Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
Crossin的编程教室
ComWeChatRobot
提交
7fc9898a
C
ComWeChatRobot
项目概览
Crossin的编程教室
/
ComWeChatRobot
与 Fork 源项目一致
从无法访问的项目Fork
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
C
ComWeChatRobot
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
7fc9898a
编写于
9月 19, 2022
作者:
L
ljc545w
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
fix known bugs
上级
0d67151c
变更
7
隐藏空白更改
内联
并排
Showing
7 changed file
with
39 addition
and
28 deletion
+39
-28
DWeChatRobot/GetDbHandles.cpp
DWeChatRobot/GetDbHandles.cpp
+1
-0
DWeChatRobot/ReceiveMessage.cpp
DWeChatRobot/ReceiveMessage.cpp
+38
-28
Release/CWeChatRobot.exe
Release/CWeChatRobot.exe
+0
-0
Release/DWeChatRobot.dll
Release/DWeChatRobot.dll
+0
-0
Release/socket/SWeChatRobot.dll
Release/socket/SWeChatRobot.dll
+0
-0
Release/socket/wxDriver.dll
Release/socket/wxDriver.dll
+0
-0
Release/socket/wxDriver64.dll
Release/socket/wxDriver64.dll
+0
-0
未找到文件。
DWeChatRobot/GetDbHandles.cpp
浏览文件 @
7fc9898a
...
...
@@ -65,6 +65,7 @@ DWORD GetDbHandlesRemote()
vector
<
void
*>
GetDbHandles
()
{
dbs
.
clear
();
dbmap
.
clear
();
DWORD
WeChatWinBase
=
GetWeChatWinBase
();
DWORD
SqlHandleBaseAddr
=
WeChatWinBase
+
SqlHandleMicroMsgOffset
;
DWORD
SqlHandleBeginAddr
=
0x0
;
...
...
DWeChatRobot/ReceiveMessage.cpp
浏览文件 @
7fc9898a
...
...
@@ -23,9 +23,9 @@ using namespace std;
#define SendMessageNextCallOffset 0x78AA8170 - 0x786A0000
// 撤回消息的HOOK地址偏移
#define
Revok
eMessageHookOffset 0x5D6D8A4C - 0x5D1F0000
#define
Updat
eMessageHookOffset 0x5D6D8A4C - 0x5D1F0000
// 撤回消息HOOK的CALL偏移
#define
Revok
eMessageNextCallOffset 0x5D6D3430 - 0x5D1F0000
#define
Updat
eMessageNextCallOffset 0x5D6D3430 - 0x5D1F0000
#define READ_WSTRING(addr, offset) ((*(DWORD *)(addr + offset + 0x4) == 0) ? wstring(L"") : wstring((wchar_t *)(*(DWORD *)(addr + offset)), *(DWORD *)(addr + offset + 0x4)))
...
...
@@ -36,7 +36,7 @@ BOOL ReceiveMessageHooked = false;
// 保存HOOK前的字节码,用于恢复
static
char
OldReceiveMessageAsmCode
[
5
]
=
{
0
};
static
char
OldSendMessageAsmCode
[
5
]
=
{
0
};
static
char
Old
Revok
eMessageAsmCode
[
5
]
=
{
0
};
static
char
Old
Updat
eMessageAsmCode
[
5
]
=
{
0
};
static
DWORD
WeChatWinBase
=
GetWeChatWinBase
();
// 接收消息HOOK地址
static
DWORD
ReceiveMessageHookAddress
=
WeChatWinBase
+
ReceiveMessageHookOffset
;
...
...
@@ -51,11 +51,11 @@ static DWORD SendMessageNextCall = WeChatWinBase + SendMessageNextCallOffset;
// 发送HOOK的跳转地址
static
DWORD
SendMessageJmpBackAddress
=
SendMessageHookAddress
+
0x5
;
// 撤回消息HOOK地址
static
DWORD
RevokeMessageHookAddress
=
WeChatWinBase
+
Revok
eMessageHookOffset
;
static
DWORD
UpdateMessageHookAddress
=
WeChatWinBase
+
Updat
eMessageHookOffset
;
// 撤回消息HOOK的CALL地址
static
DWORD
RevokeMessageNextCall
=
WeChatWinBase
+
Revok
eMessageNextCallOffset
;
static
DWORD
UpdateMessageNextCall
=
WeChatWinBase
+
Updat
eMessageNextCallOffset
;
// 撤回HOOK的跳转地址
static
DWORD
RevokeMessageJmpBackAddress
=
Revok
eMessageHookAddress
+
0x5
;
static
DWORD
UpdateMessageJmpBackAddress
=
Updat
eMessageHookAddress
+
0x5
;
struct
SocketMessageStruct
{
...
...
@@ -136,12 +136,6 @@ void SendSocketMessageInThread(SocketMessageStruct *param)
{
return
;
}
/*int dbIndex;
while (jMsg["localId"].get<unsigned int>() == 0)
{
jMsg["localId"] = GetLocalIdByMsgId(jMsg["msgid"].get<ULONG64>(),dbIndex);
Sleep(200);
}*/
string
jstr
=
jMsg
.
dump
()
+
"
\n
"
;
#ifdef USE_COM
// 通过连接点,将消息广播给客户端;将广播过程放在线程中完成,客户端才可以等待图片、语音落地
...
...
