Skip to content

C
ComWeChatRobot

hzlo_o / ComWeChatRobot
与 Fork 源项目一致

从无法访问的项目Fork

通知 1
Star 0
Fork 0
C
ComWeChatRobot

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 2369f900 编写于 作者: L ljc545w
浏览文件
操作

修复COM只能获取一个数据库句柄

上级 042327af
隐藏空白更改
内联 并排
Showing with 331 addition and 255 deletion
CWeChatRobot/FriendList.cpp
浏览文件 @ 2369f900
#include "pch.h"
struct WxFriendAddrStruct {
DWORD wxIdAddr;
DWORD wxNumberAddr;
DWORD wxNickNameAddr;
DWORD wxRemarkAddr;
struct WxFriendAddrStruct
{
DWORD wxIdAddr;
DWORD wxNumberAddr;
DWORD wxNickNameAddr;
DWORD wxRemarkAddr;
DWORD wxTypeAddr;
DWORD wxVerifyFlagAddr;
};
struct WxFriendStruct {
wchar_t* wxId;
wchar_t* wxNumber;
wchar_t* wxNickName;
wchar_t* wxRemark;
struct WxFriendStruct
{
wchar_t *wxId;
wchar_t *wxNumber;
wchar_t *wxNickName;
wchar_t *wxRemark;
DWORD wxType;
DWORD wxVerifyFlag;
};
WxFriendStruct* WxFriendList;
WxFriendStruct *WxFriendList;
void ReadFriendMessageByAddress(HANDLE hProcess,WxFriendAddrStruct* lpWxFriendAddr, WxFriendStruct* lpWxFriend) {
DWORD length = 0;
DWORD bufferaddr = 0;
void ReadFriendMessageByAddress(HANDLE hProcess, WxFriendAddrStruct *lpWxFriendAddr, WxFriendStruct *lpWxFriend)
{
DWORD length = 0;
DWORD bufferaddr = 0;
ReadProcessMemory(hProcess, (LPCVOID)(lpWxFriendAddr->wxIdAddr + 0x4), &length, sizeof(DWORD), 0);
if (length) {
lpWxFriend->wxId = new wchar_t[length + 1];//(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if (lpWxFriend->wxId)
{
ZeroMemory(lpWxFriend->wxId, sizeof(wchar_t) * (length + 1));
ReadProcessMemory(hProcess, (LPCVOID)lpWxFriendAddr->wxIdAddr, &bufferaddr, sizeof(DWORD), 0);
ReadProcessMemory(hProcess, (LPCVOID)bufferaddr, lpWxFriend->wxId, length * sizeof(wchar_t), 0);
}
}
else {
lpWxFriend->wxId = L"null";
}
ReadProcessMemory(hProcess, (LPCVOID)(lpWxFriendAddr->wxIdAddr + 0x4), &length, sizeof(DWORD), 0);
if (length)
{
lpWxFriend->wxId = new wchar_t[length + 1]; //(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if (lpWxFriend->wxId)
{
ZeroMemory(lpWxFriend->wxId, sizeof(wchar_t) * (length + 1));
ReadProcessMemory(hProcess, (LPCVOID)lpWxFriendAddr->wxIdAddr, &bufferaddr, sizeof(DWORD), 0);
ReadProcessMemory(hProcess, (LPCVOID)bufferaddr, lpWxFriend->wxId, length * sizeof(wchar_t), 0);
}
}
else
{
lpWxFriend->wxId = L"null";
}
ReadProcessMemory(hProcess, (LPCVOID)(lpWxFriendAddr->wxNumberAddr + 0x4), &length, sizeof(DWORD), 0);
if (length) {
lpWxFriend->wxNumber = new wchar_t[length + 1];//(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if (lpWxFriend->wxNumber)
{
ZeroMemory(lpWxFriend->wxNumber, sizeof(wchar_t) * (length + 1));
ReadProcessMemory(hProcess, (LPCVOID)lpWxFriendAddr->wxNumberAddr, &bufferaddr, sizeof(DWORD), 0);
ReadProcessMemory(hProcess, (LPCVOID)bufferaddr, lpWxFriend->wxNumber, length * sizeof(wchar_t), 0);
}
}
else {
lpWxFriend->wxNumber = L"null";
}
ReadProcessMemory(hProcess, (LPCVOID)(lpWxFriendAddr->wxNumberAddr + 0x4), &length, sizeof(DWORD), 0);
if (length)
{
lpWxFriend->wxNumber = new wchar_t[length + 1]; //(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if (lpWxFriend->wxNumber)
{
ZeroMemory(lpWxFriend->wxNumber, sizeof(wchar_t) * (length + 1));
ReadProcessMemory(hProcess, (LPCVOID)lpWxFriendAddr->wxNumberAddr, &bufferaddr, sizeof(DWORD), 0);
