Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
m0_71762220
ComWeChatRobot
提交
eb0b1414
C
ComWeChatRobot
项目概览
m0_71762220
/
ComWeChatRobot
与 Fork 源项目一致
从无法访问的项目Fork
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
C
ComWeChatRobot
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
eb0b1414
编写于
7月 22, 2022
作者:
L
ljc545w
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
提供多开管理Beta
上级
db86c422
变更
95
展开全部
隐藏空白更改
内联
并排
Showing
95 changed file
with
3178 addition
and
1697 deletion
+3178
-1697
CWeChatRobot/AddBrandContact.cpp
CWeChatRobot/AddBrandContact.cpp
+11
-3
CWeChatRobot/AddChatRoomMember.cpp
CWeChatRobot/AddChatRoomMember.cpp
+27
-9
CWeChatRobot/AddChatRoomMember.h
CWeChatRobot/AddChatRoomMember.h
+2
-2
CWeChatRobot/AddFriend.h
CWeChatRobot/AddFriend.h
+3
-3
CWeChatRobot/AddFriendByV3.cpp
CWeChatRobot/AddFriendByV3.cpp
+11
-3
CWeChatRobot/AddFriendByWxid.cpp
CWeChatRobot/AddFriendByWxid.cpp
+11
-3
CWeChatRobot/CheckFriendStatus.cpp
CWeChatRobot/CheckFriendStatus.cpp
+11
-3
CWeChatRobot/CheckFriendStatus.h
CWeChatRobot/CheckFriendStatus.h
+1
-1
CWeChatRobot/DbBackup.cpp
CWeChatRobot/DbBackup.cpp
+13
-3
CWeChatRobot/DbBackup.h
CWeChatRobot/DbBackup.h
+1
-1
CWeChatRobot/DbExecuteSql.cpp
CWeChatRobot/DbExecuteSql.cpp
+19
-7
CWeChatRobot/DbExecuteSql.h
CWeChatRobot/DbExecuteSql.h
+1
-1
CWeChatRobot/DelChatRoomMember.cpp
CWeChatRobot/DelChatRoomMember.cpp
+27
-9
CWeChatRobot/DelChatRoomMember.h
CWeChatRobot/DelChatRoomMember.h
+2
-2
CWeChatRobot/DeleteUser.cpp
CWeChatRobot/DeleteUser.cpp
+12
-3
CWeChatRobot/DeleteUser.h
CWeChatRobot/DeleteUser.h
+1
-1
CWeChatRobot/EditRemark.cpp
CWeChatRobot/EditRemark.cpp
+11
-3
CWeChatRobot/EditRemark.h
CWeChatRobot/EditRemark.h
+1
-1
CWeChatRobot/FriendList.cpp
CWeChatRobot/FriendList.cpp
+27
-11
CWeChatRobot/FriendList.h
CWeChatRobot/FriendList.h
+2
-2
CWeChatRobot/GetChatRoomMemberNickname.cpp
CWeChatRobot/GetChatRoomMemberNickname.cpp
+11
-2
CWeChatRobot/GetChatRoomMemberNickname.h
CWeChatRobot/GetChatRoomMemberNickname.h
+1
-1
CWeChatRobot/GetChatRoomMembers.cpp
CWeChatRobot/GetChatRoomMembers.cpp
+13
-3
CWeChatRobot/GetChatRoomMembers.h
CWeChatRobot/GetChatRoomMembers.h
+1
-1
CWeChatRobot/GetDbHandles.cpp
CWeChatRobot/GetDbHandles.cpp
+13
-3
CWeChatRobot/GetDbHandles.h
CWeChatRobot/GetDbHandles.h
+1
-1
CWeChatRobot/HookImageMessage.cpp
CWeChatRobot/HookImageMessage.cpp
+20
-5
CWeChatRobot/HookVoiceMessage.cpp
CWeChatRobot/HookVoiceMessage.cpp
+20
-5
CWeChatRobot/InjectDll.cpp
CWeChatRobot/InjectDll.cpp
+21
-33
CWeChatRobot/ReceiveMessage.cpp
CWeChatRobot/ReceiveMessage.cpp
+20
-11
CWeChatRobot/ReceiveMessage.h
CWeChatRobot/ReceiveMessage.h
+6
-6
CWeChatRobot/RobotEvent.cpp
CWeChatRobot/RobotEvent.cpp
+14
-2
CWeChatRobot/RobotEvent.h
CWeChatRobot/RobotEvent.h
+1
-1
CWeChatRobot/SearchContact.h
CWeChatRobot/SearchContact.h
+2
-2
CWeChatRobot/SearchContactByCache.cpp
CWeChatRobot/SearchContactByCache.cpp
+20
-8
CWeChatRobot/SearchContactByNet.cpp
CWeChatRobot/SearchContactByNet.cpp
+15
-5
CWeChatRobot/SelfInfo.cpp
CWeChatRobot/SelfInfo.cpp
+27
-11
CWeChatRobot/SelfInfo.h
CWeChatRobot/SelfInfo.h
+2
-2
CWeChatRobot/SendAppMsg.cpp
CWeChatRobot/SendAppMsg.cpp
+9
-2
CWeChatRobot/SendAppMsg.h
CWeChatRobot/SendAppMsg.h
+1
-1
CWeChatRobot/SendArticle.cpp
CWeChatRobot/SendArticle.cpp
+9
-3
CWeChatRobot/SendArticle.h
CWeChatRobot/SendArticle.h
+1
-1
CWeChatRobot/SendAtText.cpp
CWeChatRobot/SendAtText.cpp
+26
-11
CWeChatRobot/SendAtText.h
CWeChatRobot/SendAtText.h
+2
-2
CWeChatRobot/SendCard.cpp
CWeChatRobot/SendCard.cpp
+9
-2
CWeChatRobot/SendCard.h
CWeChatRobot/SendCard.h
+1
-1
CWeChatRobot/SendFile.cpp
CWeChatRobot/SendFile.cpp
+12
-6
CWeChatRobot/SendFile.h
CWeChatRobot/SendFile.h
+1
-1
CWeChatRobot/SendImage.cpp
CWeChatRobot/SendImage.cpp
+12
-6
CWeChatRobot/SendImage.h
CWeChatRobot/SendImage.h
+1
-1
CWeChatRobot/SendText.cpp
CWeChatRobot/SendText.cpp
+12
-6
CWeChatRobot/SendText.h
CWeChatRobot/SendText.h
+1
-1
CWeChatRobot/SetChatRoomAnnouncement.cpp
CWeChatRobot/SetChatRoomAnnouncement.cpp
+11
-2
CWeChatRobot/SetChatRoomAnnouncement.h
CWeChatRobot/SetChatRoomAnnouncement.h
+1
-1
CWeChatRobot/SetChatRoomName.cpp
CWeChatRobot/SetChatRoomName.cpp
+11
-2
CWeChatRobot/SetChatRoomName.h
CWeChatRobot/SetChatRoomName.h
+1
-1
CWeChatRobot/SetChatRoomSelfNickname.cpp
CWeChatRobot/SetChatRoomSelfNickname.cpp
+11
-2
CWeChatRobot/SetChatRoomSelfNickname.h
CWeChatRobot/SetChatRoomSelfNickname.h
+1
-1
CWeChatRobot/VerifyFriendApply.cpp
CWeChatRobot/VerifyFriendApply.cpp
+18
-8
CWeChatRobot/VerifyFriendApply.h
CWeChatRobot/VerifyFriendApply.h
+1
-1
CWeChatRobot/WeChatRobot.cpp
CWeChatRobot/WeChatRobot.cpp
+122
-83
CWeChatRobot/WeChatRobot.h
CWeChatRobot/WeChatRobot.h
+39
-39
CWeChatRobot/WeChatRobotCOM.idl
CWeChatRobot/WeChatRobotCOM.idl
+40
-40
CWeChatRobot/WeChatRobotCOM.vcxproj
CWeChatRobot/WeChatRobotCOM.vcxproj
+2
-0
CWeChatRobot/WeChatRobotCOM.vcxproj.filters
CWeChatRobot/WeChatRobotCOM.vcxproj.filters
+6
-0
CWeChatRobot/WeChatRobotCOM_i.h
CWeChatRobot/WeChatRobotCOM_i.h
+160
-80
CWeChatRobot/WeChatRobotCOM_p.c
CWeChatRobot/WeChatRobotCOM_p.c
+1247
-967
CWeChatRobot/ntapi.cpp
CWeChatRobot/ntapi.cpp
+92
-0
CWeChatRobot/ntapi.h
CWeChatRobot/ntapi.h
+287
-0
CWeChatRobot/pch.cpp
CWeChatRobot/pch.cpp
+67
-33
CWeChatRobot/pch.h
CWeChatRobot/pch.h
+7
-4
CWeChatRobot/robotdata.h
CWeChatRobot/robotdata.h
+1
-1
CWeChatRobot/wechatver.cpp
CWeChatRobot/wechatver.cpp
+11
-3
CWeChatRobot/wechatver.h
CWeChatRobot/wechatver.h
+1
-1
DWeChatRobot/CheckFriendStatus.cpp
DWeChatRobot/CheckFriendStatus.cpp
+2
-0
DWeChatRobot/DbExecuteSql.cpp
DWeChatRobot/DbExecuteSql.cpp
+2
-4
DWeChatRobot/HookImageMessage.cpp
DWeChatRobot/HookImageMessage.cpp
+5
-1
DWeChatRobot/HookVoiceMessage.cpp
DWeChatRobot/HookVoiceMessage.cpp
+5
-1
DWeChatRobot/LogMsgInfo.cpp
DWeChatRobot/LogMsgInfo.cpp
+26
-5
DWeChatRobot/ReceiveMessage.cpp
DWeChatRobot/ReceiveMessage.cpp
+22
-11
DWeChatRobot/SearchContactByNet.cpp
DWeChatRobot/SearchContactByNet.cpp
+9
-1
DWeChatRobot/comclient.cpp
DWeChatRobot/comclient.cpp
+2
-2
DWeChatRobot/comclient.h
DWeChatRobot/comclient.h
+4
-1
DWeChatRobot/wxdata.h
DWeChatRobot/wxdata.h
+1
-0
Python/test.py
Python/test.py
+25
-25
Python/wxRobot.py
Python/wxRobot.py
+240
-157
README.md
README.md
+6
-0
Release/CWeChatRobot.exe
Release/CWeChatRobot.exe
+0
-0
Release/DWeChatRobot.dll
Release/DWeChatRobot.dll
+0
-0
Release/socket/SWeChatRobot.dll
Release/socket/SWeChatRobot.dll
+0
-0
Release/socket/wxDriver.dll
Release/socket/wxDriver.dll
+0
-0
Release/socket/wxDriver64.dll
Release/socket/wxDriver64.dll
+0
-0
wxDriver/driver.h
wxDriver/driver.h
+2
-0
wxDriver/ntapi.cpp
wxDriver/ntapi.cpp
+91
-3
wxDriver/ntapi.h
wxDriver/ntapi.h
+100
-0
未找到文件。
CWeChatRobot/AddBrandContact.cpp
浏览文件 @
eb0b1414
#include "pch.h"
BOOL
AddBrandContact
(
wchar_t
*
PublicId
)
{
BOOL
AddBrandContact
(
DWORD
pid
,
wchar_t
*
PublicId
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
DWORD
dwRet
=
1
;
LPVOID
PublicIdaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
PublicIdaddr
)
if
(
!
PublicIdaddr
)
{
CloseHandle
(
hProcess
);
return
1
;
}
WriteProcessMemory
(
hProcess
,
PublicIdaddr
,
PublicId
,
wcslen
(
PublicId
)
*
2
+
2
,
&
dwWriteSize
);
DWORD
AddBrandContactAddr
=
WeChatRobotBase
+
AddBrandContactRemoteOffset
;
HANDLE
hThread
=
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
AddBrandContactAddr
,
(
LPVOID
)
PublicIdaddr
,
0
,
&
dwId
);
...
...
@@ -21,5 +28,6 @@ BOOL AddBrandContact(wchar_t* PublicId) {
}
VirtualFreeEx
(
hProcess
,
PublicIdaddr
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
\ No newline at end of file
CWeChatRobot/AddChatRoomMember.cpp
浏览文件 @
eb0b1414
...
...
@@ -7,10 +7,15 @@ struct AddChatRoomMemberStruct
DWORD
length
;
};
BOOL
AddChatRoomMember
(
wchar_t
*
chatroomid
,
wchar_t
*
wxid
)
{
BOOL
AddChatRoomMember
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
wxid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
DWORD
dwRet
=
0
;
...
...
@@ -19,7 +24,8 @@ BOOL AddChatRoomMember(wchar_t* chatroomid, wchar_t* wxid) {
LPVOID
chatroomidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
LPVOID
wxidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
AddChatRoomMemberStruct
*
paramAndFunc
=
(
AddChatRoomMemberStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
AddChatRoomMemberStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
chatroomidaddr
||
!
wxidaddr
||
!
paramAndFunc
||
!
WeChatRobotBase
)
{
if
(
!
chatroomidaddr
||
!
wxidaddr
||
!
paramAndFunc
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwTId
=
0
;
...
...
@@ -38,6 +44,7 @@ BOOL AddChatRoomMember(wchar_t* chatroomid, wchar_t* wxid) {
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
AddChatRoomMemberStruct
),
&
dwTId
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
...
...
@@ -49,17 +56,17 @@ BOOL AddChatRoomMember(wchar_t* chatroomid, wchar_t* wxid) {
CloseHandle
(
hThread
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
VirtualFreeEx
(
hProcess
,
chatroomidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
wxidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
BOOL
AddChatRoomMember
(
wchar_t
*
chatroomid
,
SAFEARRAY
*
psaValue
)
{
if
(
!
hProcess
)
return
1
;
BOOL
AddChatRoomMember
(
DWORD
pid
,
wchar_t
*
chatroomid
,
SAFEARRAY
*
psaValue
)
{
VARIANT
rgvar
;
rgvar
.
vt
=
VT_BSTR
;
HRESULT
hr
=
S_OK
;
...
...
@@ -69,17 +76,25 @@ BOOL AddChatRoomMember(wchar_t* chatroomid, SAFEARRAY* psaValue) {
VariantInit
(
&
rgvar
);
long
pIndex
=
0
;
hr
=
SafeArrayGetElement
(
psaValue
,
&
pIndex
,
&
rgvar
);
return
AddChatRoomMember
(
chatroomid
,
rgvar
.
bstrVal
);
return
AddChatRoomMember
(
pid
,
chatroomid
,
rgvar
.
bstrVal
);
}
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
vector
<
void
*>
wxidptrs
;
DWORD
dwWriteSize
=
0
;
DWORD
dwTId
=
0
;
DWORD
dwId
=
0
;
DWORD
dwRet
=
0
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
AddChatRoomMemberStruct
params
=
{
0
};
LPVOID
chatroomidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
LPVOID
wxidptrsaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
sizeof
(
void
*
)
*
cElements
,
MEM_COMMIT
,
PAGE_READWRITE
);
AddChatRoomMemberStruct
*
paramAndFunc
=
(
AddChatRoomMemberStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
AddChatRoomMemberStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
chatroomidaddr
||
!
wxidptrsaddr
||
!
paramAndFunc
||
!
WeChatRobotBase
)
{
if
(
!
chatroomidaddr
||
!
wxidptrsaddr
||
!
paramAndFunc
)
{
CloseHandle
(
hProcess
);
return
1
;
}
for
(
long
i
=
lLbound
;
i
<
lLbound
+
cElements
;
i
++
)
{
...
...
@@ -104,6 +119,7 @@ BOOL AddChatRoomMember(wchar_t* chatroomid, SAFEARRAY* psaValue) {
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
AddChatRoomMemberStruct
),
&
dwTId
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
AddChatRoomMemberAddr
=
WeChatRobotBase
+
AddChatRoomMemberRemoteOffset
;
...
...
@@ -114,6 +130,7 @@ BOOL AddChatRoomMember(wchar_t* chatroomid, SAFEARRAY* psaValue) {
CloseHandle
(
hThread
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
for
(
unsigned
int
i
=
0
;
i
<
wxidptrs
.
size
();
i
++
)
{
...
...
@@ -122,5 +139,6 @@ BOOL AddChatRoomMember(wchar_t* chatroomid, SAFEARRAY* psaValue) {
VirtualFreeEx
(
hProcess
,
chatroomidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
wxidptrsaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
\ No newline at end of file
CWeChatRobot/AddChatRoomMember.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
AddChatRoomMember
(
wchar_t
*
chatroomid
,
wchar_t
*
wxid
);
BOOL
AddChatRoomMember
(
wchar_t
*
chatroomid
,
SAFEARRAY
*
psaValue
);
\ No newline at end of file
BOOL
AddChatRoomMember
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
wxid
);
BOOL
AddChatRoomMember
(
DWORD
pid
,
wchar_t
*
chatroomid
,
SAFEARRAY
*
psaValue
);
\ No newline at end of file
CWeChatRobot/AddFriend.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
AddFriendByWxid
(
wchar_t
*
wxid
,
wchar_t
*
message
);
BOOL
AddFriendByV3
(
wchar_t
*
v3
,
wchar_t
*
message
,
int
AddType
);
BOOL
AddBrandContact
(
wchar_t
*
PublicId
);
\ No newline at end of file
BOOL
AddFriendByWxid
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
message
);
BOOL
AddFriendByV3
(
DWORD
pid
,
wchar_t
*
v3
,
wchar_t
*
message
,
int
AddType
);
BOOL
AddBrandContact
(
DWORD
pid
,
wchar_t
*
PublicId
);
\ No newline at end of file
CWeChatRobot/AddFriendByV3.cpp
浏览文件 @
eb0b1414
...
...
@@ -6,10 +6,15 @@ struct AddFriendByV3Struct {
DWORD
AddType
;
};
BOOL
AddFriendByV3
(
wchar_t
*
v3
,
wchar_t
*
message
,
int
AddType
)
{
BOOL
AddFriendByV3
(
DWORD
pid
,
wchar_t
*
v3
,
wchar_t
*
message
,
int
AddType
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
DWORD
dwRet
=
1
;
...
...
@@ -17,8 +22,10 @@ BOOL AddFriendByV3(wchar_t* v3, wchar_t* message,int AddType) {
LPVOID
v3addr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
LPVOID
messageaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
AddFriendByV3Struct
*
paramAndFunc
=
(
AddFriendByV3Struct
*
)
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
AddFriendByV3Struct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
v3addr
||
!
messageaddr
||
!
paramAndFunc
)
if
(
!
v3addr
||
!
messageaddr
||
!
paramAndFunc
)
{
CloseHandle
(
hProcess
);
return
1
;
}
WriteProcessMemory
(
hProcess
,
v3addr
,
v3
,
wcslen
(
v3
)
*
2
+
2
,
&
dwWriteSize
);
if
(
message
)
WriteProcessMemory
(
hProcess
,
messageaddr
,
message
,
wcslen
(
message
)
*
2
+
2
,
&
dwWriteSize
);
...
...
@@ -39,5 +46,6 @@ BOOL AddFriendByV3(wchar_t* v3, wchar_t* message,int AddType) {
VirtualFreeEx
(
hProcess
,
v3addr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
messageaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
\ No newline at end of file
CWeChatRobot/AddFriendByWxid.cpp
浏览文件 @
eb0b1414
...
...
@@ -5,10 +5,15 @@ struct AddFriendByWxidStruct {
DWORD
message
;
};
BOOL
AddFriendByWxid
(
wchar_t
*
wxid
,
wchar_t
*
message
)
{
BOOL
AddFriendByWxid
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
message
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
DWORD
dwRet
=
1
;
...
...
@@ -16,8 +21,10 @@ BOOL AddFriendByWxid(wchar_t* wxid,wchar_t* message) {
LPVOID
wxidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
LPVOID
messageaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
AddFriendByWxidStruct
*
paramAndFunc
=
(
AddFriendByWxidStruct
*
)
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
AddFriendByWxidStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
wxidaddr
||
!
messageaddr
||
!
paramAndFunc
)
if
(
!
wxidaddr
||
!
messageaddr
||
!
paramAndFunc
)
{
CloseHandle
(
hProcess
);
return
1
;
}
WriteProcessMemory
(
hProcess
,
wxidaddr
,
wxid
,
wcslen
(
wxid
)
*
2
+
2
,
&
dwWriteSize
);
if
(
message
)
WriteProcessMemory
(
hProcess
,
messageaddr
,
message
,
wcslen
(
message
)
*
2
+
2
,
&
dwWriteSize
);
...
...
@@ -37,5 +44,6 @@ BOOL AddFriendByWxid(wchar_t* wxid,wchar_t* message) {
VirtualFreeEx
(
hProcess
,
wxidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
messageaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
\ No newline at end of file
CWeChatRobot/CheckFriendStatus.cpp
浏览文件 @
eb0b1414
#include "pch.h"
DWORD
CheckFriendStatus
(
wchar_t
*
wxid
)
{
DWORD
CheckFriendStatus
(
DWORD
pid
,
wchar_t
*
wxid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
DWORD
dwStatus
=
0
;
LPVOID
wxidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
wxidaddr
)
if
(
!
wxidaddr
)
{
CloseHandle
(
hProcess
);
return
1
;
}
WriteProcessMemory
(
hProcess
,
wxidaddr
,
wxid
,
wcslen
(
wxid
)
*
2
+
2
,
&
dwWriteSize
);
DWORD
CheckFriendStatusRemoteAddr
=
WeChatRobotBase
+
CheckFriendStatusRemoteOffset
;
HANDLE
hThread
=
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
CheckFriendStatusRemoteAddr
,
(
LPVOID
)
wxidaddr
,
0
,
&
dwId
);
...
...
@@ -21,5 +28,6 @@ DWORD CheckFriendStatus(wchar_t* wxid) {
}
VirtualFreeEx
(
hProcess
,
wxidaddr
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwStatus
;
}
\ No newline at end of file
CWeChatRobot/CheckFriendStatus.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
DWORD
CheckFriendStatus
(
wchar_t
*
wxid
);
\ No newline at end of file
DWORD
CheckFriendStatus
(
DWORD
pid
,
wchar_t
*
wxid
);
\ No newline at end of file
CWeChatRobot/DbBackup.cpp
浏览文件 @
eb0b1414
...
...
@@ -6,16 +6,24 @@ struct BackupParams {
DWORD
savepath
;
};
BOOL
BackupSQLiteDB
(
DWORD
DbHandle
,
BSTR
savepath
)
{
BOOL
BackupSQLiteDB
(
DWORD
pid
,
DWORD
DbHandle
,
BSTR
savepath
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwHandle
=
0x0
;
DWORD
dwId
=
0x0
;
DWORD
dwWriteSize
=
0x0
;
LPVOID
savepathAddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
BackupParams
*
paramAndFunc
=
(
BackupParams
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
BackupParams
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
savepathAddr
||
!
paramAndFunc
)
if
(
!
savepathAddr
||
!
paramAndFunc
)
{
CloseHandle
(
hProcess
);
return
1
;
}
char
*
a_savepath
=
_com_util
::
ConvertBSTRToString
(
savepath
);
if
(
savepathAddr
)
WriteProcessMemory
(
hProcess
,
savepathAddr
,
a_savepath
,
strlen
(
a_savepath
)
+
1
,
&
dwWriteSize
);
...
...
@@ -26,7 +34,7 @@ BOOL BackupSQLiteDB(DWORD DbHandle, BSTR savepath) {
if
(
paramAndFunc
)
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
param
,
sizeof
(
BackupParams
),
&
dwWriteSize
);
DWORD
BackupSQLiteDBRemoteAddr
=
GetWeChatRobotBase
()
+
BackupSQLiteDBRemoteOffset
;
DWORD
BackupSQLiteDBRemoteAddr
=
WeChatRobotBase
+
BackupSQLiteDBRemoteOffset
;
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
BackupSQLiteDBRemoteAddr
,
(
LPVOID
)
paramAndFunc
,
0
,
&
dwId
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
...
...
@@ -34,9 +42,11 @@ BOOL BackupSQLiteDB(DWORD DbHandle, BSTR savepath) {
CloseHandle
(
hThread
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
VirtualFreeEx
(
hProcess
,
savepathAddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwHandle
;
}
\ No newline at end of file
CWeChatRobot/DbBackup.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
BackupSQLiteDB
(
DWORD
DbHandle
,
BSTR
savepath
);
\ No newline at end of file
BOOL
BackupSQLiteDB
(
DWORD
pid
,
DWORD
DbHandle
,
BSTR
savepath
);
\ No newline at end of file
CWeChatRobot/DbExecuteSql.cpp
浏览文件 @
eb0b1414
...
...
@@ -106,7 +106,7 @@ SAFEARRAY* CreateSQLResultSafeArray() {
}
// 读出查询结果
VOID
ReadSQLResultFromWeChatProcess
(
DWORD
dwHandle
)
{
VOID
ReadSQLResultFromWeChatProcess
(
HANDLE
hProcess
,
DWORD
dwHandle
)
{
executeResult
result
=
{
0
};
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
dwHandle
,
&
result
,
sizeof
(
executeResult
),
0
);
for
(
unsigned
int
i
=
0
;
i
<
result
.
length
;
i
++
)
{
...
...
