diff --git a/WeChatFerry/com/util.cpp b/WeChatFerry/com/util.cpp index ff324ac..aefcfe4 100644 --- a/WeChatFerry/com/util.cpp +++ b/WeChatFerry/com/util.cpp @@ -133,12 +133,12 @@ static bool GetFileVersion(const wchar_t *filePath, wchar_t *version) return false; } - DWORD verMS = pVerInfo->dwFileVersionMS; - DWORD verLS = pVerInfo->dwFileVersionLS; - DWORD major = HIWORD(verMS); - DWORD minor = LOWORD(verMS); - DWORD build = HIWORD(verLS); - DWORD revision = LOWORD(verLS); + UINT64 verMS = pVerInfo->dwFileVersionMS; + UINT64 verLS = pVerInfo->dwFileVersionLS; + UINT64 major = HIWORD(verMS); + UINT64 minor = LOWORD(verMS); + UINT64 build = HIWORD(verLS); + UINT64 revision = LOWORD(verLS); delete[] pData; StringCbPrintf(version, 0x20, TEXT("%d.%d.%d.%d"), major, minor, build, revision); @@ -163,9 +163,9 @@ int GetWeChatVersion(wchar_t *version) return ret; } -DWORD GetWeChatPid() +UINT64 GetWeChatPid() { - DWORD pid = 0; + UINT64 pid = 0; HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); PROCESSENTRY32 pe32 = { sizeof(PROCESSENTRY32) }; while (Process32Next(hSnapshot, &pe32)) { @@ -179,7 +179,7 @@ DWORD GetWeChatPid() return pid; } -int OpenWeChat(DWORD *pid) +int OpenWeChat(UINT64 *pid) { *pid = GetWeChatPid(); if (*pid) { @@ -208,9 +208,9 @@ int OpenWeChat(DWORD *pid) return ERROR_SUCCESS; } -int GetWstringByAddress(DWORD address, wchar_t *buffer, DWORD buffer_size) +size_t GetWstringByAddress(UINT64 address, wchar_t *buffer, UINT64 buffer_size) { - DWORD strLength = GET_DWORD(address + 4); + size_t strLength = GET_UINT64(address + 4); if (strLength == 0) { return 0; } else if (strLength > buffer_size) { @@ -222,27 +222,27 @@ int GetWstringByAddress(DWORD address, wchar_t *buffer, DWORD buffer_size) return strLength; } -string GetStringByAddress(DWORD address) +string GetStringByAddress(UINT64 address) { - DWORD strLength = GET_DWORD(address + 4); + UINT64 strLength = GET_UINT64(address + 4); return Wstring2String(wstring(GET_WSTRING(address), strLength)); } -string GetStringByStrAddr(DWORD addr) +string GetStringByStrAddr(UINT64 addr) { - DWORD strLength = GET_DWORD(addr + 4); + UINT64 strLength = GET_UINT64(addr + 4); return strLength ? string(GET_STRING(addr), strLength) : string(); } -string GetStringByWstrAddr(DWORD addr) +string GetStringByWstrAddr(UINT64 addr) { - DWORD strLength = GET_DWORD(addr + 4); + UINT64 strLength = GET_UINT64(addr + 4); return strLength ? Wstring2String(wstring(GET_WSTRING(addr), strLength)) : string(); } -DWORD GetMemoryIntByAddress(HANDLE hProcess, DWORD address) +UINT32 GetMemoryIntByAddress(HANDLE hProcess, UINT64 address) { - DWORD value = 0; + UINT32 value = 0; unsigned char data[4] = { 0 }; if (ReadProcessMemory(hProcess, (LPVOID)address, data, 4, 0)) { @@ -255,12 +255,12 @@ DWORD GetMemoryIntByAddress(HANDLE hProcess, DWORD address) return value; } -wstring GetUnicodeInfoByAddress(HANDLE hProcess, DWORD address) +wstring GetUnicodeInfoByAddress(HANDLE hProcess, UINT64 address) { wstring value = L""; - DWORD strAddress = GetMemoryIntByAddress(hProcess, address); - DWORD strLen = GetMemoryIntByAddress(hProcess, address + 0x4); + UINT64 strAddress = GetMemoryIntByAddress(hProcess, address); + UINT64 strLen = GetMemoryIntByAddress(hProcess, address + 0x4); if (strLen > 500) return value; diff --git a/WeChatFerry/com/util.h