Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
Crossin的编程教室
ComWeChatRobot
提交
fdb9f600
C
ComWeChatRobot
项目概览
Crossin的编程教室
/
ComWeChatRobot
与 Fork 源项目一致
从无法访问的项目Fork
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
C
ComWeChatRobot
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
fdb9f600
编写于
10月 22, 2022
作者:
J
Jack Li
提交者:
GitHub
10月 22, 2022
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #150 from ljc545w/fix/bugs
修复COM只能获取一个数据库句柄
上级
042327af
2369f900
变更
7
隐藏空白更改
内联
并排
Showing
7 changed file
with
331 addition
and
255 deletion
+331
-255
CWeChatRobot/FriendList.cpp
CWeChatRobot/FriendList.cpp
+228
-186
CWeChatRobot/GetDbHandles.cpp
CWeChatRobot/GetDbHandles.cpp
+63
-38
DWeChatRobot/FriendList.cpp
DWeChatRobot/FriendList.cpp
+22
-14
DWeChatRobot/SendFile.cpp
DWeChatRobot/SendFile.cpp
+2
-4
DWeChatRobot/wxdata.h
DWeChatRobot/wxdata.h
+7
-1
DWeChatRobot/wxsocket.cpp
DWeChatRobot/wxsocket.cpp
+2
-0
Python/com/wxRobot.py
Python/com/wxRobot.py
+7
-12
未找到文件。
CWeChatRobot/FriendList.cpp
浏览文件 @
fdb9f600
#include "pch.h"
struct
WxFriendAddrStruct
{
DWORD
wxIdAddr
;
DWORD
wxNumberAddr
;
DWORD
wxNickNameAddr
;
DWORD
wxRemarkAddr
;
struct
WxFriendAddrStruct
{
DWORD
wxIdAddr
;
DWORD
wxNumberAddr
;
DWORD
wxNickNameAddr
;
DWORD
wxRemarkAddr
;
DWORD
wxTypeAddr
;
DWORD
wxVerifyFlagAddr
;
};
struct
WxFriendStruct
{
wchar_t
*
wxId
;
wchar_t
*
wxNumber
;
wchar_t
*
wxNickName
;
wchar_t
*
wxRemark
;
struct
WxFriendStruct
{
wchar_t
*
wxId
;
wchar_t
*
wxNumber
;
wchar_t
*
wxNickName
;
wchar_t
*
wxRemark
;
DWORD
wxType
;
DWORD
wxVerifyFlag
;
};
WxFriendStruct
*
WxFriendList
;
WxFriendStruct
*
WxFriendList
;
void
ReadFriendMessageByAddress
(
HANDLE
hProcess
,
WxFriendAddrStruct
*
lpWxFriendAddr
,
WxFriendStruct
*
lpWxFriend
)
{
DWORD
length
=
0
;
DWORD
bufferaddr
=
0
;
void
ReadFriendMessageByAddress
(
HANDLE
hProcess
,
WxFriendAddrStruct
*
lpWxFriendAddr
,
WxFriendStruct
*
lpWxFriend
)
{
DWORD
length
=
0
;
DWORD
bufferaddr
=
0
;
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)(
lpWxFriendAddr
->
wxIdAddr
+
0x4
),
&
length
,
sizeof
(
DWORD
),
0
);
if
(
length
)
{
lpWxFriend
->
wxId
=
new
wchar_t
[
length
+
1
];
//(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if
(
lpWxFriend
->
wxId
)
{
ZeroMemory
(
lpWxFriend
->
wxId
,
sizeof
(
wchar_t
)
*
(
length
+
1
));
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
lpWxFriendAddr
->
wxIdAddr
,
&
bufferaddr
,
sizeof
(
DWORD
),
0
);
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
bufferaddr
,
lpWxFriend
->
wxId
,
length
*
sizeof
(
wchar_t
),
0
);
}
}
else
{
lpWxFriend
->
wxId
=
L"null"
;
}
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)(
lpWxFriendAddr
->
wxIdAddr
+
0x4
),
&
length
,
sizeof
(
DWORD
),
0
);
if
(
length
)
{
lpWxFriend
->
wxId
=
new
wchar_t
[
length
+
1
];
//(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if
(
lpWxFriend
->
wxId
)
{
ZeroMemory
(
lpWxFriend
->
wxId
,
sizeof
(
wchar_t
)
*
(
length
+
1
));
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
lpWxFriendAddr
->
wxIdAddr
,
&
bufferaddr
,
sizeof
(
DWORD
),
0
);
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
bufferaddr
,
lpWxFriend
->
wxId
,
length
*
sizeof
(
wchar_t
),
0
);
}
}
else
{
lpWxFriend
->
wxId
=
L"null"
;
}
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)(
lpWxFriendAddr
->
wxNumberAddr
+
0x4
),
&
length
,
sizeof
(
DWORD
),
0
);
if
(
length
)
{
lpWxFriend
->
wxNumber
=
new
wchar_t
[
length
+
1
];
//(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if
(
lpWxFriend
->
wxNumber
)
{
ZeroMemory
(
lpWxFriend
->
wxNumber
,
sizeof
(
wchar_t
)
*
(
length
+
1
));
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
lpWxFriendAddr
->
wxNumberAddr
,
&
bufferaddr
,
sizeof
(
DWORD
),
0
);
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
bufferaddr
,
lpWxFriend
->
wxNumber
,
length
*
sizeof
(
wchar_t
),
0
);
}
}
else
{
lpWxFriend
->
wxNumber
=
L"null"
;
}
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)(
lpWxFriendAddr
->
wxNumberAddr
+
0x4
),
&
length
,
sizeof
(
DWORD
),
0
);
if
(
length
)
{
lpWxFriend
->
wxNumber
=
new
wchar_t
[
length
+
1
];
//(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if
(
lpWxFriend
->
wxNumber
)
{
ZeroMemory
(
lpWxFriend
->
wxNumber
,
sizeof
(
wchar_t
)
*
(
length
+
1
));
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