@@ -146,17 +146,25 @@ VOID ReadSQLResultFromWeChatProcess(DWORD dwHandle) {
}
}
SAFEARRAY
*
ExecuteSQL
(
DWORD
DbHandle
,
BSTR
sql
)
{
SAFEARRAY
*
ExecuteSQL
(
DWORD
pid
,
DWORD
DbHandle
,
BSTR
sql
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
NULL
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
NULL
;
}
ClearResultArray
();
DWORD
dwHandle
=
0x0
;
DWORD
dwId
=
0x0
;
DWORD
dwWriteSize
=
0x0
;
LPVOID
sqlAddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
executeParams
*
paramAndFunc
=
(
executeParams
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
executeParams
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
sqlAddr
||
!
paramAndFunc
)
if
(
!
sqlAddr
||
!
paramAndFunc
)
{
CloseHandle
(
hProcess
);
return
NULL
;
}
char
*
a_sql
=
_com_util
::
ConvertBSTRToString
(
sql
);
if
(
sqlAddr
)
WriteProcessMemory
(
hProcess
,
sqlAddr
,
a_sql
,
strlen
(
a_sql
)
+
1
,
&
dwWriteSize
);
...
...
@@ -167,8 +175,8 @@ SAFEARRAY* ExecuteSQL(DWORD DbHandle,BSTR sql) {
if
(
paramAndFunc
)
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
param
,
sizeof
(
executeParams
),
&
dwWriteSize
);
// DWORD ExecuteSQLRemoteAddr =
GetWeChatRobotBase()
+ ExecuteSQLRemoteOffset;
DWORD
SelectDataRemoteAddr
=
GetWeChatRobotBase
()
+
SelectDataRemoteOffset
;
// DWORD ExecuteSQLRemoteAddr =
WeChatRobotBase
+ ExecuteSQLRemoteOffset;
DWORD
SelectDataRemoteAddr
=
WeChatRobotBase
+
SelectDataRemoteOffset
;
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
SelectDataRemoteAddr
,
(
LPVOID
)
paramAndFunc
,
0
,
&
dwId
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
...
...
@@ -176,13 +184,17 @@ SAFEARRAY* ExecuteSQL(DWORD DbHandle,BSTR sql) {
CloseHandle
(
hThread
);
}
else
{
CloseHandle
(
hProcess
);
return
NULL
;
}
if
(
!
dwHandle
)
if
(
!
dwHandle
)
{
CloseHandle
(
hProcess
);
return
NULL
;
ReadSQLResultFromWeChatProcess
(
dwHandle
);
}
ReadSQLResultFromWeChatProcess
(
hProcess
,
dwHandle
);
SAFEARRAY
*
psaValue
=
CreateSQLResultSafeArray
();
VirtualFreeEx
(
hProcess
,
sqlAddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
psaValue
;
}
\ No newline at end of file
CWeChatRobot/DbExecuteSql.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
SAFEARRAY
*
ExecuteSQL
(
DWORD
DbHandle
,
BSTR
sql
);
\ No newline at end of file
SAFEARRAY
*
ExecuteSQL
(
DWORD
pid
,
DWORD
DbHandle
,
BSTR
sql
);
\ No newline at end of file
CWeChatRobot/DelChatRoomMember.cpp
浏览文件 @
eb0b1414
...
...
@@ -7,10 +7,15 @@ struct DelChatRoomMemberStruct
DWORD
length
;
};
BOOL
DelChatRoomMember
(
wchar_t
*
chatroomid
,
wchar_t
*
wxid
)
{
BOOL
DelChatRoomMember
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
wxid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
DWORD
dwRet
=
0
;
...
...
@@ -19,7 +24,8 @@ BOOL DelChatRoomMember(wchar_t* chatroomid, wchar_t* wxid) {
LPVOID
chatroomidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
LPVOID
wxidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
DelChatRoomMemberStruct
*
paramAndFunc
=
(
DelChatRoomMemberStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
DelChatRoomMemberStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
chatroomidaddr
||
!
wxidaddr
||
!
paramAndFunc
||
!
WeChatRobotBase
)
{
if
(
!
chatroomidaddr
||
!
wxidaddr
||
!
paramAndFunc
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwTId
=
0
;
...
...
@@ -38,6 +44,7 @@ BOOL DelChatRoomMember(wchar_t* chatroomid, wchar_t* wxid) {
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
DelChatRoomMemberStruct
),
&
dwTId
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
...
...
@@ -49,17 +56,17 @@ BOOL DelChatRoomMember(wchar_t* chatroomid, wchar_t* wxid) {
CloseHandle
(
hThread
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
VirtualFreeEx
(
hProcess
,
chatroomidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
wxidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
BOOL
DelChatRoomMember
(
wchar_t
*
chatroomid
,
SAFEARRAY
*
psaValue
)
{
if
(
!
hProcess
)
return
1
;
BOOL
DelChatRoomMember
(
DWORD
pid
,
wchar_t
*
chatroomid
,
SAFEARRAY
*
psaValue
)
{
VARIANT
rgvar
;
rgvar
.
vt
=
VT_BSTR
;
HRESULT
hr
=
S_OK
;
...
...
@@ -69,17 +76,25 @@ BOOL DelChatRoomMember(wchar_t* chatroomid, SAFEARRAY* psaValue) {
VariantInit
(
&
rgvar
);
long
pIndex
=
0
;
hr
=
SafeArrayGetElement
(
psaValue
,
&
pIndex
,
&
rgvar
);
return
DelChatRoomMember
(
chatroomid
,
rgvar
.
bstrVal
);
return
DelChatRoomMember
(
pid
,
chatroomid
,
rgvar
.
bstrVal
);
}
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
vector
<
void
*>
wxidptrs
;
DWORD
dwWriteSize
=
0
;
DWORD
dwTId
=
0
;
DWORD
dwId
=
0
;
DWORD
dwRet
=
0
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DelChatRoomMemberStruct
params
=
{
0
};
LPVOID
chatroomidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
LPVOID
wxidptrsaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
sizeof
(
void
*
)
*
cElements
,
MEM_COMMIT
,
PAGE_READWRITE
);
DelChatRoomMemberStruct
*
paramAndFunc
=
(
DelChatRoomMemberStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
DelChatRoomMemberStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
chatroomidaddr
||
!
wxidptrsaddr
||
!
paramAndFunc
||
!
WeChatRobotBase
)
{
if
(
!
chatroomidaddr
||
!
wxidptrsaddr
||
!
paramAndFunc
)
{
CloseHandle
(
hProcess
);
return
1
;
}
for
(
long
i
=
lLbound
;
i
<
lLbound
+
cElements
;
i
++
)
{
...
...
@@ -104,6 +119,7 @@ BOOL DelChatRoomMember(wchar_t* chatroomid, SAFEARRAY* psaValue) {
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
DelChatRoomMemberStruct
),
&
dwTId
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
DelChatRoomMemberAddr
=
WeChatRobotBase
+
DelChatRoomMemberRemoteOffset
;
...
...
@@ -114,6 +130,7 @@ BOOL DelChatRoomMember(wchar_t* chatroomid, SAFEARRAY* psaValue) {
CloseHandle
(
hThread
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
for
(
unsigned
int
i
=
0
;
i
<
wxidptrs
.
size
();
i
++
)
{
...
...
@@ -122,5 +139,6 @@ BOOL DelChatRoomMember(wchar_t* chatroomid, SAFEARRAY* psaValue) {
VirtualFreeEx
(
hProcess
,
chatroomidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
wxidptrsaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
\ No newline at end of file
CWeChatRobot/DelChatRoomMember.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
DelChatRoomMember
(
wchar_t
*
chatroomid
,
wchar_t
*
wxid
);
BOOL
DelChatRoomMember
(
wchar_t
*
chatroomid
,
SAFEARRAY
*
psaValue
);
\ No newline at end of file
BOOL
DelChatRoomMember
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
wxid
);
BOOL
DelChatRoomMember
(
DWORD
pid
,
wchar_t
*
chatroomid
,
SAFEARRAY
*
psaValue
);
\ No newline at end of file
CWeChatRobot/DeleteUser.cpp
浏览文件 @
eb0b1414
#include "pch.h"
BOOL
DeleteUser
(
wchar_t
*
wxid
)
{
BOOL
DeleteUser
(
DWORD
pid
,
wchar_t
*
wxid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
DeleteUserRemoteAddr
=
GetWeChatRobotBase
()
+
DeleteUserRemoteOffset
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
DeleteUserRemoteAddr
=
WeChatRobotBase
+
DeleteUserRemoteOffset
;
LPVOID
wxidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
DWORD
dwWriteSize
=
0
;
DWORD
dwId
=
0
;
DWORD
dwRet
=
0
;
if
(
!
wxidaddr
)
if
(
!
wxidaddr
)
{
CloseHandle
(
hProcess
);
return
1
;
}
WriteProcessMemory
(
hProcess
,
wxidaddr
,
wxid
,
wcslen
(
wxid
)
*
2
+
2
,
&
dwWriteSize
);
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
DeleteUserRemoteAddr
,
wxidaddr
,
0
,
&
dwId
);
if
(
hThread
)
{
...
...
@@ -18,5 +26,6 @@ BOOL DeleteUser(wchar_t* wxid) {
CloseHandle
(
hThread
);
}
VirtualFreeEx
(
hProcess
,
wxidaddr
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
\ No newline at end of file
CWeChatRobot/DeleteUser.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
DeleteUser
(
wchar_t
*
wxid
);
\ No newline at end of file
BOOL
DeleteUser
(
DWORD
pid
,
wchar_t
*
wxid
);
\ No newline at end of file
CWeChatRobot/EditRemark.cpp
浏览文件 @
eb0b1414
...
...
@@ -5,10 +5,15 @@ struct EditRemarkStruct {
DWORD
remark
;
};
BOOL
EditRemark
(
wchar_t
*
wxid
,
wchar_t
*
remark
)
{
BOOL
EditRemark
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
remark
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
DWORD
dwRet
=
1
;
...
...
@@ -16,8 +21,10 @@ BOOL EditRemark(wchar_t* wxid, wchar_t* remark) {
LPVOID
wxidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
LPVOID
remarkaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
EditRemarkStruct
*
paramAndFunc
=
(
EditRemarkStruct
*
)
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
EditRemarkStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
wxidaddr
||
!
remarkaddr
||
!
paramAndFunc
)
if
(
!
wxidaddr
||
!
remarkaddr
||
!
paramAndFunc
)
{
CloseHandle
(
hProcess
);
return
1
;
}
WriteProcessMemory
(
hProcess
,
wxidaddr
,
wxid
,
wcslen
(
wxid
)
*
2
+
2
,
&
dwWriteSize
);
if
(
remark
)
WriteProcessMemory
(
hProcess
,
remarkaddr
,
remark
,
wcslen
(
remark
)
*
2
+
2
,
&
dwWriteSize
);
...
...
@@ -37,5 +44,6 @@ BOOL EditRemark(wchar_t* wxid, wchar_t* remark) {
VirtualFreeEx
(
hProcess
,
wxidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
remarkaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
\ No newline at end of file
CWeChatRobot/EditRemark.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
EditRemark
(
wchar_t
*
wxid
,
wchar_t
*
remark
);
\ No newline at end of file
BOOL
EditRemark
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
remark
);
\ No newline at end of file
CWeChatRobot/FriendList.cpp
浏览文件 @
eb0b1414
...
...
@@ -16,7 +16,7 @@ struct WxFriendStruct {
WxFriendStruct
*
WxFriendList
;
void
ReadFriendMessageByAddress
(
WxFriendAddrStruct
*
lpWxFriendAddr
,
WxFriendStruct
*
lpWxFriend
)
{
void
ReadFriendMessageByAddress
(
HANDLE
hProcess
,
WxFriendAddrStruct
*
lpWxFriendAddr
,
WxFriendStruct
*
lpWxFriend
)
{
DWORD
length
=
0
;
DWORD
bufferaddr
=
0
;
...
...
@@ -119,12 +119,18 @@ SAFEARRAY* CreateFriendArray(int FriendCount) {
return
psaValue
;
}
SAFEARRAY
*
GetFriendList
()
{
SAFEARRAY
*
GetFriendList
(
DWORD
pid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
NULL
;
DWORD
GetFriendListInitAddr
=
GetWeChatRobotBase
()
+
GetFriendListInitOffset
;
DWORD
GetFriendListRemoteAddr
=
GetWeChatRobotBase
()
+
GetFriendListRemoteOffset
;
DWORD
GetFriendListFinishAddr
=
GetWeChatRobotBase
()
+
GetFriendListFinishOffset
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
NULL
;
}
DWORD
GetFriendListInitAddr
=
WeChatRobotBase
+
GetFriendListInitOffset
;
DWORD
GetFriendListRemoteAddr
=
WeChatRobotBase
+
GetFriendListRemoteOffset
;
DWORD
GetFriendListFinishAddr
=
WeChatRobotBase
+
GetFriendListFinishOffset
;
DWORD
FriendCount
=
0
;
DWORD
dwId
,
dwHandle
=
0
;
// 获取好友列表的长度
...
...
@@ -150,12 +156,13 @@ SAFEARRAY* GetFriendList() {
WxFriendList
[
i
]
=
{
0
};
ZeroMemory
(
&
WxFriendAddr
,
sizeof
(
WxFriendAddrStruct
));
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
dwHandle
,
&
WxFriendAddr
,
sizeof
(
WxFriendAddrStruct
),
0
);
ReadFriendMessageByAddress
(
&
WxFriendAddr
,
&
WxFriendList
[
i
]);
ReadFriendMessageByAddress
(
hProcess
,
&
WxFriendAddr
,
&
WxFriendList
[
i
]);
// 保存下一个好友数据的结构体
dwHandle
+=
sizeof
(
WxFriendAddrStruct
);
}
}
else
{
CloseHandle
(
hProcess
);
return
NULL
;
}
// 清除微信进程空间中的缓存
...
...
@@ -171,15 +178,22 @@ SAFEARRAY* GetFriendList() {
}
delete
[]
WxFriendList
;
WxFriendList
=
NULL
;
CloseHandle
(
hProcess
);
return
psaValue
;
}
std
::
wstring
GetFriendListString
()
{
std
::
wstring
GetFriendListString
(
DWORD
pid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
L"[]"
;
DWORD
GetFriendListInitAddr
=
GetWeChatRobotBase
()
+
GetFriendListInitOffset
;
DWORD
GetFriendListRemoteAddr
=
GetWeChatRobotBase
()
+
GetFriendListRemoteOffset
;
DWORD
GetFriendListFinishAddr
=
GetWeChatRobotBase
()
+
GetFriendListFinishOffset
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
L"[]"
;
}
DWORD
GetFriendListInitAddr
=
WeChatRobotBase
+
GetFriendListInitOffset
;
DWORD
GetFriendListRemoteAddr
=
WeChatRobotBase
+
GetFriendListRemoteOffset
;
DWORD
GetFriendListFinishAddr
=
WeChatRobotBase
+
GetFriendListFinishOffset
;
DWORD
FriendCount
=
0
;
DWORD
dwId
,
dwHandle
=
0
;
// 获取好友列表的长度
...
...
@@ -205,12 +219,13 @@ std::wstring GetFriendListString() {
WxFriendList
[
i
]
=
{
0
};
ZeroMemory
(
&
WxFriendAddr
,
sizeof
(
WxFriendAddrStruct
));
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
dwHandle
,
&
WxFriendAddr
,
sizeof
(
WxFriendAddrStruct
),
0
);
ReadFriendMessageByAddress
(
&
WxFriendAddr
,
&
WxFriendList
[
i
]);
ReadFriendMessageByAddress
(
hProcess
,
&
WxFriendAddr
,
&
WxFriendList
[
i
]);
// 保存下一个好友数据的结构体
dwHandle
+=
sizeof
(
WxFriendAddrStruct
);
}
}
else
{
CloseHandle
(
hProcess
);
return
L"[]"
;
}
// 清除微信进程空间中的缓存
...
...
@@ -235,5 +250,6 @@ std::wstring GetFriendListString() {
// 释放全局变量
delete
[]
WxFriendList
;
WxFriendList
=
NULL
;
CloseHandle
(
hProcess
);
return
message
;
}
\ No newline at end of file
CWeChatRobot/FriendList.h
浏览文件 @
eb0b1414
...
...
@@ -2,5 +2,5 @@
#include<windows.h>
#include<iostream>
using
namespace
std
;
SAFEARRAY
*
GetFriendList
();
std
::
wstring
GetFriendListString
();
\ No newline at end of file
SAFEARRAY
*
GetFriendList
(
DWORD
pid
);
std
::
wstring
GetFriendListString
(
DWORD
pid
);
\ No newline at end of file
CWeChatRobot/GetChatRoomMemberNickname.cpp
浏览文件 @
eb0b1414
...
...
@@ -7,10 +7,15 @@ struct ChatRoomMemberNicknameStruct
DWORD
nickname
;
};
wstring
GetChatRoomMemberNickname
(
wchar_t
*
chatroomid
,
wchar_t
*
wxid
)
{
wstring
GetChatRoomMemberNickname
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
wxid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
L""
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
L""
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
DWORD
dwRet
=
0
;
...
...
@@ -21,6 +26,7 @@ wstring GetChatRoomMemberNickname(wchar_t* chatroomid, wchar_t* wxid) {
LPVOID
nicknameaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
33
*
2
,
MEM_COMMIT
,
PAGE_READWRITE
);
ChatRoomMemberNicknameStruct
*
paramAndFunc
=
(
ChatRoomMemberNicknameStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
ChatRoomMemberNicknameStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
chatroomidaddr
||
!
wxidaddr
||
!
nicknameaddr
||
!
paramAndFunc
)
{
CloseHandle
(
hProcess
);
return
L""
;
}
DWORD
dwTId
=
0
;
...
...
@@ -39,6 +45,7 @@ wstring GetChatRoomMemberNickname(wchar_t* chatroomid, wchar_t* wxid) {
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
params
),
&
dwTId
);
}
else
{
CloseHandle
(
hProcess
);
return
L""
;
}
...
...
@@ -50,6 +57,7 @@ wstring GetChatRoomMemberNickname(wchar_t* chatroomid, wchar_t* wxid) {
CloseHandle
(
hThread
);
}
else
{
CloseHandle
(
hProcess
);
return
L""
;
}
wchar_t
*
buffer
=
new
wchar_t
[
33
];
...
...
@@ -60,5 +68,6 @@ wstring GetChatRoomMemberNickname(wchar_t* chatroomid, wchar_t* wxid) {
VirtualFreeEx
(
hProcess
,
chatroomidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
nicknameaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
nickname
;
}
\ No newline at end of file
CWeChatRobot/GetChatRoomMemberNickname.h
浏览文件 @
eb0b1414
...
...
@@ -3,4 +3,4 @@
#include<iostream>
using
namespace
std
;
wstring
GetChatRoomMemberNickname
(
wchar_t
*
chatroomid
,
wchar_t
*
wxid
);
\ No newline at end of file
wstring
GetChatRoomMemberNickname
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
wxid
);
\ No newline at end of file
CWeChatRobot/GetChatRoomMembers.cpp
浏览文件 @
eb0b1414
...
...
@@ -5,10 +5,15 @@ struct ChatRoomInfoStruct {
DWORD
length
;
};
SAFEARRAY
*
GetChatRoomMembers
(
wchar_t
*
chatroomid
)
{
SAFEARRAY
*
GetChatRoomMembers
(
DWORD
pid
,
wchar_t
*
chatroomid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
NULL
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
NULL
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
DWORD
dwHandle
=
0
;
...
...
@@ -16,6 +21,7 @@ SAFEARRAY* GetChatRoomMembers(wchar_t* chatroomid) {
ChatRoomInfoStruct
chatroominfo
=
{
0
};
LPVOID
chatroomidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
chatroomidaddr
||
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
NULL
;
}
else
{
...
...
@@ -29,10 +35,13 @@ SAFEARRAY* GetChatRoomMembers(wchar_t* chatroomid) {
GetExitCodeThread
(
hThread
,
&
dwHandle
);
}
else
{
CloseHandle
(
hProcess
);
return
NULL
;
}
if
(
!
dwHandle
)
if
(
!
dwHandle
)
{
CloseHandle
(
hProcess
);
return
NULL
;
}
ReadProcessMemory
(
hProcess
,(
LPCVOID
)
dwHandle
,
&
chatroominfo
,
sizeof
(
ChatRoomInfoStruct
),
0
);
wchar_t
*
members
=
new
wchar_t
[
chatroominfo
.
length
+
1
];
ZeroMemory
(
members
,
(
chatroominfo
.
length
+
1
)
*
2
);
...
...
@@ -51,5 +60,6 @@ SAFEARRAY* GetChatRoomMembers(wchar_t* chatroomid) {
hr
=
SafeArrayPutElement
(
psaValue
,
keyIndex
,
&
(
_variant_t
)
members
);
delete
[]
members
;
members
=
NULL
;
CloseHandle
(
hProcess
);
return
psaValue
;
}
\ No newline at end of file
CWeChatRobot/GetChatRoomMembers.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
SAFEARRAY
*
GetChatRoomMembers
(
wchar_t
*
chatroomid
);
\ No newline at end of file
SAFEARRAY
*
GetChatRoomMembers
(
DWORD
pid
,
wchar_t
*
chatroomid
);
\ No newline at end of file
CWeChatRobot/GetDbHandles.cpp
浏览文件 @
eb0b1414
...
...
@@ -85,12 +85,18 @@ SAFEARRAY* CreateDbInfoSafeArray() {
return
psaValue
;
}
SAFEARRAY
*
GetDbHandles
()
{
SAFEARRAY
*
GetDbHandles
(
DWORD
pid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
NULL
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
NULL
;
}
DWORD
dwHandle
=
0x0
;
DWORD
dwId
=
0x0
;
DWORD
GetDbHandlesRemoteAddr
=
GetWeChatRobotBase
()
+
GetDbHandlesRemoteOffset
;
DWORD
GetDbHandlesRemoteAddr
=
WeChatRobotBase
+
GetDbHandlesRemoteOffset
;
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
GetDbHandlesRemoteAddr
,
NULL
,
0
,
&
dwId
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
...
...
@@ -98,10 +104,13 @@ SAFEARRAY* GetDbHandles() {
CloseHandle
(
hThread
);
}
else
{
CloseHandle
(
hProcess
);
return
NULL
;
}
if
(
!
dwHandle
)
if
(
!
dwHandle
)
{
CloseHandle
(
hProcess
);
return
NULL
;
}
while
(
1
)
{
DbInfoAddrStruct
dbaddr
=
{
0
};
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
dwHandle
,
&
dbaddr
,
sizeof
(
DbInfoAddrStruct
),
0
);
...
...
@@ -132,5 +141,6 @@ SAFEARRAY* GetDbHandles() {
dwHandle
+=
sizeof
(
DbInfoAddrStruct
);
}
SAFEARRAY
*
psaValue
=
CreateDbInfoSafeArray
();
CloseHandle
(
hProcess
);
return
psaValue
;
}
\ No newline at end of file
CWeChatRobot/GetDbHandles.h
浏览文件 @
eb0b1414
#pragma once
#include <windows.h>
SAFEARRAY
*
GetDbHandles
();
\ No newline at end of file
SAFEARRAY
*
GetDbHandles
(
DWORD
pid
);
\ No newline at end of file
CWeChatRobot/HookImageMessage.cpp
浏览文件 @
eb0b1414
#include "pch.h"
BOOL
HookImageMsg
(
wchar_t
*
savepath
)
{
BOOL
HookImageMsg
(
DWORD
pid
,
wchar_t
*
savepath
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwRet
=
0x0
;
LPVOID
savepathaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
DWORD
dwWriteSize
=
0
;
if
(
!
savepathaddr
)
if
(
!
savepathaddr
)
{
CloseHandle
(
hProcess
);
return
1
;
}
WriteProcessMemory
(
hProcess
,
savepathaddr
,
savepath
,
wcslen
(
savepath
)
*
2
+
2
,
&
dwWriteSize
);
DWORD
HookImageMsgRemoteAddr
=
WeChatRobotBase
+
HookImageMsgRemoteOffset
;
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
HookImageMsgRemoteAddr
,
savepathaddr
,
0
,
&
dwId
);
...
...
@@ -19,17 +26,25 @@ BOOL HookImageMsg(wchar_t* savepath) {
CloseHandle
(
hThread
);
}
VirtualFreeEx
(
hProcess
,
savepathaddr
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
void
UnHookImageMsg
()
{
void
UnHookImageMsg
(
DWORD
pid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
;
}
DWORD
dwId
=
0x0
;
DWORD
UnHookImageMsgRemoteAddr
=
GetWeChatRobotBase
()
+
UnHookImageMsgRemoteOffset
;
DWORD
UnHookImageMsgRemoteAddr
=
WeChatRobotBase
+
UnHookImageMsgRemoteOffset
;
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
UnHookImageMsgRemoteAddr
,
NULL
,
0
,
&
dwId
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
CloseHandle
(
hThread
);
}
CloseHandle
(
hProcess
);
}
\ No newline at end of file
CWeChatRobot/HookVoiceMessage.cpp
浏览文件 @
eb0b1414
#include "pch.h"
BOOL
HookVoiceMsg
(
wchar_t
*
savepath
)
{
BOOL
HookVoiceMsg
(
DWORD
pid
,
wchar_t
*
savepath
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwRet
=
0x0
;
LPVOID
savepathaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
DWORD
dwWriteSize
=
0
;
if
(
!
savepathaddr
)
if
(
!
savepathaddr
)
{
CloseHandle
(
hProcess
);
return
1
;
}
WriteProcessMemory
(
hProcess
,
savepathaddr
,
savepath
,
wcslen
(
savepath
)
*
2
+
2
,
&
dwWriteSize
);
DWORD
HookVoiceMsgRemoteAddr
=
WeChatRobotBase
+
HookVoiceMsgRemoteOffset
;
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
HookVoiceMsgRemoteAddr
,
savepathaddr
,
0
,
&
dwId
);
...