ReadProcessMemory(hProcess, (LPCVOID)bufferaddr, lpWxFriend->wxNumber, length * sizeof(wchar_t), 0);
}
}
else
{
lpWxFriend->wxNumber = L"null";
}
ReadProcessMemory(hProcess, (LPCVOID)(lpWxFriendAddr->wxNickNameAddr + 0x4), &length, sizeof(DWORD), 0);
if (length) {
lpWxFriend->wxNickName = new wchar_t[length + 1]; //(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if (lpWxFriend->wxNickName)
{
ZeroMemory(lpWxFriend->wxNickName, sizeof(wchar_t) * (length + 1));
ReadProcessMemory(hProcess, (LPCVOID)lpWxFriendAddr->wxNickNameAddr, &bufferaddr, sizeof(DWORD), 0);
ReadProcessMemory(hProcess, (LPCVOID)bufferaddr, lpWxFriend->wxNickName, length * sizeof(wchar_t), 0);
}
}
else {
lpWxFriend->wxNickName = L"null";
}
ReadProcessMemory(hProcess, (LPCVOID)(lpWxFriendAddr->wxNickNameAddr + 0x4), &length, sizeof(DWORD), 0);
if (length)
{
lpWxFriend->wxNickName = new wchar_t[length + 1]; //(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if (lpWxFriend->wxNickName)
{
ZeroMemory(lpWxFriend->wxNickName, sizeof(wchar_t) * (length + 1));
ReadProcessMemory(hProcess, (LPCVOID)lpWxFriendAddr->wxNickNameAddr, &bufferaddr, sizeof(DWORD), 0);
ReadProcessMemory(hProcess, (LPCVOID)bufferaddr, lpWxFriend->wxNickName, length * sizeof(wchar_t), 0);
}
}
else
{
lpWxFriend->wxNickName = L"null";
}
ReadProcessMemory(hProcess, (LPCVOID)(lpWxFriendAddr->wxRemarkAddr + 0x4), &length, sizeof(DWORD), 0);
if (length) {
lpWxFriend->wxRemark = new wchar_t[length + 1]; //(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if (lpWxFriend->wxRemark)
{
ZeroMemory(lpWxFriend->wxRemark, sizeof(wchar_t) * (length + 1));
ReadProcessMemory(hProcess, (LPCVOID)lpWxFriendAddr->wxRemarkAddr, &bufferaddr, sizeof(DWORD), 0);
ReadProcessMemory(hProcess, (LPCVOID)bufferaddr, lpWxFriend->wxRemark, length * sizeof(wchar_t), 0);
}
}
else {
lpWxFriend->wxRemark = L"null";
}
ReadProcessMemory(hProcess, (LPCVOID)(lpWxFriendAddr->wxRemarkAddr + 0x4), &length, sizeof(DWORD), 0);
if (length)
{
lpWxFriend->wxRemark = new wchar_t[length + 1]; //(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if (lpWxFriend->wxRemark)
{
ZeroMemory(lpWxFriend->wxRemark, sizeof(wchar_t) * (length + 1));
ReadProcessMemory(hProcess, (LPCVOID)lpWxFriendAddr->wxRemarkAddr, &bufferaddr, sizeof(DWORD), 0);
ReadProcessMemory(hProcess, (LPCVOID)bufferaddr, lpWxFriend->wxRemark, length * sizeof(wchar_t), 0);
}
}
else
{
lpWxFriend->wxRemark = L"null";
}
ReadProcessMemory(hProcess, (LPCVOID)(lpWxFriendAddr->wxTypeAddr), &lpWxFriend->wxType, sizeof(DWORD), 0);
ReadProcessMemory(hProcess, (LPCVOID)(lpWxFriendAddr->wxVerifyFlagAddr), &lpWxFriend->wxVerifyFlag, sizeof(DWORD), 0);
}
void FreeWxFriend(int index) {
delete[] WxFriendList[index].wxId;
WxFriendList[index].wxId = NULL;
if (StrCmpW(WxFriendList[index].wxNumber, L"null") != 0) {
delete[] WxFriendList[index].wxNumber;
WxFriendList[index].wxNumber = NULL;
};
if (StrCmpW(WxFriendList[index].wxNickName, L"null") != 0) {
delete[] WxFriendList[index].wxNickName;
WxFriendList[index].wxNickName = NULL;
};
if (StrCmpW(WxFriendList[index].wxRemark, L"null") != 0) {
delete[] WxFriendList[index].wxRemark;
WxFriendList[index].wxRemark = NULL;
};
void FreeWxFriend(int index)
{
delete[] WxFriendList[index].wxId;
