diff --git a/WeChatFerry/spy/chatroom_mgmt.cpp b/WeChatFerry/spy/chatroom_mgmt.cpp index 0c01ccd..5c21ca2 100644 --- a/WeChatFerry/spy/chatroom_mgmt.cpp +++ b/WeChatFerry/spy/chatroom_mgmt.cpp @@ -78,11 +78,17 @@ int DelChatroomMember(string roomid, string wxids) return status; } -#if 0 int InviteChatroomMember(string roomid, string wxids) { - wstring wsRoomid = String2Wstring((roomid)); - WxString wxRoomid(wsRoomid); + int status = -1; + + if (roomid.empty() || wxids.empty()) { + LOG_ERROR("Empty roomid or wxids."); + return status; + } + + funcInviteMemberToChatRoom_t InviteMembers + = (funcInviteMemberToChatRoom_t)(g_WeChatWinDllAddr + g_WxCalls.irm.call1); vector vMembers; vector vWxMembers; @@ -94,52 +100,11 @@ int InviteChatroomMember(string roomid, string wxids) WxString wxMember(vMembers.back()); vWxMembers.push_back(wxMember); } + QWORD temp[2] = { 0 }; + wstring wsRoomid = String2Wstring(roomid); + WxString *pWxRoomid = NewWxStringFromWstr(wsRoomid); + QWORD pMembers = (QWORD) & ((RawVector_t *)&vWxMembers)->start; - LOG_DEBUG("Inviting {} members[{}] to {}", vWxMembers.size(), wxids.c_str(), roomid.c_str()); - - DWORD irmCall1 = g_WeChatWinDllAddr + g_WxCalls.irm.call1; - DWORD irmCall2 = g_WeChatWinDllAddr + g_WxCalls.irm.call2; - DWORD irmCall3 = g_WeChatWinDllAddr + g_WxCalls.irm.call3; - DWORD irmCall4 = g_WeChatWinDllAddr + g_WxCalls.irm.call4; - DWORD irmCall5 = g_WeChatWinDllAddr + g_WxCalls.irm.call5; - DWORD irmCall6 = g_WeChatWinDllAddr + g_WxCalls.irm.call6; - DWORD irmCall7 = g_WeChatWinDllAddr + g_WxCalls.irm.call7; - DWORD irmCall8 = g_WeChatWinDllAddr + g_WxCalls.irm.call8; - - DWORD sys_addr = (DWORD)GetModuleHandleA("win32u.dll") + 0x116C; - DWORD addr[2] = { sys_addr, 0 }; - __asm { - pushad; - pushfd; - call irmCall1; - lea ecx, addr; - push ecx; - mov ecx, eax; - call irmCall2; - call irmCall3; - sub esp, 0x8; - lea eax, addr; - mov ecx, esp; - push eax; - call irmCall4; - sub esp, 0x14; - mov ecx, esp; - lea eax, wxRoomid; - push eax; - call irmCall5; - lea eax, vWxMembers; - push eax; - call irmCall6; - call irmCall1; - push 0x0; - push 0x1; - mov ecx, eax; - call irmCall7; - lea ecx, addr; - call irmCall8; - popfd; - popad; - } - return 1; + status = (int)InviteMembers((QWORD)wsRoomid.c_str(), pMembers, (QWORD)pWxRoomid, (QWORD)temp); + return status; } -#endif diff --git a/WeChatFerry/spy/rpc_server.cpp b/WeChatFerry/spy/rpc_server.cpp index 6756362..c660db6 100644 --- a/WeChatFerry/spy/rpc_server.cpp +++ b/WeChatFerry/spy/rpc_server.cpp @@ -818,7 +818,6 @@ bool func_del_room_members(char *roomid, char *wxids, uint8_t *out, size_t *len) return true; } -#if 0 bool func_invite_room_members(char *roomid, char *wxids, uint8_t *out, size_t *len) { Response rsp = Response_init_default; @@ -842,7 +841,6 @@ bool func_invite_room_members(char *roomid, char *wxids, uint8_t *out, size_t *l return true; } -#endif static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len) { @@ -984,12 +982,10 @@ static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len ret = func_del_room_members(req.msg.m.roomid, req.msg.m.wxids, out, out_len); break; } -#if 0 case Functions_FUNC_INV_ROOM_MEMBERS: { ret = func_invite_room_members(req.msg.m.roomid, req.msg.m.wxids, out, out_len); break; } -#endif default: { LOG_ERROR("[UNKNOW FUNCTION]"); break;