@@ -174,8 +168,6 @@ static void dealMessage(DWORD messageAddr)
if
(
jMsg
[
"type"
].
get
<
int
>
()
!=
10000
)
{
jMsg
[
"filepath"
]
=
unicode_to_utf8
((
wchar_t
*
)
READ_WSTRING
(
messageAddr
,
0x1AC
).
c_str
());
/*string extrabuf = base64_encode((BYTE *)(*(DWORD *)(messageAddr + 0x8C)), *(DWORD *)(messageAddr + 0x8C + 0x4));
jMsg["extrainfo"] = extrabuf;*/
jMsg
[
"extrainfo"
]
=
unicode_to_utf8
((
wchar_t
*
)
READ_WSTRING
(
messageAddr
,
0x1EC
).
c_str
());
}
else
...
...
@@ -199,11 +191,9 @@ static void dealMessage(DWORD messageAddr)
}
/*
* 消息处理函数,根据消息缓冲区组装结构并存入容器
* messageAddr:保存消息的缓冲区地址
* return:void
* 处理从网络同步的消息(他人发送或使用手机发送的消息)
*/
VOID
ReceiveMessage
(
DWORD
messagesAddr
)
void
On
ReceiveMessage
(
DWORD
messagesAddr
)
{
DWORD
*
messages
=
(
DWORD
*
)
messagesAddr
;
for
(
DWORD
messageAddr
=
messages
[
0
];
messageAddr
<
messages
[
1
];
messageAddr
+=
0x298
)
...
...
@@ -212,6 +202,26 @@ VOID ReceiveMessage(DWORD messagesAddr)
}
}
/*
* 处理本地发送的消息
*/
void
OnSendMessage
(
DWORD
messageAddr
)
{
BOOL
isSendMsg
=
*
(
BOOL
*
)(
messageAddr
+
0x3C
);
if
(
!
isSendMsg
)
return
;
dealMessage
(
messageAddr
);
}
/*
* 处理更新的消息,目前只处理撤回的消息
*/
void
OnUpdateMessage
(
DWORD
messageAddr
)
{
// DWORD type = *(DWORD *)(messageAddr + 0x38);
dealMessage
(
messageAddr
);
}
/*
* HOOK的具体实现,接收到消息后调用处理函数
*/
...
...
@@ -221,7 +231,7 @@ _declspec(naked) void dealReceiveMessage()
pushad
;
pushfd
;
push
edi
;
call
ReceiveMessage
;
call
On
ReceiveMessage
;
add
esp
,
0x4
;
popfd
;
popad
;
...
...
@@ -239,7 +249,7 @@ _declspec(naked) void dealSendMessage()
pushad
;
pushfd
;
push
edi
;
call
deal
Message
;
call
OnSend
Message
;
add
esp
,
0x4
;
popfd
;
popad
;
...
...
@@ -257,12 +267,12 @@ _declspec(naked) void dealRevokeMessage()
pushad
;
pushfd
;
push
edi
;
call
deal
Message
;
call
OnUpdate
Message
;
add
esp
,
0x4
;
popfd
;
popad
;
call
Revok
eMessageNextCall
;
jmp
Revok
eMessageJmpBackAddress
;
call
Updat
eMessageNextCall
;
jmp
Updat
eMessageJmpBackAddress
;
}
}
...
...
@@ -282,12 +292,12 @@ VOID HookReceiveMessage(int port)
SendMessageHookAddress
=
WeChatWinBase
+
SendMessageHookOffset
;
SendMessageNextCall
=
WeChatWinBase
+
SendMessageNextCallOffset
;
SendMessageJmpBackAddress
=
SendMessageHookAddress
+
0x5
;
RevokeMessageHookAddress
=
WeChatWinBase
+
Revok
eMessageHookOffset
;
RevokeMessageNextCall
=
WeChatWinBase
+
Revok
eMessageNextCallOffset
;
RevokeMessageJmpBackAddress
=
Revok
eMessageHookAddress
+
0x5
;
UpdateMessageHookAddress
=
WeChatWinBase
+
Updat
eMessageHookOffset
;
UpdateMessageNextCall
=
WeChatWinBase
+
Updat
eMessageNextCallOffset
;
UpdateMessageJmpBackAddress
=
Updat
eMessageHookAddress
+
0x5
;
HookAnyAddress
(
ReceiveMessageHookAddress
,
(
LPVOID
)
dealReceiveMessage
,
OldReceiveMessageAsmCode
);
HookAnyAddress
(
SendMessageHookAddress
,
(
LPVOID
)
dealSendMessage
,
OldSendMessageAsmCode
);
HookAnyAddress
(
RevokeMessageHookAddress
,
(
LPVOID
)
dealRevokeMessage
,
OldRevok
eMessageAsmCode
);
HookAnyAddress
(
UpdateMessageHookAddress
,
(
LPVOID
)
dealRevokeMessage
,
OldUpdat
eMessageAsmCode
);
ReceiveMessageHooked
=
TRUE
;
}
...
...
@@ -302,6 +312,6 @@ VOID UnHookReceiveMessage()
return
;
UnHookAnyAddress
(
ReceiveMessageHookAddress
,
OldReceiveMessageAsmCode
);
UnHookAnyAddress
(
SendMessageHookAddress
,
OldSendMessageAsmCode
);
UnHookAnyAddress
(
RevokeMessageHookAddress
,
OldRevok
eMessageAsmCode
);
UnHookAnyAddress
(
UpdateMessageHookAddress
,
OldUpdat
eMessageAsmCode
);
ReceiveMessageHooked
=
FALSE
;
}
Release/CWeChatRobot.exe
浏览文件 @
7fc9898a
无法预览此类型文件
Release/DWeChatRobot.dll
浏览文件 @
7fc9898a
无法预览此类型文件
Release/socket/SWeChatRobot.dll
浏览文件 @
7fc9898a
无法预览此类型文件
Release/socket/wxDriver.dll
浏览文件 @
7fc9898a
无法预览此类型文件
Release/socket/wxDriver64.dll
浏览文件 @
7fc9898a
无法预览此类型文件
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录