...
@@ -19,17 +26,25 @@ BOOL HookVoiceMsg(wchar_t* savepath) {
CloseHandle
(
hThread
);
}
VirtualFreeEx
(
hProcess
,
savepathaddr
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
void
UnHookVoiceMsg
()
{
void
UnHookVoiceMsg
(
DWORD
pid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
;
}
DWORD
dwId
=
0x0
;
DWORD
UnHookVoiceMsgRemoteAddr
=
GetWeChatRobotBase
()
+
UnHookVoiceMsgRemoteOffset
;
DWORD
UnHookVoiceMsgRemoteAddr
=
WeChatRobotBase
+
UnHookVoiceMsgRemoteOffset
;
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
UnHookVoiceMsgRemoteAddr
,
NULL
,
0
,
&
dwId
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
CloseHandle
(
hThread
);
}
CloseHandle
(
hProcess
);
}
\ No newline at end of file
CWeChatRobot/InjectDll.cpp
浏览文件 @
eb0b1414
#include "pch.h"
bool
InjectDll
(
DWORD
dwId
,
WCHAR
*
szPath
)
//参数1:目标进程PID 参数2:DLL路径
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
dwId
);
if
(
!
hProcess
)
return
1
;
if
(
GetWeChatRobotBase
()
!=
0
)
{
if
(
GetWeChatRobotBase
(
dwId
)
!=
0
)
{
CloseHandle
(
hProcess
);
return
0
;
}
...
...
@@ -16,6 +17,7 @@ bool InjectDll(DWORD dwId, WCHAR* szPath)//
WriteProcessMemory
(
hProcess
,
pRemoteAddress
,
szPath
,
wcslen
(
szPath
)
*
2
+
2
,
&
dwWriteSize
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
...
...
@@ -24,11 +26,12 @@ bool InjectDll(DWORD dwId, WCHAR* szPath)//
WaitForSingleObject
(
hThread
,
-
1
);
}
else
{
VirtualFreeEx
(
hProcess
,
pRemoteAddress
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
1
;
}
CloseHandle
(
hThread
);
VirtualFreeEx
(
hProcess
,
pRemoteAddress
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
0
;
}
...
...
@@ -49,51 +52,36 @@ bool Inject(DWORD dwPid,wchar_t* workPath) {
}
BOOL
RemoveDll
(
DWORD
dwId
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
dwId
);
if
(
!
hProcess
)
return
1
;
LPVOID
pRemoteAddress
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
DWORD
dwWriteSize
=
0
;
HANDLE
hThread
=
NULL
;
DWORD
dwHandle
,
dwID
;
LPVOID
pFunc
=
NULL
;
if
(
pRemoteAddress
)
WriteProcessMemory
(
hProcess
,
pRemoteAddress
,
dllname
,
wcslen
(
dllname
)
*
2
+
2
,
&
dwWriteSize
);
else
{
return
1
;
}
pFunc
=
GetModuleHandleW
;
hThread
=
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
pFunc
,
pRemoteAddress
,
0
,
&
dwID
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
GetExitCodeThread
(
hThread
,
&
dwHandle
);
}
else
{
return
1
;
}
CloseHandle
(
hThread
);
if
(
!
dwHandle
)
{
VirtualFreeEx
(
hProcess
,
pRemoteAddress
,
0
,
MEM_RELEASE
);
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
dwId
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
0
;
}
pFunc
=
FreeConsole
;
hThread
=
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
pFunc
,
NULL
,
0
,
&
dwID
);
DWORD
dwWriteSize
=
0
;
HANDLE
hThread
=
NULL
;
DWORD
dwID
=
0
;
hThread
=
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
FreeConsole
,
NULL
,
0
,
&
dwID
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
CloseHandle
(
hThread
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
CloseHandle
(
hThread
);
pFunc
=
FreeLibrary
;
hThread
=
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
pFunc
,
(
LPVOID
)
dwHandle
,
0
,
&
dwID
);
hThread
=
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
FreeLibrary
,
(
LPVOID
)
WeChatRobotBase
,
0
,
&
dwID
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
CloseHandle
(
hThread
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
CloseHandle
(
hThread
);
VirtualFreeEx
(
hProcess
,
pRemoteAddress
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
0
;
}
CWeChatRobot/ReceiveMessage.cpp
浏览文件 @
eb0b1414
#include "pch.h"
BOOL
ReceiveMessageHooked
=
FALSE
;
BOOL
StartReceiveMessage
(
int
port
)
{
if
(
!
hProcess
||
ReceiveMessageHooked
)
BOOL
StartReceiveMessage
(
DWORD
pid
,
int
port
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
}
DWORD
dwId
=
0
;
DWORD
HookReceiveMessageAddr
=
WeChatRobotBase
+
HookReceiveMessageRemoteOffset
;
...
...
@@ -14,19 +17,24 @@ BOOL StartReceiveMessage(int port) {
WaitForSingleObject
(
hThread
,
INFINITE
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
CloseHandle
(
hThread
);
ReceiveMessageHooked
=
TRUE
;
CloseHandle
(
hProcess
)
;
return
0
;
}
BOOL
StopReceiveMessage
()
{
if
(
!
hProcess
||
!
ReceiveMessageHooked
)
{
ReceiveMessageHooked
=
FALSE
;
BOOL
StopReceiveMessage
(
DWORD
pid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
{
return
1
;
}
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
dwId
=
0
;
DWORD
UnHookReceiveMessageAddr
=
WeChatRobotBase
+
UnHookReceiveMessageRemoteOffset
;
...
...
@@ -35,9 +43,10 @@ BOOL StopReceiveMessage() {
WaitForSingleObject
(
hThread
,
INFINITE
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
CloseHandle
(
hThread
);
ReceiveMessageHooked
=
FALSE
;
CloseHandle
(
hProcess
)
;
return
0
;
}
\ No newline at end of file
CWeChatRobot/ReceiveMessage.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
StartReceiveMessage
(
int
port
);
BOOL
StopReceiveMessage
();
BOOL
StartReceiveMessage
(
DWORD
pid
,
int
port
);
BOOL
StopReceiveMessage
(
DWORD
pid
);
BOOL
HookImageMsg
(
wchar_t
*
savepath
);
BOOL
HookVoiceMsg
(
wchar_t
*
savepath
);
void
UnHookImageMsg
();
void
UnHookVoiceMsg
();
\ No newline at end of file
BOOL
HookImageMsg
(
DWORD
pid
,
wchar_t
*
savepath
);
BOOL
HookVoiceMsg
(
DWORD
pid
,
wchar_t
*
savepath
);
void
UnHookImageMsg
(
DWORD
pid
);
void
UnHookVoiceMsg
(
DWORD
pid
);
\ No newline at end of file
CWeChatRobot/RobotEvent.cpp
浏览文件 @
eb0b1414
...
...
@@ -3,15 +3,27 @@
#include "pch.h"
#include "RobotEvent.h"
#define WX_MESSAGE 1
#define WX_LOG_MESSAGE 2
// CRobotEvent
STDMETHODIMP
CRobotEvent
::
CPostMessage
(
VARIANT
*
msg
,
int
*
__result
)
STDMETHODIMP
CRobotEvent
::
CPostMessage
(
int
msgtype
,
VARIANT
*
msg
,
int
*
__result
)
{
// TODO: 在此处添加实现代码
// 将收到的消息广播给所有用户
Fire_OnGetMessageEvent
(
msg
);
switch
(
msgtype
)
{
case
WX_MESSAGE
:
{
Fire_OnGetMessageEvent
(
msg
);
break
;
}
case
WX_LOG_MESSAGE
:{
break
;
}
default:
break
;
}
*
__result
=
0
;
return
S_OK
;
}
CWeChatRobot/RobotEvent.h
浏览文件 @
eb0b1414
...
...
@@ -56,7 +56,7 @@ public:
STDMETHOD
(
CPostMessage
)(
VARIANT
*
msg
,
int
*
__result
);
STDMETHOD
(
CPostMessage
)(
int
msgtype
,
VARIANT
*
msg
,
int
*
__result
);
};
OBJECT_ENTRY_AUTO
(
__uuidof
(
RobotEvent
),
CRobotEvent
)
CWeChatRobot/SearchContact.h
浏览文件 @
eb0b1414
...
...
@@ -2,5 +2,5 @@
#include <windows.h>
#include <iostream>
using
namespace
std
;
std
::
wstring
GetWxUserInfo
(
wchar_t
*
wxid
);
SAFEARRAY
*
SearchContactByNet
(
wchar_t
*
keyword
);
\ No newline at end of file
std
::
wstring
GetWxUserInfo
(
DWORD
pid
,
wchar_t
*
wxid
);
SAFEARRAY
*
SearchContactByNet
(
DWORD
pid
,
wchar_t
*
keyword
);
\ No newline at end of file
CWeChatRobot/SearchContactByCache.cpp
浏览文件 @
eb0b1414
...
...
@@ -5,11 +5,14 @@ struct GetUserInfoStruct {
DWORD
length
;
};
VOID
DeleteUserInfoCache
()
{
if
(
!
hProcess
)
return
;
VOID
DeleteUserInfoCache
(
DWORD
pid
,
HANDLE
hProcess
)
{
DWORD
dwId
=
0
;
DWORD
DeleteUserInfoCacheProcAddr
=
GetWeChatRobotBase
()
+
DeleteUserInfoCacheOffset
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
;
}
DWORD
DeleteUserInfoCacheProcAddr
=
WeChatRobotBase
+
DeleteUserInfoCacheOffset
;
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
DeleteUserInfoCacheProcAddr
,
NULL
,
0
,
&
dwId
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
...
...
@@ -17,18 +20,26 @@ VOID DeleteUserInfoCache() {
}
}
std
::
wstring
GetWxUserInfo
(
wchar_t
*
wxid
)
{
std
::
wstring
GetWxUserInfo
(
DWORD
pid
,
wchar_t
*
wxid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
L"{}"
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
L"{}"
;
}
wstring
WString
=
L""
;
DWORD
GetUserInfoProcAddr
=
GetWeChatRobotBase
()
+
GetWxUserInfoOffset
;
DWORD
GetUserInfoProcAddr
=
WeChatRobotBase
+
GetWxUserInfoOffset
;
LPVOID
wxidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
DWORD
dwWriteSize
=
0
;
DWORD
dwId
=
0
;
DWORD
dwHandle
=
0
;
GetUserInfoStruct
userinfo
=
{
0
};
if
(
!
wxidaddr
)
if
(
!
wxidaddr
)
{
CloseHandle
(
hProcess
);
return
L"{}"
;
}
WriteProcessMemory
(
hProcess
,
wxidaddr
,
wxid
,
wcslen
(
wxid
)
*
2
+
2
,
&
dwWriteSize
);
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
GetUserInfoProcAddr
,
wxidaddr
,
0
,
&
dwId
);
if
(
hThread
)
{
...
...
@@ -49,7 +60,8 @@ std::wstring GetWxUserInfo(wchar_t* wxid) {
}
VirtualFreeEx
(
hProcess
,
wxidaddr
,
0
,
MEM_RELEASE
);
DeleteUserInfoCache
();
DeleteUserInfoCache
(
pid
,
hProcess
);
CloseHandle
(
hProcess
);
return
WString
;
}
CWeChatRobot/SearchContactByNet.cpp
浏览文件 @
eb0b1414
...
...
@@ -109,7 +109,7 @@ static SAFEARRAY* CreateUserInfoArray() {
return
psaValue
;
}
static
void
ReadUserInfoFromMemory
()
{
static
void
ReadUserInfoFromMemory
(
HANDLE
hProcess
)
{
userinfo
.
keyword
=
new
wchar_t
[
userinfoaddr
.
l_keyword
+
1
];
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
userinfoaddr
.
keyword
,
userinfo
.
keyword
,
(
userinfoaddr
.
l_keyword
+
1
)
*
sizeof
(
wchar_t
),
0
);
userinfo
.
v3
=
new
wchar_t
[
userinfoaddr
.
l_v3
+
1
];
...
...
@@ -133,17 +133,25 @@ static void ReadUserInfoFromMemory() {
userinfo
.
sex
=
userinfoaddr
.
sex
;
}
SAFEARRAY
*
SearchContactByNet
(
wchar_t
*
keyword
)
{
SAFEARRAY
*
SearchContactByNet
(
DWORD
pid
,
wchar_t
*
keyword
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
NULL
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
NULL
;
}
ClearUserInfoCache
();
DWORD
SearchContactByNetRemoteAddr
=
GetWeChatRobotBase
()
+
SearchContactByNetRemoteOffset
;
DWORD
SearchContactByNetRemoteAddr
=
WeChatRobotBase
+
SearchContactByNetRemoteOffset
;
LPVOID
keywordaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
DWORD
dwWriteSize
=
0
;
DWORD
dwId
=
0
;
DWORD
dwHandle
=
0
;
if
(
!
keywordaddr
)
if
(
!
keywordaddr
)
{
CloseHandle
(
hProcess
);
return
NULL
;
}
WriteProcessMemory
(
hProcess
,
keywordaddr
,
keyword
,
wcslen
(
keyword
)
*
2
+
2
,
&
dwWriteSize
);
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
SearchContactByNetRemoteAddr
,
keywordaddr
,
0
,
&
dwId
);
if
(
hThread
)
{
...
...
@@ -156,9 +164,11 @@ SAFEARRAY* SearchContactByNet(wchar_t* keyword) {
return
NULL
;
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
dwHandle
,
&
userinfoaddr
,
sizeof
(
UserInfoAddr
),
&
dwWriteSize
);
if
(
userinfoaddr
.
errcode
==
0
)
{
ReadUserInfoFromMemory
();
ReadUserInfoFromMemory
(
hProcess
);
SAFEARRAY
*
psa
=
CreateUserInfoArray
();
CloseHandle
(
hProcess
);
return
psa
;
}
CloseHandle
(
hProcess
);
return
NULL
;
}
\ No newline at end of file
CWeChatRobot/SelfInfo.cpp
浏览文件 @
eb0b1414
...
...
@@ -5,11 +5,13 @@ struct GetSelfInfoStruct {
DWORD
length
;
};
VOID
DeleteSelfInfoCache
()
{
if
(
!
hProcess
)
return
;
VOID
DeleteSelfInfoCache
(
DWORD
pid
,
HANDLE
hProcess
)
{
DWORD
dwId
=
0
;
DWORD
DeleteSelfInfoCacheProcAddr
=
GetWeChatRobotBase
()
+
DeleteSelfInfoCacheOffset
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
return
;
}
DWORD
DeleteSelfInfoCacheProcAddr
=
WeChatRobotBase
+
DeleteSelfInfoCacheOffset
;
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
DeleteSelfInfoCacheProcAddr
,
NULL
,
0
,
&
dwId
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
...
...
@@ -17,13 +19,19 @@ VOID DeleteSelfInfoCache() {
}
}
std
::
wstring
GetSelfInfo
()
{
if
(
!
hProcess
)
return
L"{}"
;
std
::
wstring
GetSelfInfo
(
DWORD
pid
)
{
if
(
SelfInfoString
.
compare
(
L""
))
{
return
SelfInfoString
;
}
DWORD
GetSelfInfoProcAddr
=
GetWeChatRobotBase
()
+
GetSelfInfoOffset
;
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
L"{}"
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
L"{}"
;
}
DWORD
GetSelfInfoProcAddr
=
WeChatRobotBase
+
GetSelfInfoOffset
;
DWORD
dwWriteSize
=
0
;
DWORD
dwId
=
0
;
DWORD
dwHandle
=
0
;
...
...
@@ -45,14 +53,21 @@ std::wstring GetSelfInfo() {
wmessage
=
NULL
;
}
DeleteSelfInfoCache
();
DeleteSelfInfoCache
(
pid
,
hProcess
);
CloseHandle
(
hProcess
);
return
SelfInfoString
;
}
BOOL
isWxLogin
()
{
BOOL
isWxLogin
(
DWORD
pid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
false
;
DWORD
isWxLoginAddr
=
GetWeChatRobotBase
()
+
isWxLoginOffset
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
false
;
}
DWORD
isWxLoginAddr
=
WeChatRobotBase
+
isWxLoginOffset
;
DWORD
dwId
,
dwRet
=
0
;
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
isWxLoginAddr
,
NULL
,
0
,
&
dwId
);
if
(
hThread
)
{
...
...
@@ -60,5 +75,6 @@ BOOL isWxLogin() {
GetExitCodeThread
(
hThread
,
&
dwRet
);
CloseHandle
(
hThread
);
}
CloseHandle
(
hProcess
);
return
dwRet
==
1
;
}
\ No newline at end of file
CWeChatRobot/SelfInfo.h
浏览文件 @
eb0b1414
...
...
@@ -2,5 +2,5 @@
#include <windows.h>
#include <iostream>
using
namespace
std
;
std
::
wstring
GetSelfInfo
();
BOOL
isWxLogin
();
\ No newline at end of file
std
::
wstring
GetSelfInfo
(
DWORD
pid
);
BOOL
isWxLogin
(
DWORD
pid
);
\ No newline at end of file
CWeChatRobot/SendAppMsg.cpp
浏览文件 @
eb0b1414
...
...
@@ -6,10 +6,15 @@ struct SendAppMsgStruct
DWORD
appid
;
};
BOOL
SendAppMsg
(
wchar_t
*
wxid
,
wchar_t
*
appid
)
{
BOOL
SendAppMsg
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
appid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
DWORD
dwRet
=
0x0
;
...
...
@@ -19,6 +24,7 @@ BOOL SendAppMsg(wchar_t* wxid, wchar_t* appid) {
LPVOID
appidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
SendAppMsgStruct
*
paramAndFunc
=
(
SendAppMsgStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
SendAppMsgStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
wxidaddr
||
!
appidaddr
||
!
paramAndFunc
||
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
...
...
@@ -45,5 +51,6 @@ BOOL SendAppMsg(wchar_t* wxid, wchar_t* appid) {
VirtualFreeEx
(
hProcess
,
wxidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
appidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
\ No newline at end of file
CWeChatRobot/SendAppMsg.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
SendAppMsg
(
wchar_t
*
wxid
,
wchar_t
*
appid
);
\ No newline at end of file
BOOL
SendAppMsg
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
appid
);
\ No newline at end of file
CWeChatRobot/SendArticle.cpp
浏览文件 @
eb0b1414
...
...
@@ -8,11 +8,15 @@ struct SendArticleStruct {
DWORD
imgpath
;
};
BOOL
SendArticle
(
wchar_t
*
wxid
,
wchar_t
*
title
,
wchar_t
*
abstract
,
wchar_t
*
url
,
wchar_t
*
imgpath
)
{
BOOL
SendArticle
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
title
,
wchar_t
*
abstract
,
wchar_t
*
url
,
wchar_t
*
imgpath
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
SendArticleStruct
params
;
...
...
@@ -27,6 +31,7 @@ BOOL SendArticle(wchar_t* wxid, wchar_t* title, wchar_t* abstract, wchar_t* url,
if
(
!
wxidaddr
||
!
titleaddr
||
!
abstractaddr
||
!
urladdr
||
!
imgaddr
||
!
paramAndFunc
||
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
...
...
@@ -59,5 +64,6 @@ BOOL SendArticle(wchar_t* wxid, wchar_t* title, wchar_t* abstract, wchar_t* url,
VirtualFreeEx
(
hProcess
,
urladdr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
imgaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
0
;
}
\ No newline at end of file
CWeChatRobot/SendArticle.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
SendArticle
(
wchar_t
*
wxid
,
wchar_t
*
title
,
wchar_t
*
abstract
,
wchar_t
*
url
,
wchar_t
*
imgpath
);
\ No newline at end of file
BOOL
SendArticle
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
title
,
wchar_t
*
abstract
,
wchar_t
*
url
,
wchar_t
*
imgpath
);
\ No newline at end of file
CWeChatRobot/SendAtText.cpp
浏览文件 @
eb0b1414
...
...
@@ -9,10 +9,15 @@ struct SendAtTextStruct
DWORD
AutoNickName
;
};
int
SendAtText
(
wchar_t
*
chatroomid
,
wchar_t
*
wxid
,
wchar_t
*
wxmsg
,
BOOL
AutoNickName
)
{
int
SendAtText
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
wxid
,
wchar_t
*
wxmsg
,
BOOL
AutoNickName
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
SendAtTextStruct
params
;
...
...
@@ -22,6 +27,7 @@ int SendAtText(wchar_t* chatroomid, wchar_t* wxid, wchar_t* wxmsg,BOOL AutoNickN
LPVOID
wxmsgaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
SendAtTextStruct
*
paramAndFunc
=
(
SendAtTextStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
SendAtTextStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
chatroomidaddr
||
!
wxidaddr
||
!
wxmsgaddr
||
!
paramAndFunc
||
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwTId
=
0
;
...
...
@@ -42,12 +48,10 @@ int SendAtText(wchar_t* chatroomid, wchar_t* wxid, wchar_t* wxmsg,BOOL AutoNickN
params
.
AutoNickName
=
AutoNickName
;
if
(
paramAndFunc
)
{
if
(
!::
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
SendAtTextStruct
),
&
dwTId
))
{
return
1
;
}
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
SendAtTextStruct
),
&
dwTId
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
...
...
@@ -57,6 +61,7 @@ int SendAtText(wchar_t* chatroomid, wchar_t* wxid, wchar_t* wxmsg,BOOL AutoNickN
WaitForSingleObject
(
hThread
,
INFINITE
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
CloseHandle
(
hThread
);
...
...
@@ -64,12 +69,11 @@ int SendAtText(wchar_t* chatroomid, wchar_t* wxid, wchar_t* wxmsg,BOOL AutoNickN
VirtualFreeEx
(
hProcess
,
wxidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
wxmsgaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
0
;
}
BOOL
SendAtText
(
wchar_t
*
chatroomid
,
SAFEARRAY
*
psaValue
,
wchar_t
*
wxmsg
,
BOOL
AutoNickName
)
{
if
(
!
hProcess
)
return
1
;
BOOL
SendAtText
(
DWORD
pid
,
wchar_t
*
chatroomid
,
SAFEARRAY
*
psaValue
,
wchar_t
*
wxmsg
,
BOOL
AutoNickName
)
{
VARIANT
rgvar
;
rgvar
.
vt
=
VT_BSTR
;
HRESULT
hr
=
S_OK
;
...
...
@@ -79,18 +83,26 @@ BOOL SendAtText(wchar_t* chatroomid, SAFEARRAY* psaValue, wchar_t* wxmsg,BOOL Au
VariantInit
(
&
rgvar
);
long
pIndex
=
0
;
hr
=
SafeArrayGetElement
(
psaValue
,
&
pIndex
,
&
rgvar
);
return
SendAtText
(
chatroomid
,
rgvar
.
bstrVal
,
wxmsg
,
AutoNickName
);
return
SendAtText
(
pid
,
chatroomid
,
rgvar
.
bstrVal
,
wxmsg
,
AutoNickName
);
}
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
vector
<
void
*>
wxidptrs
;
DWORD
dwWriteSize
=
0
;
DWORD
dwTId
=
0
;
DWORD
dwId
=
0
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
SendAtTextStruct
params
=
{
0
};
LPVOID
chatroomidaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
LPVOID
wxidptrsaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
sizeof
(
void
*
)
*
cElements
,
MEM_COMMIT
,
PAGE_READWRITE
);
LPVOID
wxmsgaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
SendAtTextStruct
*
paramAndFunc
=
(
SendAtTextStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
SendAtTextStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
chatroomidaddr
||
!
wxidptrsaddr
||
!
wxmsgaddr
||
!
paramAndFunc
||
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
for
(
long
i
=
lLbound
;
i
<
lLbound
+
cElements
;
i
++
)
{
...
...
@@ -120,6 +132,7 @@ BOOL SendAtText(wchar_t* chatroomid, SAFEARRAY* psaValue, wchar_t* wxmsg,BOOL Au
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
SendAtTextStruct
),
&
dwTId
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
SendAtTextRemoteAddr
=
WeChatRobotBase
+
SendAtTextOffset
;
...
...
@@ -128,6 +141,7 @@ BOOL SendAtText(wchar_t* chatroomid, SAFEARRAY* psaValue, wchar_t* wxmsg,BOOL Au
WaitForSingleObject
(
hThread
,
INFINITE
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
CloseHandle
(
hThread
);
...
...
