Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
被猫吃掉的鱼Z
ComWeChatRobot
提交
8c3e2ebf
C
ComWeChatRobot
项目概览
被猫吃掉的鱼Z
/
ComWeChatRobot
与 Fork 源项目一致
从无法访问的项目Fork
通知
1
Star
1
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
C
ComWeChatRobot
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
8c3e2ebf
编写于
6月 02, 2022
作者:
L
ljc545w
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
添加新功能
上级
07371e84
变更
22
显示空白变更内容
内联
并排
Showing
22 changed file
with
263 addition
and
12 deletion
+263
-12
CWeChatRobot/InjertDll.cpp
CWeChatRobot/InjertDll.cpp
+2
-1
CWeChatRobot/VerifyFriendApply.cpp
CWeChatRobot/VerifyFriendApply.cpp
+42
-0
CWeChatRobot/VerifyFriendApply.h
CWeChatRobot/VerifyFriendApply.h
+6
-0
CWeChatRobot/WeChatRobot.cpp
CWeChatRobot/WeChatRobot.cpp
+10
-0
CWeChatRobot/WeChatRobot.h
CWeChatRobot/WeChatRobot.h
+1
-0
CWeChatRobot/WeChatRobotCOM.idl
CWeChatRobot/WeChatRobotCOM.idl
+1
-0
CWeChatRobot/WeChatRobotCOM.vcxproj
CWeChatRobot/WeChatRobotCOM.vcxproj
+2
-0
CWeChatRobot/WeChatRobotCOM.vcxproj.filters
CWeChatRobot/WeChatRobotCOM.vcxproj.filters
+9
-0
CWeChatRobot/WeChatRobotCOM_i.h
CWeChatRobot/WeChatRobotCOM_i.h
+14
-0
CWeChatRobot/WeChatRobotCOM_p.c
CWeChatRobot/WeChatRobotCOM_p.c
+51
-5
CWeChatRobot/pch.cpp
CWeChatRobot/pch.cpp
+7
-1
CWeChatRobot/robotdata.h
CWeChatRobot/robotdata.h
+5
-0
DWeChatRobot/DWeChatRobot.vcxproj
DWeChatRobot/DWeChatRobot.vcxproj
+2
-0
DWeChatRobot/DWeChatRobot.vcxproj.filters
DWeChatRobot/DWeChatRobot.vcxproj.filters
+9
-0
DWeChatRobot/GetDbHandles.cpp
DWeChatRobot/GetDbHandles.cpp
+27
-4
DWeChatRobot/VerifyFriendApply.cpp
DWeChatRobot/VerifyFriendApply.cpp
+64
-0
DWeChatRobot/VerifyFriendApply.h
DWeChatRobot/VerifyFriendApply.h
+5
-0
DWeChatRobot/dllmain.cpp
DWeChatRobot/dllmain.cpp
+1
-0
DWeChatRobot/pch.h
DWeChatRobot/pch.h
+1
-0
Python/wxRobot.py
Python/wxRobot.py
+4
-1
Release/CWeChatRobot.exe
Release/CWeChatRobot.exe
+0
-0
Release/DWeChatRobot.dll
Release/DWeChatRobot.dll
+0
-0
未找到文件。
CWeChatRobot/InjertDll.cpp
浏览文件 @
8c3e2ebf
...
...
@@ -6,7 +6,7 @@ bool InjectDll(DWORD dwId, WCHAR* szPath)//
if
(
!
hProcess
)
return
1
;
if
(
GetWeChatRobotBase
()
!=
0
)
{
return
1
;
return
0
;
}
LPVOID
pRemoteAddress
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
...
...
@@ -24,6 +24,7 @@ bool InjectDll(DWORD dwId, WCHAR* szPath)//
WaitForSingleObject
(
hThread
,
-
1
);
}
else
{
VirtualFreeEx
(
hProcess
,
pRemoteAddress
,
0
,
MEM_RELEASE
);
return
1
;
}
CloseHandle
(
hThread
);
...
...