lpWxFriendAddr
->
wxNumberAddr
,
&
bufferaddr
,
sizeof
(
DWORD
),
0
);
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
bufferaddr
,
lpWxFriend
->
wxNumber
,
length
*
sizeof
(
wchar_t
),
0
);
}
}
else
{
lpWxFriend
->
wxNumber
=
L"null"
;
}
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)(
lpWxFriendAddr
->
wxNickNameAddr
+
0x4
),
&
length
,
sizeof
(
DWORD
),
0
);
if
(
length
)
{
lpWxFriend
->
wxNickName
=
new
wchar_t
[
length
+
1
];
//(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if
(
lpWxFriend
->
wxNickName
)
{
ZeroMemory
(
lpWxFriend
->
wxNickName
,
sizeof
(
wchar_t
)
*
(
length
+
1
));
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
lpWxFriendAddr
->
wxNickNameAddr
,
&
bufferaddr
,
sizeof
(
DWORD
),
0
);
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
bufferaddr
,
lpWxFriend
->
wxNickName
,
length
*
sizeof
(
wchar_t
),
0
);
}
}
else
{
lpWxFriend
->
wxNickName
=
L"null"
;
}
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)(
lpWxFriendAddr
->
wxNickNameAddr
+
0x4
),
&
length
,
sizeof
(
DWORD
),
0
);
if
(
length
)
{
lpWxFriend
->
wxNickName
=
new
wchar_t
[
length
+
1
];
//(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if
(
lpWxFriend
->
wxNickName
)
{
ZeroMemory
(
lpWxFriend
->
wxNickName
,
sizeof
(
wchar_t
)
*
(
length
+
1
));
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
lpWxFriendAddr
->
wxNickNameAddr
,
&
bufferaddr
,
sizeof
(
DWORD
),
0
);
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
bufferaddr
,
lpWxFriend
->
wxNickName
,
length
*
sizeof
(
wchar_t
),
0
);
}
}
else
{
lpWxFriend
->
wxNickName
=
L"null"
;
}
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)(
lpWxFriendAddr
->
wxRemarkAddr
+
0x4
),
&
length
,
sizeof
(
DWORD
),
0
);
if
(
length
)
{
lpWxFriend
->
wxRemark
=
new
wchar_t
[
length
+
1
];
//(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if
(
lpWxFriend
->
wxRemark
)
{
ZeroMemory
(
lpWxFriend
->
wxRemark
,
sizeof
(
wchar_t
)
*
(
length
+
1
));
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
lpWxFriendAddr
->
wxRemarkAddr
,
&
bufferaddr
,
sizeof
(
DWORD
),
0
);
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
bufferaddr
,
lpWxFriend
->
wxRemark
,
length
*
sizeof
(
wchar_t
),
0
);
}
}
else
{
lpWxFriend
->
wxRemark
=
L"null"
;
}
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)(
lpWxFriendAddr
->
wxRemarkAddr
+
0x4
),
&
length
,
sizeof
(
DWORD
),
0
);
if
(
length
)
{
lpWxFriend
->
wxRemark
=
new
wchar_t
[
length
+
1
];
//(wchar_t*)malloc(sizeof(wchar_t) * (length + 1));
if
(
lpWxFriend
->
wxRemark
)
{
ZeroMemory
(
lpWxFriend
->
wxRemark
,
sizeof
(
wchar_t
)
*
(
length
+
1
));
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
lpWxFriendAddr
->
wxRemarkAddr
,
&
bufferaddr
,
sizeof
(
DWORD
),
0
);
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
bufferaddr
,
lpWxFriend
->
wxRemark
,
length
*
sizeof
(
wchar_t
),
0
);
}
}
else
{
lpWxFriend
->
wxRemark
=
L"null"
;
}
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)(
lpWxFriendAddr
->
wxTypeAddr
),
&
lpWxFriend
->
wxType
,
sizeof
(
DWORD
),
0
);
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)(
lpWxFriendAddr
->
wxVerifyFlagAddr
),
&
lpWxFriend
->
wxVerifyFlag
,
sizeof
(
DWORD
),
0
);
}
void
FreeWxFriend
(
int
index
)
{
delete
[]
WxFriendList
[
index
].
wxId
;
WxFriendList
[
index
].
wxId
=
NULL
;
if
(
StrCmpW
(
WxFriendList
[
index
].
wxNumber
,
L"null"
)
!=
0
)
{
delete
[]
WxFriendList
[
index
].
wxNumber
;
WxFriendList
[
index
].
wxNumber
=
NULL
;
};
if
(
StrCmpW
(
WxFriendList
[
index
].
wxNickName
,
L"null"
)
!=
0
)
{
delete
[]
WxFriendList
[
index
].
wxNickName
;
WxFriendList
[
index
].
wxNickName
=
NULL
;
};
if
(
StrCmpW
(
WxFriendList
[
index
].
wxRemark
,
L"null"
)
!=
0
)
{
delete
[]
WxFriendList
[
index
].
wxRemark
;
WxFriendList
[
index
].
wxRemark
=
NULL
;
};
void
FreeWxFriend
(
int
index
)
{
delete
[]
WxFriendList
[
index
].
wxId
;
WxFriendList
[
index
].
wxId
=
NULL
;
if
(
StrCmpW
(
WxFriendList
[
index
].
wxNumber
,
L"null"
)
!=
0
)
{
delete
[]
WxFriendList
[
index
].
wxNumber
;
WxFriendList
[
index
].
wxNumber
=
NULL
;
};
if
(
StrCmpW
(
WxFriendList
[
index
].
wxNickName
,
L"null"
)
!=
0
)
{
delete
[]
WxFriendList
[
index
].
wxNickName
;
WxFriendList
[
index
].
wxNickName
=
NULL
;
};
if
(
StrCmpW
(
WxFriendList
[
index
].