b/WeChatFerry/com/util.h index 68808a6..5d369f8 100644 --- a/WeChatFerry/com/util.h +++ b/WeChatFerry/com/util.h @@ -8,10 +8,10 @@ #define WCFSPYDLL L"spy.dll" #define WCFSPYDLL_DEBUG L"spy_debug.dll" -#define GET_DWORD(addr) ((DWORD) * (DWORD *)(addr)) -#define GET_QWORD(addr) ((uint64_t) * (uint64_t *)(addr)) -#define GET_STRING(addr) ((CHAR *)(*(DWORD *)(addr))) -#define GET_WSTRING(addr) ((WCHAR *)(*(DWORD *)(addr))) +#define GET_UINT64(addr) ((UINT64) * (UINT64 *)(addr)) +#define GET_QWORD(addr) ((UINT64) * (UINT64 *)(addr)) +#define GET_STRING(addr) ((CHAR *)(*(UINT64 *)(addr))) +#define GET_WSTRING(addr) ((WCHAR *)(*(UINT64 *)(addr))) #define GET_STRING_FROM_P(addr) ((CHAR *)(addr)) #define GET_WSTRING_FROM_P(addr) ((WCHAR *)(addr)) @@ -20,16 +20,16 @@ typedef struct PortPath { char path[MAX_PATH]; } PortPath_t; -DWORD GetWeChatPid(); -int OpenWeChat(DWORD *pid); +UINT64 GetWeChatPid(); +int OpenWeChat(UINT64 *pid); int GetWeChatVersion(wchar_t *version); -int GetWstringByAddress(DWORD address, wchar_t *buffer, DWORD buffer_size); -DWORD GetMemoryIntByAddress(HANDLE hProcess, DWORD address); -std::wstring GetUnicodeInfoByAddress(HANDLE hProcess, DWORD address); +size_t GetWstringByAddress(UINT64 address, wchar_t *buffer, UINT64 buffer_size); +UINT32 GetMemoryIntByAddress(HANDLE hProcess, UINT64 address); +std::wstring GetUnicodeInfoByAddress(HANDLE hProcess, UINT64 address); std::wstring String2Wstring(std::string s); std::string Wstring2String(std::wstring ws); std::string GB2312ToUtf8(const char *gb2312); -std::string GetStringByAddress(DWORD address); -std::string GetStringByStrAddr(DWORD addr); -std::string GetStringByWstrAddr(DWORD addr); +std::string GetStringByAddress(UINT64 address); +std::string GetStringByStrAddr(UINT64 addr); +std::string GetStringByWstrAddr(UINT64 addr); void DbgMsg(const char *zcFormat, ...); diff --git a/WeChatFerry/spy/chatroom_mgmt.cpp b/WeChatFerry/spy/chatroom_mgmt.cpp index 25bafcd..7a6e4b9 100644 --- a/WeChatFerry/spy/chatroom_mgmt.cpp +++ b/WeChatFerry/spy/chatroom_mgmt.cpp @@ -10,7 +10,7 @@ using namespace std; extern WxCalls_t g_WxCalls; -extern DWORD g_WeChatWinDllAddr; +extern UINT64 g_WeChatWinDllAddr; #if 0 int AddChatroomMember(string roomid, string wxids) { diff --git a/WeChatFerry/spy/contact_mgmt.cpp b/WeChatFerry/spy/contact_mgmt.cpp index 28bbaa4..2039a40 100644 --- a/WeChatFerry/spy/contact_mgmt.cpp +++ b/WeChatFerry/spy/contact_mgmt.cpp @@ -7,7 +7,7 @@ using namespace std; extern WxCalls_t g_WxCalls; -extern DWORD g_WeChatWinDllAddr; +extern UINT64 g_WeChatWinDllAddr; #if 0 #define FEAT_LEN 5 static const uint8_t FEAT_COUNTRY[FEAT_LEN] = { 0xA4, 0xD9, 0x02, 0x4A, 0x18 }; diff --git a/WeChatFerry/spy/exec_sql.cpp b/WeChatFerry/spy/exec_sql.cpp index 04b4521..9065a35 100644 --- a/WeChatFerry/spy/exec_sql.cpp +++ b/WeChatFerry/spy/exec_sql.cpp @@ -16,7 +16,7 @@ #define OFFSET_DB_NAME 0x14 #define OFFSET_DB_MSG_MGR 0x30403B8 -extern DWORD g_WeChatWinDllAddr; +extern UINT64 g_WeChatWinDllAddr; typedef map dbMap_t; static dbMap_t dbMap; diff --git a/WeChatFerry/spy/funcs.cpp b/WeChatFerry/spy/funcs.cpp index eeea91c..b03bb51 100644 --- a/WeChatFerry/spy/funcs.cpp +++ b/WeChatFerry/spy/funcs.cpp @@ -23,9 +23,9 @@ namespace fs = std::filesystem; extern bool gIsListeningPyq; extern WxCalls_t g_WxCalls; -extern DWORD g_WeChatWinDllAddr; +extern