CWeChatRobot/VerifyFriendApply.cpp
0 → 100644
浏览文件 @
8c3e2ebf
#include "pch.h"
struct
VerifyFriendApplyStruct
{
DWORD
v3
;
DWORD
v4
;
};
BOOL
VerifyFriendApply
(
wchar_t
*
v3
,
wchar_t
*
v4
)
{
if
(
!
hProcess
)
return
0
;
DWORD
VerifyFriendApplyProcAddr
=
GetWeChatRobotBase
()
+
VerifyFriendApplyOffset
;
LPVOID
v3addr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
LPVOID
v4addr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
DWORD
dwWriteSize
=
0
;
DWORD
dwId
=
0
;
DWORD
dwHandle
=
0
;
VerifyFriendApplyStruct
apply_data
=
{
0
};
if
(
!
v3addr
||
!
v4addr
)
return
0
;
WriteProcessMemory
(
hProcess
,
v3addr
,
v3
,
wcslen
(
v3
)
*
2
+
2
,
&
dwWriteSize
);
WriteProcessMemory
(
hProcess
,
v4addr
,
v4
,
wcslen
(
v4
)
*
2
+
2
,
&
dwWriteSize
);
VerifyFriendApplyStruct
*
paramAndFunc
=
(
VerifyFriendApplyStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
VerifyFriendApplyStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
apply_data
.
v3
=
(
DWORD
)
v3addr
;
apply_data
.
v4
=
(
DWORD
)
v4addr
;
if
(
paramAndFunc
)
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
apply_data
,
sizeof
(
apply_data
),
&
dwId
);
else
return
1
;
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
VerifyFriendApplyProcAddr
,
paramAndFunc
,
0
,
&
dwId
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
GetExitCodeThread
(
hThread
,
&
dwHandle
);
CloseHandle
(
hThread
);
}
VirtualFreeEx
(
hProcess
,
v3addr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
v4addr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
return
dwHandle
;
}
\ No newline at end of file
CWeChatRobot/VerifyFriendApply.h
0 → 100644
浏览文件 @
8c3e2ebf
#pragma once
#include<windows.h>
#include<iostream>
using
namespace
std
;
BOOL
VerifyFriendApply
(
wchar_t
*
v3
,
wchar_t
*
v4
);
\ No newline at end of file
CWeChatRobot/WeChatRobot.cpp
浏览文件 @
8c3e2ebf
...
...
@@ -241,3 +241,13 @@ STDMETHODIMP CWeChatRobot::CBackupSQLiteDB(DWORD DbHandle, BSTR savepath, int* _
*
__result
=
BackupSQLiteDB
(
DbHandle
,
savepath
);
return
S_OK
;
}
/*
* 参数1:v3数据
* 参数2:v4数据
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CVerifyFriendApply
(
BSTR
v3
,
BSTR
v4
,
int
*
__result
)
{
*
__result
=
VerifyFriendApply
(
v3
,
v4
);
return
S_OK
;
}
\ No newline at end of file
CWeChatRobot/WeChatRobot.h
浏览文件 @
8c3e2ebf
...
...
@@ -74,6 +74,7 @@ public:
STDMETHODIMP
CGetDbHandles
(
VARIANT
*
__result
);
STDMETHODIMP
CExecuteSQL
(
DWORD
DbHandle
,
BSTR
sql
,
VARIANT
*
__result
);
STDMETHODIMP
CBackupSQLiteDB
(
DWORD
DbHandle
,
BSTR
savepath
,
int
*
__result
);
STDMETHODIMP
CVerifyFriendApply
(
BSTR
v3
,
BSTR
v4
,
int
*
__result
);
};
OBJECT_ENTRY_AUTO
(
__uuidof
(
WeChatRobot
),
CWeChatRobot
)
CWeChatRobot/WeChatRobotCOM.idl
浏览文件 @
8c3e2ebf
...
...
@@ -39,6 +39,7 @@ interface IWeChatRobot : IDispatch
[
id
(
21
)
]
HRESULT
CGetDbHandles
(
[
out
,
retval
]
VARIANT
*
__result
)
;
[
id
(
22
)
]
HRESULT
CExecuteSQL
(
[
in
]
DWORD
DbHandle
,
[
in
]
BSTR
sql
,
[
out
,
retval
]
VARIANT
*
__result
)
;
[
id
(
23
)
]
HRESULT
CBackupSQLiteDB
(
[
in
]
DWORD
DbHandle
,
[
in
]
BSTR
savepath
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
24
)
]
HRESULT
CVerifyFriendApply
(
[
in
]
BSTR
v3
,
[
in
]
BSTR
v4
,
[
out
,
retval
]
int
*
__result
)
;
}
;
[
uuid
(
721
abb35
-
141
a
-
4
aa2
-
94
f2
-
762
e2833fa6c
),
...
...
CWeChatRobot/WeChatRobotCOM.vcxproj
浏览文件 @
8c3e2ebf
...
...
