wstring2String(GET_WSTRING(g_WeChatWinDllAddr + offset::wcf_home)) + "\\WeChat Files\\";
|
||||
=======
|
||||
string path = Wstring2String(GET_WSTRING(g_WeChatWinDllAddr + OS_USER_HOME)) + "\\WeChat Files\\";
|
||||
>>>>>>> master
|
||||
strncpy_s(home, path.c_str(), path.size());
|
||||
}
|
||||
|
||||
@ -30,17 +25,6 @@ string GetSelfWxid()
|
||||
{
|
||||
UINT64 wxidType = 0;
|
||||
try {
|
||||
<<<<<<< HEAD
|
||||
wxidType = GET_UINT64(g_WeChatWinDllAddr + offset::wcf_iwxid + 0x18);
|
||||
if (wxidType == 0xF) {
|
||||
return GET_STRING_FROM_P(g_WeChatWinDllAddr + offset::wcf_iwxid);
|
||||
} else {
|
||||
return GET_STRING(g_WeChatWinDllAddr + offset::wcf_iwxid);
|
||||
}
|
||||
} catch (...) {
|
||||
LOG_ERROR("wxid type: {:#x}", wxidType);
|
||||
LOG_BUFFER((uint8_t *)(g_WeChatWinDllAddr + offset::wcf_iwxid), 20);
|
||||
=======
|
||||
wxidType = GET_UINT64(g_WeChatWinDllAddr + OS_USER_WXID + 0x18);
|
||||
if (wxidType == 0xF) {
|
||||
return GET_STRING_FROM_P(g_WeChatWinDllAddr + OS_USER_WXID);
|
||||
@ -50,7 +34,6 @@ string GetSelfWxid()
|
||||
} catch (...) {
|
||||
LOG_ERROR("wxid type: {:#x}", wxidType);
|
||||
LOG_BUFFER((uint8_t *)(g_WeChatWinDllAddr + OS_USER_WXID), 20);
|
||||
>>>>>>> master
|
||||
return "empty_wxid";
|
||||
}
|
||||
}
|
||||
@ -61,16 +44,6 @@ UserInfo_t GetUserInfo()
|
||||
|
||||
ui.wxid = GetSelfWxid();
|
||||
|
||||
<<<<<<< HEAD
|
||||
UINT64 nameType = GET_UINT64(g_WeChatWinDllAddr + offset::wcf_nickName + 0x18);
|
||||
if (nameType == 0xF) {
|
||||
ui.name = GET_STRING_FROM_P(g_WeChatWinDllAddr + offset::wcf_nickName);
|
||||
} else { // 0x1F
|
||||
ui.name = GET_STRING(g_WeChatWinDllAddr + offset::wcf_nickName);
|
||||
}
|
||||
|
||||
ui.mobile = GET_STRING_FROM_P(g_WeChatWinDllAddr + offset::wcf_mobile);
|
||||
=======
|
||||
UINT64 nameType = GET_UINT64(g_WeChatWinDllAddr + OS_USER_NAME + 0x18);
|
||||
if (nameType == 0xF) {
|
||||
ui.name = GET_STRING_FROM_P(g_WeChatWinDllAddr + OS_USER_NAME);
|
||||
@ -79,7 +52,6 @@ UserInfo_t GetUserInfo()
|
||||
}
|
||||
|
||||
ui.mobile = GET_STRING_FROM_P(g_WeChatWinDllAddr + OS_USER_MOBILE);
|
||||
>>>>>>> master
|
||||
ui.home = GetHomePath();
|
||||
|
||||
return ui;
|
||||
|
||||
@ -1,177 +0,0 @@
|
||||
#include <string>
|
||||
#include <vector>
|
||||
#include <windows.h>
|
||||
|
||||
namespace offset {
|
||||
const UINT64 kGetAccountServiceMgr = 0x1B50D00; //ok
|
||||
const UINT64 kGetCurrentDataPath = 0x2248D40; //ok
|
||||
const UINT64 kGetAppDataSavePath = 0x25DBFE0; //ok
