diff --git a/DWeChatRobot/ForwardMessage.cpp b/DWeChatRobot/ForwardMessage.cpp index 00de4acc4d3910bff548c2a9d1d35b54f9d4fd94..9bc76bec67619be54dd541e71bb6a53b402ad756 100644 --- a/DWeChatRobot/ForwardMessage.cpp +++ b/DWeChatRobot/ForwardMessage.cpp @@ -26,7 +26,6 @@ BOOL __stdcall ForwardMessage(wchar_t *wxid, unsigned long long msgid) int localId = GetLocalIdByMsgId(msgid, dbIndex); if (localId == 0) return FALSE; - dbIndex = 0x5000000 + (dbIndex << 8); WxString p_wxid(wxid); int isSuccess = 0; __asm { diff --git a/DWeChatRobot/GetDbHandles.cpp b/DWeChatRobot/GetDbHandles.cpp index c55bbc9bb21ea3bb2ede050f271df93b4210bf15..cf6ce3f404e03bd82d4f2031b60d9c3970259ff8 100644 --- a/DWeChatRobot/GetDbHandles.cpp +++ b/DWeChatRobot/GetDbHandles.cpp @@ -6,6 +6,13 @@ #define SqlHandlePublicMsgOffset 0x239E3C8 // 聊天记录相关库偏移 #define SqlHandleMSGOffset 0x239FF68 +// 企业微信相关库偏移 +#define SqlHandleOpenIMOffset1 0x239E6E0 +#define SqlHandleOpenIMOffset2 0x239FF6C +// 朋友圈数据库偏移 +#define SqlHandleSnsOffset 0x23A1744 +// 收藏数据库偏移 +#define SqlHandleFavoriteOffset 0x23A03B0 // 保存数据库信息的容器 vector dbs; @@ -39,7 +46,7 @@ unsigned int GetLocalIdByMsgId(ULONG64 msgid, int &dbIndex) vector> result = SelectData(handle, (const char *)sql); if (result.size() == 0) continue; - dbIndex = i + 1; + dbIndex = dbmap[dbname].extrainfo; return stoi(result[1][0]); } return 0; @@ -67,53 +74,31 @@ vector GetDbHandles() dbs.clear(); dbmap.clear(); DWORD WeChatWinBase = GetWeChatWinBase(); - DWORD SqlHandleBaseAddr = WeChatWinBase + SqlHandleMicroMsgOffset; - DWORD SqlHandleBeginAddr = 0x0; - DWORD SqlHandleEndAddr = 0x0; + DWORD SqlHandleBaseAddr = *(DWORD *)(WeChatWinBase + SqlHandleMicroMsgOffset) + 0x1428; + DWORD SqlHandleBeginAddr = *(DWORD *)SqlHandleBaseAddr; + DWORD SqlHandleEndAddr = *(DWORD *)(SqlHandleBaseAddr + 0x4); DWORD SqlHandlePublicMsgAddr = *(DWORD *)(WeChatWinBase + SqlHandlePublicMsgOffset); DWORD SqlHandleMSGAddr = *(DWORD *)(WeChatWinBase + SqlHandleMSGOffset); - __asm { - mov eax, [SqlHandleBaseAddr]; - mov ecx, [eax]; - add ecx, 0x1428; - mov eax, [ecx]; - mov SqlHandleBeginAddr, eax; - mov eax, [ecx + 0x4]; - mov SqlHandleEndAddr, eax; - } + DWORD SqlHandleOpenIMAddr1 = *(DWORD *)(WeChatWinBase + SqlHandleOpenIMOffset1); + DWORD SqlHandleOpenIMAddr2 = *(DWORD *)(WeChatWinBase + SqlHandleOpenIMOffset2); + DWORD SqlHandleSnsAddr = *(DWORD *)(WeChatWinBase + SqlHandleSnsOffset); + DWORD SqlHandleFavoriteAddr = *(DWORD *)(WeChatWinBase + SqlHandleFavoriteOffset); + vector dbaddrs; DWORD dwHandle = 0x0; // 获取联系人数据库句柄 while (SqlHandleBeginAddr < SqlHandleEndAddr) { dwHandle = *(DWORD *)SqlHandleBeginAddr; + dbaddrs.push_back(dwHandle); SqlHandleBeginAddr += 0x4; if (SqlHandleBeginAddr == SqlHandleEndAddr) break; - wstring dbname = wstring((wchar_t *)(*(DWORD *)(dwHandle + 0x50))); - if (dbmap.find(dbname) != dbmap.end()) - continue; - DbInfoStruct db = {0}; - db.dbname = (wchar_t *)(*(DWORD *)(dwHandle + 0x50)); - db.l_dbname = wcslen(db.dbname); - db.handle = *(DWORD *)(dwHandle + 0x3C); - ExecuteSQL(*(DWORD *)(dwHandle + 0x3C), "select * from sqlite_master where type=\"table\";", (DWORD)GetDbInfo, &db); - dbs.push_back(db); - dbmap[dbname] = db; } // 获取公众号数据库句柄 for (int i = 1; i < 4; i++) { dwHandle = *((DWORD *)(SqlHandlePublicMsgAddr + i * 0x4)); - wstring dbname = wstring((wchar_t *)(*(DWORD *)(dwHandle + 0x50))); - if (dbmap.find(dbname) != dbmap.end()) - continue; - DbInfoStruct db = {0}; - db.dbname = (wchar_t *)(*(DWORD *)(dwHandle + 0x50)); - db.l_dbname = wcslen(db.dbname); - db.handle = *(DWORD *)(dwHandle + 0x3C); - ExecuteSQL(*(DWORD *)(dwHandle + 0x3C), "select * from sqlite_master where type=\"table\";", (DWORD)GetDbInfo, &db); - dbs.push_back(db); - dbmap[dbname] = db; + dbaddrs.push_back(dwHandle); } // 获取聊天记录数据库句柄 int msgdb_count = *(int *)(SqlHandleMSGAddr + 0x4); @@ -123,19 +108,42 @@ vector GetDbHandles() for (int j = 0; j < 4; j++) { dwHandle = *(DWORD *)(MsgdwHandle + 0x14 + j * 4); - wstring dbname = wstring((wchar_t *)(*(DWORD *)(dwHandle + 0x50))); - if (dbmap.find(dbname) != dbmap.end()) - continue; - DbInfoStruct db = {0}; - db.dbname = (wchar_t *)(*(DWORD *)(dwHandle + 0x50)); - db.l_dbname = wcslen(db.dbname); - db.handle = *(DWORD *)(dwHandle + 0x3C); - ExecuteSQL(*(DWORD *)(dwHandle + 0x3C), "select * from sqlite_master where type=\"table\";", (DWORD)GetDbInfo, &db); - dbs.push_back(db); - dbmap[dbname] = db; + dbaddrs.push_back(dwHandle); } MsgdwHandle += 0x68; } + // 获取企业微信数据库句柄 + dbaddrs.push_back(*(DWORD *)(SqlHandleOpenIMAddr1 + 0x8)); + for (int i = 0; i < 3; i++) + { + dwHandle = *(DWORD *)(SqlHandleOpenIMAddr2 + 0xC + i * 4); + dbaddrs.push_back(dwHandle); + } + // 获取朋友圈数据库句柄 + dbaddrs.push_back(*(DWORD *)(SqlHandleSnsAddr + 0x64)); + // 获取收藏数据库句柄 + dbaddrs.push_back(*(DWORD *)(SqlHandleFavoriteAddr + 0x8)); + + // 获取数据库信息 + for (auto dbaddr : dbaddrs) + { + wstring dbname = wstring((wchar_t *)(*(DWORD *)(dbaddr + 0x50))); + if (dbmap.find(dbname) != dbmap.end()) + continue; + DbInfoStruct db = {0}; + wstring tablename((wchar_t *)(*(DWORD *)(dbaddr + 0x64))); + if (tablename == L"MSG") + { + db.extrainfo = *(DWORD *)(dbaddr + 0x17C); + } + db.dbname = (wchar_t *)(*(DWORD *)(dbaddr + 0x50)); + db.l_dbname = wcslen(db.dbname); + db.handle = *(DWORD *)(dbaddr + 0x3C); + ExecuteSQL(*(DWORD *)(dbaddr + 0x3C), "select * from sqlite_master where type=\"table\";", (DWORD)GetDbInfo, &db); + dbs.push_back(db); + dbmap[dbname] = db; + } + // 添加一个空结构体,作为读取结束标志 DbInfoStruct db_end = {0}; dbs.push_back(db_end); diff --git a/DWeChatRobot/ReceiveMessage.cpp b/DWeChatRobot/ReceiveMessage.cpp index ec75feeb10e85781177baf371a34eced92c11045..e749de942dde5ea464fc9969dd378ee3420e9415 