wxRemark
,
L"null"
)
!=
0
)
{
delete
[]
WxFriendList
[
index
].
wxRemark
;
WxFriendList
[
index
].
wxRemark
=
NULL
;
};
}
SAFEARRAY
*
CreateFriendArray
(
int
FriendCount
)
{
HRESULT
hr
=
S_OK
;
SAFEARRAY
*
psaValue
;
vector
<
wstring
>
FriendInfoKey
=
{
L"wxid"
,
L"wxNumber"
,
L"wxNickName"
,
L"wxRemark"
,
};
SAFEARRAYBOUND
rgsaBound
[
3
]
=
{
{(
ULONG
)
FriendCount
,
0
},{
FriendInfoKey
.
size
(),
0
},{
2
,
0
}
};
psaValue
=
SafeArrayCreate
(
VT_VARIANT
,
3
,
rgsaBound
);
for
(
long
x
=
0
;
x
<
FriendCount
;
x
++
)
{
vector
<
wstring
>
FriendInfoValue
=
{
WxFriendList
[
x
].
wxId
,
WxFriendList
[
x
].
wxNumber
,
WxFriendList
[
x
].
wxNickName
,
WxFriendList
[
x
].
wxRemark
};
for
(
unsigned
long
i
=
0
;
i
<
FriendInfoKey
.
size
();
i
++
)
{
long
keyIndex
[
3
]
=
{
x
,(
long
)
i
,
0
};
hr
=
SafeArrayPutElement
(
psaValue
,
keyIndex
,
&
(
_variant_t
)
FriendInfoKey
[
i
].
c_str
());
long
valueIndex
[
3
]
=
{
x
,(
long
)
i
,
1
};
hr
=
SafeArrayPutElement
(
psaValue
,
valueIndex
,
&
(
_variant_t
)
FriendInfoValue
[
i
].
c_str
());
}
FriendInfoValue
.
clear
();
}
return
psaValue
;
SAFEARRAY
*
CreateFriendArray
(
int
FriendCount
)
{
HRESULT
hr
=
S_OK
;
SAFEARRAY
*
psaValue
;
vector
<
wstring
>
FriendInfoKey
=
{
L"wxid"
,
L"wxNumber"
,
L"wxNickName"
,
L"wxRemark"
,
L"wxType"
,
L"wxVerifyFlag"
,
};
SAFEARRAYBOUND
rgsaBound
[
3
]
=
{{(
ULONG
)
FriendCount
,
0
},
{
FriendInfoKey
.
size
(),
0
},
{
2
,
0
}};
psaValue
=
SafeArrayCreate
(
VT_VARIANT
,
3
,
rgsaBound
);
for
(
long
x
=
0
;
x
<
FriendCount
;
x
++
)
{
long
keyIndex
[
3
]
=
{
x
,
0
,
0
},
valueIndex
[
3
]
=
{
x
,
0
,
1
};
vector
<
wstring
>
FriendInfoValue
=
{
WxFriendList
[
x
].
wxId
,
WxFriendList
[
x
].
wxNumber
,
WxFriendList
[
x
].
wxNickName
,
WxFriendList
[
x
].
wxRemark
};
for
(
unsigned
long
i
=
0
;
i
<
FriendInfoValue
.
size
();
i
++
)
{
keyIndex
[
1
]
=
i
;
valueIndex
[
1
]
=
i
;
hr
=
SafeArrayPutElement
(
psaValue
,
keyIndex
,
&
(
_variant_t
)
FriendInfoKey
[
i
].
c_str
());
hr
=
SafeArrayPutElement
(
psaValue
,
valueIndex
,
&
(
_variant_t
)
FriendInfoValue
[
i
].
c_str
());
}
keyIndex
[
1
]
=
4
;
valueIndex
[
1
]
=
4
;
hr
=
SafeArrayPutElement
(
psaValue
,
keyIndex
,
&
(
_variant_t
)
FriendInfoKey
[
4
].
c_str
());
hr
=
SafeArrayPutElement
(
psaValue
,
valueIndex
,
&
(
_variant_t
)
WxFriendList
[
x
].
wxType
);
keyIndex
[
1
]
=
5
;
valueIndex
[
1
]
=
5
;
hr
=
SafeArrayPutElement
(
psaValue
,
keyIndex
,
&
(
_variant_t
)
FriendInfoKey
[
5
].
c_str
());
hr
=
SafeArrayPutElement
(
psaValue
,
valueIndex
,
&
(
_variant_t
)
WxFriendList
[
x
].
wxVerifyFlag
);
FriendInfoValue
.
clear
();
}
return
psaValue
;
}
SAFEARRAY
*
GetFriendList
(
DWORD
pid
)
{
WeChatProcess
hp
(
pid
);
if
(
!
hp
.
m_init
)
return
NULL
;
DWORD
GetFriendListInitAddr
=
hp
.
GetProcAddr
(
GetFriendListInit
);
DWORD
GetFriendListRemoteAddr
=
hp
.
GetProcAddr
(
GetFriendListRemote
);
DWORD
GetFriendListFinishAddr
=
hp
.
GetProcAddr
(
GetFriendListFinish
);
if
(
GetFriendListInitAddr
==
0
||
GetFriendListRemoteAddr
==
0
||
GetFriendListFinishAddr
==
0
)
return
NULL
;
DWORD
FriendCount
=
0
;
DWORD
dwHandle
=
0
;
// 获取好友列表的长度
FriendCount
=
CallRemoteFunction
(
hp
.
GetHandle
(),
GetFriendListInitAddr
,
NULL
);
// 获取保存第一个好友的数据指针的结构体首地址
dwHandle
=
CallRemoteFunction
(
hp
.
GetHandle
(),
GetFriendListRemoteAddr
,
NULL
);
SAFEARRAY
*
GetFriendList
(
DWORD
pid
)
{
WeChatProcess
hp
(
pid
);
if
(
!
hp
.
m_init
)
return
NULL
;
DWORD
GetFriendListInitAddr
=
hp
.