@@ -232,6 +232,7 @@
<ClInclude
Include=
"SendText.h"
/>
<ClInclude
Include=
"targetver.h"
/>
<ClInclude
Include=
"UserInfo.h"
/>
<ClInclude
Include=
"VerifyFriendApply.h"
/>
<ClInclude
Include=
"WeChatRobot.h"
/>
<ClInclude
Include=
"WeChatRobotCOM_i.h"
/>
<ClInclude
Include=
"xdlldata.h"
/>
...
...
@@ -259,6 +260,7 @@
<ClCompile
Include=
"SendImage.cpp"
/>
<ClCompile
Include=
"SendText.cpp"
/>
<ClCompile
Include=
"UserInfo.cpp"
/>
<ClCompile
Include=
"VerifyFriendApply.cpp"
/>
<ClCompile
Include=
"WeChatRobot.cpp"
/>
<ClCompile
Include=
"WeChatRobotCOM.cpp"
/>
<ClCompile
Include=
"WeChatRobotCOM_i.c"
>
...
...
CWeChatRobot/WeChatRobotCOM.vcxproj.filters
浏览文件 @
8c3e2ebf
...
...
@@ -77,6 +77,9 @@
<Filter
Include=
"数据库\数据库备份"
>
<UniqueIdentifier>
{f34f7c72-a310-4c23-b153-681307fb6277}
</UniqueIdentifier>
</Filter>
<Filter
Include=
"好友相关\通过好友请求"
>
<UniqueIdentifier>
{ed2746cb-8d2d-4ad9-865d-d06563766571}
</UniqueIdentifier>
</Filter>
</ItemGroup>
<ItemGroup>
<ClInclude
Include=
"framework.h"
>
...
...
@@ -151,6 +154,9 @@
<ClInclude
Include=
"DbBackup.h"
>
<Filter>
数据库\数据库备份
</Filter>
</ClInclude>
<ClInclude
Include=
"VerifyFriendApply.h"
>
<Filter>
好友相关\通过好友请求
</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<ClCompile
Include=
"WeChatRobotCOM.cpp"
>
...
...
@@ -216,6 +222,9 @@
<ClCompile
Include=
"DbBackup.cpp"
>
<Filter>
数据库\数据库备份
</Filter>
</ClCompile>
<ClCompile
Include=
"VerifyFriendApply.cpp"
>
<Filter>
好友相关\通过好友请求
</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ResourceCompile
Include=
"WeChatRobotCOM.rc"
>
...
...
CWeChatRobot/WeChatRobotCOM_i.h
浏览文件 @
8c3e2ebf
...
...
@@ -180,6 +180,11 @@ EXTERN_C const IID IID_IWeChatRobot;
/* [in] */
BSTR
savepath
,
/* [retval][out] */
int
*
__result
)
=
0
;
virtual
/* [id] */
HRESULT
STDMETHODCALLTYPE
CVerifyFriendApply
(
/* [in] */
BSTR
v3
,
/* [in] */
BSTR
v4
,
/* [retval][out] */
int
*
__result
)
=
0
;
};
...
...
@@ -353,6 +358,12 @@ EXTERN_C const IID IID_IWeChatRobot;
/* [in] */
BSTR
savepath
,
/* [retval][out] */
int
*
__result
);
/* [id] */
HRESULT
(
STDMETHODCALLTYPE
*
CVerifyFriendApply
)(
IWeChatRobot
*
This
,
/* [in] */
BSTR
v3
,
/* [in] */
BSTR
v4
,
/* [retval][out] */
int
*
__result
);
END_INTERFACE
}
IWeChatRobotVtbl
;
...
...
@@ -458,6 +469,9 @@ EXTERN_C const IID IID_IWeChatRobot;
#define IWeChatRobot_CBackupSQLiteDB(This,DbHandle,savepath,__result) \
(
(
This
)
->
lpVtbl
->
CBackupSQLiteDB
(
This
,
DbHandle
,
savepath
,
__result
)
)
#define IWeChatRobot_CVerifyFriendApply(This,v3,v4,__result) \
(
(
This
)
->
lpVtbl
->
CVerifyFriendApply
(
This
,
v3
,
v4
,
__result
)
)
#endif
/* COBJMACROS */
...
...
CWeChatRobot/WeChatRobotCOM_p.c
浏览文件 @
8c3e2ebf
...
...
@@ -49,7 +49,7 @@
#include "WeChatRobotCOM_i.h"
#define TYPE_FORMAT_STRING_SIZE 1239
#define PROC_FORMAT_STRING_SIZE
967
#define PROC_FORMAT_STRING_SIZE
1015
#define EXPR_FORMAT_STRING_SIZE 1
#define TRANSMIT_AS_TABLE_SIZE 0
#define WIRE_MARSHAL_TABLE_SIZE 2
...
...
