cyonjan/WeChatFerry
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make url configurable

Browse Source
This commit is contained in:
Changhua 2023-04-08 18:58:10 +08:00
parent ac85c144bf
commit dd02c4b6ff
9 changed files with 33 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
launcher/Launcher.h
View File

@ -107,7 +107,7 @@ namespace launcher {
private: System::Void Start_Click(System::Object^ sender, System::EventArgs^ e) { private: System::Void Start_Click(System::Object^ sender, System::EventArgs^ e) {
this->Start->Enabled = false; this->Start->Enabled = false;
this->Stop->Enabled = true; this->Stop->Enabled = true;
WxInitSDK(true); WxInitSDK(true, "tcp://0.0.0.0:10086");
} }
private: System::Void Stop_Click(System::Object^ sender, System::EventArgs^ e) { private: System::Void Stop_Click(System::Object^ sender, System::EventArgs^ e) {
this->Stop->Enabled = false; this->Stop->Enabled = false;

4
sdk/injector.cpp
View File

@ -69,14 +69,14 @@ static void *GetFuncAddr(LPCWSTR dllPath, HMODULE dllBase, LPCSTR funcName)
return (void *)((DWORD)dllBase + offset); return (void *)((DWORD)dllBase + offset);
} }
bool CallDllFunc(HANDLE process, LPCWSTR dllPath, HMODULE dllBase, LPCSTR funcName, DWORD *ret) bool CallDllFunc(HANDLE process, LPCWSTR dllPath, HMODULE dllBase, LPCSTR funcName, LPVOID parameter, DWORD *ret)
{ {
void *pFunc = GetFuncAddr(dllPath, dllBase, funcName); void *pFunc = GetFuncAddr(dllPath, dllBase, funcName);
if (pFunc == NULL) { if (pFunc == NULL) {
return false; return false;
} }
HANDLE hThread = CreateRemoteThread(process, NULL, 0, (LPTHREAD_START_ROUTINE)pFunc, NULL, 0, NULL); HANDLE hThread = CreateRemoteThread(process, NULL, 0, (LPTHREAD_START_ROUTINE)pFunc, parameter, 0, NULL);
if (hThread == NULL) { if (hThread == NULL) {
return false; return false;
} }

2
sdk/injector.h
View File

@ -4,4 +4,4 @@
HANDLE InjectDll(DWORD pid, LPCWSTR dllPath, HMODULE *injectedBase); HANDLE InjectDll(DWORD pid, LPCWSTR dllPath, HMODULE *injectedBase);
bool EjectDll(HANDLE process, HMODULE dllBase); bool EjectDll(HANDLE process, HMODULE dllBase);
bool CallDllFunc(HANDLE process, LPCWSTR dllPath, HMODULE dllBase, LPCSTR funcName, DWORD *ret); bool CallDllFunc(HANDLE process, LPCWSTR dllPath, HMODULE dllBase, LPCSTR funcName, LPVOID parameter, DWORD *ret);

18
sdk/sdk.cpp
View File

@ -34,8 +34,12 @@ static int GetDllPath(bool debug, wchar_t *dllPath)
return 0; return 0;
} }
int WxInitSDK(bool debug) int WxInitSDK(bool debug, const char *url)
{ {
if (url == NULL) {
return -1;
}
int status = 0; int status = 0;
DWORD wcPid = 0; DWORD wcPid = 0;
@ -56,8 +60,15 @@ int WxInitSDK(bool debug)
LOG_ERROR("Failed to Inject DLL into WeChat."); LOG_ERROR("Failed to Inject DLL into WeChat.");
return -1; return -1;
} }
size_t urlLen = strlen(url) + 1;
LPVOID urlAddr = VirtualAllocEx(wcProcess, NULL, urlLen, MEM_COMMIT, PAGE_READWRITE);
if (urlAddr == NULL) {
LOG_ERROR("Failed to Alloc Memory.");
return NULL;
}
WriteProcessMemory(wcProcess, urlAddr, url, urlLen, NULL);
if (!CallDllFunc(wcProcess, spyDllPath, spyBase, "InitSpy", NULL)) { if (!CallDllFunc(wcProcess, spyDllPath, spyBase, "InitSpy", urlAddr, NULL)) {
LOG_ERROR("Failed to InitSpy."); LOG_ERROR("Failed to InitSpy.");
return -1; return -1;
} }
@ -73,7 +84,6 @@ int WxInitSDK(bool debug)
fclose(fd); fclose(fd);
#endif #endif
debugMode = debug; debugMode = debug;
LOG_INFO("WxInitSDK done.");
return 0; return 0;
} }
@ -111,7 +121,7 @@ int WxDestroySDK()
return status; return status;
} }
if (!CallDllFunc(wcProcess, spyDllPath, spyBase, "CleanupSpy", NULL)) { if (!CallDllFunc(wcProcess, spyDllPath, spyBase, "CleanupSpy", NULL, NULL)) {
LOG_ERROR("Failed to CleanupSpy."); LOG_ERROR("Failed to CleanupSpy.");
return -1; return -1;
} }