GetProcAddr
(
GetFriendListInit
);
DWORD
GetFriendListRemoteAddr
=
hp
.
GetProcAddr
(
GetFriendListRemote
);
DWORD
GetFriendListFinishAddr
=
hp
.
GetProcAddr
(
GetFriendListFinish
);
if
(
GetFriendListInitAddr
==
0
||
GetFriendListRemoteAddr
==
0
||
GetFriendListFinishAddr
==
0
)
return
NULL
;
DWORD
FriendCount
=
0
;
DWORD
dwHandle
=
0
;
// 获取好友列表的长度
FriendCount
=
CallRemoteFunction
(
hp
.
GetHandle
(),
GetFriendListInitAddr
,
NULL
);
// 获取保存第一个好友的数据指针的结构体首地址
dwHandle
=
CallRemoteFunction
(
hp
.
GetHandle
(),
GetFriendListRemoteAddr
,
NULL
);
WxFriendAddrStruct
WxFriendAddr
=
{
0
};
// 根据好友数量初始化全局变量
WxFriendList
=
new
WxFriendStruct
[
FriendCount
];
if
(
dwHandle
==
0
)
return
NULL
;
for
(
unsigned
int
i
=
0
;
i
<
FriendCount
;
i
++
)
{
WxFriendList
[
i
]
=
{
0
};
ZeroMemory
(
&
WxFriendAddr
,
sizeof
(
WxFriendAddrStruct
));
ReadProcessMemory
(
hp
.
GetHandle
(),
(
LPCVOID
)
dwHandle
,
&
WxFriendAddr
,
sizeof
(
WxFriendAddrStruct
),
0
);
ReadFriendMessageByAddress
(
hp
.
GetHandle
(),
&
WxFriendAddr
,
&
WxFriendList
[
i
]);
// 保存下一个好友数据的结构体
dwHandle
+=
sizeof
(
WxFriendAddrStruct
);
}
// 清除微信进程空间中的缓存
CallRemoteFunction
(
hp
.
GetHandle
(),
GetFriendListFinishAddr
,
NULL
);
SAFEARRAY
*
psaValue
=
CreateFriendArray
(
FriendCount
);
for
(
unsigned
int
i
=
0
;
i
<
FriendCount
;
i
++
)
{
FreeWxFriend
(
i
);
}
delete
[]
WxFriendList
;
WxFriendList
=
NULL
;
return
psaValue
;
WxFriendAddrStruct
WxFriendAddr
=
{
0
};
// 根据好友数量初始化全局变量
WxFriendList
=
new
WxFriendStruct
[
FriendCount
];
if
(
dwHandle
==
0
)
return
NULL
;
for
(
unsigned
int
i
=
0
;
i
<
FriendCount
;
i
++
)
{
WxFriendList
[
i
]
=
{
0
};
ZeroMemory
(
&
WxFriendAddr
,
sizeof
(
WxFriendAddrStruct
));
ReadProcessMemory
(
hp
.
GetHandle
(),
(
LPCVOID
)
dwHandle
,
&
WxFriendAddr
,
sizeof
(
WxFriendAddrStruct
),
0
);
ReadFriendMessageByAddress
(
hp
.
GetHandle
(),
&
WxFriendAddr
,
&
WxFriendList
[
i
]);
// 保存下一个好友数据的结构体
dwHandle
+=
sizeof
(
WxFriendAddrStruct
);
}
// 清除微信进程空间中的缓存
CallRemoteFunction
(
hp
.
GetHandle
(),
GetFriendListFinishAddr
,
NULL
);
SAFEARRAY
*
psaValue
=
CreateFriendArray
(
FriendCount
);
for
(
unsigned
int
i
=
0
;
i
<
FriendCount
;
i
++
)
{
FreeWxFriend
(
i
);
}
delete
[]
WxFriendList
;
WxFriendList
=
NULL
;
return
psaValue
;
}
std
::
wstring
GetFriendListString
(
DWORD
pid
)
{
WeChatProcess
hp
(
pid
);
if
(
!
hp
.
m_init
)
return
L"[]"
;
DWORD
GetFriendListInitAddr
=
hp
.
GetProcAddr
(
GetFriendListInit
);
DWORD
GetFriendListRemoteAddr
=
hp
.
GetProcAddr
(
GetFriendListRemote
);
DWORD
GetFriendListFinishAddr
=
hp
.
GetProcAddr
(
GetFriendListFinish
);
DWORD
FriendCount
=
0
;
DWORD
dwHandle
=
0
;
// 获取好友列表的长度
FriendCount
=
CallRemoteFunction
(
hp
.
GetHandle
(),
GetFriendListInitAddr
,
NULL
);
// 获取保存第一个好友的数据指针的结构体首地址
dwHandle
=
CallRemoteFunction
(
hp
.
GetHandle
(),
GetFriendListRemoteAddr
,
NULL
);
WxFriendAddrStruct
WxFriendAddr
=
{
0
};
// 根据好友数量初始化全局变量
WxFriendList
=
new
WxFriendStruct
[
FriendCount
];
if
(
dwHandle
==
0
)
return
L"[]"
;
for
(
unsigned
int
i
=
0
;
i
<
FriendCount
;
i
++
)
{
WxFriendList
[
i
]
=
{
0
};
ZeroMemory
(
&
WxFriendAddr
,
sizeof
(
WxFriendAddrStruct
));
ReadProcessMemory
(
hp
.
GetHandle
(),
(
LPCVOID
)
dwHandle
,
&
WxFriendAddr
,
sizeof
(
WxFriendAddrStruct
),
0
);
ReadFriendMessageByAddress
(
hp
.
GetHandle
(),
&
WxFriendAddr
,
&
WxFriendList
[
i
]);
// 保存下一个好友数据的结构体
dwHandle
+=
sizeof
(
WxFriendAddrStruct
);
}
// 清除微信进程空间中的缓存
CallRemoteFunction
(
hp
.