@@ -951,6 +951,49 @@ static const WeChatRobotCOM_MIDL_PROC_FORMAT_STRING WeChatRobotCOM__MIDL_ProcFor
/* 964 */
0x8
,
/* FC_LONG */
0x0
,
/* 0 */
/* Procedure CVerifyFriendApply */
/* 966 */
0x33
,
/* FC_AUTO_HANDLE */
0x6c
,
/* Old Flags: object, Oi2 */
/* 968 */
NdrFcLong
(
0x0
),
/* 0 */
/* 972 */
NdrFcShort
(
0x1e
),
/* 30 */
/* 974 */
NdrFcShort
(
0x14
),
/* x86 Stack size/offset = 20 */
/* 976 */
NdrFcShort
(
0x0
),
/* 0 */
/* 978 */
NdrFcShort
(
0x24
),
/* 36 */
/* 980 */
0x46
,
/* Oi2 Flags: clt must size, has return, has ext, */
0x4
,
/* 4 */
/* 982 */
0x8
,
/* 8 */
0x45
,
/* Ext Flags: new corr desc, srv corr check, has range on conformance */
/* 984 */
NdrFcShort
(
0x0
),
/* 0 */
/* 986 */
NdrFcShort
(
0x1
),
/* 1 */
/* 988 */
NdrFcShort
(
0x0
),
/* 0 */
/* Parameter v3 */
/* 990 */
NdrFcShort
(
0x8b
),
/* Flags: must size, must free, in, by val, */
/* 992 */
NdrFcShort
(
0x4
),
/* x86 Stack size/offset = 4 */
/* 994 */
NdrFcShort
(
0x2a
),
/* Type Offset=42 */
/* Parameter v4 */
/* 996 */
NdrFcShort
(
0x8b
),
/* Flags: must size, must free, in, by val, */
/* 998 */
NdrFcShort
(
0x8
),
/* x86 Stack size/offset = 8 */
/* 1000 */
NdrFcShort
(
0x2a
),
/* Type Offset=42 */
/* Parameter __result */
/* 1002 */
NdrFcShort
(
0x2150
),
/* Flags: out, base type, simple ref, srv alloc size=8 */
/* 1004 */
NdrFcShort
(
0xc
),
/* x86 Stack size/offset = 12 */
/* 1006 */
0x8
,
/* FC_LONG */
0x0
,
/* 0 */
/* Return value */
/* 1008 */
NdrFcShort
(
0x70
),
/* Flags: out, return, base type, */
/* 1010 */
NdrFcShort
(
0x10
),
/* x86 Stack size/offset = 16 */
/* 1012 */
0x8
,
/* FC_LONG */
0x0
,
/* 0 */
0x0
}
};
...
...
@@ -1818,7 +1861,8 @@ static const unsigned short IWeChatRobot_FormatStringOffsetTable[] =
792
,
834
,
870
,
918
918
,
966
};
static
const
MIDL_STUBLESS_PROXY_INFO
IWeChatRobot_ProxyInfo
=
...
...
@@ -1842,7 +1886,7 @@ static const MIDL_SERVER_INFO IWeChatRobot_ServerInfo =
0
,
0
,
0
};
CINTERFACE_PROXY_VTABLE
(
3
0
)
_IWeChatRobotProxyVtbl
=
CINTERFACE_PROXY_VTABLE
(
3
1
)
_IWeChatRobotProxyVtbl
=
{
&
IWeChatRobot_ProxyInfo
,
&
IID_IWeChatRobot
,
...
...
@@ -1875,7 +1919,8 @@ CINTERFACE_PROXY_VTABLE(30) _IWeChatRobotProxyVtbl =
(
void
*
)
(
INT_PTR
)
-
1
/* IWeChatRobot::CGetChatRoomMembers */
,
(
void
*
)
(
INT_PTR
)
-
1
/* IWeChatRobot::CGetDbHandles */
,
(
void
*
)
(
INT_PTR
)
-
1
/* IWeChatRobot::CExecuteSQL */
,
(
void
*
)
(
INT_PTR
)
-
1
/* IWeChatRobot::CBackupSQLiteDB */
(
void
*
)
(
INT_PTR
)
-
1
/* IWeChatRobot::CBackupSQLiteDB */
,
(
void
*
)
(
INT_PTR
)
-
1
/* IWeChatRobot::CVerifyFriendApply */
};
...
...
@@ -1907,6 +1952,7 @@ static const PRPC_STUB_FUNCTION IWeChatRobot_table[] =
NdrStubCall2
,
NdrStubCall2
,
NdrStubCall2
,
NdrStubCall2
,
NdrStubCall2
};
...