WxFriendList[index].wxId = NULL;
if (StrCmpW(WxFriendList[index].wxNumber, L"null") != 0)
{
delete[] WxFriendList[index].wxNumber;
WxFriendList[index].wxNumber = NULL;
};
if (StrCmpW(WxFriendList[index].wxNickName, L"null") != 0)
{
delete[] WxFriendList[index].wxNickName;
WxFriendList[index].wxNickName = NULL;
};
if (StrCmpW(WxFriendList[index].wxRemark, L"null") != 0)
{
delete[] WxFriendList[index].wxRemark;
WxFriendList[index].wxRemark = NULL;
};
}
SAFEARRAY* CreateFriendArray(int FriendCount) {
HRESULT hr = S_OK;
SAFEARRAY* psaValue;
vector<wstring> FriendInfoKey = {
L"wxid",
L"wxNumber",
L"wxNickName",
L"wxRemark",
};
SAFEARRAYBOUND rgsaBound[3] = { {(ULONG)FriendCount,0},{FriendInfoKey.size(),0},{2,0} };
psaValue = SafeArrayCreate(VT_VARIANT, 3, rgsaBound);
for (long x = 0; x < FriendCount; x++) {
vector<wstring> FriendInfoValue = { WxFriendList[x].wxId,WxFriendList[x].wxNumber,WxFriendList[x].wxNickName,WxFriendList[x].wxRemark };
for (unsigned long i = 0; i < FriendInfoKey.size(); i++)
{
long keyIndex[3] = { x,(long)i,0 };
hr = SafeArrayPutElement(psaValue, keyIndex, &(_variant_t)FriendInfoKey[i].c_str());
long valueIndex[3] = { x,(long)i,1 };
hr = SafeArrayPutElement(psaValue, valueIndex, &(_variant_t)FriendInfoValue[i].c_str());
}
FriendInfoValue.clear();
}
return psaValue;
SAFEARRAY *CreateFriendArray(int FriendCount)
{
HRESULT hr = S_OK;
SAFEARRAY *psaValue;
vector<wstring> FriendInfoKey = {
L"wxid",
L"wxNumber",
L"wxNickName",
L"wxRemark",
L"wxType",
L"wxVerifyFlag",
};
SAFEARRAYBOUND rgsaBound[3] = {{(ULONG)FriendCount, 0}, {FriendInfoKey.size(), 0}, {2, 0}};
psaValue = SafeArrayCreate(VT_VARIANT, 3, rgsaBound);
for (long x = 0; x < FriendCount; x++)
{
long keyIndex[3] = {x, 0, 0}, valueIndex[3] = {x, 0, 1};
vector<wstring> FriendInfoValue = {WxFriendList[x].wxId, WxFriendList[x].wxNumber, WxFriendList[x].wxNickName, WxFriendList[x].wxRemark};
for (unsigned long i = 0; i < FriendInfoValue.size(); i++)
{
keyIndex[1] = i;
valueIndex[1] = i;
hr = SafeArrayPutElement(psaValue, keyIndex, &(_variant_t)FriendInfoKey[i].c_str());
hr = SafeArrayPutElement(psaValue, valueIndex, &(_variant_t)FriendInfoValue[i].c_str());
}
keyIndex[1] = 4;
valueIndex[1] = 4;
hr = SafeArrayPutElement(psaValue, keyIndex, &(_variant_t)FriendInfoKey[4].c_str());
hr = SafeArrayPutElement(psaValue, valueIndex, &(_variant_t)WxFriendList[x].wxType);
keyIndex[1] = 5;
valueIndex[1] = 5;
hr = SafeArrayPutElement(psaValue, keyIndex, &(_variant_t)FriendInfoKey[5].c_str());
hr = SafeArrayPutElement(psaValue, valueIndex, &(_variant_t)WxFriendList[x].wxVerifyFlag);
FriendInfoValue.clear();
}
return psaValue;
}
SAFEARRAY* GetFriendList(DWORD pid) {
WeChatProcess hp(pid);
if (!hp.m_init) return NULL;
DWORD GetFriendListInitAddr = hp.GetProcAddr(GetFriendListInit);
DWORD GetFriendListRemoteAddr = hp.GetProcAddr(GetFriendListRemote);
DWORD GetFriendListFinishAddr = hp.GetProcAddr(GetFriendListFinish);
if (GetFriendListInitAddr == 0 || GetFriendListRemoteAddr == 0 || GetFriendListFinishAddr == 0)
return NULL;
DWORD FriendCount = 0;
DWORD dwHandle = 0;
// 获取好友列表的长度
FriendCount = CallRemoteFunction(hp.GetHandle(), GetFriendListInitAddr, NULL);
// 获取保存第一个好友的数据指针的结构体首地址