@@ -138,5 +152,6 @@ BOOL SendAtText(wchar_t* chatroomid, SAFEARRAY* psaValue, wchar_t* wxmsg,BOOL Au
VirtualFreeEx
(
hProcess
,
wxmsgaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
wxidptrsaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
0
;
}
\ No newline at end of file
CWeChatRobot/SendAtText.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
int
SendAtText
(
wchar_t
*
chatroomid
,
wchar_t
*
wxid
,
wchar_t
*
wxmsg
,
BOOL
AutoNickName
);
int
SendAtText
(
wchar_t
*
chatroomid
,
SAFEARRAY
*
wxid
,
wchar_t
*
wxmsg
,
BOOL
AutoNickName
);
\ No newline at end of file
int
SendAtText
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
wxid
,
wchar_t
*
wxmsg
,
BOOL
AutoNickName
);
int
SendAtText
(
DWORD
pid
,
wchar_t
*
chatroomid
,
SAFEARRAY
*
wxid
,
wchar_t
*
wxmsg
,
BOOL
AutoNickName
);
\ No newline at end of file
CWeChatRobot/SendCard.cpp
浏览文件 @
eb0b1414
...
...
@@ -6,10 +6,15 @@ struct SendCardStruct {
DWORD
nickname
;
};
BOOL
SendCard
(
wchar_t
*
receiver
,
wchar_t
*
sharedwxid
,
wchar_t
*
nickname
)
{
BOOL
SendCard
(
DWORD
pid
,
wchar_t
*
receiver
,
wchar_t
*
sharedwxid
,
wchar_t
*
nickname
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
SendCardStruct
params
;
...
...
@@ -22,6 +27,7 @@ BOOL SendCard(wchar_t* receiver, wchar_t* sharedwxid, wchar_t* nickname) {
if
(
!
receiveraddr
||
!
sharedwxidaddr
||
!
nicknameaddr
||
!
paramAndFunc
||
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
if
(
receiveraddr
)
...
...
@@ -45,5 +51,6 @@ BOOL SendCard(wchar_t* receiver, wchar_t* sharedwxid, wchar_t* nickname) {
VirtualFreeEx
(
hProcess
,
sharedwxidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
nicknameaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
0
;
}
\ No newline at end of file
CWeChatRobot/SendCard.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
SendCard
(
wchar_t
*
receiver
,
wchar_t
*
sharedwxid
,
wchar_t
*
nickname
);
\ No newline at end of file
BOOL
SendCard
(
DWORD
pid
,
wchar_t
*
receiver
,
wchar_t
*
sharedwxid
,
wchar_t
*
nickname
);
\ No newline at end of file
CWeChatRobot/SendFile.cpp
浏览文件 @
eb0b1414
...
...
@@ -5,10 +5,15 @@ struct FileParamStruct {
DWORD
filepath
;
};
int
SendFile
(
wchar_t
*
wxid
,
wchar_t
*
filepath
)
{
int
SendFile
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
filepath
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
FileParamStruct
params
;
...
...
@@ -17,6 +22,7 @@ int SendFile(wchar_t* wxid, wchar_t* filepath) {
LPVOID
filepathaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
FileParamStruct
*
paramAndFunc
=
(
FileParamStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
FileParamStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
wxidaddr
||
!
filepathaddr
||
!
paramAndFunc
||
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwTId
=
0
;
...
...
@@ -31,12 +37,10 @@ int SendFile(wchar_t* wxid, wchar_t* filepath) {
params
.
filepath
=
(
DWORD
)
filepathaddr
;
if
(
paramAndFunc
)
{
if
(
!::
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
params
),
&
dwTId
))
{
return
1
;
}
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
params
),
&
dwTId
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
...
...
@@ -46,11 +50,13 @@ int SendFile(wchar_t* wxid, wchar_t* filepath) {
WaitForSingleObject
(
hThread
,
INFINITE
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
CloseHandle
(
hThread
);
VirtualFreeEx
(
hProcess
,
wxidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
filepathaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
0
;
}
CWeChatRobot/SendFile.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
int
SendFile
(
wchar_t
*
wxid
,
wchar_t
*
filepath
);
\ No newline at end of file
int
SendFile
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
filepath
);
\ No newline at end of file
CWeChatRobot/SendImage.cpp
浏览文件 @
eb0b1414
...
...
@@ -5,10 +5,15 @@ struct ImageParamStruct {
DWORD
imagepath
;
};
int
SendImage
(
wchar_t
*
wxid
,
wchar_t
*
imagepath
)
{
int
SendImage
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
imagepath
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
ImageParamStruct
params
;
...
...
@@ -17,6 +22,7 @@ int SendImage(wchar_t* wxid, wchar_t* imagepath) {
LPVOID
imagepathaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
ImageParamStruct
*
paramAndFunc
=
(
ImageParamStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
ImageParamStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
wxidaddr
||
!
imagepathaddr
||
!
paramAndFunc
||
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwTId
=
0
;
...
...
@@ -31,12 +37,10 @@ int SendImage(wchar_t* wxid, wchar_t* imagepath) {
params
.
imagepath
=
(
DWORD
)
imagepathaddr
;
if
(
paramAndFunc
)
{
if
(
!::
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
params
),
&
dwTId
))
{
return
1
;
}
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
params
),
&
dwTId
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
...
...
@@ -46,11 +50,13 @@ int SendImage(wchar_t* wxid, wchar_t* imagepath) {
WaitForSingleObject
(
hThread
,
INFINITE
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
CloseHandle
(
hThread
);
VirtualFreeEx
(
hProcess
,
wxidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
imagepathaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
0
;
}
CWeChatRobot/SendImage.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
int
SendImage
(
wchar_t
*
wxid
,
wchar_t
*
imagepath
);
\ No newline at end of file
int
SendImage
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
imagepath
);
\ No newline at end of file
CWeChatRobot/SendText.cpp
浏览文件 @
eb0b1414
...
...
@@ -6,10 +6,15 @@ struct SendTextStruct
DWORD
wxmsg
;
};
int
SendText
(
wchar_t
*
wxid
,
wchar_t
*
wxmsg
)
{
int
SendText
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
wxmsg
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
SendTextStruct
params
;
...
...
@@ -18,6 +23,7 @@ int SendText(wchar_t* wxid, wchar_t* wxmsg) {
LPVOID
wxmsgaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
SendTextStruct
*
paramAndFunc
=
(
SendTextStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
SendTextStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
wxidaddr
||
!
wxmsgaddr
||
!
paramAndFunc
||
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwTId
=
0
;
...
...
@@ -32,12 +38,10 @@ int SendText(wchar_t* wxid, wchar_t* wxmsg) {
params
.
wxmsg
=
(
DWORD
)
wxmsgaddr
;
if
(
paramAndFunc
)
{
if
(
!::
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
params
),
&
dwTId
))
{
return
1
;
}
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
params
),
&
dwTId
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
...
...
@@ -47,11 +51,13 @@ int SendText(wchar_t* wxid, wchar_t* wxmsg) {
WaitForSingleObject
(
hThread
,
INFINITE
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
CloseHandle
(
hThread
);
VirtualFreeEx
(
hProcess
,
wxidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
wxmsgaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
0
;
}
\ No newline at end of file
CWeChatRobot/SendText.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
int
SendText
(
wchar_t
*
wxid
,
wchar_t
*
wxmsg
);
int
SendText
(
DWORD
pid
,
wchar_t
*
wxid
,
wchar_t
*
wxmsg
);
CWeChatRobot/SetChatRoomAnnouncement.cpp
浏览文件 @
eb0b1414
...
...
@@ -6,10 +6,15 @@ struct ChatRoomAnnouncementStruct
DWORD
announcement
;
};
BOOL
SetChatRoomAnnouncement
(
wchar_t
*
chatroomid
,
wchar_t
*
announcement
)
{
BOOL
SetChatRoomAnnouncement
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
announcement
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
DWORD
dwRet
=
0
;
...
...
@@ -19,6 +24,7 @@ BOOL SetChatRoomAnnouncement(wchar_t* chatroomid, wchar_t* announcement) {
LPVOID
announcementaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
ChatRoomAnnouncementStruct
*
paramAndFunc
=
(
ChatRoomAnnouncementStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
ChatRoomAnnouncementStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
chatroomidaddr
||
!
announcementaddr
||
!
paramAndFunc
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwTId
=
0
;
...
...
@@ -36,6 +42,7 @@ BOOL SetChatRoomAnnouncement(wchar_t* chatroomid, wchar_t* announcement) {
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
params
),
&
dwTId
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
...
...
@@ -47,10 +54,12 @@ BOOL SetChatRoomAnnouncement(wchar_t* chatroomid, wchar_t* announcement) {
CloseHandle
(
hThread
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
VirtualFreeEx
(
hProcess
,
chatroomidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
announcementaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
\ No newline at end of file
CWeChatRobot/SetChatRoomAnnouncement.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
SetChatRoomAnnouncement
(
wchar_t
*
chatroomid
,
wchar_t
*
announcement
);
\ No newline at end of file
BOOL
SetChatRoomAnnouncement
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
announcement
);
\ No newline at end of file
CWeChatRobot/SetChatRoomName.cpp
浏览文件 @
eb0b1414
...
...
@@ -6,10 +6,15 @@ struct ChatRoomNameStruct
DWORD
name
;
};
BOOL
SetChatRoomName
(
wchar_t
*
chatroomid
,
wchar_t
*
name
)
{
BOOL
SetChatRoomName
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
name
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
DWORD
dwRet
=
0
;
...
...
@@ -19,6 +24,7 @@ BOOL SetChatRoomName(wchar_t* chatroomid, wchar_t* name) {
LPVOID
nameaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
ChatRoomNameStruct
*
paramAndFunc
=
(
ChatRoomNameStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
ChatRoomNameStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
chatroomidaddr
||
!
nameaddr
||
!
paramAndFunc
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwTId
=
0
;
...
...
@@ -36,6 +42,7 @@ BOOL SetChatRoomName(wchar_t* chatroomid, wchar_t* name) {
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
params
),
&
dwTId
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
...
...
@@ -47,10 +54,12 @@ BOOL SetChatRoomName(wchar_t* chatroomid, wchar_t* name) {
CloseHandle
(
hThread
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
VirtualFreeEx
(
hProcess
,
chatroomidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
nameaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
\ No newline at end of file
CWeChatRobot/SetChatRoomName.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
SetChatRoomName
(
wchar_t
*
chatroomid
,
wchar_t
*
name
);
\ No newline at end of file
BOOL
SetChatRoomName
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
name
);
\ No newline at end of file
CWeChatRobot/SetChatRoomSelfNickname.cpp
浏览文件 @
eb0b1414
...
...
@@ -6,10 +6,15 @@ struct ChatRoomSelfNicknameStruct
DWORD
nickname
;
};
BOOL
SetChatRoomSelfNickname
(
wchar_t
*
chatroomid
,
wchar_t
*
nickname
)
{
BOOL
SetChatRoomSelfNickname
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
nickname
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwWriteSize
=
0
;
DWORD
dwRet
=
0
;
...
...
@@ -19,6 +24,7 @@ BOOL SetChatRoomSelfNickname(wchar_t* chatroomid, wchar_t* nickname) {
LPVOID
nicknameaddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
ChatRoomSelfNicknameStruct
*
paramAndFunc
=
(
ChatRoomSelfNicknameStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
ChatRoomSelfNicknameStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
!
chatroomidaddr
||
!
nicknameaddr
||
!
paramAndFunc
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwTId
=
0
;
...
...
@@ -36,6 +42,7 @@ BOOL SetChatRoomSelfNickname(wchar_t* chatroomid, wchar_t* nickname) {
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
params
,
sizeof
(
params
),
&
dwTId
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
...
...
@@ -47,10 +54,12 @@ BOOL SetChatRoomSelfNickname(wchar_t* chatroomid, wchar_t* nickname) {
CloseHandle
(
hThread
);
}
else
{
CloseHandle
(
hProcess
);
return
1
;
}
VirtualFreeEx
(
hProcess
,
chatroomidaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
nicknameaddr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
\ No newline at end of file
CWeChatRobot/SetChatRoomSelfNickname.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
SetChatRoomSelfNickname
(
wchar_t
*
chatroomid
,
wchar_t
*
nickname
);
\ No newline at end of file
BOOL
SetChatRoomSelfNickname
(
DWORD
pid
,
wchar_t
*
chatroomid
,
wchar_t
*
nickname
);
\ No newline at end of file
CWeChatRobot/VerifyFriendApply.cpp
浏览文件 @
eb0b1414
...
...
@@ -5,18 +5,26 @@ struct VerifyFriendApplyStruct {
DWORD
v4
;
};
BOOL
VerifyFriendApply
(
wchar_t
*
v3
,
wchar_t
*
v4
)
{
BOOL
VerifyFriendApply
(
DWORD
pid
,
wchar_t
*
v3
,
wchar_t
*
v4
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
0
;
DWORD
VerifyFriendApplyProcAddr
=
GetWeChatRobotBase
()
+
VerifyFriendApplyOffset
;
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
VerifyFriendApplyProcAddr
=
WeChatRobotBase
+
VerifyFriendApplyOffset
;
LPVOID
v3addr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
LPVOID
v4addr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
DWORD
dwWriteSize
=
0
;
DWORD
dwId
=
0
;
DWORD
dwHandle
=
0
;
VerifyFriendApplyStruct
apply_data
=
{
0
};
if
(
!
v3addr
||
!
v4addr
)
return
0
;
if
(
!
v3addr
||
!
v4addr
)
{
CloseHandle
(
hProcess
);
return
1
;
}
WriteProcessMemory
(
hProcess
,
v3addr
,
v3
,
wcslen
(
v3
)
*
2
+
2
,
&
dwWriteSize
);
WriteProcessMemory
(
hProcess
,
v4addr
,
v4
,
wcslen
(
v4
)
*
2
+
2
,
&
dwWriteSize
);
VerifyFriendApplyStruct
*
paramAndFunc
=
(
VerifyFriendApplyStruct
*
)
::
VirtualAllocEx
(
hProcess
,
0
,
sizeof
(
VerifyFriendApplyStruct
),
MEM_COMMIT
,
PAGE_READWRITE
);
...
...
@@ -25,9 +33,10 @@ BOOL VerifyFriendApply(wchar_t* v3,wchar_t* v4) {
if
(
paramAndFunc
)
WriteProcessMemory
(
hProcess
,
paramAndFunc
,
&
apply_data
,
sizeof
(
apply_data
),
&
dwId
);
else
else
{
CloseHandle
(
hProcess
);
return
1
;
}
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
VerifyFriendApplyProcAddr
,
paramAndFunc
,
0
,
&
dwId
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
...
...
@@ -38,5 +47,6 @@ BOOL VerifyFriendApply(wchar_t* v3,wchar_t* v4) {
VirtualFreeEx
(
hProcess
,
v3addr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
v4addr
,
0
,
MEM_RELEASE
);
VirtualFreeEx
(
hProcess
,
paramAndFunc
,
0
,
MEM_RELEASE
);
return
dwHandle
;
CloseHandle
(
hProcess
);
return
dwHandle
==
0
;
}
\ No newline at end of file
CWeChatRobot/VerifyFriendApply.h
浏览文件 @
eb0b1414
...
...
@@ -3,4 +3,4 @@
#include<iostream>
using
namespace
std
;
BOOL
VerifyFriendApply
(
wchar_t
*
v3
,
wchar_t
*
v4
);
\ No newline at end of file
BOOL
VerifyFriendApply
(
DWORD
pid
,
wchar_t
*
v3
,
wchar_t
*
v4
);
\ No newline at end of file
CWeChatRobot/WeChatRobot.cpp
浏览文件 @
eb0b1414
...
...
@@ -6,140 +6,153 @@
// CWeChatRobot
/*
* 参数0:目标进程pid
* 参数1:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CStartRobotService
(
int
*
__result
)
{
*
__result
=
StartRobotService
();
STDMETHODIMP
CWeChatRobot
::
CStartRobotService
(
DWORD
pid
,
int
*
__result
)
{
*
__result
=
StartRobotService
(
pid
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CStopRobotService
(
int
*
__result
)
{
*
__result
=
StopRobotService
();
STDMETHODIMP
CWeChatRobot
::
CStopRobotService
(
DWORD
pid
,
int
*
__result
)
{
*
__result
=
StopRobotService
(
pid
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:接收人wxid
* 参数2:文本消息内容
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CSendText
(
BSTR
wxid
,
BSTR
wxmsg
,
int
*
__result
)
{
*
__result
=
SendText
(
wxid
,
wxmsg
);
STDMETHODIMP
CWeChatRobot
::
CSendText
(
DWORD
pid
,
BSTR
wxid
,
BSTR
wxmsg
,
int
*
__result
)
{
*
__result
=
SendText
(
pid
,
wxid
,
wxmsg
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:群聊id
* 参数2:艾特的人wxid
* 参数3:文本消息内容
* 参数4:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CSendAtText
(
BSTR
chatroomid
,
VARIANT
*
wxid
,
BSTR
wxmsg
,
BOOL
AutoNickName
,
int
*
__result
)
{
STDMETHODIMP
CWeChatRobot
::
CSendAtText
(
DWORD
pid
,
BSTR
chatroomid
,
VARIANT
*
wxid
,
BSTR
wxmsg
,
BOOL
AutoNickName
,
int
*
__result
)
{
*
__result
=
0
;
if
(
wxid
->
vt
==
VT_BSTR
)
{
*
__result
=
SendAtText
(
chatroomid
,
wxid
->
bstrVal
,
wxmsg
,
AutoNickName
);
*
__result
=
SendAtText
(
pid
,
chatroomid
,
wxid
->
bstrVal
,
wxmsg
,
AutoNickName
);
}
else
if
(
wxid
->
vt
==
(
VT_ARRAY
|
VT_VARIANT
))
{
SAFEARRAY
*
psaValue
=
wxid
->
parray
;
*
__result
=
SendAtText
(
chatroomid
,
psaValue
,
wxmsg
,
AutoNickName
);
*
__result
=
SendAtText
(
pid
,
chatroomid
,
psaValue
,
wxmsg
,
AutoNickName
);
}
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:接收人wxid
* 参数2:图片绝对路径
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CSendImage
(
BSTR
wxid
,
BSTR
imagepath
,
int
*
__result
)
{
*
__result
=
SendImage
(
wxid
,
imagepath
);
STDMETHODIMP
CWeChatRobot
::
CSendImage
(
DWORD
pid
,
BSTR
wxid
,
BSTR
imagepath
,
int
*
__result
)
{
*
__result
=
SendImage
(
pid
,
wxid
,
imagepath
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:接收人wxid
* 参数2:文件绝对路径
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CSendFile
(
BSTR
wxid
,
BSTR
filepath
,
int
*
__result
)
{
*
__result
=
SendFile
(
wxid
,
filepath
);
STDMETHODIMP
CWeChatRobot
::
CSendFile
(
DWORD
pid
,
BSTR
wxid
,
BSTR
filepath
,
int
*
__result
)
{
*
__result
=
SendFile
(
pid
,
wxid
,
filepath
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:接收人wxid
* 参数2:文章标题
* 参数3:文章摘要
* 参数4:文章链接
* 参数5:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CSendArticle
(
BSTR
wxid
,
BSTR
title
,
BSTR
abstract
,
BSTR
url
,
BSTR
imgpath
,
int
*
__result
)
{
*
__result
=
SendArticle
(
wxid
,
title
,
abstract
,
url
,
imgpath
);
STDMETHODIMP
CWeChatRobot
::
CSendArticle
(
DWORD
pid
,
BSTR
wxid
,
BSTR
title
,
BSTR
abstract
,
BSTR
url
,
BSTR
imgpath
,
int
*
__result
)
{
*
__result
=
SendArticle
(
pid
,
wxid
,
title
,
abstract
,
url
,
imgpath
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:接收人wxid
* 参数2:被分享人wxid
* 参数3:显示的名字
* 参数4:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CSendCard
(
BSTR
receiver
,
BSTR
sharedwxid
,
BSTR
nickname
,
int
*
__result
)
{
*
__result
=
SendCard
(
receiver
,
sharedwxid
,
nickname
);
STDMETHODIMP
CWeChatRobot
::
CSendCard
(
DWORD
pid
,
BSTR
receiver
,
BSTR
sharedwxid
,
BSTR
nickname
,
int
*
__result
)
{
*
__result
=
SendCard
(
pid
,
receiver
,
sharedwxid
,
nickname
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:预返回的值,调用时无需提供
* 返回一个三维数组,python的comtypes包会将其解析为元组
*/
STDMETHODIMP
CWeChatRobot
::
CGetFriendList
(
VARIANT
*
__result
)
{
STDMETHODIMP
CWeChatRobot
::
CGetFriendList
(
DWORD
pid
,
VARIANT
*
__result
)
{
VARIANT
vsaValue
;
vsaValue
.
vt
=
VT_ARRAY
|
VT_VARIANT
;
V_ARRAY
(
&
vsaValue
)
=
GetFriendList
();
V_ARRAY
(
&
vsaValue
)
=
GetFriendList
(
pid
);
*
__result
=
vsaValue
;
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:预返回的值,调用时无需提供
返回构造好的json串,在反序列化时需考虑好友信息中是否存在json字符
(考虑到从SAFEARRAY转换到适当变量可能较为繁琐,故保留此接口)
*/
STDMETHODIMP
CWeChatRobot
::
CGetFriendListString
(
BSTR
*
__result
)
{
string
smessage
=
_com_util
::
ConvertBSTRToString
((
BSTR
)(
GetFriendListString
().
c_str
()));
STDMETHODIMP
CWeChatRobot
::
CGetFriendListString
(
DWORD
pid
,
BSTR
*
__result
)
{
string
smessage
=
_com_util
::
ConvertBSTRToString
((
BSTR
)(
GetFriendListString
(
pid
).
c_str
()));
*
__result
=
_com_util
::
ConvertStringToBSTR
(
smessage
.
c_str
());
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:要查询的wxid
* 参数2:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CGetWxUserInfo
(
BSTR
wxid
,
BSTR
*
__result
)
{
string
smessage
=
_com_util
::
ConvertBSTRToString
((
BSTR
)(
GetWxUserInfo
(
wxid
).
c_str
()));
STDMETHODIMP
CWeChatRobot
::
CGetWxUserInfo
(
DWORD
pid
,
BSTR
wxid
,
BSTR
*
__result
)
{
string
smessage
=
_com_util
::
ConvertBSTRToString
((
BSTR
)(
GetWxUserInfo
(
pid
,
wxid
).
c_str
()));
*
__result
=
_com_util
::
ConvertStringToBSTR
(
smessage
.
c_str
());
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CGetSelfInfo
(
BSTR
*
__result
)
{
string
smessage
=
_com_util
::
ConvertBSTRToString
((
BSTR
)(
GetSelfInfo
().
c_str
()));
STDMETHODIMP
CWeChatRobot
::
CGetSelfInfo
(
DWORD
pid
,
BSTR
*
__result
)
{
string
smessage
=
_com_util
::
ConvertBSTRToString
((
BSTR
)(
GetSelfInfo
(
pid
).
c_str
()));
*
__result
=
_com_util
::
ConvertStringToBSTR
(
smessage
.
c_str
());
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:查询的wxid
* 参数2:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CCheckFriendStatus
(
BSTR
wxid
,
int
*
__result
)
{
*
__result
=
CheckFriendStatus
((
wchar_t
*
)
wxid
);
STDMETHODIMP
CWeChatRobot
::
CCheckFriendStatus
(
DWORD
pid
,
BSTR
wxid
,
int
*
__result
)
{
*
__result
=
CheckFriendStatus
(
pid
,
(
wchar_t
*
)
wxid
);
return
S_OK
;
}
...
...