...
@@ -1914,7 +1960,7 @@ CInterfaceStubVtbl _IWeChatRobotStubVtbl =
{
&
IID_IWeChatRobot
,
&
IWeChatRobot_ServerInfo
,
3
0
,
3
1
,
&
IWeChatRobot_table
[
-
3
],
CStdStubBuffer_DELEGATING_METHODS
};
...
...
CWeChatRobot/pch.cpp
浏览文件 @
8c3e2ebf
...
...
@@ -20,6 +20,8 @@ DWORD DeleteUserInfoCacheOffset = 0x0;
DWORD
GetSelfInfoOffset
=
0x0
;
DWORD
DeleteSelfInfoCacheOffset
=
0x0
;
DWORD
VerifyFriendApplyOffset
=
0x0
;
DWORD
CheckFriendStatusInitRemoteOffset
=
0x0
;
DWORD
CheckFriendStatusRemoteOffset
=
0x0
;
DWORD
CheckFriendStatusFinishRemoteOffset
=
0x0
;
...
...
@@ -119,6 +121,9 @@ void GetProcOffset(wchar_t* workPath) {
DWORD
DeleteUserInfoCacheProcAddr
=
(
DWORD
)
GetProcAddress
(
hd
,
DeleteUserInfoCacheRemote
);
DeleteUserInfoCacheOffset
=
DeleteUserInfoCacheProcAddr
-
WeChatBase
;
DWORD
VerifyFriendApplyProcAddr
=
(
DWORD
)
GetProcAddress
(
hd
,
VerifyFriendApplyRemote
);
VerifyFriendApplyOffset
=
VerifyFriendApplyProcAddr
-
WeChatBase
;
DWORD
GetSelfInfoProcAddr
=
(
DWORD
)
GetProcAddress
(
hd
,
GetSelfInfoRemote
);
GetSelfInfoOffset
=
GetSelfInfoProcAddr
-
WeChatBase
;
DWORD
DeleteSelfInfoCacheProcAddr
=
(
DWORD
)
GetProcAddress
(
hd
,
DeleteSelfInfoCacheRemote
);
...
...
@@ -174,6 +179,7 @@ DWORD StartRobotService() {
}
wstring
wworkPath
=
GetComWorkPath
();
wchar_t
*
workPath
=
(
wchar_t
*
)
wworkPath
.
c_str
();
if
(
!
hProcess
)
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
wxPid
);
bool
status
=
Injert
(
wxPid
,
workPath
);
if
(
status
==
1
)
{
...
...
CWeChatRobot/robotdata.h
浏览文件 @
8c3e2ebf
...
...
@@ -15,6 +15,7 @@
#include "GetDbHandles.h"
#include "DbExecuteSql.h"
#include "DbBackup.h"
#include "VerifyFriendApply.h"
extern
HANDLE
hProcess
;
extern
DWORD
SendImageOffset
;
...
...
@@ -31,6 +32,8 @@ extern DWORD GetFriendListFinishOffset;
extern
DWORD
GetWxUserInfoOffset
;
extern
DWORD
DeleteUserInfoCacheOffset
;
extern
DWORD
VerifyFriendApplyOffset
;
extern
DWORD
GetSelfInfoOffset
;
extern
DWORD
DeleteSelfInfoCacheOffset
;
extern
wstring
SelfInfoString
;
...
...
@@ -70,6 +73,8 @@ extern DWORD BackupSQLiteDBRemoteOffset;
#define GetSelfInfoRemote "GetSelfInfoRemote"
#define DeleteSelfInfoCacheRemote "DeleteSelfInfoCacheRemote"
#define VerifyFriendApplyRemote "VerifyFriendApplyRemote"
#define CheckFriendStatusInitRemote "CheckFriendStatusInitRemote"
#define CheckFriendStatusRemote "CheckFriendStatusRemote"
#define CheckFriendStatusFinishRemote "CheckFriendStatusFinishRemote"
...
...
DWeChatRobot/DWeChatRobot.vcxproj
浏览文件 @
8c3e2ebf
...
...
@@ -172,6 +172,7 @@
<ClInclude
Include=
"SendImage.h"
/>
<ClInclude
Include=
"SendText.h"
/>
<ClInclude
Include=
"UserInfo.h"
/>
<ClInclude
Include=
"VerifyFriendApply.h"
/>
</ItemGroup>
<ItemGroup>
<ClCompile
Include=
"CheckFriendStatus.cpp"
/>
...
...