dwHandle = CallRemoteFunction(hp.GetHandle(), GetFriendListRemoteAddr, NULL);
SAFEARRAY *GetFriendList(DWORD pid)
{
WeChatProcess hp(pid);
if (!hp.m_init)
return NULL;
DWORD GetFriendListInitAddr = hp.GetProcAddr(GetFriendListInit);
DWORD GetFriendListRemoteAddr = hp.GetProcAddr(GetFriendListRemote);
DWORD GetFriendListFinishAddr = hp.GetProcAddr(GetFriendListFinish);
if (GetFriendListInitAddr == 0 || GetFriendListRemoteAddr == 0 || GetFriendListFinishAddr == 0)
return NULL;
DWORD FriendCount = 0;
DWORD dwHandle = 0;
// 获取好友列表的长度
FriendCount = CallRemoteFunction(hp.GetHandle(), GetFriendListInitAddr, NULL);
// 获取保存第一个好友的数据指针的结构体首地址
dwHandle = CallRemoteFunction(hp.GetHandle(), GetFriendListRemoteAddr, NULL);
WxFriendAddrStruct WxFriendAddr = { 0 };
// 根据好友数量初始化全局变量
WxFriendList = new WxFriendStruct[FriendCount];
if (dwHandle == 0)
return NULL;
for (unsigned int i = 0; i < FriendCount; i++) {
WxFriendList[i] = { 0 };
ZeroMemory(&WxFriendAddr, sizeof(WxFriendAddrStruct));
ReadProcessMemory(hp.GetHandle(), (LPCVOID)dwHandle, &WxFriendAddr, sizeof(WxFriendAddrStruct), 0);
ReadFriendMessageByAddress(hp.GetHandle(),&WxFriendAddr, &WxFriendList[i]);
// 保存下一个好友数据的结构体
dwHandle += sizeof(WxFriendAddrStruct);
}
// 清除微信进程空间中的缓存
CallRemoteFunction(hp.GetHandle(), GetFriendListFinishAddr, NULL);
SAFEARRAY* psaValue = CreateFriendArray(FriendCount);
for (unsigned int i = 0; i < FriendCount; i++) {
FreeWxFriend(i);
}
delete[] WxFriendList;
WxFriendList = NULL;
return psaValue;
WxFriendAddrStruct WxFriendAddr = {0};
// 根据好友数量初始化全局变量
WxFriendList = new WxFriendStruct[FriendCount];
if (dwHandle == 0)
return NULL;
for (unsigned int i = 0; i < FriendCount; i++)
{
WxFriendList[i] = {0};
ZeroMemory(&WxFriendAddr, sizeof(WxFriendAddrStruct));
ReadProcessMemory(hp.GetHandle(), (LPCVOID)dwHandle, &WxFriendAddr, sizeof(WxFriendAddrStruct), 0);
ReadFriendMessageByAddress(hp.GetHandle(), &WxFriendAddr, &WxFriendList[i]);
// 保存下一个好友数据的结构体
dwHandle += sizeof(WxFriendAddrStruct);
}
// 清除微信进程空间中的缓存
CallRemoteFunction(hp.GetHandle(), GetFriendListFinishAddr, NULL);
SAFEARRAY *psaValue = CreateFriendArray(FriendCount);
for (unsigned int i = 0; i < FriendCount; i++)
{
FreeWxFriend(i);
}
delete[] WxFriendList;
WxFriendList = NULL;
return psaValue;
}
std::wstring GetFriendListString(DWORD pid) {
WeChatProcess hp(pid);
if (!hp.m_init) return L"[]";
DWORD GetFriendListInitAddr = hp.GetProcAddr(GetFriendListInit);
DWORD GetFriendListRemoteAddr = hp.GetProcAddr(GetFriendListRemote);
DWORD GetFriendListFinishAddr = hp.GetProcAddr(GetFriendListFinish);
DWORD FriendCount = 0;
DWORD dwHandle = 0;
// 获取好友列表的长度
FriendCount = CallRemoteFunction(hp.GetHandle(), GetFriendListInitAddr, NULL);
// 获取保存第一个好友的数据指针的结构体首地址
dwHandle = CallRemoteFunction(hp.GetHandle(), GetFriendListRemoteAddr, NULL);
WxFriendAddrStruct WxFriendAddr = { 0 };
// 根据好友数量初始化全局变量
WxFriendList = new WxFriendStruct[FriendCount];
if (dwHandle == 0)
return L"[]";
for (unsigned int i = 0; i < FriendCount; i++) {
WxFriendList[i] = { 0 };
ZeroMemory(&WxFriendAddr, sizeof(WxFriendAddrStruct));
ReadProcessMemory(hp.GetHandle(), (LPCVOID)dwHandle, &WxFriendAddr, sizeof(WxFriendAddrStruct), 0);
ReadFriendMessageByAddress(hp.GetHandle(),&WxFriendAddr, &WxFriendList[i]);
// 保存下一个好友数据的结构体