2
sdk/sdk.h
View File

@ -1,4 +1,4 @@
#pragma once #pragma once
int WxInitSDK(bool debug); int WxInitSDK(bool debug, const char *url);
int WxDestroySDK(); int WxDestroySDK();

11
spy/rpc_server.cpp
View File

@ -560,21 +560,20 @@ static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len
return ret; return ret;
} }
static int RunServer() static int RunServer(LPVOID url)
{ {
int rv = 0; int rv = 0;
char *url = (char *)CMD_URL;
if ((rv = nng_pair1_open(&sock)) != 0) { if ((rv = nng_pair1_open(&sock)) != 0) {
LOG_ERROR("nng_pair0_open error {}", nng_strerror(rv)); LOG_ERROR("nng_pair0_open error {}", nng_strerror(rv));
return rv; return rv;
} }
if ((rv = nng_listen(sock, url, NULL, 0)) != 0) { if ((rv = nng_listen(sock, (char *)url, NULL, 0)) != 0) {
LOG_ERROR("nng_listen error {}", nng_strerror(rv)); LOG_ERROR("nng_listen error {}", nng_strerror(rv));
return rv; return rv;
} }
LOG_INFO("CMD Server listening on {}", url); LOG_INFO("CMD Server listening on {}", (char *)url);
if ((rv = nng_setopt_ms(sock, NNG_OPT_SENDTIMEO, 1000)) != 0) { if ((rv = nng_setopt_ms(sock, NNG_OPT_SENDTIMEO, 1000)) != 0) {
LOG_ERROR("nng_setopt_ms error: {}", nng_strerror(rv)); LOG_ERROR("nng_setopt_ms error: {}", nng_strerror(rv));
return rv; return rv;
@ -613,13 +612,13 @@ static int RunServer()
return rv; return rv;
} }
int RpcStartServer() int RpcStartServer(const char *url)
{ {
if (lIsRunning) { if (lIsRunning) {
return 0; return 0;
} }
HANDLE rpcThread = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)RunServer, NULL, NULL, &lThreadId); HANDLE rpcThread = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)RunServer, (LPVOID)url, NULL, &lThreadId);
if (rpcThread != 0) { if (rpcThread != 0) {
CloseHandle(rpcThread); CloseHandle(rpcThread);
} }

2
spy/rpc_server.h
View File

@ -6,5 +6,5 @@
#define SPY_API __declspec(dllimport) #define SPY_API __declspec(dllimport)
#endif #endif
int RpcStartServer(); int RpcStartServer(const char *url);
int RpcStopServer(); int RpcStopServer();

5
spy/spy.cpp
View File

@ -7,7 +7,7 @@
WxCalls_t g_WxCalls = { 0 }; WxCalls_t g_WxCalls = { 0 };
DWORD g_WeChatWinDllAddr = 0; DWORD g_WeChatWinDllAddr = 0;
void InitSpy() void InitSpy(const char *url)
{ {
wchar_t version[16] = { 0 }; wchar_t version[16] = { 0 };
InitLogger(); InitLogger();
@ -24,10 +24,11 @@ void InitSpy()
LOG_DEBUG("WeChat version: {}", Wstring2String(version).c_str()); LOG_DEBUG("WeChat version: {}", Wstring2String(version).c_str());
if (LoadCalls(version, &g_WxCalls) != 0) { // 加载微信版本对应的Call地址 if (LoadCalls(version, &g_WxCalls) != 0) { // 加载微信版本对应的Call地址
LOG_ERROR("不支持当前版本"); LOG_ERROR("不支持当前版本");
MessageBox(NULL, L"不支持当前版本", L"错误", 0);
return; return;
} }
RpcStartServer(); RpcStartServer(url);
} }
void CleanupSpy() void CleanupSpy()

8
wcf/main.cpp
View File

@ -6,21 +6,21 @@
#include "log.h" #include "log.h"
#include "sdk.h" #include "sdk.h"
void help() { LOG_INFO("Usage: wcf.exe start|stop [debug]\n"); } void help() { LOG_INFO("Usage: \n启动: wcf.exe start url [debug]\n关闭: wcf.exe stop"); }
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
int ret = -1; int ret = -1;
bool debug = false; bool debug = false;
if ((argc < 2) || (argc > 3)) { if ((argc < 2) || (argc > 4)) {
help(); help();
} else if (argc == 3) { } else if (argc == 4) {
debug = (strcmp(argv[2], "debug") == 0); debug = (strcmp(argv[2], "debug") == 0);
} }
if (strcmp(argv[1], "start") == 0) { if (strcmp(argv[1], "start") == 0) {
ret = WxInitSDK(debug); ret = WxInitSDK(debug, argv[2]);
} else if (strcmp(argv[1], "stop") == 0) { } else if (strcmp(argv[1], "stop") == 0) {
ret = WxDestroySDK(); ret = WxDestroySDK();
} else { } else {