|
||||
const UINT64 kGetSendMessageMgr = 0x1B4F500; //OK
|
||||
const UINT64 kNewChatMsgByDownloadMgr = 0x1B59670; //ok
|
||||
const UINT64 kSendTextMsg = 0x22C2070; //OK
|
||||
const UINT64 kFreeChatMsg = 0x1B50D80; //OK
|
||||
|
||||
const UINT64 kDoAddMsg = 0x230A490; //ok
|
||||
const UINT64 kSendImageMsg = 0x22B7800; //ok
|
||||
const UINT64 kChatMsgInstanceCounter = kNewChatMsgByDownloadMgr; //ok
|
||||
const UINT64 kSendFileMsg = 0x20CB750;//ok
|
||||
const UINT64 kGetAppMsgMgr = 0x1B544A0; //ok
|
||||
const UINT64 kGetContactMgr = 0x1B3CCD0;//ok
|
||||
const UINT64 kGetContactList = 0x219A220;//ok
|
||||
|
||||
const UINT64 k_sqlite3_exec = 0x3A59B40;//ok
|
||||
const UINT64 k_sqlite3_prepare = 0x3A617F0;//ok
|
||||
//const UINT64 k_sqlite3_open = 0x27242a0; //1
|
||||
const UINT64 k_sqlite3_step = 0x3A1DB40;//ok
|
||||
const UINT64 k_sqlite3_column_count = 0x3A1E360;//ok
|
||||
const UINT64 k_sqlite3_column_name = 0x3A1ED60;//ok
|
||||
const UINT64 k_sqlite3_column_type = 0x3A1EBB0;//ok
|
||||
const UINT64 k_sqlite3_column_blob = 0x3A1E390;//ok
|
||||
const UINT64 k_sqlite3_column_bytes = 0x3A1E480;//ok
|
||||
const UINT64 k_sqlite3_finalize = 0x3A1CBF0; //ok
|
||||
|
||||
const UINT64 kGPInstance = 0x58DD340; //ok
|
||||
|
||||
const UINT64 kMicroMsgDB = 0xb8; //ok
|
||||
const UINT64 kChatMsgDB = 0x2c8; //ok
|
||||
const UINT64 kMiscDB = 0x5f0; //ok
|
||||
const UINT64 kEmotionDB = 0x15f0; //ok
|
||||
const UINT64 kMediaDB = 0xF48; //ok
|
||||
const UINT64 kBizchatMsgDB = 0x1AC0;//ok
|
||||
|
||||
const UINT64 kFunctionMsgDB = 0x1b98;//ok
|
||||
const UINT64 kDBName = 0x28;
|
||||
const UINT64 kStorageStart = 0x0;
|
||||
const UINT64 kStorageEnd = 0x0;
|
||||
|
||||
|
||||
const UINT64 kMultiDBMgr = 0x593AC38; //ok
|
||||
const UINT64 kPublicMsgMgr = 0x59381D8; //ok
|
||||
const UINT64 kFavoriteStorageMgr = 0x593B7D0; //ok
|
||||
|
||||
|
||||
const UINT64 kChatRoomMgr = 0x1B7EEC0; //ok
|
||||
const UINT64 kGetChatRoomDetailInfo = 0x2160C10; //ok
|
||||
const UINT64 kNewChatRoomInfo = 0x25051D0;//ok
|
||||
const UINT64 kFreeChatRoomInfo = 0x25053B0;//ok
|
||||
//const UINT64 kDoAddMemberToChatRoom = 0xe63c70;
|
||||
//const UINT64 kDoModChatRoomMemberNickName = 0xe6db00;
|
||||
//const UINT64 kDelMemberFromChatRoom = 0xe64290;
|
||||
const UINT64 kGetMemberFromChatRoom = 0x2162460;//ok
|
||||
const UINT64 kNewChatRoom = 0x25025F0;//ok
|
||||
const UINT64 kFreeChatRoom = 0x25027F0;//ok
|
||||
|
||||
//const UINT64 kTopMsg = 0xa5e4f0;
