├── README.md
└── wxapkg_infosearch.py


/README.md:
--------------------------------------------------------------------------------
 1 | # wxapkg_infosearch
 2 | 一款微信小程序源码包信息收集工具，根据已有项目改编
 3 | 
 4 | ![image](https://github.com/user-attachments/assets/dfd9f009-5739-46b6-837b-e3204bed7450)
 5 | 
 6 | 
 7 | 本项目是由 https://github.com/moyuwa/wechat_appinfo_wxapkg 项目中的信息收集脚本改编而成
 8 | 
 9 | 感谢这位大佬，侵删
10 | 
11 | 主要区别：
12 | 跟原项目脚本相比，本项目将输出的两个文件(一个输出规则名，一个输出结果)合并，每条结果写入对应规则下面，并且添加了换行，使结果看起来更美观一点
13 | 
14 | 添加了参数，-h查看帮助，-f指定目录
15 | 
16 | 用法：
17 | python3 wxapkg_infosearch.py -f 源码包位置
18 | 
19 | 最终输出infolist.txt
20 | 
21 | ![image](https://github.com/user-attachments/assets/233254d9-c447-4ffc-a7af-ec91245bfda0)
22 | 


--------------------------------------------------------------------------------
/wxapkg_infosearch.py:
--------------------------------------------------------------------------------
  1 | # -*- coding: utf-8 -*-
  2 | 
  3 | import os
  4 | import sys
  5 | import re
  6 | import argparse
  7 | 
  8 | def banner():
  9 |     info = """
 10 |                             _             _        __                              _     
 11 |                            | |           (_)      / _|                            | |    
 12 |  __      ____  ____ _ _ __ | | ____ _     _ _ __ | |_ ___  ___  ___  __ _ _ __ ___| |__  
 13 |  \ \ /\ / /\ \/ / _` | '_ \| |/ / _` |   | | '_ \|  _/ _ \/ __|/ _ \/ _` | '__/ __| '_ \ 
 14 |   \ V  V /  >  < (_| | |_) |   < (_| |   | | | | | || (_) \__ \  __/ (_| | | | (__| | | |
 15 |    \_/\_/  /_/\_\__,_| .__/|_|\_\__, |   |_|_| |_|_| \___/|___/\___|\__,_|_|  \___|_| |_|
 16 |                      | |         __/ |_____                                              
 17 |                      |_|        |___/______|                                             
 18 | """
 19 |     print(info)
 20 | 
 21 | 
 22 | # 定义规则字典
 23 | relist = {
 24 |     # ======== 自定义 规则 ========
 25 |     "httplist": "\"http.://.*?\"", "urllist": "\".*?[^http]/.*?\\?.*?=\"", "apikeylist": "api.*?key.*?=",
 26 |     "apikeylist": "api.*?key.*?:",
 27 |     "userpwdlist": "user.*?=\".*?\"", "userpwdlist": "passw.*?=\".*?\"",
 28 |     "accesskey": "access.*?key.*?=", "accesskey": "access.*?key.*?:",
 29 |     "tokenkey": "token.*?key.*?=", "tokenkey": "token.*?key.*?:",
 30 |     "apipath": "\"[/|]api.*?/.*?[/|]\"", "secret": "secret[id|key].*?=.*?\".*?\"",
 31 |     "secret": "secret[id|key].*?:.*?\".*?\"",
 32 |     # ======== findsomething 规则 ========
 33 |     "sfz": "['\"]((\d{8}(0\d|10|11|12)([0-2]\d|30|31)\d{3}$)|(\d{6}(18|19|20)\d{2}(0[1-9]|10|11|12)([0-2]\d|30|31)\d{3}(\d|X|x)))['\"]",
 34 |     "mobile": "['\"](1(3([0-35-9]\d|4[1-8])|4[14-9]\d|5([\d]\d|7[1-79])|66\d|7[2-35-8]\d|8\d{2}|9[89]\d)\d{7})['\"]",