@@ -153,99 +166,109 @@ STDMETHODIMP CWeChatRobot::CGetComWorkPath(BSTR* __result) {
}
/*
* 参数0:目标进程pid
* 参数1:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CStartReceiveMessage
(
int
port
,
int
*
__result
)
{
*
__result
=
StartReceiveMessage
(
port
);
STDMETHODIMP
CWeChatRobot
::
CStartReceiveMessage
(
DWORD
pid
,
int
port
,
int
*
__result
)
{
*
__result
=
StartReceiveMessage
(
p
id
,
p
ort
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CStopReceiveMessage
(
int
*
__result
)
{
*
__result
=
StopReceiveMessage
();
STDMETHODIMP
CWeChatRobot
::
CStopReceiveMessage
(
DWORD
pid
,
int
*
__result
)
{
*
__result
=
StopReceiveMessage
(
pid
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:群聊ID
* 参数2:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CGetChatRoomMembers
(
BSTR
chatroomid
,
VARIANT
*
__result
)
{
STDMETHODIMP
CWeChatRobot
::
CGetChatRoomMembers
(
DWORD
pid
,
BSTR
chatroomid
,
VARIANT
*
__result
)
{
VARIANT
vsaValue
;
vsaValue
.
vt
=
VT_ARRAY
|
VT_VARIANT
;
V_ARRAY
(
&
vsaValue
)
=
GetChatRoomMembers
(
chatroomid
);
V_ARRAY
(
&
vsaValue
)
=
GetChatRoomMembers
(
pid
,
chatroomid
);
*
__result
=
vsaValue
;
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CGetDbHandles
(
VARIANT
*
__result
)
{
STDMETHODIMP
CWeChatRobot
::
CGetDbHandles
(
DWORD
pid
,
VARIANT
*
__result
)
{
VARIANT
vsaValue
;
vsaValue
.
vt
=
VT_ARRAY
|
VT_VARIANT
;
V_ARRAY
(
&
vsaValue
)
=
GetDbHandles
();
V_ARRAY
(
&
vsaValue
)
=
GetDbHandles
(
pid
);
*
__result
=
vsaValue
;
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:数据库句柄
* 参数2:要执行的SQL语句
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CExecuteSQL
(
DWORD
DbHandle
,
BSTR
sql
,
VARIANT
*
__result
)
{
STDMETHODIMP
CWeChatRobot
::
CExecuteSQL
(
DWORD
pid
,
DWORD
DbHandle
,
BSTR
sql
,
VARIANT
*
__result
)
{
VARIANT
vsaValue
;
vsaValue
.
vt
=
VT_ARRAY
|
VT_VARIANT
;
V_ARRAY
(
&
vsaValue
)
=
ExecuteSQL
(
DbHandle
,
sql
);
V_ARRAY
(
&
vsaValue
)
=
ExecuteSQL
(
pid
,
DbHandle
,
sql
);
*
__result
=
vsaValue
;
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:数据库句柄
* 参数2:备份保存路径
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CBackupSQLiteDB
(
DWORD
DbHandle
,
BSTR
savepath
,
int
*
__result
)
{
*
__result
=
BackupSQLiteDB
(
DbHandle
,
savepath
);
STDMETHODIMP
CWeChatRobot
::
CBackupSQLiteDB
(
DWORD
pid
,
DWORD
DbHandle
,
BSTR
savepath
,
int
*
__result
)
{
*
__result
=
BackupSQLiteDB
(
pid
,
DbHandle
,
savepath
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:v3数据
* 参数2:v4数据
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CVerifyFriendApply
(
BSTR
v3
,
BSTR
v4
,
int
*
__result
)
{
*
__result
=
VerifyFriendApply
(
v3
,
v4
);
STDMETHODIMP
CWeChatRobot
::
CVerifyFriendApply
(
DWORD
pid
,
BSTR
v3
,
BSTR
v4
,
int
*
__result
)
{
*
__result
=
VerifyFriendApply
(
pid
,
v3
,
v4
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:wxid
* 参数2:附加信息
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CAddFriendByWxid
(
BSTR
wxid
,
BSTR
message
,
int
*
__result
)
{
*
__result
=
AddFriendByWxid
(
wxid
,
message
);
STDMETHODIMP
CWeChatRobot
::
CAddFriendByWxid
(
DWORD
pid
,
BSTR
wxid
,
BSTR
message
,
int
*
__result
)
{
*
__result
=
AddFriendByWxid
(
pid
,
wxid
,
message
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:v3数据
* 参数2:附加信息
* 参数3:添加方式
* 参数4:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CAddFriendByV3
(
BSTR
v3
,
BSTR
message
,
int
AddType
,
int
*
__result
)
{
*
__result
=
AddFriendByV3
(
v3
,
message
,
AddType
);
STDMETHODIMP
CWeChatRobot
::
CAddFriendByV3
(
DWORD
pid
,
BSTR
v3
,
BSTR
message
,
int
AddType
,
int
*
__result
)
{
*
__result
=
AddFriendByV3
(
pid
,
v3
,
message
,
AddType
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CGetWeChatVer
(
BSTR
*
__result
)
{
...
...
@@ -258,183 +281,199 @@ STDMETHODIMP CWeChatRobot::CGetWeChatVer(BSTR* __result) {
* 参数1:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CStartWeChat
(
int
*
__result
)
{
StartWeChat
();
*
__result
=
0
;
*
__result
=
StartWeChat
();
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:搜索关键字
* 参数2:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CSearchContactByNet
(
BSTR
keyword
,
VARIANT
*
__result
)
{
STDMETHODIMP
CWeChatRobot
::
CSearchContactByNet
(
DWORD
pid
,
BSTR
keyword
,
VARIANT
*
__result
)
{
VARIANT
vsaValue
;
vsaValue
.
vt
=
VT_ARRAY
|
VT_VARIANT
;
V_ARRAY
(
&
vsaValue
)
=
SearchContactByNet
(
keyword
);
V_ARRAY
(
&
vsaValue
)
=
SearchContactByNet
(
pid
,
keyword
);
*
__result
=
vsaValue
;
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:公众号id
* 参数2:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CAddBrandContact
(
BSTR
PublicId
,
int
*
__result
)
{
*
__result
=
AddBrandContact
(
PublicId
);
STDMETHODIMP
CWeChatRobot
::
CAddBrandContact
(
DWORD
pid
,
BSTR
PublicId
,
int
*
__result
)
{
*
__result
=
AddBrandContact
(
pid
,
PublicId
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:保存路径
* 参数2:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CHookVoiceMsg
(
BSTR
savepath
,
int
*
__result
)
{
*
__result
=
HookVoiceMsg
(
savepath
);
STDMETHODIMP
CWeChatRobot
::
CHookVoiceMsg
(
DWORD
pid
,
BSTR
savepath
,
int
*
__result
)
{
*
__result
=
HookVoiceMsg
(
pid
,
savepath
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CUnHookVoiceMsg
(
int
*
__result
)
{
UnHookVoiceMsg
();
STDMETHODIMP
CWeChatRobot
::
CUnHookVoiceMsg
(
DWORD
pid
,
int
*
__result
)
{
UnHookVoiceMsg
(
pid
);
*
__result
=
0
;
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:保存路径
* 参数2:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CHookImageMsg
(
BSTR
savepath
,
int
*
__result
)
{
*
__result
=
HookImageMsg
(
savepath
);
STDMETHODIMP
CWeChatRobot
::
CHookImageMsg
(
DWORD
pid
,
BSTR
savepath
,
int
*
__result
)
{
*
__result
=
HookImageMsg
(
pid
,
savepath
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CUnHookImageMsg
(
int
*
__result
)
{
UnHookImageMsg
();
STDMETHODIMP
CWeChatRobot
::
CUnHookImageMsg
(
DWORD
pid
,
int
*
__result
)
{
UnHookImageMsg
(
pid
);
*
__result
=
0
;
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:版本号
* 参数2:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CChangeWeChatVer
(
BSTR
verStr
,
int
*
__result
)
{
*
__result
=
ChangeWeChatVer
(
verStr
);
STDMETHODIMP
CWeChatRobot
::
CChangeWeChatVer
(
DWORD
pid
,
BSTR
verStr
,
int
*
__result
)
{
*
__result
=
ChangeWeChatVer
(
pid
,
verStr
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:接收人wxid
* 参数2:小程序id
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CSendAppMsg
(
BSTR
wxid
,
BSTR
appid
,
int
*
__result
)
{
*
__result
=
SendAppMsg
(
wxid
,
appid
);
STDMETHODIMP
CWeChatRobot
::
CSendAppMsg
(
DWORD
pid
,
BSTR
wxid
,
BSTR
appid
,
int
*
__result
)
{
*
__result
=
SendAppMsg
(
pid
,
wxid
,
appid
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:要删除的人wxid
* 参数2:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CDeleteUser
(
BSTR
wxid
,
int
*
__result
)
{
*
__result
=
DeleteUser
(
wxid
);
STDMETHODIMP
CWeChatRobot
::
CDeleteUser
(
DWORD
pid
,
BSTR
wxid
,
int
*
__result
)
{
*
__result
=
DeleteUser
(
pid
,
wxid
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CIsWxLogin
(
int
*
__result
)
{
*
__result
=
isWxLogin
();
STDMETHODIMP
CWeChatRobot
::
CIsWxLogin
(
DWORD
pid
,
int
*
__result
)
{
*
__result
=
isWxLogin
(
pid
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:wxid或群聊id
* 参数2:备注内容
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CEditRemark
(
BSTR
wxid
,
BSTR
remark
,
int
*
__result
)
{
*
__result
=
EditRemark
(
wxid
,
remark
);
STDMETHODIMP
CWeChatRobot
::
CEditRemark
(
DWORD
pid
,
BSTR
wxid
,
BSTR
remark
,
int
*
__result
)
{
*
__result
=
EditRemark
(
pid
,
wxid
,
remark
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:群聊id
* 参数2:群聊名称
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CSetChatRoomName
(
BSTR
chatroomid
,
BSTR
name
,
int
*
__result
)
{
*
__result
=
SetChatRoomName
(
chatroomid
,
name
);
STDMETHODIMP
CWeChatRobot
::
CSetChatRoomName
(
DWORD
pid
,
BSTR
chatroomid
,
BSTR
name
,
int
*
__result
)
{
*
__result
=
SetChatRoomName
(
pid
,
chatroomid
,
name
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:群聊id
* 参数2:公告内容
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CSetChatRoomAnnouncement
(
BSTR
chatroomid
,
BSTR
announcement
,
int
*
__result
)
{
*
__result
=
SetChatRoomAnnouncement
(
chatroomid
,
announcement
);
STDMETHODIMP
CWeChatRobot
::
CSetChatRoomAnnouncement
(
DWORD
pid
,
BSTR
chatroomid
,
BSTR
announcement
,
int
*
__result
)
{
*
__result
=
SetChatRoomAnnouncement
(
pid
,
chatroomid
,
announcement
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:群聊id
* 参数2:个人昵称
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CSetChatRoomSelfNickname
(
BSTR
chatroomid
,
BSTR
nickname
,
int
*
__result
)
{
*
__result
=
SetChatRoomSelfNickname
(
chatroomid
,
nickname
);
STDMETHODIMP
CWeChatRobot
::
CSetChatRoomSelfNickname
(
DWORD
pid
,
BSTR
chatroomid
,
BSTR
nickname
,
int
*
__result
)
{
*
__result
=
SetChatRoomSelfNickname
(
pid
,
chatroomid
,
nickname
);
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:群聊id
* 参数2:群成员wxid
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CGetChatRoomMemberNickname
(
BSTR
chatroomid
,
BSTR
wxid
,
BSTR
*
__result
)
{
wstring
nickname
=
GetChatRoomMemberNickname
(
chatroomid
,
wxid
);
STDMETHODIMP
CWeChatRobot
::
CGetChatRoomMemberNickname
(
DWORD
pid
,
BSTR
chatroomid
,
BSTR
wxid
,
BSTR
*
__result
)
{
wstring
nickname
=
GetChatRoomMemberNickname
(
pid
,
chatroomid
,
wxid
);
*
__result
=
(
_bstr_t
)
nickname
.
c_str
();
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:群聊id
* 参数2:wxid列表
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CDelChatRoomMember
(
BSTR
chatroomid
,
VARIANT
*
wxids
,
int
*
__result
)
{
STDMETHODIMP
CWeChatRobot
::
CDelChatRoomMember
(
DWORD
pid
,
BSTR
chatroomid
,
VARIANT
*
wxids
,
int
*
__result
)
{
if
(
wxids
->
vt
==
VT_BSTR
)
{
*
__result
=
DelChatRoomMember
(
chatroomid
,
wxids
->
bstrVal
);
*
__result
=
DelChatRoomMember
(
pid
,
chatroomid
,
wxids
->
bstrVal
);
}
else
if
(
wxids
->
vt
==
(
VT_ARRAY
|
VT_VARIANT
))
{
SAFEARRAY
*
psaValue
=
wxids
->
parray
;
*
__result
=
DelChatRoomMember
(
chatroomid
,
psaValue
);
*
__result
=
DelChatRoomMember
(
pid
,
chatroomid
,
psaValue
);
}
return
S_OK
;
}
/*
* 参数0:目标进程pid
* 参数1:群聊id
* 参数2:wxid列表
* 参数3:预返回的值,调用时无需提供
*/
STDMETHODIMP
CWeChatRobot
::
CAddChatRoomMember
(
BSTR
chatroomid
,
VARIANT
*
wxids
,
int
*
__result
)
{
STDMETHODIMP
CWeChatRobot
::
CAddChatRoomMember
(
DWORD
pid
,
BSTR
chatroomid
,
VARIANT
*
wxids
,
int
*
__result
)
{
if
(
wxids
->
vt
==
VT_BSTR
)
{
*
__result
=
AddChatRoomMember
(
chatroomid
,
wxids
->
bstrVal
);
*
__result
=
AddChatRoomMember
(
pid
,
chatroomid
,
wxids
->
bstrVal
);
}
else
if
(
wxids
->
vt
==
(
VT_ARRAY
|
VT_VARIANT
))
{
SAFEARRAY
*
psaValue
=
wxids
->
parray
;
*
__result
=
AddChatRoomMember
(
chatroomid
,
psaValue
);
*
__result
=
AddChatRoomMember
(
pid
,
chatroomid
,
psaValue
);
}
return
S_OK
;
}
\ No newline at end of file
CWeChatRobot/WeChatRobot.h
浏览文件 @
eb0b1414
...
...
@@ -51,48 +51,48 @@ END_COM_MAP()
public:
STDMETHODIMP
CStartRobotService
(
int
*
__result
);
STDMETHODIMP
CStopRobotService
(
int
*
__result
);
STDMETHODIMP
CSendImage
(
BSTR
wxid
,
BSTR
imagepath
,
int
*
__result
);
STDMETHODIMP
CSendText
(
BSTR
wxid
,
BSTR
wxmsg
,
int
*
__result
);
STDMETHODIMP
CSendFile
(
BSTR
wxid
,
BSTR
filepath
,
int
*
__result
);
STDMETHODIMP
CSendArticle
(
BSTR
wxid
,
BSTR
title
,
BSTR
abstract
,
BSTR
url
,
BSTR
imgpath
,
int
*
__result
);
STDMETHODIMP
CSendCard
(
BSTR
receiver
,
BSTR
sharedwxid
,
BSTR
nickname
,
int
*
__result
);
STDMETHODIMP
CSendAtText
(
BSTR
chatroomid
,
VARIANT
*
wxid
,
BSTR
wxmsg
,
BOOL
AutoNickName
,
int
*
__result
);
STDMETHODIMP
CGetFriendList
(
VARIANT
*
__result
);
STDMETHODIMP
CGetFriendListString
(
BSTR
*
__result
);
STDMETHODIMP
CGetWxUserInfo
(
BSTR
wxid
,
BSTR
*
__result
);
STDMETHODIMP
CGetSelfInfo
(
BSTR
*
__result
);
STDMETHODIMP
CCheckFriendStatus
(
BSTR
wxid
,
int
*
__result
);
STDMETHODIMP
CStartRobotService
(
DWORD
pid
,
int
*
__result
);
STDMETHODIMP
CStopRobotService
(
DWORD
pid
,
int
*
__result
);
STDMETHODIMP
CSendImage
(
DWORD
pid
,
BSTR
wxid
,
BSTR
imagepath
,
int
*
__result
);
STDMETHODIMP
CSendText
(
DWORD
pid
,
BSTR
wxid
,
BSTR
wxmsg
,
int
*
__result
);
STDMETHODIMP
CSendFile
(
DWORD
pid
,
BSTR
wxid
,
BSTR
filepath
,
int
*
__result
);
STDMETHODIMP
CSendArticle
(
DWORD
pid
,
BSTR
wxid
,
BSTR
title
,
BSTR
abstract
,
BSTR
url
,
BSTR
imgpath
,
int
*
__result
);
STDMETHODIMP
CSendCard
(
DWORD
pid
,
BSTR
receiver
,
BSTR
sharedwxid
,
BSTR
nickname
,
int
*
__result
);
STDMETHODIMP
CSendAtText
(
DWORD
pid
,
BSTR
chatroomid
,
VARIANT
*
wxid
,
BSTR
wxmsg
,
BOOL
AutoNickName
,
int
*
__result
);
STDMETHODIMP
CGetFriendList
(
DWORD
pid
,
VARIANT
*
__result
);
STDMETHODIMP
CGetFriendListString
(
DWORD
pid
,
BSTR
*
__result
);
STDMETHODIMP
CGetWxUserInfo
(
DWORD
pid
,
BSTR
wxid
,
BSTR
*
__result
);
STDMETHODIMP
CGetSelfInfo
(
DWORD
pid
,
BSTR
*
__result
);
STDMETHODIMP
CCheckFriendStatus
(
DWORD
pid
,
BSTR
wxid
,
int
*
__result
);
STDMETHODIMP
CGetComWorkPath
(
BSTR
*
__result
);
STDMETHODIMP
CStartReceiveMessage
(
int
port
,
int
*
__result
);
STDMETHODIMP
CStopReceiveMessage
(
int
*
__result
);
STDMETHODIMP
CGetChatRoomMembers
(
BSTR
chatroomid
,
VARIANT
*
__result
);
STDMETHODIMP
CGetDbHandles
(
VARIANT
*
__result
);
STDMETHODIMP
CExecuteSQL
(
DWORD
DbHandle
,
BSTR
sql
,
VARIANT
*
__result
);
STDMETHODIMP
CBackupSQLiteDB
(
DWORD
DbHandle
,
BSTR
savepath
,
int
*
__result
);
STDMETHODIMP
CVerifyFriendApply
(
BSTR
v3
,
BSTR
v4
,
int
*
__result
);
STDMETHODIMP
CAddFriendByWxid
(
BSTR
wxid
,
BSTR
message
,
int
*
__result
);
STDMETHODIMP
CAddFriendByV3
(
BSTR
v3
,
BSTR
message
,
int
AddType
,
int
*
__result
);
STDMETHODIMP
CStartReceiveMessage
(
DWORD
pid
,
int
port
,
int
*
__result
);
STDMETHODIMP
CStopReceiveMessage
(
DWORD
pid
,
int
*
__result
);
STDMETHODIMP
CGetChatRoomMembers
(
DWORD
pid
,
BSTR
chatroomid
,
VARIANT
*
__result
);
STDMETHODIMP
CGetDbHandles
(
DWORD
pid
,
VARIANT
*
__result
);
STDMETHODIMP
CExecuteSQL
(
DWORD
pid
,
DWORD
DbHandle
,
BSTR
sql
,
VARIANT
*
__result
);
STDMETHODIMP
CBackupSQLiteDB
(
DWORD
pid
,
DWORD
DbHandle
,
BSTR
savepath
,
int
*
__result
);
STDMETHODIMP
CVerifyFriendApply
(
DWORD
pid
,
BSTR
v3
,
BSTR
v4
,
int
*
__result
);
STDMETHODIMP
CAddFriendByWxid
(
DWORD
pid
,
BSTR
wxid
,
BSTR
message
,
int
*
__result
);
STDMETHODIMP
CAddFriendByV3
(
DWORD
pid
,
BSTR
v3
,
BSTR
message
,
int
AddType
,
int
*
__result
);
STDMETHODIMP
CGetWeChatVer
(
BSTR
*
__result
);
STDMETHODIMP
CStartWeChat
(
int
*
__result
);
STDMETHODIMP
CSearchContactByNet
(
BSTR
keyword
,
VARIANT
*
__result
);
STDMETHODIMP
CAddBrandContact
(
BSTR
PublicId
,
int
*
__result
);
STDMETHODIMP
CHookVoiceMsg
(
BSTR
savepath
,
int
*
__result
);
STDMETHODIMP
CUnHookVoiceMsg
(
int
*
__result
);
STDMETHODIMP
CHookImageMsg
(
BSTR
savepath
,
int
*
__result
);
STDMETHODIMP
CUnHookImageMsg
(
int
*
__result
);
STDMETHODIMP
CChangeWeChatVer
(
BSTR
verStr
,
int
*
__result
);
STDMETHODIMP
CSendAppMsg
(
BSTR
wxid
,
BSTR
appid
,
int
*
__result
);
STDMETHODIMP
CDeleteUser
(
BSTR
wxid
,
int
*
__result
);
STDMETHODIMP
CIsWxLogin
(
int
*
__result
);
STDMETHODIMP
CEditRemark
(
BSTR
wxid
,
BSTR
remark
,
int
*
__result
);
STDMETHODIMP
CSetChatRoomName
(
BSTR
chatroomid
,
BSTR
name
,
int
*
__result
);
STDMETHODIMP
CSetChatRoomAnnouncement
(
BSTR
chatroomid
,
BSTR
announcement
,
int
*
__result
);
STDMETHODIMP
CSetChatRoomSelfNickname
(
BSTR
chatroomid
,
BSTR
nickname
,
int
*
__result
);
STDMETHODIMP
CGetChatRoomMemberNickname
(
BSTR
chatroomid
,
BSTR
wxid
,
BSTR
*
__result
);
STDMETHODIMP
CDelChatRoomMember
(
BSTR
chatroomid
,
VARIANT
*
wxids
,
int
*
__result
);
STDMETHODIMP
CAddChatRoomMember
(
BSTR
chatroomid
,
VARIANT
*
wxids
,
int
*
__result
);
STDMETHODIMP
CSearchContactByNet
(
DWORD
pid
,
BSTR
keyword
,
VARIANT
*
__result
);
STDMETHODIMP
CAddBrandContact
(
DWORD
pid
,
BSTR
PublicId
,
int
*
__result
);
STDMETHODIMP
CHookVoiceMsg
(
DWORD
pid
,
BSTR
savepath
,
int
*
__result
);
STDMETHODIMP
CUnHookVoiceMsg
(
DWORD
pid
,
int
*
__result
);
STDMETHODIMP
CHookImageMsg
(
DWORD
pid
,
BSTR
savepath
,
int
*
__result
);
STDMETHODIMP
CUnHookImageMsg
(
DWORD
pid
,
int
*
__result
);
STDMETHODIMP
CChangeWeChatVer
(
DWORD
pid
,
BSTR
verStr
,
int
*
__result
);
STDMETHODIMP
CSendAppMsg
(
DWORD
pid
,
BSTR
wxid
,
BSTR
appid
,
int
*
__result
);
STDMETHODIMP
CDeleteUser
(
DWORD
pid
,
BSTR
wxid
,
int
*
__result
);
STDMETHODIMP
CIsWxLogin
(
DWORD
pid
,
int
*
__result
);
STDMETHODIMP
CEditRemark
(
DWORD
pid
,
BSTR
wxid
,
BSTR
remark
,
int
*
__result
);
STDMETHODIMP
CSetChatRoomName
(
DWORD
pid
,
BSTR
chatroomid
,
BSTR
name
,
int
*
__result
);
STDMETHODIMP
CSetChatRoomAnnouncement
(
DWORD
pid
,
BSTR
chatroomid
,
BSTR
announcement
,
int
*
__result
);
STDMETHODIMP
CSetChatRoomSelfNickname
(
DWORD
pid
,
BSTR
chatroomid
,
BSTR
nickname
,
int
*
__result
);
STDMETHODIMP
CGetChatRoomMemberNickname
(
DWORD
pid
,
BSTR
chatroomid
,
BSTR
wxid
,
BSTR
*
__result
);
STDMETHODIMP
CDelChatRoomMember
(
DWORD
pid
,
BSTR
chatroomid
,
VARIANT
*
wxids
,
int
*
__result
);
STDMETHODIMP
CAddChatRoomMember
(
DWORD
pid
,
BSTR
chatroomid
,
VARIANT
*
wxids
,
int
*
__result
);
};
OBJECT_ENTRY_AUTO
(
__uuidof
(
WeChatRobot
),
CWeChatRobot
)
CWeChatRobot/WeChatRobotCOM.idl
浏览文件 @
eb0b1414
...
...