dwHandle += sizeof(WxFriendAddrStruct);
}
// 清除微信进程空间中的缓存
CallRemoteFunction(hp.GetHandle(), GetFriendListFinishAddr, NULL);
wstring message = L"[";
// 构造结构化的数据
for (unsigned int i = 0; i < FriendCount; i++) {
message = message + L"{\"wxid\":\"" + WxFriendList[i].wxId + L"\",";
message = message + L"\"wxNumber\":\"" + WxFriendList[i].wxNumber + L"\",";
message = message + L"\"wxNickName\":\"" + WxFriendList[i].wxNickName + L"\",";
message = message + L"\"wxRemark\":\"" + WxFriendList[i].wxRemark + L"\"}";
if(i != FriendCount - 1)
message = message + L",";
FreeWxFriend(i);
}
message = message + L"]";
// 释放全局变量
delete[] WxFriendList;
WxFriendList = NULL;
return message;
}
\ No newline at end of file
std::wstring GetFriendListString(DWORD pid)
{
WeChatProcess hp(pid);
if (!hp.m_init)
return L"[]";
DWORD GetFriendListInitAddr = hp.GetProcAddr(GetFriendListInit);
DWORD GetFriendListRemoteAddr = hp.GetProcAddr(GetFriendListRemote);
DWORD GetFriendListFinishAddr = hp.GetProcAddr(GetFriendListFinish);
DWORD FriendCount = 0;
DWORD dwHandle = 0;
// 获取好友列表的长度
FriendCount = CallRemoteFunction(hp.GetHandle(), GetFriendListInitAddr, NULL);
// 获取保存第一个好友的数据指针的结构体首地址
dwHandle = CallRemoteFunction(hp.GetHandle(), GetFriendListRemoteAddr, NULL);
WxFriendAddrStruct WxFriendAddr = {0};
// 根据好友数量初始化全局变量
WxFriendList = new WxFriendStruct[FriendCount];
if (dwHandle == 0)
return L"[]";
for (unsigned int i = 0; i < FriendCount; i++)
{
WxFriendList[i] = {0};
ZeroMemory(&WxFriendAddr, sizeof(WxFriendAddrStruct));
ReadProcessMemory(hp.GetHandle(), (LPCVOID)dwHandle, &WxFriendAddr, sizeof(WxFriendAddrStruct), 0);
ReadFriendMessageByAddress(hp.GetHandle(), &WxFriendAddr, &WxFriendList[i]);
// 保存下一个好友数据的结构体
dwHandle += sizeof(WxFriendAddrStruct);
}
// 清除微信进程空间中的缓存
CallRemoteFunction(hp.GetHandle(), GetFriendListFinishAddr, NULL);
wstring message = L"[";
// 构造结构化的数据
for (unsigned int i = 0; i < FriendCount; i++)
{
message = message + L"{\"wxid\":\"" + WxFriendList[i].wxId + L"\",";
message = message + L"\"wxNumber\":\"" + WxFriendList[i].wxNumber + L"\",";
message = message + L"\"wxNickName\":\"" + WxFriendList[i].wxNickName + L"\",";
message = message + L"\"wxRemark\":\"" + WxFriendList[i].wxRemark + L"\"}";
if (i != FriendCount - 1)
message = message + L",";
FreeWxFriend(i);
}
message = message + L"]";
// 释放全局变量
delete[] WxFriendList;
WxFriendList = NULL;
return message;
}
CWeChatRobot/GetDbHandles.cpp
浏览文件 @ 2369f900
#include "pch.h"
struct TableInfoAddrStruct {
struct TableInfoAddrStruct
{
DWORD name;
DWORD l_name;
DWORD tbl_name;
......@@ -11,7 +12,8 @@ struct TableInfoAddrStruct {
DWORD l_rootpage;
};
struct DbInfoAddrStruct {
struct DbInfoAddrStruct
{
DWORD handle;
DWORD dbname;
DWORD l_dbname;
......@@ -24,60 +26,79 @@ struct DbInfoAddrStruct {
DWORD v_end2;
//
DWORD count;
DWORD extrainfo;
};
struct TableInfoStruct {
char* name;
char* tbl_name;
char* sql;
char* rootpage;
struct TableInfoStruct
{
char *name;
char *tbl_name;
char *sql;
char *rootpage;
};
struct DbInfoStruct {
struct DbInfoStruct
{
DWORD handle;
wchar_t* dbname;
wchar_t *dbname;
vector<TableInfoStruct> tables;
DWORD count;
};
vector<DbInfoStruct> dbs;
SAFEARRAY* CreateDbInfoSafeArray() {
SAFEARRAY* psaValue;
SAFEARRAY *CreateDbInfoSafeArray()