|
||||
//const UINT64 kRemoveTopMsg = 0xe787b0;
|
||||
//const UINT64 kInviteMember = 0xe63650;
|
||||
//const UINT64 kHookLog = 0x1304e60;
|
||||
|
||||
//const UINT64 kCreateChatRoom = 0xe63340;
|
||||
//const UINT64 kQuitChatRoom = 0xe6e3b0;
|
||||
const UINT64 kForwardMsg = 0x22C15F0; //ok
|
||||
|
||||
//const UINT64 kOnSnsTimeLineSceneFinish = 0x1a73150;
|
||||
//const UINT64 kSNSGetFirstPage = 0x1a51dd0;
|
||||
//const UINT64 kSNSGetNextPageScene = 0x1a77240;
|
||||
//const UINT64 kSNSDataMgr = 0xeebda0;
|
||||
//const UINT64 kSNSTimeLineMgr = 0x19e83a0;
|
||||
const UINT64 kGetMgrByPrefixLocalId = 0x213B010; //ok
|
||||
//const UINT64 kAddFavFromMsg = 0x1601520;
|
||||
const UINT64 kGetChatMgr = 0x1B82BF0; //ok
|
||||
//const UINT64 kGetFavoriteMgr = 0x8c69b0;
|
||||
//const UINT64 kAddFavFromImage = 0x160b920;
|
||||
const UINT64 kGetContact = 0x2194630; //ok
|
||||
const UINT64 kNewContact = 0x25193B0; //ok
|
||||
const UINT64 kFreeContact = 0x2519A60; //ok
|
||||
//const UINT64 kNewMMReaderItem = 0x8c79a0;
|
||||
//const UINT64 kFreeMMReaderItem = 0x8c6da0;
|
||||
//const UINT64 kForwordPublicMsg = 0xddc6c0;
|
||||
const UINT64 kParseAppMsgXml = 0x24B3FD0; //ok
|
||||
const UINT64 kNewAppMsgInfo = 0x1BCE7B0; //ok
|
||||
const UINT64 kFreeAppMsgInfo = 0x1B93D80; //ok
|
||||
const UINT64 kGetPreDownLoadMgr = 0x1C0A3A0; //ok
|
||||
const UINT64 kPushAttachTask = 0x1CDA9B0; //ok
|
||||
//const UINT64 kGetCustomSmileyMgr = 0x915c00;
|
||||
//const UINT64 kSendCustomEmotion = 0xec0a40;
|
||||
//const UINT64 kNewJsApiShareAppMessage = 0x13be1a0;
|
||||
//const UINT64 kInitJsConfig = 0x137bc00;
|
||||
//const UINT64 kSendApplet = 0x13c0920;
|
||||
//const UINT64 kSendAppletSecond = 0x13c1150;
|
||||
//const UINT64 kGetAppInfoByWaid = 0x13c5790;
|
||||
//const UINT64 kCopyShareAppMessageRequest = 0x13c0670;
|
||||
//const UINT64 kNewWAUpdatableMsgInfo = 0x919ca0;
|
||||
//const UINT64 kFreeWAUpdatableMsgInfo = 0x8fc230;
|
||||
//const UINT64 kSendPatMsg = 0x195f340;
|
||||
//const UINT64 kGetOCRManager = 0x999780;
|
||||
//const UINT64 kDoOCRTask = 0x190b2a0;
|
||||
|
||||
const UINT64 kGetLockWechatMgr = 0x1C84DA0;//ok
|
||||
const UINT64 kRequestLockWechat = 0x1C39860;//ok
|
||||
const UINT64 kRequestUnLockWechat = 0x1C39B00;//ok
|
||||
|
||||
const UINT64 kOnLoginBtnClick = 0x202BC90;//ok
|
||||
const UINT64 kOnLoginBtnParam = 0x4ECEE08;//ok
|
||||
|
||||
const UINT64 kGetQRCodeLoginMgr = 0x201E420;//ok
|
||||
|
||||