GetHandle
(),
GetFriendListFinishAddr
,
NULL
);
wstring
message
=
L"["
;
// 构造结构化的数据
for
(
unsigned
int
i
=
0
;
i
<
FriendCount
;
i
++
)
{
message
=
message
+
L"{
\"
wxid
\"
:
\"
"
+
WxFriendList
[
i
].
wxId
+
L"
\"
,"
;
message
=
message
+
L"
\"
wxNumber
\"
:
\"
"
+
WxFriendList
[
i
].
wxNumber
+
L"
\"
,"
;
message
=
message
+
L"
\"
wxNickName
\"
:
\"
"
+
WxFriendList
[
i
].
wxNickName
+
L"
\"
,"
;
message
=
message
+
L"
\"
wxRemark
\"
:
\"
"
+
WxFriendList
[
i
].
wxRemark
+
L"
\"
}"
;
if
(
i
!=
FriendCount
-
1
)
message
=
message
+
L","
;
FreeWxFriend
(
i
);
}
message
=
message
+
L"]"
;
// 释放全局变量
delete
[]
WxFriendList
;
WxFriendList
=
NULL
;
return
message
;
}
\ No newline at end of file
std
::
wstring
GetFriendListString
(
DWORD
pid
)
{
WeChatProcess
hp
(
pid
);
if
(
!
hp
.
m_init
)
return
L"[]"
;
DWORD
GetFriendListInitAddr
=
hp
.
GetProcAddr
(
GetFriendListInit
);
DWORD
GetFriendListRemoteAddr
=
hp
.
GetProcAddr
(
GetFriendListRemote
);
DWORD
GetFriendListFinishAddr
=
hp
.
GetProcAddr
(
GetFriendListFinish
);
DWORD
FriendCount
=
0
;
DWORD
dwHandle
=
0
;
// 获取好友列表的长度
FriendCount
=
CallRemoteFunction
(
hp
.
GetHandle
(),
GetFriendListInitAddr
,
NULL
);
// 获取保存第一个好友的数据指针的结构体首地址
dwHandle
=
CallRemoteFunction
(
hp
.
GetHandle
(),
GetFriendListRemoteAddr
,
NULL
);
WxFriendAddrStruct
WxFriendAddr
=
{
0
};
// 根据好友数量初始化全局变量
WxFriendList
=
new
WxFriendStruct
[
FriendCount
];
if
(
dwHandle
==
0
)
return
L"[]"
;
for
(
unsigned
int
i
=
0
;
i
<
FriendCount
;
i
++
)
{
WxFriendList
[
i
]
=
{
0
};
ZeroMemory
(
&
WxFriendAddr
,
sizeof
(
WxFriendAddrStruct
));
ReadProcessMemory
(
hp
.
GetHandle
(),
(
LPCVOID
)
dwHandle
,
&
WxFriendAddr
,
sizeof
(
WxFriendAddrStruct
),
0
);
ReadFriendMessageByAddress
(
hp
.
GetHandle
(),
&
WxFriendAddr
,
&
WxFriendList
[
i
]);
// 保存下一个好友数据的结构体
dwHandle
+=
sizeof
(
WxFriendAddrStruct
);
}
// 清除微信进程空间中的缓存
CallRemoteFunction
(
hp
.
GetHandle
(),
GetFriendListFinishAddr
,
NULL
);
wstring
message
=
L"["
;
// 构造结构化的数据
for
(
unsigned
int
i
=
0
;
i
<
FriendCount
;
i
++
)
{
message
=
message
+
L"{
\"
wxid
\"
:
\"
"
+
WxFriendList
[
i
].
wxId
+
L"
\"
,"
;
message
=
message
+
L"
\"
wxNumber
\"
:
\"
"
+
WxFriendList
[
i
].
wxNumber
+
L"
\"
,"
;
message
=
message
+
L"
\"
wxNickName
\"
:
\"
"
+
WxFriendList
[
i
].
wxNickName
+
L"
\"
,"
;
message
=
message
+
L"
\"
wxRemark
\"
:
\"
"
+
WxFriendList
[
i
].
wxRemark
+
L"
\"
}"
;
if
(
i
!=
FriendCount
-
1
)
message
=
message
+
L","
;
FreeWxFriend
(
i
);
}
message
=
message
+
L"]"
;
// 释放全局变量
delete
[]
WxFriendList
;
WxFriendList
=
NULL
;
return
message
;
}
CWeChatRobot/GetDbHandles.cpp
浏览文件 @
fdb9f600
#include "pch.h"
struct
TableInfoAddrStruct
{
struct
TableInfoAddrStruct
{
DWORD
name
;
DWORD
l_name
;
DWORD
tbl_name
;
...
...
@@ -11,7 +12,8 @@ struct TableInfoAddrStruct {
DWORD
l_rootpage
;
};
struct
DbInfoAddrStruct
{
struct
DbInfoAddrStruct
{
DWORD
handle
;
DWORD
dbname
;
DWORD
l_dbname
;
...
...