@@ -197,6 +198,7 @@
<ClCompile
Include=
"SendText.cpp"
/>
<ClCompile
Include=
"UserInfo.cpp"
/>
<ClCompile
Include=
"LogMsgInfo.cpp"
/>
<ClCompile
Include=
"VerifyFriendApply.cpp"
/>
</ItemGroup>
<Import
Project=
"$(VCTargetsPath)\Microsoft.Cpp.targets"
/>
<ImportGroup
Label=
"ExtensionTargets"
>
...
...
DWeChatRobot/DWeChatRobot.vcxproj.filters
浏览文件 @
8c3e2ebf
...
...
@@ -76,6 +76,9 @@
<Filter
Include=
"数据库\数据库备份"
>
<UniqueIdentifier>
{59e555da-03e8-41d4-bd90-53e1b02fb30d}
</UniqueIdentifier>
</Filter>
<Filter
Include=
"好友相关\通过好友请求"
>
<UniqueIdentifier>
{350447a5-87e5-438c-b54d-504bbb15b201}
</UniqueIdentifier>
</Filter>
</ItemGroup>
<ItemGroup>
<ClInclude
Include=
"framework.h"
>
...
...
@@ -132,6 +135,9 @@
<ClInclude
Include=
"DbBackup.h"
>
<Filter>
数据库\数据库备份
</Filter>
</ClInclude>
<ClInclude
Include=
"VerifyFriendApply.h"
>
<Filter>
好友相关\通过好友请求
</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<ClCompile
Include=
"dllmain.cpp"
>
...
...
@@ -188,5 +194,8 @@
<ClCompile
Include=
"DbBackup.cpp"
>
<Filter>
数据库\数据库备份
</Filter>
</ClCompile>
<ClCompile
Include=
"VerifyFriendApply.cpp"
>
<Filter>
好友相关\通过好友请求
</Filter>
</ClCompile>
</ItemGroup>
</Project>
\ No newline at end of file
DWeChatRobot/GetDbHandles.cpp
浏览文件 @
8c3e2ebf
...
...
@@ -4,6 +4,8 @@
#define SqlHandleMicroMsgOffset 0x2363934
// 公众号相关库偏移
#define SqlHandlePublicMsgOffset 0x239B3C8
// 聊天记录相关库偏移
#define SqlHandleMSGOffset 0x239CF68
// 保存数据库信息的容器
vector
<
DbInfoStruct
>
dbs
;
...
...
@@ -44,6 +46,7 @@ void GetDbHandles() {
DWORD
SqlHandleBeginAddr
=
0x0
;
DWORD
SqlHandleEndAddr
=
0x0
;
DWORD
SqlHandlePublicMsgAddr
=
*
(
DWORD
*
)(
WeChatWinBase
+
SqlHandlePublicMsgOffset
);
DWORD
SqlHandleMSGAddr
=
*
(
DWORD
*
)(
WeChatWinBase
+
SqlHandleMSGOffset
);
__asm
{
mov
eax
,
[
SqlHandleBaseAddr
];
mov
ecx
,
[
eax
];
...
...
@@ -55,33 +58,53 @@ void GetDbHandles() {
}
DWORD
dwHandle
=
0x0
;
wstring
dbnames
=
L""
;
// 获取联系人数据库句柄
while
(
SqlHandleBeginAddr
<
SqlHandleEndAddr
)
{
dwHandle
=
*
(
DWORD
*
)
SqlHandleBeginAddr
;
SqlHandleBeginAddr
+=
0x4
;
if
(
SqlHandleBeginAddr
==
SqlHandleEndAddr
)
break
;
if
(
dbnames
.
find
(
(
wchar_t
*
)(
*
(
DWORD
*
)(
dwHandle
+
0x50
))
,
0
)
!=
wstring
::
npos
)
if
(
dbnames
.
find
(
L"|"
+
(
wstring
)(
wchar_t
*
)(
*
(
DWORD
*
)(
dwHandle
+
0x50
))
+
L"|"
,
0
)
!=
wstring
::
npos
)
continue
;
DbInfoStruct
db
=
{
0
};
dbnames
+=
(
wchar_t
*
)(
*
(
DWORD
*
)(
dwHandle
+
0x50
))
;
dbnames
=
dbnames
+
L"|"
+
(
wchar_t
*
)(
*
(
DWORD
*
)(
dwHandle
+
0x50
))
+
L"|"
;
db
.
dbname
=
(
wchar_t
*
)(
*
(
DWORD
*
)(
dwHandle
+
0x50
));
db
.
l_dbname
=
wcslen
(
db
.
dbname
);
db
.