{
SAFEARRAY *psaValue;
ULONG count = 0;
HRESULT hr = S_OK;
for (unsigned int i = 0; i < dbs.size(); i++) {
for (unsigned int i = 0; i < dbs.size(); i++)
{
count += dbs[i].count;
}
SAFEARRAYBOUND rgsaBound[3] = { {count,0},{6,0},{2,0} };
SAFEARRAYBOUND rgsaBound[3] = {{count, 0}, {6, 0}, {2, 0}};
psaValue = SafeArrayCreate(VT_VARIANT, 3, rgsaBound);
long index = 0;
for (unsigned int i = 0; i < dbs.size(); i++) {
for (unsigned int j = 0; j < dbs[i].tables.size(); j++) {
LONG ArrayIndex[3] = { index,0,0 };
ArrayIndex[1] = 0; ArrayIndex[2] = { 0 };
for (unsigned int i = 0; i < dbs.size(); i++)
{
for (unsigned int j = 0; j < dbs[i].tables.size(); j++)
{
LONG ArrayIndex[3] = {index, 0, 0};
ArrayIndex[1] = 0;
ArrayIndex[2] = {0};
hr = SafeArrayPutElement(psaValue, ArrayIndex, &(_variant_t)L"dbname");
ArrayIndex[1] = 0; ArrayIndex[2] = { 1 };
ArrayIndex[1] = 0;
ArrayIndex[2] = {1};
hr = SafeArrayPutElement(psaValue, ArrayIndex, &(_variant_t)dbs[i].dbname);
ArrayIndex[1] = 1; ArrayIndex[2] = { 0 };
ArrayIndex[1] = 1;
ArrayIndex[2] = {0};
hr = SafeArrayPutElement(psaValue, ArrayIndex, &(_variant_t)L"Handle");
ArrayIndex[1] = 1; ArrayIndex[2] = { 1 };
ArrayIndex[1] = 1;
ArrayIndex[2] = {1};
hr = SafeArrayPutElement(psaValue, ArrayIndex, &(_variant_t)dbs[i].handle);
ArrayIndex[1] = 2; ArrayIndex[2] = { 0 };
ArrayIndex[1] = 2;
ArrayIndex[2] = {0};
hr = SafeArrayPutElement(psaValue, ArrayIndex, &(_variant_t)L"name");
ArrayIndex[1] = 2; ArrayIndex[2] = { 1 };
ArrayIndex[1] = 2;
ArrayIndex[2] = {1};
hr = SafeArrayPutElement(psaValue, ArrayIndex, &(_variant_t)dbs[i].tables[j].name);
ArrayIndex[1] = 3; ArrayIndex[2] = { 0 };
ArrayIndex[1] = 3;
ArrayIndex[2] = {0};
hr = SafeArrayPutElement(psaValue, ArrayIndex, &(_variant_t)L"tbl_name");
ArrayIndex[1] = 3; ArrayIndex[2] = { 1 };
ArrayIndex[1] = 3;
ArrayIndex[2] = {1};
hr = SafeArrayPutElement(psaValue, ArrayIndex, &(_variant_t)dbs[i].tables[j].tbl_name);
ArrayIndex[1] = 4; ArrayIndex[2] = { 0 };
ArrayIndex[1] = 4;
ArrayIndex[2] = {0};
hr = SafeArrayPutElement(psaValue, ArrayIndex, &(_variant_t)L"rootpage");
ArrayIndex[1] = 4; ArrayIndex[2] = { 1 };
ArrayIndex[1] = 4;
ArrayIndex[2] = {1};
hr = SafeArrayPutElement(psaValue, ArrayIndex, &(_variant_t)dbs[i].tables[j].rootpage);
ArrayIndex[1] = 5; ArrayIndex[2] = { 0 };
ArrayIndex[1] = 5;
ArrayIndex[2] = {0};
hr = SafeArrayPutElement(psaValue, ArrayIndex, &(_variant_t)L"sql");
ArrayIndex[1] = 5; ArrayIndex[2] = { 1 };
ArrayIndex[1] = 5;
ArrayIndex[2] = {1};
hr = SafeArrayPutElement(psaValue, ArrayIndex, &(_variant_t)dbs[i].tables[j].sql);
index++;
}
......@@ -85,28 +106,32 @@ SAFEARRAY* CreateDbInfoSafeArray() {
return psaValue;
}
SAFEARRAY* GetDbHandles(DWORD pid) {
SAFEARRAY *GetDbHandles(DWORD pid)
{
dbs.clear();
WeChatProcess hp(pid);
if (!hp.m_init) return NULL;
if (!hp.m_init)
return NULL;
DWORD GetDbHandlesRemoteAddr = hp.GetProcAddr(GetDbHandlesRemote);
if (GetDbHandlesRemoteAddr == 0)
return NULL;
DWORD ret = CallRemoteFunction(hp.GetHandle(), GetDbHandlesRemoteAddr, NULL);
while (1) {
DbInfoAddrStruct dbaddr = { 0 };
while (1)
{
DbInfoAddrStruct dbaddr = {0};
ReadProcessMemory(hp.GetHandle(), (LPCVOID)ret, &dbaddr, sizeof(DbInfoAddrStruct), 0);
if (dbaddr.handle == 0)
break;