@@ -16,48 +16,48 @@ import "ocidl.idl";
]
interface
IWeChatRobot
:
IDispatch
{
[
id
(
1
),
helpstring
(
"启动服务"
)
]
HRESULT
CStartRobotService
(
[
out
,
retval
]
int
*
__result
)
;
[
id
(
2
),
helpstring
(
"关闭服务"
)
]
HRESULT
CStopRobotService
(
[
out
,
retval
]
int
*
__result
)
;
[
id
(
3
),
helpstring
(
"发送文本"
)
]
HRESULT
CSendText
(
[
in
]
BSTR
wxid
,
[
in
]
BSTR
wxmsg
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
4
),
helpstring
(
"发送图片"
)
]
HRESULT
CSendImage
(
[
in
]
BSTR
wxid
,
[
in
]
BSTR
imagepath
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
5
),
helpstring
(
"发送文件"
)
]
HRESULT
CSendFile
(
[
in
]
BSTR
wxid
,
[
in
]
BSTR
filepath
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
6
),
helpstring
(
"发送XML文章"
)
]
HRESULT
CSendArticle
(
[
in
]
BSTR
wxid
,
[
in
]
BSTR
title
,
[
in
]
BSTR
abstract
,
[
in
]
BSTR
url
,
[
in
]
BSTR
imgpath
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
7
),
helpstring
(
"发送名片"
)
]
HRESULT
CSendCard
(
[
in
]
BSTR
receiver
,
[
in
]
BSTR
sharedwxid
,
[
in
]
BSTR
nickname
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
8
),
helpstring
(
"获取联系人列表,返回数组"
)
]
HRESULT
CGetFriendList
(
[
out
,
retval
]
VARIANT
*
__result
)
;
[
id
(
9
),
helpstring
(
"获取联系人列表,返回JSON"
)
]
HRESULT
CGetFriendListString
(
[
out
,
retval
]
BSTR
*
__result
)
;
[
id
(
10
),
helpstring
(
"wxid查询好友信息"
)
]
HRESULT
CGetWxUserInfo
(
[
in
]
BSTR
wxid
,
[
out
,
retval
]
BSTR
*
__result
)
;
[
id
(
11
),
helpstring
(
"获取个人信息"
)
]
HRESULT
CGetSelfInfo
(
[
out
,
retval
]
BSTR
*
__result
)
;
[
id
(
13
),
helpstring
(
"检查是否被好友删除"
)
]
HRESULT
CCheckFriendStatus
(
[
in
]
BSTR
wxid
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
1
),
helpstring
(
"启动服务"
)
]
HRESULT
CStartRobotService
(
[
in
]
DWORD
pid
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
2
),
helpstring
(
"关闭服务"
)
]
HRESULT
CStopRobotService
(
[
in
]
DWORD
pid
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
3
),
helpstring
(
"发送文本"
)
]
HRESULT
CSendText
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
wxid
,
[
in
]
BSTR
wxmsg
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
4
),
helpstring
(
"发送图片"
)
]
HRESULT
CSendImage
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
wxid
,
[
in
]
BSTR
imagepath
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
5
),
helpstring
(
"发送文件"
)
]
HRESULT
CSendFile
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
wxid
,
[
in
]
BSTR
filepath
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
6
),
helpstring
(
"发送XML文章"
)
]
HRESULT
CSendArticle
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
wxid
,
[
in
]
BSTR
title
,
[
in
]
BSTR
abstract
,
[
in
]
BSTR
url
,
[
in
]
BSTR
imgpath
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
7
),
helpstring
(
"发送名片"
)
]
HRESULT
CSendCard
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
receiver
,
[
in
]
BSTR
sharedwxid
,
[
in
]
BSTR
nickname
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
8
),
helpstring
(
"获取联系人列表,返回数组"
)
]
HRESULT
CGetFriendList
(
[
in
]
DWORD
pid
,
[
out
,
retval
]
VARIANT
*
__result
)
;
[
id
(
9
),
helpstring
(
"获取联系人列表,返回JSON"
)
]
HRESULT
CGetFriendListString
(
[
in
]
DWORD
pid
,
[
out
,
retval
]
BSTR
*
__result
)
;
[
id
(
10
),
helpstring
(
"wxid查询好友信息"
)
]
HRESULT
CGetWxUserInfo
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
wxid
,
[
out
,
retval
]
BSTR
*
__result
)
;
[
id
(
11
),
helpstring
(
"获取个人信息"
)
]
HRESULT
CGetSelfInfo
(
[
in
]
DWORD
pid
,
[
out
,
retval
]
BSTR
*
__result
)
;
[
id
(
13
),
helpstring
(
"检查是否被好友删除"
)
]
HRESULT
CCheckFriendStatus
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
wxid
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
15
),
helpstring
(
"获取COM的工作目录"
)
]
HRESULT
CGetComWorkPath
(
[
out
,
retval
]
BSTR
*
__result
)
;
[
id
(
16
),
helpstring
(
"启动接收消息Hook"
)
]
HRESULT
CStartReceiveMessage
(
[
in
]
int
port
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
18
),
helpstring
(
"停止接收消息Hook"
)
]
HRESULT
CStopReceiveMessage
(
[
out
,
retval
]
int
*
__result
)
;
[
id
(
19
),
helpstring
(
"发送艾特消息"
)
]
HRESULT
CSendAtText
(
[
in
]
BSTR
chatroomid
,
[
in
]
VARIANT
*
wxid
,
[
in
]
BSTR
wxmsg
,
[
in
]
BOOL
AutoNickName
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
20
),
helpstring
(
"获取群成员wxid"
)
]
HRESULT
CGetChatRoomMembers
(
[
in
]
BSTR
chatroomid
,
[
out
,
retval
]
VARIANT
*
__result
)
;
[
id
(
21
),
helpstring
(
"获取数据库句柄"
)
]
HRESULT
CGetDbHandles
(
[
out
,
retval
]
VARIANT
*
__result
)
;
[
id
(
22
),
helpstring
(
"执行SQL"
)
]
HRESULT
CExecuteSQL
(
[
in
]
DWORD
DbHandle
,
[
in
]
BSTR
sql
,
[
out
,
retval
]
VARIANT
*
__result
)
;
[
id
(
23
),
helpstring
(
"备份数据库"
)
]
HRESULT
CBackupSQLiteDB
(
[
in
]
DWORD
DbHandle
,
[
in
]
BSTR
savepath
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
24
),
helpstring
(
"通过好友请求"
)
]
HRESULT
CVerifyFriendApply
(
[
in
]
BSTR
v3
,
[
in
]
BSTR
v4
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
25
),
helpstring
(
"wxid加好友"
)
]
HRESULT
CAddFriendByWxid
(
[
in
]
BSTR
wxid
,
[
in
]
BSTR
message
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
26
),
helpstring
(
"v3数据加好友"
)
]
HRESULT
CAddFriendByV3
(
[
in
]
BSTR
v3
,
[
in
]
BSTR
message
,
[
in
]
int
AddType
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
16
),
helpstring
(
"启动接收消息Hook"
)
]
HRESULT
CStartReceiveMessage
(
[
in
]
DWORD
pid
,
[
in
]
int
port
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
18
),
helpstring
(
"停止接收消息Hook"
)
]
HRESULT
CStopReceiveMessage
(
[
in
]
DWORD
pid
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
19
),
helpstring
(
"发送艾特消息"
)
]
HRESULT
CSendAtText
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
chatroomid
,
[
in
]
VARIANT
*
wxid
,
[
in
]
BSTR
wxmsg
,
[
in
]
BOOL
AutoNickName
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
20
),
helpstring
(
"获取群成员wxid"
)
]
HRESULT
CGetChatRoomMembers
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
chatroomid
,
[
out
,
retval
]
VARIANT
*
__result
)
;
[
id
(
21
),
helpstring
(
"获取数据库句柄"
)
]
HRESULT
CGetDbHandles
(
[
in
]
DWORD
pid
,
[
out
,
retval
]
VARIANT
*
__result
)
;
[
id
(
22
),
helpstring
(
"执行SQL"
)
]
HRESULT
CExecuteSQL
(
[
in
]
DWORD
pid
,
[
in
]
DWORD
DbHandle
,
[
in
]
BSTR
sql
,
[
out
,
retval
]
VARIANT
*
__result
)
;
[
id
(
23
),
helpstring
(
"备份数据库"
)
]
HRESULT
CBackupSQLiteDB
(
[
in
]
DWORD
pid
,
[
in
]
DWORD
DbHandle
,
[
in
]
BSTR
savepath
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
24
),
helpstring
(
"通过好友请求"
)
]
HRESULT
CVerifyFriendApply
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
v3
,
[
in
]
BSTR
v4
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
25
),
helpstring
(
"wxid加好友"
)
]
HRESULT
CAddFriendByWxid
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
wxid
,
[
in
]
BSTR
message
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
26
),
helpstring
(
"v3数据加好友"
)
]
HRESULT
CAddFriendByV3
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
v3
,
[
in
]
BSTR
message
,
[
in
]
int
AddType
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
27
),
helpstring
(
"获取微信版本号(注册表)"
)
]
HRESULT
CGetWeChatVer
(
[
out
,
retval
]
BSTR
*
__result
)
;
[
id
(
28
),
helpstring
(
"启动微信"
)
]
HRESULT
CStartWeChat
(
[
out
,
retval
]
int
*
__result
)
;
[
id
(
29
),
helpstring
(
"网络查询用户信息"
)
]
HRESULT
CSearchContactByNet
(
[
in
]
BSTR
keyword
,
[
out
,
retval
]
VARIANT
*
__result
)
;
[
id
(
30
),
helpstring
(
"关注公众号"
)
]
HRESULT
CAddBrandContact
(
[
in
]
BSTR
PublicId
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
31
),
helpstring
(
"Hook语音消息"
)
]
HRESULT
CHookVoiceMsg
(
[
in
]
BSTR
savepath
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
32
),
helpstring
(
"取消Hook语音消息"
)
]
HRESULT
CUnHookVoiceMsg
(
[
out
,
retval
]
int
*
__result
)
;
[
id
(
33
),
helpstring
(
"Hook图片消息"
)
]
HRESULT
CHookImageMsg
(
[
in
]
BSTR
savepath
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
34
),
helpstring
(
"取消Hook图片消息"
)
]
HRESULT
CUnHookImageMsg
(
[
out
,
retval
]
int
*
__result
)
;
[
id
(
35
),
helpstring
(
"修改微信版本号"
)
]
HRESULT
CChangeWeChatVer
(
[
in
]
BSTR
verStr
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
36
),
helpstring
(
"发送小程序"
)
]
HRESULT
CSendAppMsg
(
[
in
]
BSTR
wxid
,
[
in
]
BSTR
appid
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
37
),
helpstring
(
"删除好友"
)
]
HRESULT
CDeleteUser
(
[
in
]
BSTR
wxid
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
38
),
helpstring
(
"获取登录状态"
)
]
HRESULT
CIsWxLogin
(
[
out
,
retval
]
int
*
__result
)
;
[
id
(
39
),
helpstring
(
"修改好友备注"
)
]
HRESULT
CEditRemark
(
[
in
]
BSTR
wxid
,
[
in
]
BSTR
remark
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
40
),
helpstring
(
"修改群聊名称"
)
]
HRESULT
CSetChatRoomName
(
[
in
]
BSTR
chatroomid
,
[
in
]
BSTR
name
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
41
),
helpstring
(
"修改群公告"
)
]
HRESULT
CSetChatRoomAnnouncement
(
[
in
]
BSTR
chatroomid
,
[
in
]
BSTR
announcement
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
42
),
helpstring
(
"修改群聊个人昵称"
)
]
HRESULT
CSetChatRoomSelfNickname
(
[
in
]
BSTR
chatroomid
,
[
in
]
BSTR
nickname
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
43
),
helpstring
(
"获取指定群成员昵称"
)
]
HRESULT
CGetChatRoomMemberNickname
(
[
in
]
BSTR
chatroomid
,
[
in
]
BSTR
wxid
,
[
out
,
retval
]
BSTR
*
__result
)
;
[
id
(
44
),
helpstring
(
"删除群成员"
)
]
HRESULT
CDelChatRoomMember
(
[
in
]
BSTR
chatroomid
,
[
in
]
VARIANT
*
wxids
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
45
),
helpstring
(
"添加群成员"
)
]
HRESULT
CAddChatRoomMember
(
[
in
]
BSTR
chatroomid
,
[
in
]
VARIANT
*
wxids
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
29
),
helpstring
(
"网络查询用户信息"
)
]
HRESULT
CSearchContactByNet
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
keyword
,
[
out
,
retval
]
VARIANT
*
__result
)
;
[
id
(
30
),
helpstring
(
"关注公众号"
)
]
HRESULT
CAddBrandContact
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
PublicId
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
31
),
helpstring
(
"Hook语音消息"
)
]
HRESULT
CHookVoiceMsg
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
savepath
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
32
),
helpstring
(
"取消Hook语音消息"
)
]
HRESULT
CUnHookVoiceMsg
(
[
in
]
DWORD
pid
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
33
),
helpstring
(
"Hook图片消息"
)
]
HRESULT
CHookImageMsg
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
savepath
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
34
),
helpstring
(
"取消Hook图片消息"
)
]
HRESULT
CUnHookImageMsg
(
[
in
]
DWORD
pid
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
35
),
helpstring
(
"修改微信版本号"
)
]
HRESULT
CChangeWeChatVer
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
verStr
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
36
),
helpstring
(
"发送小程序"
)
]
HRESULT
CSendAppMsg
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
wxid
,
[
in
]
BSTR
appid
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
37
),
helpstring
(
"删除好友"
)
]
HRESULT
CDeleteUser
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
wxid
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
38
),
helpstring
(
"获取登录状态"
)
]
HRESULT
CIsWxLogin
(
[
in
]
DWORD
pid
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
39
),
helpstring
(
"修改好友备注"
)
]
HRESULT
CEditRemark
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
wxid
,
[
in
]
BSTR
remark
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
40
),
helpstring
(
"修改群聊名称"
)
]
HRESULT
CSetChatRoomName
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
chatroomid
,
[
in
]
BSTR
name
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
41
),
helpstring
(
"修改群公告"
)
]
HRESULT
CSetChatRoomAnnouncement
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
chatroomid
,
[
in
]
BSTR
announcement
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
42
),
helpstring
(
"修改群聊个人昵称"
)
]
HRESULT
CSetChatRoomSelfNickname
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
chatroomid
,
[
in
]
BSTR
nickname
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
43
),
helpstring
(
"获取指定群成员昵称"
)
]
HRESULT
CGetChatRoomMemberNickname
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
chatroomid
,
[
in
]
BSTR
wxid
,
[
out
,
retval
]
BSTR
*
__result
)
;
[
id
(
44
),
helpstring
(
"删除群成员"
)
]
HRESULT
CDelChatRoomMember
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
chatroomid
,
[
in
]
VARIANT
*
wxids
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
45
),
helpstring
(
"添加群成员"
)
]
HRESULT
CAddChatRoomMember
(
[
in
]
DWORD
pid
,
[
in
]
BSTR
chatroomid
,
[
in
]
VARIANT
*
wxids
,
[
out
,
retval
]
int
*
__result
)
;
}
;
[
object
,
...
...
@@ -68,7 +68,7 @@ interface IWeChatRobot : IDispatch
]
interface
IRobotEvent
:
IDispatch
{
[
id
(
1
),
helpstring
(
"用于微信主动推送消息"
)
]
HRESULT
CPostMessage
(
[
in
]
VARIANT
*
msg
,
[
out
,
retval
]
int
*
__result
)
;
[
id
(
1
),
helpstring
(
"用于微信主动推送消息"
)
]
HRESULT
CPostMessage
(
[
in
]
int
msgtype
,
[
in
]
VARIANT
*
msg
,
[
out
,
retval
]
int
*
__result
)
;
}
;
[
uuid
(
721
abb35
-
141
a
-
4
aa2
-
94
f2
-
762
e2833fa6c
),
...
...
CWeChatRobot/WeChatRobotCOM.vcxproj
浏览文件 @
eb0b1414
...
...
@@ -225,6 +225,7 @@
<ClInclude
Include=
"GetChatRoomMembers.h"
/>
<ClInclude
Include=
"GetDbHandles.h"
/>
<ClInclude
Include=
"InjectDll.h"
/>
<ClInclude
Include=
"ntapi.h"
/>
<ClInclude
Include=
"pch.h"
/>
<ClInclude
Include=
"ReceiveMessage.h"
/>
<ClInclude
Include=
"Resource.h"
/>
...
...
@@ -268,6 +269,7 @@
<ClCompile
Include=
"HookImageMessage.cpp"
/>
<ClCompile
Include=
"HookVoiceMessage.cpp"
/>
<ClCompile
Include=
"InjectDll.cpp"
/>
<ClCompile
Include=
"ntapi.cpp"
/>
<ClCompile
Include=
"pch.cpp"
>
<PrecompiledHeader
Condition=
"'$(Configuration)|$(Platform)'=='Debug|Win32'"
>
Create
</PrecompiledHeader>
<PrecompiledHeader
Condition=
"'$(Configuration)|$(Platform)'=='Debug|x64'"
>
Create
</PrecompiledHeader>
...
...
CWeChatRobot/WeChatRobotCOM.vcxproj.filters
浏览文件 @
eb0b1414
...
...
@@ -229,6 +229,9 @@
<ClInclude
Include=
"GetChatRoomMemberNickname.h"
>
<Filter>
群相关\获取群成员昵称
</Filter>
</ClInclude>
<ClInclude
Include=
"ntapi.h"
>
<Filter>
头文件
</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<ClCompile
Include=
"WeChatRobotCOM.cpp"
>
...
...
@@ -348,6 +351,9 @@
<ClCompile
Include=
"GetChatRoomMemberNickname.cpp"
>
<Filter>
群相关\获取群成员昵称
</Filter>
</ClCompile>
<ClCompile
Include=
"ntapi.cpp"
>
<Filter>
源文件
</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ResourceCompile
Include=
"WeChatRobotCOM.rc"
>
...
...
CWeChatRobot/WeChatRobotCOM_i.h
浏览文件 @
eb0b1414
此差异已折叠。
点击以展开。
CWeChatRobot/WeChatRobotCOM_p.c
浏览文件 @
eb0b1414
此差异已折叠。
点击以展开。
CWeChatRobot/ntapi.cpp
0 → 100644
浏览文件 @
eb0b1414
#include "pch.h"
#include "ntapi.h"
#pragma comment(lib,"ntdll.lib")
HMODULE
hNtdll
=
GetModuleHandle
(
L"ntdll.dll"
);
pNtQuerySystemInformation
NtQuerySystemInformation
=
(
pNtQuerySystemInformation
)
GetProcAddress
(
hNtdll
,
"NtQuerySystemInformation"
);
pNtDuplicateObject
NtDuplicateObject
=
(
pNtDuplicateObject
)
GetProcAddress
(
hNtdll
,
"NtDuplicateObject"
);
pNtQueryObject
NtQueryObject
=
(
pNtQueryObject
)
GetProcAddress
(
hNtdll
,
"NtQueryObject"
);
BOOL
CloseProcessHandle
(
DWORD
pid
,
wchar_t
*
handlename
)
{
wstring
name
(
handlename
);
NTSTATUS
status
;
PSYSTEM_HANDLE_INFORMATION
handleInfo
;
ULONG
handleInfoSize
=
0x10000
;
HANDLE
processHandle
,
dupHandle
;
POBJECT_TYPE_INFORMATION
objectTypeInfo
;
SYSTEM_HANDLE
handle
=
{
0
};
bool
thao
=
false
;
wstring
str
=
L""
;
handleInfo
=
(
PSYSTEM_HANDLE_INFORMATION
)
malloc
(
handleInfoSize
);
while
((
status
=
NtQuerySystemInformation
(
SystemHandleInformation
,
handleInfo
,
handleInfoSize
,
NULL
)
)
==
STATUS_INFO_LENGTH_MISMATCH
)
{
handleInfoSize
*=
2
;
PSYSTEM_HANDLE_INFORMATION
tempinfo
=
(
PSYSTEM_HANDLE_INFORMATION
)
realloc
(
handleInfo
,
(
size_t
)
handleInfoSize
);
if
(
tempinfo
)
handleInfo
=
tempinfo
;
}
if
(
handleInfo
==
NULL
)
{
return
false
;
}
for
(
ULONG
i
=
0
;
i
<
handleInfo
->
HandleCount
;
i
++
)
{
thao
=
false
;
handle
=
handleInfo
->
Handles
[
i
];
if
(
handle
.
ProcessId
!=
pid
)
continue
;
processHandle
=
OpenProcess
(
PROCESS_DUP_HANDLE
,
FALSE
,
pid
);
if
(
processHandle
!=
NULL
)
{
status
=
NtDuplicateObject
(
processHandle
,
(
HANDLE
)
handle
.
Handle
,
GetCurrentProcess
(),
&
dupHandle
,
0
,
0
,
0
);
if
(
status
==
0
)
{
objectTypeInfo
=
(
POBJECT_TYPE_INFORMATION
)
malloc
(
0x2000
);
if
(
NtQueryObject
(
dupHandle
,
ObjectTypeInformation
,
objectTypeInfo
,
0x1000
,
NULL
)
==
0
)
{
if
(
objectTypeInfo
!=
NULL
)
{
str
=
wstring
(
objectTypeInfo
->
Name
.
Buffer
);
}
if
(
str
==
L"Mutant"
)
{
NtQueryObject
(
dupHandle
,
ObjectNameInformation
,
objectTypeInfo
,
0x1000
,
NULL
);
if
(
objectTypeInfo
!=
NULL
)
{
str
=
wstring
(
objectTypeInfo
->
Name
.
Buffer
?
objectTypeInfo
->
Name
.
Buffer
:
L""
);
}
if
(
str
.
find
(
name
)
!=
wstring
::
npos
)
{
thao
=
true
;
}
}
else
if
(
str
==
L"Semaphore"
)
{
NtQueryObject
(
dupHandle
,
ObjectNameInformation
,
objectTypeInfo
,
0x1000
,
NULL
);
if
(
objectTypeInfo
!=
NULL
)
{
str
=
wstring
(
objectTypeInfo
->
Name
.
Buffer
?
objectTypeInfo
->
Name
.
Buffer
:
L""
);
}
if
(
str
.
find
(
name
)
!=
wstring
::
npos
)
{
thao
=
true
;
}
}
}
CloseHandle
(
dupHandle
);
free
(
objectTypeInfo
);
objectTypeInfo
=
NULL
;
if
(
thao
==
true
)
{
HANDLE
h_another_proc
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
DuplicateHandle
(
h_another_proc
,
(
HANDLE
)
handle
.
