diff --git a/WeChatFerry/spy/receive_msg.cpp b/WeChatFerry/spy/receive_msg.cpp index 8a518e9..7093151 100644 --- a/WeChatFerry/spy/receive_msg.cpp +++ b/WeChatFerry/spy/receive_msg.cpp @@ -13,18 +13,22 @@ #include "util.h" // Defined in rpc_server.cpp -extern bool gIsListening, gIsListeningPyq; +extern bool gIsLogging, gIsListening, gIsListeningPyq; extern mutex gMutex; extern condition_variable gCV; extern queue gMsgQueue; // Defined in spy.cpp extern WxCalls_t g_WxCalls; -extern UINT64 g_WeChatWinDllAddr; +extern QWORD g_WeChatWinDllAddr; + +typedef QWORD (*funcRecvMsg_t)(QWORD, QWORD); +typedef QWORD (*funcWxLog_t)(QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD); -typedef UINT64 (*funcRecvMsg_t)(UINT64, UINT64); static funcRecvMsg_t funcRecvMsg = nullptr; static funcRecvMsg_t realRecvMsg = nullptr; +static funcWxLog_t funcWxLog = nullptr; +static funcWxLog_t realWxLog = nullptr; MsgTypes_t GetMsgTypes() { @@ -67,7 +71,7 @@ MsgTypes_t GetMsgTypes() return m; } -static UINT64 DispatchMsg(UINT64 arg1, UINT64 arg2) +static QWORD DispatchMsg(QWORD arg1, QWORD arg2) { WxMsg_t wxMsg = { 0 }; try { @@ -123,6 +127,70 @@ static UINT64 DispatchMsg(UINT64 arg1, UINT64 arg2) return realRecvMsg(arg1, arg2); } +static QWORD PrintWxLog(QWORD a1, QWORD a2, QWORD a3, QWORD a4, QWORD a5, QWORD a6, QWORD a7, QWORD a8, QWORD a9, + QWORD a10, QWORD a11, QWORD a12) +{ + QWORD p = realWxLog(a1, a2, a3, a4, a5, a6, a7, a8, a9, a10, a11, a12); + if (p == 0 || p == 1) { + return p; + } + + LOG_INFO("【WX】\n{}", GB2312ToUtf8((char *)p)); + + return p; +} + +void EnableLog() +{ + MH_STATUS status = MH_UNKNOWN; + if (g_WeChatWinDllAddr == 0) { + LOG_WARN("g_WeChatWinDllAddr == 0"); + return; + } + funcWxLog_t funcWxLog = (funcWxLog_t)(g_WeChatWinDllAddr + 0x26DA2D0); + + status = MH_Initialize(); + if (status != MH_OK) { + LOG_ERROR("MH_Initialize failed: {}", to_string(status)); + return; + } + + status = MH_CreateHook(funcWxLog, &PrintWxLog, reinterpret_cast(&realWxLog)); + if (status != MH_OK) { + LOG_ERROR("MH_CreateHook failed: {}", to_string(status)); + return; + } + + status = MH_EnableHook(funcWxLog); + if (status != MH_OK) { + LOG_ERROR("MH_EnableHook failed: {}", to_string(status)); + return; + } + gIsLogging = true; +} + +void DisableLog() +{ + MH_STATUS status = MH_UNKNOWN; + if (!gIsLogging) { + return; + } + + status = MH_DisableHook(funcWxLog); + if (status != MH_OK) { + LOG_ERROR("MH_DisableHook failed: {}", to_string(status)); + return; + } + + status = MH_Uninitialize(); + if (status != MH_OK) { + LOG_ERROR("MH_Uninitialize failed: {}", to_string(status)); + return; + } + + gIsLogging = false; +} + void ListenMessage() { MH_STATUS status = MH_UNKNOWN; diff --git a/WeChatFerry/spy/receive_msg.h b/WeChatFerry/spy/receive_msg.h index ff17170..73d8759 100644 --- a/WeChatFerry/spy/receive_msg.h +++ b/WeChatFerry/spy/receive_msg.h @@ -2,6 +2,8 @@ #include "pb_types.h" +void EnableLog(); +void DisableLog(); void ListenPyq(); void UnListenPyq(); void ListenMessage(); diff --git a/WeChatFerry/spy/rpc_server.cpp b/WeChatFerry/spy/rpc_server.cpp index c660db6..a2aa840 100644 --- a/WeChatFerry/spy/rpc_server.cpp +++ b/WeChatFerry/spy/rpc_server.cpp @@ -40,6 +40,7 @@ namespace fs = std::filesystem; +bool gIsLogging = false; bool gIsListening = false; bool gIsListeningPyq = false; mutex gMutex; @@ -1067,7 +1068,9 @@ int RpcStartServer(int port) if (rpcThread != 0) { CloseHandle(rpcThread); } - +#if ENABLE_WX_LOG + EnableLog(); +#endif return 0; } @@ -1081,5 +1084,8 @@ int RpcStopServer() Sleep(1000); LOG_INFO("Server stoped."); } +#if ENABLE_WX_LOG + DisableLog(); +#endif return 0; }