DbInfoStruct db = { 0 };
DbInfoStruct db = {0};
db.handle = dbaddr.handle;
db.count = dbaddr.count;
db.dbname = new wchar_t[dbaddr.l_dbname + 1];
ReadProcessMemory(hp.GetHandle(), (LPCVOID)dbaddr.dbname, db.dbname, sizeof(wchar_t) * (dbaddr.l_dbname + 1), 0);
DWORD db_table_start_addr = dbaddr.v_data;
while (db_table_start_addr < dbaddr.v_end1) {
TableInfoAddrStruct tbaddr = { 0 };
TableInfoStruct tb = { 0 };
while (db_table_start_addr < dbaddr.v_end1)
{
TableInfoAddrStruct tbaddr = {0};
TableInfoStruct tb = {0};
ReadProcessMemory(hp.GetHandle(), (LPCVOID)db_table_start_addr, &tbaddr, sizeof(TableInfoAddrStruct), 0);
tb.name = new char[tbaddr.l_name + 1];
ReadProcessMemory(hp.GetHandle(), (LPCVOID)tbaddr.name, tb.name, tbaddr.l_name + 1, 0);
......@@ -122,6 +147,6 @@ SAFEARRAY* GetDbHandles(DWORD pid) {
dbs.push_back(db);
ret += sizeof(DbInfoAddrStruct);
}
SAFEARRAY* psaValue = CreateDbInfoSafeArray();
SAFEARRAY *psaValue = CreateDbInfoSafeArray();
return psaValue;
}
\ No newline at end of file
}
DWeChatRobot/FriendList.cpp
浏览文件 @ 2369f900
......@@ -9,9 +9,9 @@ vector<WxFriendStruct> WxFriendList;
#ifndef USE_SOCKET
/*
* 供外部调用的获取好友列表接口1
* return:int,联系人数量
*/
* 供外部调用的获取好友列表接口1
* return:int,联系人数量
*/
int GetFriendListInit()
{
GetFriendList();
......@@ -22,9 +22,9 @@ int GetFriendListInit()
}
/*
* 供外部调用的获取好友列表接口2
* return:DWORD,WxFriendList第一个成员地址
*/
* 供外部调用的获取好友列表接口2
* return:DWORD,WxFriendList第一个成员地址
*/
DWORD GetFriendListRemote()
{
if (WxFriendList.size() == 0 || WxFriendList.size() - 1 == 0)
......@@ -37,9 +37,9 @@ DWORD GetFriendListRemote()
}
/*
* 供外部调用的获取好友列表接口3,清空缓存
* return:void
*/
* 供外部调用的获取好友列表接口3,清空缓存
* return:void
*/
void GetFriendListFinish()
{
WxFriendList.clear();
......@@ -54,9 +54,9 @@ vector<WxFriendStruct> GetWxContact()
}
#endif
/*
* 获取好友列表的具体实现
* return:void
*/
* 获取好友列表的具体实现
* return:void
*/
WxFriendStruct *__stdcall GetFriendList()
{
#ifdef _DEBUG
......@@ -86,6 +86,8 @@ WxFriendStruct *__stdcall GetFriendList()
DWORD wxNumberAddr = 0;
DWORD wxNickNameAddr = 0;
DWORD wxRemarkAddr = 0;
DWORD wxTypeAddr = 0;
DWORD wxVerifyFlagAddr = 0;
__asm {
pushad;
......@@ -102,11 +104,17 @@ WxFriendStruct *__stdcall GetFriendList()
mov ecx, eax;
add ecx, 0x78;
mov wxRemarkAddr, ecx;
mov ecx, eax;
add ecx, 0x70;
mov wxTypeAddr,ecx;
mov ecx, eax;
add ecx, 0x74;
mov wxVerifyFlagAddr,ecx;
mov ecx, dword ptr [eax];
mov LeftTreeAddr, ecx;
popad;
}
WxFriendStruct p(wxIdAddr, wxNumberAddr, wxNickNameAddr, wxRemarkAddr);
WxFriendStruct p(wxIdAddr, wxNumberAddr, wxNickNameAddr, wxRemarkAddr, wxTypeAddr, wxVerifyFlagAddr);
WxFriendList.push_back(p);
#ifdef _DEBUG
wcout << (wchar_t *)(*(DWORD *)p.wxIdAddr) << endl;
......@@ -116,7 +124,7 @@ WxFriendStruct *__stdcall GetFriendList()
break;
}
}
WxFriendStruct nullp(NULL, NULL, NULL, NULL);
WxFriendStruct nullp(NULL, NULL, NULL, NULL, NULL, NULL);
WxFriendList.push_back(nullp);
return WxFriendList.data();
}
DWeChatRobot/SendFile.cpp
浏览文件 @ 2369f900
......@@ -121,10 +121,8 @@ BOOL __stdcall SendFile(wchar_t *receiver, wchar_t *FilePath)
mov al,byte ptr [eax + 0x38];
movzx eax,al;
mov isSuccess,eax;
// push 200;
// call Sleep;
// lea ecx, buffer;
// call DeleteSendFileCacheCall;
lea ecx, buffer;
call DeleteSendFileCacheCall;
popfd;
popad;
}
......