100644 --- a/DWeChatRobot/ReceiveMessage.cpp +++ b/DWeChatRobot/ReceiveMessage.cpp @@ -176,6 +176,7 @@ static void dealMessage(DWORD messageAddr) jMsg["extrainfo"] = ""; } jMsg["time"] = unicode_to_utf8((wchar_t *)GetTimeW(*(DWORD *)(messageAddr + 0x44)).c_str()); + jMsg["timestamp"] = *(DWORD *)(messageAddr + 0x44); jMsg["self"] = unicode_to_utf8((wchar_t *)GetSelfWxid().c_str()); string jstr = jMsg.dump() + '\n'; // 为保证线程安全,需要手动管理内存 diff --git a/DWeChatRobot/pch.cpp b/DWeChatRobot/pch.cpp index 4c3d51eaec4ed672ead5107cfa88ddf754796f20..d68cbd6f26618e2e97383808c99f7a59d3a35911 100644 --- a/DWeChatRobot/pch.cpp +++ b/DWeChatRobot/pch.cpp @@ -104,8 +104,20 @@ string gb2312_to_utf8(const char *strGB2312) return strTemp; } +wstring gb2312_to_unicode(const char *buffer) +{ + int c_size = MultiByteToWideChar(CP_ACP, 0, buffer, -1, 0, 0); + wchar_t *temp = new wchar_t[c_size + 1]; + MultiByteToWideChar(CP_ACP, 0, buffer, -1, temp, c_size); + temp[c_size] = L'\0'; + wstring ret(temp); + delete[] temp; + temp = NULL; + return ret; +} + /* - * 灏哢TF8缂栫爜鏁版嵁杞崲涓篏BK缂栫爜 + * 灏哢TF8缂栫爜鏁版嵁杞崲涓篣NICODE缂栫爜 */ wstring utf8_to_unicode(const char *buffer) { @@ -221,17 +233,15 @@ wstring wreplace(wstring source, wchar_t replaced, wstring replaceto) */ wstring GetTimeW(long long timestamp) { - wchar_t *wstr = new wchar_t[20]; - memset(wstr, 0, 20 * 2); - // time_t cTime = time(NULL); - tm tm_out; - localtime_s(&tm_out, ×tamp); - swprintf_s(wstr, 20, L"%04d-%02d-%02d %02d:%02d:%02d", - 1900 + tm_out.tm_year, tm_out.tm_mon + 1, tm_out.tm_mday, - tm_out.tm_hour, tm_out.tm_min, tm_out.tm_sec); - wstring strTimeW(wstr); - delete[] wstr; - return strTimeW; + char time_buf[20] = {0}; + memset(time_buf, 0, 20); + tm tm_out = {0}; + gmtime_s(&tm_out, ×tamp); + // localtime_s(tm_out, ×tamp); + tm_out.tm_hour += 8; + strftime(time_buf, sizeof(time_buf), "%Y-%m-%d %H:%M:%S", &tm_out); + string strTime(time_buf); + return utf8_to_unicode(strTime.c_str()); } void PrintProcAddr() diff --git a/DWeChatRobot/pch.h b/DWeChatRobot/pch.h index 4791562c97e7e004161cef5f48605e6d53e852c6..6df5476bb46859ea6bd9de95131f438e771fa64d 100644 --- a/DWeChatRobot/pch.h +++ b/DWeChatRobot/pch.h @@ -16,6 +16,7 @@ #include #include #include +#include #include "wxdata.h" #include "wxapi.h" #include "base64/base64.h" diff --git a/DWeChatRobot/wxapi.h b/DWeChatRobot/wxapi.h index cee99d0d9bf34c9747907dc240bea1a0b7f9baa0..bfeb81b1689b71e4685d9deda67954c2d967c696 100644 --- a/DWeChatRobot/wxapi.h +++ b/DWeChatRobot/wxapi.h @@ -44,10 +44,14 @@ using namespace std; BOOL CreateConsole(void); DWORD GetWeChatWinBase(); string unicode_to_gb2312(wchar_t *wchar); -string utf8_to_gb2312(const char *strUTF8); -string gb2312_to_utf8(const char *strGB2312); string unicode_to_utf8(wchar_t *wstr); + +string utf8_to_gb2312(const char *strUTF8); wstring