@@ -24,60 +26,79 @@ struct DbInfoAddrStruct {
DWORD
v_end2
;
//
DWORD
count
;
DWORD
extrainfo
;
};
struct
TableInfoStruct
{
char
*
name
;
char
*
tbl_name
;
char
*
sql
;
char
*
rootpage
;
struct
TableInfoStruct
{
char
*
name
;
char
*
tbl_name
;
char
*
sql
;
char
*
rootpage
;
};
struct
DbInfoStruct
{
struct
DbInfoStruct
{
DWORD
handle
;
wchar_t
*
dbname
;
wchar_t
*
dbname
;
vector
<
TableInfoStruct
>
tables
;
DWORD
count
;
};
vector
<
DbInfoStruct
>
dbs
;
SAFEARRAY
*
CreateDbInfoSafeArray
()
{
SAFEARRAY
*
psaValue
;
SAFEARRAY
*
CreateDbInfoSafeArray
()
{
SAFEARRAY
*
psaValue
;
ULONG
count
=
0
;
HRESULT
hr
=
S_OK
;
for
(
unsigned
int
i
=
0
;
i
<
dbs
.
size
();
i
++
)
{
for
(
unsigned
int
i
=
0
;
i
<
dbs
.
size
();
i
++
)
{
count
+=
dbs
[
i
].
count
;
}
SAFEARRAYBOUND
rgsaBound
[
3
]
=
{
{
count
,
0
},{
6
,
0
},{
2
,
0
}
};
SAFEARRAYBOUND
rgsaBound
[
3
]
=
{
{
count
,
0
},
{
6
,
0
},
{
2
,
0
}
};
psaValue
=
SafeArrayCreate
(
VT_VARIANT
,
3
,
rgsaBound
);
long
index
=
0
;
for
(
unsigned
int
i
=
0
;
i
<
dbs
.
size
();
i
++
)
{
for
(
unsigned
int
j
=
0
;
j
<
dbs
[
i
].
tables
.
size
();
j
++
)
{
LONG
ArrayIndex
[
3
]
=
{
index
,
0
,
0
};
ArrayIndex
[
1
]
=
0
;
ArrayIndex
[
2
]
=
{
0
};
for
(
unsigned
int
i
=
0
;
i
<
dbs
.
size
();
i
++
)
{
for
(
unsigned
int
j
=
0
;
j
<
dbs
[
i
].
tables
.
size
();
j
++
)
{
LONG
ArrayIndex
[
3
]
=
{
index
,
0
,
0
};
ArrayIndex
[
1
]
=
0
;
ArrayIndex
[
2
]
=
{
0
};
hr
=
SafeArrayPutElement
(
psaValue
,
ArrayIndex
,
&
(
_variant_t
)
L"dbname"
);
ArrayIndex
[
1
]
=
0
;
ArrayIndex
[
2
]
=
{
1
};
ArrayIndex
[
1
]
=
0
;
ArrayIndex
[
2
]
=
{
1
};
hr
=
SafeArrayPutElement
(
psaValue
,
ArrayIndex
,
&
(
_variant_t
)
dbs
[
i
].
dbname
);
ArrayIndex
[
1
]
=
1
;
ArrayIndex
[
2
]
=
{
0
};
ArrayIndex
[
1
]
=
1
;
ArrayIndex
[
2
]
=
{
0
};
hr
=
SafeArrayPutElement
(
psaValue
,
ArrayIndex
,
&
(
_variant_t
)
L"Handle"
);
ArrayIndex
[
1
]
=
1
;
ArrayIndex
[
2
]
=
{
1
};
ArrayIndex
[
1
]
=
1
;
ArrayIndex
[
2
]
=
{
1
};
hr
=
SafeArrayPutElement
(
psaValue
,
ArrayIndex
,
&
(
_variant_t
)
dbs
[
i
].
handle
);
ArrayIndex
[
1
]
=
2
;
ArrayIndex
[
2
]
=
{
0
};
ArrayIndex
[
1
]
=
2
;
ArrayIndex
[
2
]
=
{
0
};
hr
=
SafeArrayPutElement
(
psaValue
,
ArrayIndex
,
&
(
_variant_t
)
L"name"
);
ArrayIndex
[
1
]
=
2
;
ArrayIndex
[
2
]
=
{
1
};
ArrayIndex
[
1
]
=
2
;
ArrayIndex
[
2
]
=
{
1
};
hr
=
SafeArrayPutElement
(
psaValue
,
ArrayIndex
,
&
(
_variant_t
)
dbs
[
i
].
tables
[
j
].
name
);
ArrayIndex
[
1
]
=
3
;
ArrayIndex
[
2
]
=
{
0
};
ArrayIndex
[
1
]
=
3
;
ArrayIndex
[
2
]
=
{
0
};
hr
=
SafeArrayPutElement
(
psaValue
,
ArrayIndex
,
&
(
_variant_t
)
L"tbl_name"
);
ArrayIndex
[
1
]
=
3
;
ArrayIndex
[
2
]
=
{
1
};
ArrayIndex
[
1
]
=
3
;
ArrayIndex
[
2
]
=
{
1
};
hr
=
SafeArrayPutElement
(
psaValue
,
ArrayIndex
,
&
(
_variant_t
)
dbs
[
i
].
tables
[
j
].
tbl_name
);
ArrayIndex
[
1
]
=
4
;
ArrayIndex
[
2
]
=
{
0
};
ArrayIndex
[
1
]
=
4
;
ArrayIndex
[
2
]
=
{
0
};
hr
=
SafeArrayPutElement
(
psaValue
,
ArrayIndex
,
&
(
_variant_t
)
L"rootpage"
);
ArrayIndex
[
1
]
=
4
;
ArrayIndex
[
2
]
=
{
1
};
ArrayIndex
[
1
]
=
4
;
ArrayIndex
[
2
]
=
{
1
};
hr
=
SafeArrayPutElement
(
psaValue
,
ArrayIndex
,
&
(
_variant_t
)
dbs
[
i
].
tables
[
j
].
rootpage
);
ArrayIndex
[
1
]
=
5
;
ArrayIndex
[
2
]
=
{
0
};
ArrayIndex
[
1
]
=
5
;
ArrayIndex
[
2
]
=
{
0
};
hr
=
SafeArrayPutElement
(
psaValue
,
ArrayIndex
,
&
(
_variant_t
)
L"sql"
);
ArrayIndex
[
1
]
=
5
;
ArrayIndex
[
2
]
=
{
1
};
ArrayIndex
[
1
]
=
5
;
ArrayIndex
[
2
]
=
{
1
};
hr
=
SafeArrayPutElement
(
psaValue
,
ArrayIndex
,
&
(
_variant_t
)
dbs
[
i
].
tables
[
j
].
sql
);
index
++
;
}
...