handle
=
*
(
DWORD
*
)(
dwHandle
+
0x3C
);
ExecuteSQL
(
*
(
DWORD
*
)(
dwHandle
+
0x3C
),
"select * from sqlite_master where type=
\"
table
\"
;"
,(
DWORD
)
GetDbInfo
,
&
db
);
dbs
.
push_back
(
db
);
}
// 获取公众号数据库句柄
for
(
int
i
=
1
;
i
<
4
;
i
++
)
{
dwHandle
=
*
((
DWORD
*
)(
SqlHandlePublicMsgAddr
+
i
*
0x4
));
if
(
dbnames
.
find
(
(
wchar_t
*
)(
*
(
DWORD
*
)(
dwHandle
+
0x50
))
,
0
)
!=
wstring
::
npos
)
if
(
dbnames
.
find
(
L"|"
+
(
wstring
)(
wchar_t
*
)(
*
(
DWORD
*
)(
dwHandle
+
0x50
))
+
L"|"
,
0
)
!=
wstring
::
npos
)
continue
;
DbInfoStruct
db
=
{
0
};
dbnames
+=
(
wchar_t
*
)(
*
(
DWORD
*
)(
dwHandle
+
0x50
))
;
dbnames
=
dbnames
+
L"|"
+
(
wchar_t
*
)(
*
(
DWORD
*
)(
dwHandle
+
0x50
))
+
L"|"
;
db
.
dbname
=
(
wchar_t
*
)(
*
(
DWORD
*
)(
dwHandle
+
0x50
));
db
.
l_dbname
=
wcslen
(
db
.
dbname
);
db
.
handle
=
*
(
DWORD
*
)(
dwHandle
+
0x3C
);
ExecuteSQL
(
*
(
DWORD
*
)(
dwHandle
+
0x3C
),
"select * from sqlite_master where type=
\"
table
\"
;"
,
(
DWORD
)
GetDbInfo
,
&
db
);
dbs
.
push_back
(
db
);
}
// 获取聊天记录数据库句柄
int
msgdb_count
=
*
(
int
*
)(
SqlHandleMSGAddr
+
0x4
);
DWORD
MsgdwHandle
=
*
(
DWORD
*
)(
SqlHandleMSGAddr
+
0x1C
);
for
(
int
i
=
0
;
i
<
msgdb_count
;
i
++
)
{
for
(
int
j
=
0
;
j
<
4
;
j
++
)
{
dwHandle
=
*
(
DWORD
*
)(
MsgdwHandle
+
0x14
+
j
*
4
);
if
(
dbnames
.
find
(
L"|"
+
(
wstring
)(
wchar_t
*
)(
*
(
DWORD
*
)(
dwHandle
+
0x50
))
+
L"|"
,
0
)
!=
wstring
::
npos
)
continue
;
DbInfoStruct
db
=
{
0
};
dbnames
=
dbnames
+
L"|"
+
(
wchar_t
*
)(
*
(
DWORD
*
)(
dwHandle
+
0x50
))
+
L"|"
;
db
.
dbname
=
(
wchar_t
*
)(
*
(
DWORD
*
)(
dwHandle
+
0x50
));
db
.
l_dbname
=
wcslen
(
db
.
dbname
);
db
.
handle
=
*
(
DWORD
*
)(
dwHandle
+
0x3C
);
ExecuteSQL
(
*
(
DWORD
*
)(
dwHandle
+
0x3C
),
"select * from sqlite_master where type=
\"
table
\"
;"
,
(
DWORD
)
GetDbInfo
,
&
db
);
dbs
.
push_back
(
db
);
}
MsgdwHandle
+=
0x68
;
}
// 添加一个空结构体,作为读取结束标志
DbInfoStruct
db_end
=
{
0
};
dbs
.
push_back
(
db_end
);
...
...