DWeChatRobot/wxdata.h
浏览文件 @ 2369f900
......@@ -169,12 +169,18 @@ struct WxFriendStruct
DWORD wxNumberAddr;
DWORD wxNickNameAddr;
DWORD wxRemarkAddr;
WxFriendStruct(DWORD wxIdAddr, DWORD wxNumberAddr, DWORD wxNickNameAddr, DWORD wxRemarkAddr)
DWORD wxTypeAddr;
DWORD wxVerifyFlagAddr;
WxFriendStruct(DWORD wxIdAddr, DWORD wxNumberAddr,
DWORD wxNickNameAddr, DWORD wxRemarkAddr,
DWORD wxTypeAddr, DWORD wxVerfifyFlagAddr)
{
this->wxIdAddr = wxIdAddr;
this->wxNumberAddr = wxNumberAddr;
this->wxNickNameAddr = wxNickNameAddr;
this->wxRemarkAddr = wxRemarkAddr;
this->wxTypeAddr = wxTypeAddr;
this->wxVerifyFlagAddr = wxVerfifyFlagAddr;
}
};
......
DWeChatRobot/wxsocket.cpp
浏览文件 @ 2369f900
......@@ -321,6 +321,8 @@ void request_event(mg_http_message *hm, string &ret, struct mg_connection *c)
f_j["wxNumber"] = unicode_to_utf8(WS2LW(wxNumber));
f_j["wxNickName"] = unicode_to_utf8(WS2LW(wxNickName));
f_j["wxRemark"] = unicode_to_utf8(WS2LW(wxRemark));
f_j["wxType"] = *(DWORD *)f.wxTypeAddr;
f_j["wxVerifyFlag"] = *(DWORD *)f.wxVerifyFlagAddr;
ret_data["data"].push_back(f_j);
}
ret = ret_data.dump();
......
Python/com/wxRobot.py
浏览文件 @ 2369f900
......@@ -351,10 +351,8 @@ class WeChatRobot:
"""
if not self.AddressBook:
self.GetAddressBook()
friend_list = []
for item in self.AddressBook:
if 'wxid_' == item['wxid'][0:5]:
friend_list.append(item)
friend_list = [item for item in self.AddressBook \
if (item['wxType'] == 3 and item['wxid'][0:3] != 'gh_')]
return friend_list
def GetChatRoomList(self) -> list:
......@@ -369,10 +367,8 @@ class WeChatRobot:
"""
if not self.AddressBook:
self.GetAddressBook()
chatroom_list = []
for item in self.AddressBook:
if '@chatroom' in item['wxid']:
chatroom_list.append(item)
chatroom_list = [item for item in self.AddressBook \
if item['wxType'] == 2]
return chatroom_list
def GetOfficialAccountList(self) -> list:
......@@ -387,10 +383,9 @@ class WeChatRobot:
"""
if not self.AddressBook:
self.GetAddressBook()
official_account_list = []
for item in self.AddressBook:
if 'wxid_' != item['wxid'][0:5] and '@chatroom' not in item['wxid']:
official_account_list.append(item)
official_account_list = [item for item in self.AddressBook \
if (item['wxType'] == 3 and \
item['wxid'][0:3] == 'gh_')]
return official_account_list
def GetFriendByWxRemark(self, remark: str) -> dict or None:
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册