...
@@ -85,28 +106,32 @@ SAFEARRAY* CreateDbInfoSafeArray() {
return
psaValue
;
}
SAFEARRAY
*
GetDbHandles
(
DWORD
pid
)
{
SAFEARRAY
*
GetDbHandles
(
DWORD
pid
)
{
dbs
.
clear
();
WeChatProcess
hp
(
pid
);
if
(
!
hp
.
m_init
)
return
NULL
;
if
(
!
hp
.
m_init
)
return
NULL
;
DWORD
GetDbHandlesRemoteAddr
=
hp
.
GetProcAddr
(
GetDbHandlesRemote
);
if
(
GetDbHandlesRemoteAddr
==
0
)
return
NULL
;
DWORD
ret
=
CallRemoteFunction
(
hp
.
GetHandle
(),
GetDbHandlesRemoteAddr
,
NULL
);
while
(
1
)
{
DbInfoAddrStruct
dbaddr
=
{
0
};
while
(
1
)
{
DbInfoAddrStruct
dbaddr
=
{
0
};
ReadProcessMemory
(
hp
.
GetHandle
(),
(
LPCVOID
)
ret
,
&
dbaddr
,
sizeof
(
DbInfoAddrStruct
),
0
);
if
(
dbaddr
.
handle
==
0
)
break
;
DbInfoStruct
db
=
{
0
};
DbInfoStruct
db
=
{
0
};
db
.
handle
=
dbaddr
.
handle
;
db
.
count
=
dbaddr
.
count
;
db
.
dbname
=
new
wchar_t
[
dbaddr
.
l_dbname
+
1
];
ReadProcessMemory
(
hp
.
GetHandle
(),
(
LPCVOID
)
dbaddr
.
dbname
,
db
.
dbname
,
sizeof
(
wchar_t
)
*
(
dbaddr
.
l_dbname
+
1
),
0
);
DWORD
db_table_start_addr
=
dbaddr
.
v_data
;
while
(
db_table_start_addr
<
dbaddr
.
v_end1
)
{
TableInfoAddrStruct
tbaddr
=
{
0
};
TableInfoStruct
tb
=
{
0
};
while
(
db_table_start_addr
<
dbaddr
.
v_end1
)
{
TableInfoAddrStruct
tbaddr
=
{
0
};
TableInfoStruct
tb
=
{
0
};
ReadProcessMemory
(
hp
.
GetHandle
(),
(
LPCVOID
)
db_table_start_addr
,
&
tbaddr
,
sizeof
(
TableInfoAddrStruct
),
0
);
tb
.
name
=
new
char
[
tbaddr
.
l_name
+
1
];
ReadProcessMemory
(
hp
.
GetHandle
(),
(
LPCVOID
)
tbaddr
.
name
,
tb
.
name
,
tbaddr
.
l_name
+
1
,
0
);
...
...
@@ -122,6 +147,6 @@ SAFEARRAY* GetDbHandles(DWORD pid) {
dbs
.
push_back
(
db
);
ret
+=
sizeof
(
DbInfoAddrStruct
);
}
SAFEARRAY
*
psaValue
=
CreateDbInfoSafeArray
();
SAFEARRAY
*
psaValue
=
CreateDbInfoSafeArray
();
return
psaValue
;
}
\ No newline at end of file
}
DWeChatRobot/FriendList.cpp
浏览文件 @
fdb9f600
...
...
@@ -9,9 +9,9 @@ vector<WxFriendStruct> WxFriendList;
#ifndef USE_SOCKET
/*
* 供外部调用的获取好友列表接口1
* return:int,联系人数量
*/
* 供外部调用的获取好友列表接口1
* return:int,联系人数量
*/
int
GetFriendListInit
()
{
GetFriendList
();
...
...
@@ -22,9 +22,9 @@ int GetFriendListInit()
}
/*
* 供外部调用的获取好友列表接口2
* return:DWORD,WxFriendList第一个成员地址
*/
* 供外部调用的获取好友列表接口2
* return:DWORD,WxFriendList第一个成员地址
*/
DWORD
GetFriendListRemote
()
{
if
(
WxFriendList
.
size
()
==
0
||
WxFriendList
.
size
()
-
1
==
0
)
...
...
@@ -37,9 +37,9 @@ DWORD GetFriendListRemote()
}
/*
* 供外部调用的获取好友列表接口3,清空缓存
* return:void
*/
* 供外部调用的获取好友列表接口3,清空缓存
* return:void
*/
void
GetFriendListFinish
()
{
WxFriendList
.
clear
();
...
...
@@ -54,9 +54,9 @@ vector<WxFriendStruct> GetWxContact()
}
#endif
/*
* 获取好友列表的具体实现
* return:void
*/
* 获取好友列表的具体实现
* return:void
*/
WxFriendStruct
*
__stdcall
GetFriendList
()
{
#ifdef _DEBUG
...
...
@@ -86,6 +86,8 @@ WxFriendStruct *__stdcall GetFriendList()
DWORD
wxNumberAddr
=
0
;
DWORD
wxNickNameAddr
=
0
;
DWORD
wxRemarkAddr
=
0
;
DWORD
wxTypeAddr
=
0
;
DWORD
wxVerifyFlagAddr
=
0
;
__asm
{
pushad
;
...
...