DWeChatRobot/VerifyFriendApply.cpp
0 → 100644
浏览文件 @
8c3e2ebf
#include "pch.h"
#define VerifyFriendApplyCall1Offset 0x6BBC0980 - 0x6B450000
#define VerifyFriendApplyCall2Offset 0x6B6FE8D0 - 0x6B450000
#define VerifyFriendApplyParamOffset 0x6D3320D8 - 0x6B450000
struct
VerifyFriendApplyStruct
{
wchar_t
*
v3_data
;
wchar_t
*
v4_data
;
};
struct
VerifyFriendApplyParamStruct
{
DWORD
handle
;
DWORD
*
StatusCode
;
DWORD
StatusCodeEndAddr1
;
DWORD
StatusCodeEndAddr2
;
char
buffer
[
0x3C
]
=
{
0
};
};
BOOL
VerifyFriendApplyRemote
(
LPVOID
lparameter
)
{
VerifyFriendApplyStruct
*
vfas
=
(
VerifyFriendApplyStruct
*
)
lparameter
;
BOOL
isSuccess
=
VerifyFriendApply
(
vfas
->
v3_data
,
vfas
->
v4_data
);
return
isSuccess
;
}
BOOL
__stdcall
VerifyFriendApply
(
wchar_t
*
v3_data
,
wchar_t
*
v4_data
)
{
WxBaseStruct
v3
(
v3_data
);
WxBaseStruct
v4
(
v4_data
);
DWORD
VerifyFriendApplyCall1
=
GetWeChatWinBase
()
+
VerifyFriendApplyCall1Offset
;
DWORD
VerifyFriendApplyCall2
=
GetWeChatWinBase
()
+
VerifyFriendApplyCall2Offset
;
DWORD
VerifyFriendApplyParam
=
GetWeChatWinBase
()
+
VerifyFriendApplyParamOffset
;
VerifyFriendApplyParamStruct
*
param
=
new
VerifyFriendApplyParamStruct
;
DWORD
StatusCode
[
9
]
=
{
0xB2
,(
DWORD
)
param
,
0xB5
,(
DWORD
)
param
,
0xB0
,(
DWORD
)
param
,
0xB1
,(
DWORD
)
param
,
0x0
};
param
->
handle
=
VerifyFriendApplyParam
;
param
->
StatusCode
=
StatusCode
;
param
->
StatusCodeEndAddr1
=
(
DWORD
)
&
StatusCode
[
8
];
param
->
StatusCodeEndAddr2
=
(
DWORD
)
&
StatusCode
[
8
];
char
nullbuffer
[
0x94
]
=
{
0
};
BOOL
isSuccess
=
false
;
__asm
{
pushad
;
pushfd
;
push
0x0
;
push
0x6
;
sub
esp
,
0x14
;
mov
ecx
,
esp
;
lea
eax
,
v4
;
push
eax
;
call
VerifyFriendApplyCall1
;
sub
esp
,
0x8
;
push
0x0
;
lea
eax
,
nullbuffer
;
push
eax
;
lea
eax
,
v3
;
push
eax
;
mov
ecx
,
param
;
call
VerifyFriendApplyCall2
;
mov
isSuccess
,
eax
;
popfd
;
popad
;
}
return
isSuccess
;
}
\ No newline at end of file
DWeChatRobot/VerifyFriendApply.h
0 → 100644
浏览文件 @
8c3e2ebf
#pragma once
#include<windows.h>
BOOL
__stdcall
VerifyFriendApply
(
wchar_t
*
v3_data
,
wchar_t
*
v4_data
);
extern
"C"
__declspec
(
dllexport
)
BOOL
VerifyFriendApplyRemote
(
LPVOID
lparameter
);
\ No newline at end of file
DWeChatRobot/dllmain.cpp
浏览文件 @
8c3e2ebf
...
...
@@ -24,6 +24,7 @@ BOOL APIENTRY DllMain( HMODULE hModule,
printf
(
"GetChatRoomMembers 0x%08X
\n
"
,
(
DWORD
)
GetChatRoomMembers
);
printf
(
"ExecuteSql 0x%08X
\n
"
,
(
DWORD
)
ExecuteSQL
);
printf
(
"BackupSQLiteDB 0x%08X
\n
"
,
(
DWORD
)
BackupSQLiteDBRemote
);
printf
(
"VerifyFriendApply 0x%08X
\n
"
,
(
DWORD
)
VerifyFriendApply
);
#endif
break
;
}
...
...
DWeChatRobot/pch.h
浏览文件 @
8c3e2ebf
...
...
@@ -27,6 +27,7 @@
#include "GetDbHandles.h"
#include "DbExecuteSql.h"
#include "DbBackup.h"
#include "VerifyFriendApply.h"
#include <vector>
#endif //PCH_H
...
...
Python/wxRobot.py
浏览文件 @
8c3e2ebf
...
...
@@ -230,3 +230,6 @@ class WeChatRobot():
pass
status
=
self
.
robot
.
CStopReceiveMessage
()
return
status
def
VerifyFriendApply
(
self
,
v3
,
v4
):
return
self
.
robot
.
CVerifyFriendApply
(
v3
,
v4
)
\ No newline at end of file
Release/CWeChatRobot.exe
浏览文件 @
8c3e2ebf
无法预览此类型文件
Release/DWeChatRobot.dll
浏览文件 @
8c3e2ebf
无法预览此类型文件
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录