Handle
,
GetCurrentProcess
(),
&
dupHandle
,
0
,
FALSE
,
DUPLICATE_SAME_ACCESS
|
DUPLICATE_CLOSE_SOURCE
);
// ر
CloseHandle
(
dupHandle
);
CloseHandle
(
h_another_proc
);
}
}
CloseHandle
(
processHandle
);
}
}
free
(
handleInfo
);
handleInfo
=
NULL
;
return
thao
;
}
\ No newline at end of file
CWeChatRobot/ntapi.h
0 → 100644
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
#ifndef _WIN64
typedef
_Return_type_success_
(
return
>=
0
)
LONG
NTSTATUS
;
typedef
NTSTATUS
*
PNTSTATUS
;
#endif // !_WIN64
#define STATUS_INFO_LENGTH_MISMATCH 0xc0000004
#define SystemHandleInformation 16
#define ObjectBasicInformation 0
#define ObjectNameInformation 1
#define ObjectTypeInformation 2
/*
* 函数指针、数据结构以及宏参考如下仓库
* https://github.com/winsiderss/systeminformer
*/
#define RtlPointerToOffset(Base, Pointer) ((ULONG)(((PCHAR)(Pointer)) - ((PCHAR)(Base))))
#define RtlOffsetToPointer(Base, Offset) ((PCHAR)(((PCHAR)(Base)) + ((ULONG_PTR)(Offset))))
#define NtCurrentProcess() ((HANDLE)(LONG_PTR)-1)
#ifndef OBJ_PROTECT_CLOSE
#define OBJ_PROTECT_CLOSE 0x00000001
#endif
#ifndef OBJ_INHERIT
#define OBJ_INHERIT 0x00000002
#endif
#ifndef OBJ_AUDIT_OBJECT_CLOSE
#define OBJ_AUDIT_OBJECT_CLOSE 0x00000004
#endif
#define InitializeObjectAttributes(p, n, a, r, s) { \
(p)->Length = sizeof(OBJECT_ATTRIBUTES); \
(p)->RootDirectory = r; \
(p)->Attributes = a; \
(p)->ObjectName = n; \
(p)->SecurityDescriptor = s; \
(p)->SecurityQualityOfService = NULL; \
}
typedef
enum
_SECTION_INHERIT
{
ViewShare
=
1
,
ViewUnmap
=
2
}
SECTION_INHERIT
;
typedef
enum
_SECTION_INFORMATION_CLASS
{
SectionBasicInformation
,
SectionImageInformation
,
SectionRelocationInformation
,
SectionOriginalBaseInformation
,
SectionInternalImageInformation
,
MaxSectionInfoClass
}
SECTION_INFORMATION_CLASS
;
typedef
struct
_UNICODE_STRING
{
USHORT
Length
;
USHORT
MaximumLength
;
_Field_size_bytes_part_
(
MaximumLength
,
Length
)
PWCH
Buffer
;
}
UNICODE_STRING
,
*
PUNICODE_STRING
;
typedef
struct
_OBJECT_ATTRIBUTES
{
ULONG
Length
;
HANDLE
RootDirectory
;
PUNICODE_STRING
ObjectName
;
ULONG
Attributes
;
PVOID
SecurityDescriptor
;
PVOID
SecurityQualityOfService
;
}
OBJECT_ATTRIBUTES
,
*
POBJECT_ATTRIBUTES
;
typedef
struct
_SECTION_IMAGE_INFORMATION
{
PVOID
TransferAddress
;
ULONG
ZeroBits
;
SIZE_T
MaximumStackSize
;
SIZE_T
CommittedStackSize
;
ULONG
SubSystemType
;
union
{
struct
{
USHORT
SubSystemMinorVersion
;
USHORT
SubSystemMajorVersion
;
};
ULONG
SubSystemVersion
;
};
union
{
struct
{
USHORT
MajorOperatingSystemVersion
;
USHORT
MinorOperatingSystemVersion
;
};
ULONG
OperatingSystemVersion
;
};
USHORT
ImageCharacteristics
;
USHORT
DllCharacteristics
;
USHORT
Machine
;
BOOLEAN
ImageContainsCode
;
union
{
UCHAR
ImageFlags
;
struct
{
UCHAR
ComPlusNativeReady
:
1
;
UCHAR
ComPlusILOnly
:
1
;
UCHAR
ImageDynamicallyRelocated
:
1
;
UCHAR
ImageMappedFlat
:
1
;
UCHAR
BaseBelow4gb
:
1
;
UCHAR
ComPlusPrefer32bit
:
1
;
UCHAR
Reserved
:
2
;
};
};
ULONG
LoaderFlags
;
ULONG
ImageFileSize
;
ULONG
CheckSum
;
}
SECTION_IMAGE_INFORMATION
,
*
PSECTION_IMAGE_INFORMATION
;
typedef
struct
_SYSTEM_HANDLE
{
ULONG
ProcessId
;
BYTE
ObjectTypeNumber
;
BYTE
Flags
;
USHORT
Handle
;
PVOID
Object
;
ACCESS_MASK
GrantedAccess
;
}
SYSTEM_HANDLE
,
*
PSYSTEM_HANDLE
;
typedef
struct
_SYSTEM_HANDLE_INFORMATION
{
ULONG
HandleCount
;
SYSTEM_HANDLE
Handles
[
1
];
}
SYSTEM_HANDLE_INFORMATION
,
*
PSYSTEM_HANDLE_INFORMATION
;
typedef
enum
_POOL_TYPE
{
NonPagedPool
,
PagedPool
,
NonPagedPoolMustSucceed
,
DontUseThisType
,
NonPagedPoolCacheAligned
,
PagedPoolCacheAligned
,
NonPagedPoolCacheAlignedMustS
}
POOL_TYPE
,
*
PPOOL_TYPE
;
typedef
struct
_OBJECT_TYPE_INFORMATION
{
UNICODE_STRING
Name
;
ULONG
TotalNumberOfObjects
;
ULONG
TotalNumberOfHandles
;
ULONG
TotalPagedPoolUsage
;
ULONG
TotalNonPagedPoolUsage
;
ULONG
TotalNamePoolUsage
;
ULONG
TotalHandleTableUsage
;
ULONG
HighWaterNumberOfObjects
;
ULONG
HighWaterNumberOfHandles
;
ULONG
HighWaterPagedPoolUsage
;
ULONG
HighWaterNonPagedPoolUsage
;
ULONG
HighWaterNamePoolUsage
;
ULONG
HighWaterHandleTableUsage
;
ULONG
InvalidAttributes
;
GENERIC_MAPPING
GenericMapping
;
ULONG
ValidAccess
;
BOOLEAN
SecurityRequired
;
BOOLEAN
MaintainHandleCount
;
USHORT
MaintainTypeList
;
POOL_TYPE
PoolType
;
ULONG
PagedPoolUsage
;
ULONG
NonPagedPoolUsage
;
}
OBJECT_TYPE_INFORMATION
,
*
POBJECT_TYPE_INFORMATION
;
typedef
NTSYSCALLAPI
PIMAGE_NT_HEADERS
(
NTAPI
*
pRtlImageNtHeader
)(
_In_
PVOID
BaseOfImage
);
typedef
NTSYSCALLAPI
PVOID
(
NTAPI
*
pRtlImageDirectoryEntryToData
)(
_In_
PVOID
BaseOfImage
,
_In_
BOOLEAN
MappedAsImage
,
_In_
USHORT
DirectoryEntry
,
_Out_
PULONG
Size
);
typedef
NTSYSCALLAPI
NTSTATUS
(
NTAPI
*
pZwOpenSection
)(
_Out_
PHANDLE
SectionHandle
,
_In_
ACCESS_MASK
DesiredAccess
,
_In_
POBJECT_ATTRIBUTES
ObjectAttributes
);
typedef
NTSYSCALLAPI
NTSTATUS
(
NTAPI
*
pZwQuerySection
)(
_In_
HANDLE
SectionHandle
,
_In_
SECTION_INFORMATION_CLASS
SectionInformationClass
,
_Out_writes_bytes_
(
SectionInformationLength
)
PVOID
SectionInformation
,
_In_
SIZE_T
SectionInformationLength
,
_Out_opt_
PSIZE_T
ReturnLength
);
typedef
NTSYSCALLAPI
NTSTATUS
(
NTAPI
*
pZwMapViewOfSection
)(
_In_
HANDLE
SectionHandle
,
_In_
HANDLE
ProcessHandle
,
_Inout_
_At_
(
*
BaseAddress
,
_Readable_bytes_
(
*
ViewSize
)
_Writable_bytes_
(
*
ViewSize
)
_Post_readable_byte_size_
(
*
ViewSize
))
PVOID
*
BaseAddress
,
_In_
ULONG_PTR
ZeroBits
,
_In_
SIZE_T
CommitSize
,
_Inout_opt_
PLARGE_INTEGER
SectionOffset
,
_Inout_
PSIZE_T
ViewSize
,
_In_
SECTION_INHERIT
InheritDisposition
,
_In_
ULONG
AllocationType
,
_In_
ULONG
Win32Protect
);
typedef
NTSYSCALLAPI
NTSTATUS
(
NTAPI
*
pZwUnmapViewOfSection
)(
_In_
HANDLE
ProcessHandle
,
_In_opt_
PVOID
BaseAddress
);
typedef
NTSYSCALLAPI
NTSTATUS
(
NTAPI
*
pNtClose
)(
_In_
_Post_ptr_invalid_
HANDLE
Handle
);
typedef
NTSYSCALLAPI
NTSTATUS
(
NTAPI
*
pNtQuerySystemInformation
)(
ULONG
SystemInformationClass
,
PVOID
SystemInformation
,
ULONG
SystemInformationLength
,
PULONG
ReturnLength
);
typedef
NTSYSCALLAPI
NTSTATUS
(
NTAPI
*
pNtDuplicateObject
)(
HANDLE
SourceProcessHandle
,
HANDLE
SourceHandle
,
HANDLE
TargetProcessHandle
,
PHANDLE
TargetHandle
,
ACCESS_MASK
DesiredAccess
,
ULONG
Attributes
,
ULONG
Options
);
typedef
NTSYSCALLAPI
NTSTATUS
(
NTAPI
*
pNtQueryObject
)(
HANDLE
ObjectHandle
,
ULONG
ObjectInformationClass
,
PVOID
ObjectInformation
,
ULONG
ObjectInformationLength
,
PULONG
ReturnLength
);
\ No newline at end of file
CWeChatRobot/pch.cpp
浏览文件 @
eb0b1414
...
...
@@ -58,8 +58,6 @@ DWORD ChangeWeChatVerRemoteOffset = 0x0;
wstring
SelfInfoString
=
L""
;
HANDLE
hProcess
=
NULL
;
BOOL
isFileExists_stat
(
string
&
name
)
{
struct
stat
buffer
;
return
(
stat
(
name
.
c_str
(),
&
buffer
)
==
0
);
...
...
@@ -78,7 +76,8 @@ BOOL CreateConsole() {
return
1
;
}
DWORD
GetWeChatRobotBase
()
{
DWORD
GetWeChatRobotBase
(
DWORD
pid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
0
;
DWORD
dwWriteSize
=
0
;
...
...
@@ -88,8 +87,7 @@ DWORD GetWeChatRobotBase() {
else
return
0
;
DWORD
dwHandle
,
dwID
;
LPVOID
pFunc
=
GetModuleHandleW
;
HANDLE
hThread
=
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
pFunc
,
pRemoteAddress
,
0
,
&
dwID
);
HANDLE
hThread
=
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
GetModuleHandleW
,
pRemoteAddress
,
0
,
&
dwID
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
GetExitCodeThread
(
hThread
,
&
dwHandle
);
...
...
@@ -99,6 +97,32 @@ DWORD GetWeChatRobotBase() {
}
CloseHandle
(
hThread
);
VirtualFreeEx
(
hProcess
,
pRemoteAddress
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwHandle
;
}
DWORD
GetWeChatWinBase
(
DWORD
pid
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
0
;
DWORD
dwWriteSize
=
0
;
LPVOID
pRemoteAddress
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
if
(
pRemoteAddress
)
WriteProcessMemory
(
hProcess
,
pRemoteAddress
,
L"WeChatWin.dll"
,
wcslen
(
L"WeChatWin.dll"
)
*
2
+
2
,
&
dwWriteSize
);
else
return
0
;
DWORD
dwHandle
,
dwID
;
HANDLE
hThread
=
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
GetModuleHandleW
,
pRemoteAddress
,
0
,
&
dwID
);
if
(
hThread
)
{
WaitForSingleObject
(
hThread
,
INFINITE
);
GetExitCodeThread
(
hThread
,
&
dwHandle
);
}
else
{
return
0
;
}
CloseHandle
(
hThread
);
VirtualFreeEx
(
hProcess
,
pRemoteAddress
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwHandle
;
}
...
...
@@ -228,12 +252,7 @@ DWORD GetWeChatPid() {
return
wxPid
;
}
DWORD
StartRobotService
()
{
DWORD
wxPid
=
GetWeChatPid
();
if
(
!
wxPid
)
{
MessageBoxA
(
NULL
,
"请先启动目标程序"
,
"提示"
,
MB_ICONWARNING
);
return
1
;
}
DWORD
StartRobotService
(
DWORD
pid
)
{
wstring
wworkPath
=
GetComWorkPath
();
wchar_t
*
workPath
=
(
wchar_t
*
)
wworkPath
.
c_str
();
if
(
!
GetProcOffset
(
workPath
))
{
...
...
@@ -242,32 +261,17 @@ DWORD StartRobotService() {
MessageBox
(
NULL
,
info
,
L"致命错误!"
,
MB_ICONWARNING
);
return
1
;
};
if
(
!
hProcess
)
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
wxPid
);
bool
status
=
Inject
(
wxPid
,
workPath
);
if
(
status
==
1
)
{
CloseHandle
(
hProcess
);
hProcess
=
NULL
;
return
status
;
}
bool
status
=
Inject
(
pid
,
workPath
);
return
status
;
}
DWORD
StopRobotService
()
{
DWORD
StopRobotService
(
DWORD
pid
)
{
DWORD
cpid
=
GetCurrentProcessId
();
DWORD
wxPid
=
GetWeChatPid
();
if
(
!
wxPid
)
{
hProcess
=
NULL
;
if
(
pid
==
0
)
return
cpid
;
}
if
(
!
hProcess
)
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
wxPid
);
RemoveDll
(
wxPid
);
RemoveDll
(
pid
);
ZeroMemory
((
wchar_t
*
)
SelfInfoString
.
c_str
(),
SelfInfoString
.
length
()
*
2
+
2
);
CloseHandle
(
hProcess
);
hProcess
=
NULL
;
StopReceiveMessage
();
return
cpid
;
return
0
;
}
wstring
GetComWorkPath
()
{
...
...
@@ -320,11 +324,34 @@ tstring GetWeChatVerStr() {
return
verStr
;
}
VOID
StartWeChat
()
static
bool
CloseAllWxProcessMutexHandle
()
{
HANDLE
hsnapshot
=
CreateToolhelp32Snapshot
(
TH32CS_SNAPPROCESS
,
0
);
if
(
hsnapshot
==
INVALID_HANDLE_VALUE
)
{
return
false
;
}
PROCESSENTRY32
pe
;
pe
.
dwSize
=
sizeof
(
PROCESSENTRY32
);
int
flag
=
Process32First
(
hsnapshot
,
&
pe
);
while
(
flag
!=
0
)
{
if
(
lstrcmp
(
pe
.
szExeFile
,
L"WeChat.exe"
)
==
0
)
{
CloseProcessHandle
(
pe
.
th32ProcessID
,
L"_WeChat_App_Instance_Identity_Mutex_Name"
);
}
flag
=
Process32Next
(
hsnapshot
,
&
pe
);
}
CloseHandle
(
hsnapshot
);
return
true
;
}
DWORD
StartWeChat
()
{
CloseAllWxProcessMutexHandle
();
tstring
szAppName
=
GetWeChatInstallDir
();
if
(
szAppName
.
length
()
==
0
)
return
;
return
0
;
szAppName
+=
TEXT
(
"
\\
WeChat.exe"
);
STARTUPINFO
StartInfo
;
ZeroMemory
(
&
StartInfo
,
sizeof
(
StartInfo
));
...
...
@@ -336,4 +363,11 @@ VOID StartWeChat()
CloseHandle
(
procStruct
.
hProcess
);
CloseHandle
(
procStruct
.
hThread
);
}
if
(
procStruct
.
dwProcessId
==
0
)
return
0
;
DWORD
WeChatWinBase
=
0
;
while
((
WeChatWinBase
=
GetWeChatWinBase
(
procStruct
.
dwProcessId
))
==
0
)
{
Sleep
(
500
);
}
return
procStruct
.
dwProcessId
;
}
\ No newline at end of file
CWeChatRobot/pch.h
浏览文件 @
eb0b1414
...
...
@@ -37,14 +37,17 @@ using namespace std;
#endif
BOOL
isFileExists_stat
(
string
&
name
);
DWORD
GetWeChatRobotBase
();
DWORD
GetWeChatRobotBase
(
DWORD
pid
);
DWORD
GetWeChatWinBase
(
DWORD
pid
);
DWORD
GetWeChatPid
();
DWORD
StartRobotService
();
DWORD
StopRobotService
();
DWORD
StartRobotService
(
DWORD
pid
);
DWORD
StopRobotService
(
DWORD
pid
);
BOOL
CreateConsole
();
wstring
GetComWorkPath
();
tstring
GetWeChatInstallDir
();
DWORD
GetWeChatVerInt
();
tstring
GetWeChatVerStr
();
VOID
StartWeChat
();
\ No newline at end of file
DWORD
StartWeChat
();
BOOL
CloseProcessHandle
(
DWORD
pid
,
wchar_t
*
handlename
);
\ No newline at end of file
CWeChatRobot/robotdata.h
浏览文件 @
eb0b1414
...
...
@@ -28,7 +28,7 @@
#include "DelChatRoomMember.h"
#include "AddChatRoomMember.h"
extern
HANDLE
hProcess
;
//
extern HANDLE hProcess;
extern
DWORD
SendImageOffset
;
extern
DWORD
SendTextOffset
;
extern
DWORD
SendFileOffset
;
...
...
CWeChatRobot/wechatver.cpp
浏览文件 @
eb0b1414
#include "pch.h"
BOOL
ChangeWeChatVer
(
wchar_t
*
verStr
)
{
BOOL
ChangeWeChatVer
(
DWORD
pid
,
wchar_t
*
verStr
)
{
HANDLE
hProcess
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
if
(
!
hProcess
)
return
1
;
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
();
DWORD
WeChatRobotBase
=
GetWeChatRobotBase
(
pid
);
if
(
!
WeChatRobotBase
)
{
CloseHandle
(
hProcess
);
return
1
;
}
DWORD
dwId
=
0
;
DWORD
dwRet
=
0x0
;
LPVOID
verStraddr
=
VirtualAllocEx
(
hProcess
,
NULL
,
1
,
MEM_COMMIT
,
PAGE_READWRITE
);
DWORD
dwWriteSize
=
0
;
if
(
!
verStraddr
)
if
(
!
verStraddr
)
{
CloseHandle
(
hProcess
);
return
1
;
}
WriteProcessMemory
(
hProcess
,
verStraddr
,
verStr
,
wcslen
(
verStr
)
*
2
+
2
,
&
dwWriteSize
);
DWORD
ChangeWeChatVerRemoteAddr
=
WeChatRobotBase
+
ChangeWeChatVerRemoteOffset
;
HANDLE
hThread
=
::
CreateRemoteThread
(
hProcess
,
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
ChangeWeChatVerRemoteAddr
,
verStraddr
,
0
,
&
dwId
);
...
...
@@ -19,5 +26,6 @@ BOOL ChangeWeChatVer(wchar_t* verStr) {
CloseHandle
(
hThread
);
}
VirtualFreeEx
(
hProcess
,
verStraddr
,
0
,
MEM_RELEASE
);
CloseHandle
(
hProcess
);
return
dwRet
==
0
;
}
\ No newline at end of file
CWeChatRobot/wechatver.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
BOOL
ChangeWeChatVer
(
wchar_t
*
verStr
);
\ No newline at end of file
BOOL
ChangeWeChatVer
(
DWORD
pid
,
wchar_t
*
verStr
);
\ No newline at end of file
DWeChatRobot/CheckFriendStatus.cpp
浏览文件 @
eb0b1414
...
...
@@ -80,6 +80,8 @@ VOID HookFriendStatusCode(){
if
(
CheckFriendStatusHooked
)
return
;
DWORD
WeChatWinBase
=
GetWeChatWinBase
();
CheckFriendStatusNextCallAddress
=
WeChatWinBase
+
CheckFriendStatusNextCallOffset
;
CheckFriendStatusHookJmpBackAddress
=
WeChatWinBase
+
CheckFriendStatusHookJmpBackOffset
;
DWORD
dwHookAddress
=
WeChatWinBase
+
CheckFriendStatusHookOffset
;
HookAnyAddress
(
dwHookAddress
,
doHookVerifyUserResult
,
OldAsmCode
);
CheckFriendStatusHooked
=
true
;
...
...
DWeChatRobot/DbExecuteSql.cpp
浏览文件 @
eb0b1414
...
...
@@ -17,10 +17,6 @@ typedef int(__cdecl* Sqlite3_exec)(
char
**
/* Write error messages here */
);
DWORD
WeChatWinBase
=
GetWeChatWinBase
();
// sqlite3_exec函数地址
DWORD
sqlite3_execAddr
=
WeChatWinBase
+
OffsetFromIdaAddr
(
IDA_SQLITE3_EXEC_ADDRESS
);
/*
* 外部调用时传递的参数结构
* ptrDb:数据库句柄
...
...
@@ -184,6 +180,8 @@ void ClearResultArray() {
* return:void*,执行成功返回数组指针,执行失败返回`0`
*/
void
*
ExecuteSQL
(
DWORD
ptrDb
,
const
char
*
sql
,
DWORD
callback
,
void
*
data
)
{
DWORD
WeChatWinBase
=
GetWeChatWinBase
();
DWORD
sqlite3_execAddr
=
WeChatWinBase
+
OffsetFromIdaAddr
(
IDA_SQLITE3_EXEC_ADDRESS
);
Sqlite3_exec
p_Sqlite3_exec
=
(
Sqlite3_exec
)
sqlite3_execAddr
;
int
status
=
p_Sqlite3_exec
(
ptrDb
,
sql
,
(
sqlite3_callback
)
callback
,
data
,
0
);
if
(
status
!=
SQLITE_OK
)
...
...
DWeChatRobot/HookImageMessage.cpp
浏览文件 @
eb0b1414
...
...
@@ -72,8 +72,12 @@ __declspec(naked) void dealImageMsg() {
}
void
__stdcall
HookImageMsg
()
{
if
(
ImageMsgHooked
)
WeChatWinBase
=
GetWeChatWinBase
();
if
(
ImageMsgHooked
||
!
WeChatWinBase
)
return
;
HookImageMsgAddr
=
WeChatWinBase
+
HookImageMsgAddrOffset
;
HookImageMsgNextCall
=
WeChatWinBase
+
HookImageMsgNextCallOffset
;
HookImageMsgJmpBackAddr
=
HookImageMsgAddr
+
0x5
;
HookAnyAddress
(
HookImageMsgAddr
,
dealImageMsg
,
ImageMsgOldAsm
);
char
settime
[]
=
"00:00-00:00"
;
DWORD
AutoDownloadTimeSettingAddr
=
GetWeChatWinBase
()
+
AutoDownloadTimeSettingOffset
;
...
...
DWeChatRobot/HookVoiceMessage.cpp
浏览文件 @
eb0b1414
...
...
@@ -57,8 +57,12 @@ __declspec(naked) void dealVoiceMsg() {
}
void
__stdcall
HookVoiceMsg
()
{
if
(
VoiceMsgHooked
)
WeChatWinBase
=
GetWeChatWinBase
();
if
(
VoiceMsgHooked
||
!
WeChatWinBase
)
return
;
HookVoiceMsgAddr
=
WeChatWinBase
+
HookVoiceMsgAddrOffset
;
HookVoiceMsgNextCall
=
WeChatWinBase
+
HookVoiceMsgNextCallOffset
;
HookVoiceMsgJmpBackAddr
=
HookVoiceMsgAddr
+
0x5
;
HookAnyAddress
(
HookVoiceMsgAddr
,
dealVoiceMsg
,
VoiceMsgOldAsm
);
VoiceMsgHooked
=
true
;
}
...
...
DWeChatRobot/LogMsgInfo.cpp
浏览文件 @
eb0b1414
...
...
@@ -7,18 +7,26 @@
// HOOK的跳转地址偏移
#define HookLogMsgJmpBackOffset 0x78E10449 - 0x786A0000
static
DWORD
WeChatWinBase
=
GetWeChatWinBase
();
// 微信日志HOOK地址
DWORD
HookLogMsgInfoAddr
=
GetWeChatWinBase
()
+
HookLogMsgInfoAddrOffset
;
static
DWORD
HookLogMsgInfoAddr
=
WeChatWinBase
+
HookLogMsgInfoAddrOffset
;
// HOOK的CALL地址
DWORD
NextCallAddr
=
GetWeChatWinBase
()
+
HookLogMsgInfoNextCallOffset
;
static
DWORD
NextCallAddr
=
WeChatWinBase
+
HookLogMsgInfoNextCallOffset
;
// HOOK的跳转地址
DWORD
JmpBackAddr
=
GetWeChatWinBase
()
+
HookLogMsgJmpBackOffset
;
static
DWORD
JmpBackAddr
=
WeChatWinBase
+
HookLogMsgJmpBackOffset
;
// 是否开启日志HOOK标志
BOOL
LogMsgHooked
=
false
;
static
BOOL
LogMsgHooked
=
false
;
// 保存HOOK前的指令用于恢复
char
LogOldAsmCode
[
5
]
=
{
0
};
static
void
SendLogToComServer
(
wchar_t
*
logmsg
)
{
// _variant_t log = logmsg;
// PostComMessage(WX_LOG_MESSAGE, &log);
delete
[]
logmsg
;
logmsg
=
NULL
;
}
/*
* 处理函数,打印日志信息
* msg:日志信息
...
...
@@ -27,6 +35,7 @@ char LogOldAsmCode[5] = { 0 };
VOID
PrintMsg
(
DWORD
msg
)
{
if
(
!
msg
)
return
;
DWORD
dwId
=
0
;
char
*
utf8_message
=
(
char
*
)
msg
;
int
c_size
=
MultiByteToWideChar
(
CP_UTF8
,
0
,
utf8_message
,
-
1
,
0
,
0
);
wchar_t
*
wmessage
=
new
wchar_t
[
c_size
+
1
];
...
...
@@ -36,9 +45,17 @@ VOID PrintMsg(DWORD msg) {
char
*
message
=
new
char
[
c_size
+
1
];
memset
(
message
,
0
,
c_size
+
1
);
WideCharToMultiByte
(
CP_ACP
,
0
,
wmessage
,
-
1
,
message
,
c_size
,
0
,
0
);
#ifndef USE_SOCKET
HANDLE
hThread
=
CreateThread
(
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
SendLogToComServer
,
wmessage
,
NULL
,
&
dwId
);
if
(
hThread
)
CloseHandle
(
hThread
);
#else
delete
[]
wmessage
;
wmessage
=
NULL
;
#endif
#ifdef _DEBUG
cout
<<
message
;
#endif
delete
[]
message
;
message
=
NULL
;
return
;
...
...
@@ -66,8 +83,12 @@ __declspec(naked) void doprintmsg(){
* return:void
*/
VOID
HookLogMsgInfo
()
{
if
(
LogMsgHooked
)
WeChatWinBase
=
GetWeChatWinBase
();
if
(
LogMsgHooked
||
!
WeChatWinBase
)
return
;
HookLogMsgInfoAddr
=
WeChatWinBase
+
HookLogMsgInfoAddrOffset
;
NextCallAddr
=
WeChatWinBase
+
HookLogMsgInfoNextCallOffset
;
JmpBackAddr
=
WeChatWinBase
+
HookLogMsgJmpBackOffset
;
HookAnyAddress
(
HookLogMsgInfoAddr
,(
LPVOID
)
doprintmsg
,
LogOldAsmCode
);
LogMsgHooked
=
true
;
}
...
...
DWeChatRobot/ReceiveMessage.cpp
浏览文件 @
eb0b1414
...
...
@@ -22,6 +22,7 @@ using namespace std;
static
int
SRVPORT
=
0
;
struct
ScoketMsgStruct
{
DWORD
pid
;
int
messagetype
;
BOOL
isSendMessage
;
wchar_t
sender
[
80
];
...
...
@@ -36,18 +37,19 @@ BOOL ReceiveMessageHooked = false;
// 保存HOOK前的字节码,用于恢复
char
OldReceiveMessageAsmCode
[
5
]
=
{
0
};
char
OldSendMessageAsmCode
[
5
]
=
{
0
};
static
DWORD
WeChatWinBase
=
GetWeChatWinBase
();
// 接收消息HOOK地址
DWORD
ReceiveMessageHookAddress
=
GetWeChatWinBase
()
+
ReceiveMessageHookOffset
;
static
DWORD
ReceiveMessageHookAddress
=
WeChatWinBase
+
ReceiveMessageHookOffset
;
// 接收消息HOOK的CALL地址
DWORD
ReceiveMessageNextCall
=
GetWeChatWinBase
()
+
ReceiveMessageNextCallOffset
;
static
DWORD
ReceiveMessageNextCall
=
WeChatWinBase
+
ReceiveMessageNextCallOffset
;
// 接收HOOK的跳转地址
DWORD
ReceiveMessageJmpBackAddress
=
ReceiveMessageHookAddress
+
0x5
;
static
DWORD
ReceiveMessageJmpBackAddress
=
ReceiveMessageHookAddress
+
0x5
;
// 发送消息HOOK地址
DWORD
SendMessageHookAddress
=
GetWeChatWinBase
()
+
SendMessageHookOffset
;
static
DWORD
SendMessageHookAddress
=
WeChatWinBase
+
SendMessageHookOffset
;
// 发送消息HOOK的CALL地址
DWORD
SendMessageNextCall
=
GetWeChatWinBase
()
+
SendMessageNextCallOffset
;
static
DWORD
SendMessageNextCall
=
WeChatWinBase
+
SendMessageNextCallOffset
;
// 发送HOOK的跳转地址
DWORD
SendMessageJmpBackAddress
=
SendMessageHookAddress
+
0x5
;
static
DWORD
SendMessageJmpBackAddress
=
SendMessageHookAddress
+
0x5
;
// 通过socket将消息发送给服务端
BOOL
SendSocketMessage
(
ReceiveMsgStruct
*
ms
)
...