@@ -102,11 +104,17 @@ WxFriendStruct *__stdcall GetFriendList()
mov
ecx
,
eax
;
add
ecx
,
0x78
;
mov
wxRemarkAddr
,
ecx
;
mov
ecx
,
eax
;
add
ecx
,
0x70
;
mov
wxTypeAddr
,
ecx
;
mov
ecx
,
eax
;
add
ecx
,
0x74
;
mov
wxVerifyFlagAddr
,
ecx
;
mov
ecx
,
dword
ptr
[
eax
];
mov
LeftTreeAddr
,
ecx
;
popad
;
}
WxFriendStruct
p
(
wxIdAddr
,
wxNumberAddr
,
wxNickNameAddr
,
wxRemarkAddr
);
WxFriendStruct
p
(
wxIdAddr
,
wxNumberAddr
,
wxNickNameAddr
,
wxRemarkAddr
,
wxTypeAddr
,
wxVerifyFlagAddr
);
WxFriendList
.
push_back
(
p
);
#ifdef _DEBUG
wcout
<<
(
wchar_t
*
)(
*
(
DWORD
*
)
p
.
wxIdAddr
)
<<
endl
;
...
...
@@ -116,7 +124,7 @@ WxFriendStruct *__stdcall GetFriendList()
break
;
}
}
WxFriendStruct
nullp
(
NULL
,
NULL
,
NULL
,
NULL
);
WxFriendStruct
nullp
(
NULL
,
NULL
,
NULL
,
NULL
,
NULL
,
NULL
);
WxFriendList
.
push_back
(
nullp
);
return
WxFriendList
.
data
();
}
DWeChatRobot/SendFile.cpp
浏览文件 @
fdb9f600
...
...
@@ -121,10 +121,8 @@ BOOL __stdcall SendFile(wchar_t *receiver, wchar_t *FilePath)
mov
al
,
byte
ptr
[
eax
+
0x38
];
movzx
eax
,
al
;
mov
isSuccess
,
eax
;
// push 200;
// call Sleep;
// lea ecx, buffer;
// call DeleteSendFileCacheCall;
lea
ecx
,
buffer
;
call
DeleteSendFileCacheCall
;
popfd
;
popad
;
}
...
...
DWeChatRobot/wxdata.h
浏览文件 @
fdb9f600
...
...
@@ -169,12 +169,18 @@ struct WxFriendStruct
DWORD
wxNumberAddr
;
DWORD
wxNickNameAddr
;
DWORD
wxRemarkAddr
;
WxFriendStruct
(
DWORD
wxIdAddr
,
DWORD
wxNumberAddr
,
DWORD
wxNickNameAddr
,
DWORD
wxRemarkAddr
)
DWORD
wxTypeAddr
;
DWORD
wxVerifyFlagAddr
;
WxFriendStruct
(
DWORD
wxIdAddr
,
DWORD
wxNumberAddr
,
DWORD
wxNickNameAddr
,
DWORD
wxRemarkAddr
,
DWORD
wxTypeAddr
,
DWORD
wxVerfifyFlagAddr
)
{
this
->
wxIdAddr
=
wxIdAddr
;
this
->
wxNumberAddr
=
wxNumberAddr
;
this
->
wxNickNameAddr
=
wxNickNameAddr
;
this
->
wxRemarkAddr
=
wxRemarkAddr
;
this
->
wxTypeAddr
=
wxTypeAddr
;
this
->
wxVerifyFlagAddr
=
wxVerfifyFlagAddr
;
}
};
...
...
DWeChatRobot/wxsocket.cpp
浏览文件 @
fdb9f600
...
...
@@ -321,6 +321,8 @@ void request_event(mg_http_message *hm, string &ret, struct mg_connection *c)
f_j
[
"wxNumber"
]
=
unicode_to_utf8
(
WS2LW
(
wxNumber
));
f_j
[
"wxNickName"
]
=
unicode_to_utf8
(
WS2LW
(
wxNickName
));
f_j
[
"wxRemark"
]
=
unicode_to_utf8
(
WS2LW
(
wxRemark
));
f_j
[
"wxType"
]
=
*
(
DWORD
*
)
f
.
wxTypeAddr
;
f_j
[
"wxVerifyFlag"
]
=
*
(
DWORD
*
)
f
.
wxVerifyFlagAddr
;
ret_data
[
"data"
].
push_back
(
f_j
);
}
ret
=
ret_data
.
dump
();
...
...
Python/com/wxRobot.py
浏览文件 @
fdb9f600
...
...
@@ -351,10 +351,8 @@ class WeChatRobot:
"""
if
not
self
.
AddressBook
:
self
.
GetAddressBook
()
friend_list
=
[]
for
item
in
self
.
AddressBook
:
if
'wxid_'
==
item
[
'wxid'
][
0
:
5
]:
friend_list
.
append
(
item
)
friend_list
=
[
item
for
item
in
self
.
AddressBook
\
if
(
item
[
'wxType'
]
==
3
and
item
[
'wxid'
][
0
:
3
]
!=
'gh_'
)]
return
friend_list
def
GetChatRoomList
(
self
)
->
list
:
...
...
@@ -369,10 +367,8 @@ class WeChatRobot:
"""
if
not
self
.
AddressBook
:
self
.
GetAddressBook
()
chatroom_list
=
[]
for
item
in
self
.
AddressBook
:
if
'@chatroom'
in
item
[
'wxid'
]:
chatroom_list
.
append
(
item
)
chatroom_list
=
[
item
for
item
in
self
.
AddressBook
\
if
item
[
'wxType'
]
==
2
]
return
chatroom_list
def
GetOfficialAccountList
(
self
)
->
list
:
...
...
@@ -387,10 +383,9 @@ class WeChatRobot:
"""
if
not
self
.
AddressBook
:
self
.
GetAddressBook
()
official_account_list
=
[]
for
item
in
self
.
AddressBook
:
if
'wxid_'
!=
item
[
'wxid'
][
0
:
5
]
and
'@chatroom'
not
in
item
[
'wxid'
]:
official_account_list
.
append
(
item
)
official_account_list
=
[
item
for
item
in
self
.
AddressBook
\
if
(
item
[
'wxType'
]
==
3
and
\
item
[
'wxid'
][
0
:
3
]
==
'gh_'
)]
return
official_account_list
def
GetFriendByWxRemark
(
self
,
remark
:
str
)
->
dict
or
None
:
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录