const UINT64 kUpdateMsg = 0x2142200;//ok
|
||||
const UINT64 kGetVoiceMgr = 0x1E13320;//ok
|
||||
const UINT64 kChatMsg2NetSceneSendMsg = 0x1B71FD0;//ok
|
||||
const UINT64 kTranslateVoice = 0x2353E00;//ok
|
||||
const UINT64 kNewWebViewPageConfig = 0x1B53AE0; //ok
|
||||
const UINT64 kFreeWebViewPageConfig = 0x1B53D10; //ok
|
||||
const UINT64 kGetWebViewMgr = 0x1B43950; //ok
|
||||
|
||||
const UINT64 kShowWebView = 0x302ED40;//ok
|
||||
const UINT64 kSetUrl = 0x26155F0; //ok
|
||||
|
||||
|
||||
|
||||
//发送小程序
|
||||
const UINT64 kNewJsApiShareAppMessage = 0x26CDA30; //ok
|
||||
const UINT64 kInitJsConfig = 0x268A970; //ok
|
||||
const UINT64 kSendApplet = 0x26D01D0; //ok
|
||||
const UINT64 kSendAppletSecond = 0x26D0A00; //ok
|
||||
const UINT64 kGetAppInfoByWaid = 0x26D4F80; //ok
|
||||
const UINT64 kCopyShareAppMessageRequest = 0x26CFF20;//ok
|
||||
const UINT64 kNewWAUpdatableMsgInfo = 0x1BCDD10; //ok
|
||||
const UINT64 kFreeWAUpdatableMsgInfo = 0x1B92AC0;//ok
|
||||
const UINT64 kSendPatMsg = 0x2CA97A0;//ok PatMgr::SendPatMsg
|
||||
const UINT64 kSendAppletRcxParam = 0x4F64A60; //ok
|
||||
|
||||
//取群联系人昵称
|
||||
const UINT64 kChatRoomNickNameMgr = 0x1B7F100; //ok
|
||||
const UINT64 kGetChatRoomNickName = 0x21625D0; //ok
|
||||
|
||||
|
||||
|
||||
//卡片
|
||||
//const UINT64 kRichTextMgr = 0x1C23630;
|
||||
const UINT64 kSendRichTextMsg = 0x20D5730;
|
||||
const UINT64 kNewRChatMsg = 0x1B58BC0;
|
||||
const UINT64 kFreeRChatMsg = 0x1B57F90;
|
||||
|
||||
//HOOK偏移
|
||||
const UINT64 wcf_hook = 0x00; // Hook地址
|
||||
const UINT64 wcf_HookCall = 0x213A2A0; // Call地址
|
||||
const UINT64 wcf_msgId = 0x30; // 消息ID地址
|
||||
const UINT64 wcf_type = 0x38; // 消息类型地址
|
||||
const UINT64 wcf_isSelf = 0x3C; // 是否自己发送标志地址
|
||||
const UINT64 wcf_ts = 0x44; // TimeStamp
|
||||
const UINT64 wcf_roomId = 0x48; // 群聊时,为群ID;私聊时,为微信ID
|
||||
const UINT64 wcf_content = 0x88; // 消息内容地址
|
||||
const UINT64 wcf_wxid = 0x240; // 私聊时,为空;群聊时,为发送者微信ID
|
||||
const UINT64 wcf_sign = 0x260; // Sign
|
||||
const UINT64 wcf_thumb = 0x280; // 缩略图
|
||||
const UINT64 wcf_extra = 0x2A0; // 附加数据
|
||||
const UINT64 wcf_msgXml = 0x308; // 消息xml内容地址
|
||||
|
||||
//登录状态
|
||||
const UINT64 wcf_kLoginStatu = 0x59380B0;
|
||||
const UINT64 wcf_iwxid = 0x5AB7FB8;
|
||||
const UINT64 wcf_nickName = 0x5AB8098;
|
||||
const UINT64 wcf_mobile = 0x5AB7FD8;
|
||||
const UINT64 wcf_home = 0x5A7E190;
|
||||
|
||||
|
||||
} // namespace offset
|
||||
Loading…
Reference in New Issue
Block a user