UINT64 g_WeChatWinDllAddr; -int IsLogin(void) { return (int)GET_DWORD(g_WeChatWinDllAddr + g_WxCalls.login); } +int IsLogin(void) { return (int)GET_UINT64(g_WeChatWinDllAddr + g_WxCalls.login); } #if 0 static string get_key(uint8_t header1, uint8_t header2, uint8_t *key) diff --git a/WeChatFerry/spy/receive_msg.cpp b/WeChatFerry/spy/receive_msg.cpp index b9aba4e..b8adf11 100644 --- a/WeChatFerry/spy/receive_msg.cpp +++ b/WeChatFerry/spy/receive_msg.cpp @@ -19,7 +19,7 @@ extern queue gMsgQueue; // Defined in spy.cpp extern WxCalls_t g_WxCalls; -extern DWORD g_WeChatWinDllAddr; +extern UINT64 g_WeChatWinDllAddr; static DWORD reg_buffer = 0; static DWORD recvMsgHookAddr = 0; diff --git a/WeChatFerry/spy/receive_transfer.cpp b/WeChatFerry/spy/receive_transfer.cpp index 5b66bb9..019d220 100644 --- a/WeChatFerry/spy/receive_transfer.cpp +++ b/WeChatFerry/spy/receive_transfer.cpp @@ -6,7 +6,7 @@ using namespace std; extern WxCalls_t g_WxCalls; -extern DWORD g_WeChatWinDllAddr; +extern UINT64 g_WeChatWinDllAddr; #if 0 int ReceiveTransfer(string wxid, string transferid, string transactionid) { diff --git a/WeChatFerry/spy/send_msg.cpp b/WeChatFerry/spy/send_msg.cpp index 2e2f57c..362150c 100644 --- a/WeChatFerry/spy/send_msg.cpp +++ b/WeChatFerry/spy/send_msg.cpp @@ -10,7 +10,7 @@ extern HANDLE g_hEvent; extern WxCalls_t g_WxCalls; -extern DWORD g_WeChatWinDllAddr; +extern UINT64 g_WeChatWinDllAddr; extern string GetSelfWxid(); // Defined in spy.cpp #if 0 void SendTextMessage(string wxid, string msg, string atWxids) diff --git a/WeChatFerry/spy/spy.cpp b/WeChatFerry/spy/spy.cpp index 61bcd67..ef711fe 100644 --- a/WeChatFerry/spy/spy.cpp +++ b/WeChatFerry/spy/spy.cpp @@ -7,7 +7,7 @@ #include "util.h" WxCalls_t g_WxCalls = { 0 }; -DWORD g_WeChatWinDllAddr = 0; +UINT64 g_WeChatWinDllAddr = 0; void InitSpy(LPVOID args) { @@ -16,7 +16,7 @@ void InitSpy(LPVOID args) PortPath_t *pp = (PortPath_t *)args; InitLogger(pp->path); - g_WeChatWinDllAddr = (DWORD)GetModuleHandle(L"WeChatWin.dll"); // 获取wechatWin模块地址 + g_WeChatWinDllAddr = (UINT64)GetModuleHandle(L"WeChatWin.dll"); // 获取wechatWin模块地址 if (g_WeChatWinDllAddr == 0) { LOG_ERROR("获取 wechatWin.dll 模块地址失败"); return; diff --git a/WeChatFerry/spy/user_info.cpp b/WeChatFerry/spy/user_info.cpp index dddc108..75f7691 100644 --- a/WeChatFerry/spy/user_info.cpp +++ b/WeChatFerry/spy/user_info.cpp @@ -1,10 +1,10 @@ -#include "user_info.h" +#include "user_info.h" #include "load_calls.h" #include "log.h" #include "util.h" extern WxCalls_t g_WxCalls; -extern DWORD g_WeChatWinDllAddr; +extern UINT64 g_WeChatWinDllAddr; static char home[MAX_PATH] = { 0 }; @@ -20,9 +20,9 @@ string GetHomePath() string GetSelfWxid() { - DWORD wxidType = 0; + UINT64 wxidType = 0; try { - wxidType = GET_DWORD(g_WeChatWinDllAddr + g_WxCalls.ui.wxid + 0x14); + wxidType = GET_UINT64(g_WeChatWinDllAddr + g_WxCalls.ui.wxid + 0x14); if (wxidType == 0xF) { return GET_STRING_FROM_P(g_WeChatWinDllAddr + g_WxCalls.ui.wxid); } else { @@ -41,7 +41,7 @@ UserInfo_t GetUserInfo() ui.wxid = GetSelfWxid(); - DWORD nameType = GET_DWORD(g_WeChatWinDllAddr + g_WxCalls.ui.nickName + 0x14); + UINT64 nameType = GET_UINT64(g_WeChatWinDllAddr + g_WxCalls.ui.nickName + 0x14); if (nameType == 0xF) { ui.name = GET_STRING_FROM_P(g_WeChatWinDllAddr + g_WxCalls.ui.nickName); } else { // 0x1F