...
@@ -82,6 +84,7 @@ BOOL SendSocketMessage(ReceiveMsgStruct* ms)
char
recvbuf
[
1024
]
=
{
0
};
ScoketMsgStruct
*
sms
=
new
ScoketMsgStruct
;
ZeroMemory
(
sms
,
sizeof
(
ScoketMsgStruct
));
sms
->
pid
=
ms
->
pid
;
sms
->
messagetype
=
ms
->
messagetype
;
sms
->
isSendMessage
=
ms
->
isSendMessage
;
memcpy
(
sms
->
wxid
,
ms
->
wxid
,
ms
->
l_wxid
*
2
);
...
...
@@ -122,6 +125,7 @@ static SAFEARRAY* CreateMessageArray(ReceiveMsgStruct* ms) {
HRESULT
hr
=
S_OK
;
SAFEARRAY
*
psaValue
;
vector
<
wstring
>
MessageInfoKey
=
{
L"pid"
,
L"type"
,
L"isSendMessage"
,
ms
->
isSendMessage
?
L"sendto"
:
L"from"
,
...
...
@@ -139,12 +143,12 @@ static SAFEARRAY* CreateMessageArray(ReceiveMsgStruct* ms) {
_variant_t
key
=
MessageInfoKey
[
i
].
c_str
();
hr
=
SafeArrayPutElement
(
psaValue
,
keyIndex
,
&
key
);
keyIndex
[
0
]
=
i
;
keyIndex
[
1
]
=
1
;
if
(
i
<
2
)
{
if
(
i
<
3
)
{
_variant_t
value
=
((
DWORD
*
)
ms
)[
i
];
hr
=
SafeArrayPutElement
(
psaValue
,
keyIndex
,
&
value
);
}
else
{
_variant_t
value
=
((
wchar_t
**
)
ms
)[
i
*
2
-
2
];
_variant_t
value
=
((
wchar_t
**
)
ms
)[
i
*
2
-
3
];
hr
=
SafeArrayPutElement
(
psaValue
,
keyIndex
,
&
value
);
}
}
...
...
@@ -156,6 +160,7 @@ static void dealMessage(DWORD messageAddr) {
BOOL
isSendMessage
=
*
(
BOOL
*
)(
messageAddr
+
0x3C
);
ReceiveMsgStruct
*
message
=
new
ReceiveMsgStruct
;
ZeroMemory
(
message
,
sizeof
(
ReceiveMsgStruct
));
message
->
pid
=
GetCurrentProcessId
();
message
->
isSendMessage
=
isSendMessage
;
message
->
time
=
GetTimeW
(
*
(
DWORD
*
)(
messageAddr
+
0x44
));
message
->
l_time
=
wcslen
(
message
->
time
);
...
...
@@ -198,7 +203,7 @@ static void dealMessage(DWORD messageAddr) {
VARIANT
vsaValue
;
vsaValue
.
vt
=
VT_ARRAY
|
VT_VARIANT
;
V_ARRAY
(
&
vsaValue
)
=
psaValue
;
PostComMessage
(
&
vsaValue
);
PostComMessage
(
WX_MESSAGE
,
&
vsaValue
);
#endif
HANDLE
hThread
=
CreateThread
(
NULL
,
0
,
(
LPTHREAD_START_ROUTINE
)
SendSocketMessage
,
message
,
NULL
,
0
);
if
(
hThread
)
{
...
...
@@ -219,7 +224,6 @@ VOID ReceiveMessage(DWORD messagesAddr) {
}
}
/*
* HOOK的具体实现,接收到消息后调用处理函数
*/
...
...
@@ -261,8 +265,15 @@ _declspec(naked) void dealSendMessage() {
*/
VOID
HookReceiveMessage
(
int
port
)
{
SRVPORT
=
port
;
if
(
ReceiveMessageHooked
)
WeChatWinBase
=
GetWeChatWinBase
();
if
(
ReceiveMessageHooked
||
!
WeChatWinBase
)
return
;
ReceiveMessageHookAddress
=
WeChatWinBase
+
ReceiveMessageHookOffset
;
ReceiveMessageNextCall
=
WeChatWinBase
+
ReceiveMessageNextCallOffset
;
ReceiveMessageJmpBackAddress
=
ReceiveMessageHookAddress
+
0x5
;
SendMessageHookAddress
=
WeChatWinBase
+
SendMessageHookOffset
;
SendMessageNextCall
=
WeChatWinBase
+
SendMessageNextCallOffset
;
SendMessageJmpBackAddress
=
SendMessageHookAddress
+
0x5
;
HookAnyAddress
(
ReceiveMessageHookAddress
,(
LPVOID
)
dealReceiveMessage
,
OldReceiveMessageAsmCode
);
HookAnyAddress
(
SendMessageHookAddress
,
(
LPVOID
)
dealSendMessage
,
OldSendMessageAsmCode
);
ReceiveMessageHooked
=
TRUE
;
...
...
DWeChatRobot/SearchContactByNet.cpp
浏览文件 @
eb0b1414
...
...
@@ -142,8 +142,16 @@ __declspec(naked) void dealUserInfo() {
}
static
void
HookSearchContact
()
{
if
(
SearchContactHooked
)
WeChatWinBase
=
GetWeChatWinBase
();
if
(
SearchContactHooked
||
WeChatWinBase
==
0
)
return
;
HookSearchContactErrcodeNextCall
=
WeChatWinBase
+
HookSearchContactErrcodeNextCallOffset
;
HookSearchContactErrcodeAddr
=
WeChatWinBase
+
HookSearchContactErrcodeAddrOffset
;
HookSearchContactErrcodeJmpBackAddr
=
HookSearchContactErrcodeAddr
+
0x5
;
HookUserInfoNextCall
=
WeChatWinBase
+
HookUserInfoNextCallOffset
;
HookUserInfoAddr
=
WeChatWinBase
+
HookUserInfoAddrOffset
;
HookUserInfoJmpBackAddr
=
HookUserInfoAddr
+
0x5
;
HookAnyAddress
(
HookSearchContactErrcodeAddr
,
(
LPVOID
)
dealSearchContactErrcode
,
HookSearchContactErrcodeOldAsm
);
HookAnyAddress
(
HookUserInfoAddr
,(
LPVOID
)
dealUserInfo
,
HookUserInfoOldAsm
);
SearchContactHooked
=
true
;
...
...
DWeChatRobot/comclient.cpp
浏览文件 @
eb0b1414
...
...
@@ -33,7 +33,7 @@ public:
}
};
BOOL
PostComMessage
(
VARIANT
*
msg
)
{
BOOL
PostComMessage
(
int
msgtype
,
VARIANT
*
msg
)
{
HRESULT
hr
=
S_OK
;
hr
=
CoInitializeEx
(
0
,
COINIT_APARTMENTTHREADED
);
if
(
FAILED
(
hr
))
...
...
@@ -50,7 +50,7 @@ BOOL PostComMessage(VARIANT* msg) {
AtlAdvise(spRobotEvent, sinkptr, __uuidof(_IRobotEventEvents), &cookies);
*/
int
__result
=
0
;
spRobotEvent
->
CPostMessage
(
msg
,
&
__result
);
spRobotEvent
->
CPostMessage
(
msg
type
,
msg
,
&
__result
);
}
else
{
return
false
;
...
...
DWeChatRobot/comclient.h
浏览文件 @
eb0b1414
...
...
@@ -3,4 +3,7 @@
#define USE_COM
#include<comutil.h>
#pragma comment(lib, "comsuppw.lib")
BOOL
PostComMessage
(
VARIANT
*
msg
);
\ No newline at end of file
#define WX_MESSAGE 1
#define WX_LOG_MESSAGE 2
BOOL
PostComMessage
(
int
msgtype
,
VARIANT
*
msg
);
\ No newline at end of file
DWeChatRobot/wxdata.h
浏览文件 @
eb0b1414
...
...
@@ -56,6 +56,7 @@ struct WxString
* filepath:图片、文件及其他资源的保存路径;l_filepath:`filepath`字符数
*/
struct
ReceiveMsgStruct
{
DWORD
pid
;
DWORD
messagetype
;
BOOL
isSendMessage
;
wchar_t
*
sender
;
...
...
Python/test.py
浏览文件 @
eb0b1414
...
...
@@ -6,16 +6,15 @@ Created on Sat Apr 16 14:06:24 2022
"""
import
time
import
os
import
wxRobot
from
wxRobot
import
WeChatRobot
def
test_SendText
():
def
test_SendText
(
wx
):
path
=
os
.
path
.
split
(
os
.
path
.
realpath
(
__file__
))[
0
]
# image full path
imgpath
=
os
.
path
.
join
(
path
,
'test
\\
测试图片.png'
)
# file full path
filepath
=
os
.
path
.
join
(
path
,
'test
\\
测试文件'
)
wx
=
WeChatRobot
()
wx
.
StartService
()
myinfo
=
wx
.
GetSelfInfo
()
chatwith
=
wx
.
GetFriendByWxNickName
(
"文件传输助手"
)
session
=
wx
.
GetChatSession
(
chatwith
.
get
(
'wxid'
))
...
...
@@ -27,12 +26,9 @@ def test_SendText():
session
.
SendArticle
(
"天气预报"
,
"点击查看"
,
"http://www.baidu.com"
)
shared
=
wx
.
GetFriendByWxNickName
(
"码农翻身"
)
if
shared
:
session
.
SendCard
(
shared
.
get
(
'wxid'
),
shared
.
get
(
'wxNickName'
))
wx
.
StopService
()
def
test_FriendStatus
():
def
test_FriendStatus
(
wx
):
f
=
open
(
'Friendstatus.txt'
,
'wt'
,
encoding
=
'utf-8'
)
wx
=
WeChatRobot
()
wx
.
StartService
()
FriendList
=
wx
.
GetFriendList
()
index
=
"
\t
"
.
join
([
'微信号'
,
'昵称'
,
'备注'
,
'状态'
,
'
\n
'
])
f
.
writelines
(
index
)
...
...
@@ -46,27 +42,23 @@ def test_FriendStatus():
time
.
sleep
(
1
)
break
f
.
close
()
wx
.
StopService
()
def
test_ExecuteSQL
():
wx
=
WeChatRobot
()
wx
.
StartService
()
def
test_ExecuteSQL
(
wx
):
try
:
dbs
=
wx
.
GetDbHandles
()
dbname
=
'MicroMsg.db'
handle
=
dbs
.
get
(
dbname
).
get
(
'Handle'
)
sql
=
'select a.UserName as `wxID`,a.Alias as `微信号`,a.EncryptUserName as `V3数据`,
\
a.Type as `联系人类型`,a.VerifyFlag as `添加方式`,a.Remark as `备注`,a.NickName as `昵称`,b.bigHeadImgUrl as `头像`
\
a.Type as `联系人类型`,a.VerifyFlag as `添加方式`,a.Remark as `备注`,a.NickName as `昵称`,b.bigHeadImgUrl as `头像`,
\
a.ExtraBuf as `扩展数据`
\
from Contact a inner join ContactHeadImgUrl b where a.UserName=b.usrName and a.Type=3 limit 10'
result
=
wx
.
ExecuteSQL
(
handle
,
sql
)
print
(
result
)
except
:
except
Exception
as
e
:
print
(
e
)
pass
wx
.
StopService
()
def
test_BackupDb
():
wx
=
WeChatRobot
()
wx
.
StartService
()
def
test_BackupDb
(
wx
):
try
:
dbs
=
wx
.
GetDbHandles
()
dbname
=
'MicroMsg.db'
...
...
@@ -75,14 +67,22 @@ def test_BackupDb():
print
(
rc
)
except
:
pass
wx
.
StopService
()
if
__name__
==
'__main__'
:
wx
=
WeChatRobot
()
print
(
wx
.
GetWeChatVer
())
interfaces
=
[
i
for
i
in
dir
(
wx
.
robot
)
if
'_'
not
in
i
and
i
[
0
]
==
'C'
]
def
show_interfaces
()
:
robot
=
wxRobot
.
_WeChatRobotClient
.
instance
().
robot
print
(
robot
.
C
GetWeChatVer
())
interfaces
=
[
i
for
i
in
dir
(
robot
)
if
'_'
not
in
i
and
i
[
0
]
==
'C'
]
for
interface
in
interfaces
:
print
(
interface
)
wx
.
StartService
()
wx
.
StartReceiveMessage
()
wx
.
StopService
()
\ No newline at end of file
if
__name__
==
'__main__'
:
pids
=
wxRobot
.
GetWeChatPids
()
wx_list
=
[
WeChatRobot
(
pid
)
for
pid
in
pids
]
if
len
(
wx_list
)
<
1
:
wx_list
=
wx_list
+
[
wxRobot
.
StartWeChat
()]
*
(
1
-
len
(
wx_list
))
for
wx
in
wx_list
:
wx
.
StartService
()
wx
.
StartReceiveMessage
()
wxRobot
.
StartSocketServer
()
for
wx
in
wx_list
:
wx
.
StopService
()
\ No newline at end of file
Python/wxRobot.py
浏览文件 @
eb0b1414
此差异已折叠。
点击以展开。
README.md
浏览文件 @
eb0b1414
...
...
@@ -15,6 +15,12 @@ PC微信机器人,实现以下功能:
4.
聊天记录备份
5.
其他你能想到的用途
# tips
1、当前分支是兼容多开的Beta版本,可通过pid进行多开管理
2、
`CStartWeChat`
接口可打开一个新的微信实例并返回该进程的pid,但仍然需要用户手动调用
`CStartRobotService`
进行注入
3、已经重新整理python socket server和连接点,可以实现多微信消息聚合
4、另外一个小小的诉求,如果您所在的公司有C++或Python岗位空缺,并且办公地点在北京、深圳,希望能提供内推机会给我,可以通过ljc545w@qq.com联系到我,不胜感激~
# 可用版本
微信电脑版
**3.5.0.46**
微信电脑版
**3.6.0.18**
...
...
Release/CWeChatRobot.exe
浏览文件 @
eb0b1414
无法预览此类型文件
Release/DWeChatRobot.dll
浏览文件 @
eb0b1414
无法预览此类型文件
Release/socket/SWeChatRobot.dll
浏览文件 @
eb0b1414
无法预览此类型文件
Release/socket/wxDriver.dll
浏览文件 @
eb0b1414
无法预览此类型文件
Release/socket/wxDriver64.dll
浏览文件 @
eb0b1414
无法预览此类型文件
wxDriver/driver.h
浏览文件 @
eb0b1414
...
...
@@ -9,6 +9,8 @@ using namespace std;
#ifdef _WIN64
PVOID
GetSystem32ProcAddr
(
PCWSTR
ObjectName
,
PCSTR
procName
);
#endif
BOOL
CloseProcessHandle
(
DWORD
pid
,
wchar_t
*
handlename
);
BOOL
InjectDll
(
DWORD
dwId
,
const
wchar_t
*
szPath
);
BOOL
RemoveDll
(
DWORD
dwId
,
PCWSTR
dllname
);
...
...
wxDriver/ntapi.cpp
浏览文件 @
eb0b1414
#include "pch.h"
#ifdef _WIN64
#include "driver.h"
#include "ntapi.h"
#include "driver.h"
#pragma comment(lib,"ntdll.lib")
HMODULE
hNtdll
=
GetModuleHandle
(
L"ntdll.dll"
);
pNtQuerySystemInformation
NtQuerySystemInformation
=
(
pNtQuerySystemInformation
)
GetProcAddress
(
hNtdll
,
"NtQuerySystemInformation"
);
pNtDuplicateObject
NtDuplicateObject
=
(
pNtDuplicateObject
)
GetProcAddress
(
hNtdll
,
"NtDuplicateObject"
);
pNtQueryObject
NtQueryObject
=
(
pNtQueryObject
)
GetProcAddress
(
hNtdll
,
"NtQueryObject"
);
#ifdef _WIN64
pZwOpenSection
ZwOpenSection
=
(
pZwOpenSection
)
GetProcAddress
(
hNtdll
,
"ZwOpenSection"
);
pZwQuerySection
ZwQuerySection
=
(
pZwQuerySection
)
GetProcAddress
(
hNtdll
,
"ZwQuerySection"
);
pZwMapViewOfSection
ZwMapViewOfSection
=
(
pZwMapViewOfSection
)
GetProcAddress
(
hNtdll
,
"ZwMapViewOfSection"
);
...
...
@@ -87,4 +92,87 @@ PVOID GetSystem32ProcAddr(PCWSTR ObjectName, PCSTR procName)
}
return
pv
;
}
#endif
\ No newline at end of file
#endif
BOOL
CloseProcessHandle
(
DWORD
pid
,
wchar_t
*
handlename
)
{
wstring
name
(
handlename
);
NTSTATUS
status
;
PSYSTEM_HANDLE_INFORMATION
handleInfo
;
ULONG
handleInfoSize
=
0x10000
;
HANDLE
processHandle
,
dupHandle
;
POBJECT_TYPE_INFORMATION
objectTypeInfo
;
SYSTEM_HANDLE
handle
=
{
0
};
bool
thao
=
false
;
wstring
str
=
L""
;
handleInfo
=
(
PSYSTEM_HANDLE_INFORMATION
)
malloc
(
handleInfoSize
);
while
((
status
=
NtQuerySystemInformation
(
SystemHandleInformation
,
handleInfo
,
handleInfoSize
,
NULL
)
)
==
STATUS_INFO_LENGTH_MISMATCH
)
{
handleInfoSize
*=
2
;
PSYSTEM_HANDLE_INFORMATION
tempinfo
=
(
PSYSTEM_HANDLE_INFORMATION
)
realloc
(
handleInfo
,
(
size_t
)
handleInfoSize
);
if
(
tempinfo
)
handleInfo
=
tempinfo
;
}
if
(
handleInfo
==
NULL
)
{
return
false
;
}
for
(
ULONG
i
=
0
;
i
<
handleInfo
->
HandleCount
;
i
++
)
{
thao
=
false
;
handle
=
handleInfo
->
Handles
[
i
];
if
(
handle
.
ProcessId
!=
pid
)
continue
;
processHandle
=
OpenProcess
(
PROCESS_DUP_HANDLE
,
FALSE
,
pid
);
if
(
processHandle
!=
NULL
)
{
status
=
NtDuplicateObject
(
processHandle
,
(
HANDLE
)
handle
.
Handle
,
GetCurrentProcess
(),
&
dupHandle
,
0
,
0
,
0
);
if
(
status
==
0
)
{
objectTypeInfo
=
(
POBJECT_TYPE_INFORMATION
)
malloc
(
0x2000
);
if
(
NtQueryObject
(
dupHandle
,
ObjectTypeInformation
,
objectTypeInfo
,
0x1000
,
NULL
)
==
0
)
{
if
(
objectTypeInfo
!=
NULL
)
{
str
=
wstring
(
objectTypeInfo
->
Name
.
Buffer
);
}
if
(
str
==
L"Mutant"
)
{
NtQueryObject
(
dupHandle
,
ObjectNameInformation
,
objectTypeInfo
,
0x1000
,
NULL
);
if
(
objectTypeInfo
!=
NULL
)
{
str
=
wstring
(
objectTypeInfo
->
Name
.
Buffer
?
objectTypeInfo
->
Name
.
Buffer
:
L""
);
}
if
(
str
.
find
(
name
)
!=
wstring
::
npos
)
{
thao
=
true
;
}
}
else
if
(
str
==
L"Semaphore"
)
{
NtQueryObject
(
dupHandle
,
ObjectNameInformation
,
objectTypeInfo
,
0x1000
,
NULL
);
if
(
objectTypeInfo
!=
NULL
)
{
str
=
wstring
(
objectTypeInfo
->
Name
.
Buffer
?
objectTypeInfo
->
Name
.
Buffer
:
L""
);
}
if
(
str
.
find
(
name
)
!=
wstring
::
npos
)
{
thao
=
true
;
}
}
}
CloseHandle
(
dupHandle
);
free
(
objectTypeInfo
);
objectTypeInfo
=
NULL
;
if
(
thao
==
true
)
{
HANDLE
h_another_proc
=
OpenProcess
(
PROCESS_ALL_ACCESS
,
FALSE
,
pid
);
DuplicateHandle
(
h_another_proc
,
(
HANDLE
)
handle
.
Handle
,
GetCurrentProcess
(),
&
dupHandle
,
0
,
FALSE
,
DUPLICATE_SAME_ACCESS
|
DUPLICATE_CLOSE_SOURCE
);
// ر
CloseHandle
(
dupHandle
);
CloseHandle
(
h_another_proc
);
}
}
CloseHandle
(
processHandle
);
}
}
free
(
handleInfo
);
handleInfo
=
NULL
;
return
thao
;
}
\ No newline at end of file
wxDriver/ntapi.h
浏览文件 @
eb0b1414
#pragma once
#include<windows.h>
#ifndef _WIN64
typedef
_Return_type_success_
(
return
>=
0
)
LONG
NTSTATUS
;
typedef
NTSTATUS
*
PNTSTATUS
;
#endif // !_WIN64
#define STATUS_INFO_LENGTH_MISMATCH 0xc0000004
#define SystemHandleInformation 16
#define ObjectBasicInformation 0
#define ObjectNameInformation 1
#define ObjectTypeInformation 2
/*
* 函数指针、数据结构以及宏参考如下仓库
* https://github.com/winsiderss/systeminformer
...
...
@@ -110,6 +121,58 @@ typedef struct _SECTION_IMAGE_INFORMATION
ULONG
CheckSum
;
}
SECTION_IMAGE_INFORMATION
,
*
PSECTION_IMAGE_INFORMATION
;
typedef
struct
_SYSTEM_HANDLE
{
ULONG
ProcessId
;
BYTE
ObjectTypeNumber
;
BYTE
Flags
;
USHORT
Handle
;
PVOID
Object
;
ACCESS_MASK
GrantedAccess
;
}
SYSTEM_HANDLE
,
*
PSYSTEM_HANDLE
;
typedef
struct
_SYSTEM_HANDLE_INFORMATION
{
ULONG
HandleCount
;
SYSTEM_HANDLE
Handles
[
1
];
}
SYSTEM_HANDLE_INFORMATION
,
*
PSYSTEM_HANDLE_INFORMATION
;
typedef
enum
_POOL_TYPE
{
NonPagedPool
,
PagedPool
,
NonPagedPoolMustSucceed
,
DontUseThisType
,
NonPagedPoolCacheAligned
,
PagedPoolCacheAligned
,
NonPagedPoolCacheAlignedMustS
}
POOL_TYPE
,
*
PPOOL_TYPE
;
typedef
struct
_OBJECT_TYPE_INFORMATION
{
UNICODE_STRING
Name
;
ULONG
TotalNumberOfObjects
;
ULONG
TotalNumberOfHandles
;
ULONG
TotalPagedPoolUsage
;
ULONG
TotalNonPagedPoolUsage
;
ULONG
TotalNamePoolUsage
;
ULONG
TotalHandleTableUsage
;
ULONG
HighWaterNumberOfObjects
;
ULONG
HighWaterNumberOfHandles
;
ULONG
HighWaterPagedPoolUsage
;
ULONG
HighWaterNonPagedPoolUsage
;
ULONG
HighWaterNamePoolUsage
;
ULONG
HighWaterHandleTableUsage
;
ULONG
InvalidAttributes
;
GENERIC_MAPPING
GenericMapping
;
ULONG
ValidAccess
;
BOOLEAN
SecurityRequired
;
BOOLEAN
MaintainHandleCount
;
USHORT
MaintainTypeList
;
POOL_TYPE
PoolType
;
ULONG
PagedPoolUsage
;
ULONG
NonPagedPoolUsage
;
}
OBJECT_TYPE_INFORMATION
,
*
POBJECT_TYPE_INFORMATION
;
typedef
NTSYSCALLAPI
...
...
@@ -184,4 +247,41 @@ NTSTATUS
(
NTAPI
*
pNtClose
)(
_In_
_Post_ptr_invalid_
HANDLE
Handle
);
typedef
NTSYSCALLAPI
NTSTATUS
(
NTAPI
*
pNtQuerySystemInformation
)(
ULONG
SystemInformationClass
,
PVOID
SystemInformation
,
ULONG
SystemInformationLength
,
PULONG
ReturnLength
);
typedef
NTSYSCALLAPI
NTSTATUS
(
NTAPI
*
pNtDuplicateObject
)(
HANDLE
SourceProcessHandle
,
HANDLE
SourceHandle
,
HANDLE
TargetProcessHandle
,
PHANDLE
TargetHandle
,
ACCESS_MASK
DesiredAccess
,
ULONG
Attributes
,
ULONG
Options
);
typedef
NTSYSCALLAPI
NTSTATUS
(
NTAPI
*
pNtQueryObject
)(
HANDLE
ObjectHandle
,
ULONG
ObjectInformationClass
,
PVOID
ObjectInformation
,
ULONG
ObjectInformationLength
,
PULONG
ReturnLength
);
\ No newline at end of file
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录