utf8_to_unicode(const char *buffer); + +string gb2312_to_utf8(const char *strGB2312); +wstring gb2312_to_unicode(const char *buffer); + void HookAnyAddress(DWORD dwHookAddr, LPVOID dwJmpAddress, char *originalRecieveCode); void UnHookAnyAddress(DWORD dwHookAddr, char *originalRecieveCode); DLLEXPORT void UnHookAll(); @@ -71,3 +75,19 @@ vector split(T1 str, T2 letter) arr.push_back(str); return arr; } + +template +T1 replace(T1 source, T2 replaced, T1 replaceto) +{ + vector v_arr = split(source, replaced); + if (v_arr.size() < 2) + return source; + T1 temp; + for (unsigned int i = 0; i < v_arr.size() - 1; i++) + { + temp += v_arr[i]; + temp += replaceto; + } + temp += v_arr[v_arr.size() - 1]; + return temp; +} diff --git a/DWeChatRobot/wxdata.h b/DWeChatRobot/wxdata.h index 9f2516df6b9f1b356016f2bb8518111a88d3bd0a..c1b19ebdb9d0205dd46eb89acbc81ce575bdda1f 100644 --- a/DWeChatRobot/wxdata.h +++ b/DWeChatRobot/wxdata.h @@ -141,11 +141,12 @@ struct TableInfoStruct */ struct DbInfoStruct { - DWORD handle; - wchar_t *dbname; - DWORD l_dbname; + DWORD handle = 0; + wchar_t *dbname = NULL; + DWORD l_dbname = 0; vector tables; - DWORD count; + DWORD count = 0; + DWORD extrainfo = 0; }; /* diff --git a/README.md b/README.md index fb596899aba1db9d3118b012ffddc516736a0211..9cb5531b8590b7095372e616fd847cbd6b23977e 100644 --- a/README.md +++ b/README.md @@ -148,6 +148,8 @@ CWeChatRobot.exe /unregserver ## 2022.09.22 1. 鏂板鑾峰彇a8key鍔熻兘 2. 淇浜嗕竴涓猙ug锛岃bug鏇惧鑷磋幏鍙栨暟鎹簱鍙ユ焺鎺ュ彛鍙兘鐢熸晥涓娆 +## 2022.09.27 +1. 浼樺寲杞彂娑堟伅鎺ュ彛銆佽幏鍙栨暟鎹簱鍙ユ焺鎺ュ彛锛屽疄鏃舵秷鎭坊鍔犲師濮嬫椂闂存埑 # 鎵撹祻浣滆 璇风粰浣滆呬竴涓猻tar锛屾劅璋㈡劅璋 diff --git a/Release/CWeChatRobot.exe b/Release/CWeChatRobot.exe index e49e9fab518a450b8736bb8ab131a67c9d50f0ad..8ffeb82cc613da300451c65cecfcd18f0bb5be2b 100644 Binary files a/Release/CWeChatRobot.exe and b/Release/CWeChatRobot.exe differ diff --git a/Release/DWeChatRobot.dll b/Release/DWeChatRobot.dll index 44ffedf11b11c1cbbfc27e65527aa7f0bde94a14..b6ca167a7b5b4e92b1bf0fd8ac587558169b6b89 100644 Binary files a/Release/DWeChatRobot.dll and b/Release/DWeChatRobot.dll differ diff --git a/Release/socket/SWeChatRobot.dll b/Release/socket/SWeChatRobot.dll index 590240cf9c718693481056dc4e91cdff8bbcc842..6e2d94925fbc1a2ce45b1e8b684cec5e9ef03872 100644 Binary files a/Release/socket/SWeChatRobot.dll and b/Release/socket/SWeChatRobot.dll differ diff --git a/Release/socket/wxDriver.dll b/Release/socket/wxDriver.dll index fd918a0eb3b9ec2d9965e243373959968e46037a..5b0e826fff16b1fdea90cd69a8e6e9c6a775e7ff 100644 Binary files a/Release/socket/wxDriver.dll and b/Release/socket/wxDriver.dll differ diff --git a/Release/socket/wxDriver64.dll b/Release/socket/wxDriver64.dll index 895e6e90a3dde16bc3adb344959becf1a57f3194..16f279adce0a1768bc05bb5af582997cedb35cf9 100644 Binary files a/Release/socket/wxDriver64.dll and b/Release/socket/wxDriver64.dll differ