 35 |     "mail": "['\"][a-zA-Z0-9\._\-]*@[a-zA-Z0-9\._\-]{1,63}\.((?!js|css|jpg|jpeg|png|ico)[a-zA-Z]{2,})['\"]",
 36 |     "ip_port": "['\"]\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}['\"]",
 37 |     "ip_port": "['\"]\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\:\d{1,5}['\"]",
 38 |     "domain": "['\"][a-zA-Z0-9\-\.]*?\.(xin|com|cn|net|com.cn|vip|top|cc|shop|club|wang|xyz|luxe|site|news|pub|fun|online|win|red|loan|ren|mom|net.cn|org|link|biz|bid|help|tech|date|mobi|so|me|tv|co|vc|pw|video|party|pics|website|store|ltd|ink|trade|live|wiki|space|gift|lol|work|band|info|click|photo|market|tel|social|press|game|kim|org.cn|games|pro|men|love|studio|rocks|asia|group|science|design|software|engineer|lawyer|fit|beer|我爱你|中国|公司|网络|在线|网址|网店|集团|中文网)['\"]",
 39 |     "path": "['\"]\/[^\/\>\< \)\(\{\}\,\'\"\\]([^\>\< \)\(\{\}\,\'\"\\])*?['\"]",
 40 |     "url": "['\"](([a-zA-Z0-9]+:)?\/\/)?[a-zA-Z0-9\-\.]*?\.(xin|com|cn|net|com.cn|vip|top|cc|shop|club|wang|xyz|luxe|site|news|pub|fun|online|win|red|loan|ren|mom|net.cn|org|link|biz|bid|help|tech|date|mobi|so|me|tv|co|vc|pw|video|party|pics|website|store|ltd|ink|trade|live|wiki|space|gift|lol|work|band|info|click|photo|market|tel|social|press|game|kim|org.cn|games|pro|men|love|studio|rocks|asia|group|science|design|software|engineer|lawyer|fit|beer|我爱你|中国|公司|网络|在线|网址|网店|集团|中文网)(\/.*?)?['\"]",
 41 |     "jwt": "['\"'](ey[A-Za-z0-9_-]{10,}\.[A-Za-z0-9._-]{10,}|ey[A-Za-z0-9_\/+-]{10,}\.[A-Za-z0-9._\/+-]{10,})['\"']",
 42 |     "algorithm": "\W(base64\.encode|base64\.decode|btoa|atob|CryptoJS\.AES|CryptoJS\.DES|JSEncrypt|rsa|KJUR|$\.md5|md5|sha1|sha256|sha512)[\(\.]",
 43 |     # ======== HEA 规则 ========
 44 |     "Shiro": "(=deleteMe|rememberMe=)",
 45 |     "JSON Web Token": "(eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9._-]{10,}|eyJ[A-Za-z0-9_\/+-]{10,}\.[A-Za-z0-9._\/+-]{10,})",
 46 |     "Swagger UI": "((swagger-ui.html)|(\"swagger\":)|(Swagger UI)|(swaggerUi)|(swaggerVersion))",
 47 |     "Ueditor": "(ueditor\.(config|all)\.js)",
 48 |     "RCE Paramters": "((cmd=)|(exec=)|(command=)|(execute=)|(ping=)|(query=)|(jump=)|(code=)|(reg=)|(do=)|(func=)|(arg=)|(option=)|(load=)|(process=)|(step=)|(read=)|(function=)|(feature=)|(exe=)|(module=)|(payload=)|(run=)|(daemon=)|(upload=)|(dir=)|(download=)|(log=)|(ip=)|(cli=))",
 49 | }
 50 | 
 51 | # 枚举js文件
 52 | def jspath(rootDir):
 53 |     jss = []
 54 |     for root, dirs, files in os.walk(rootDir):
 55 |         for file in files:
 56 |             docname = os.path.join(root, file)
 57 |             if docname[-4:].find(".js") != -1:
 58 |                 jss.append(docname)
 59 |     return jss
 60 | 
 61 | # 匹配关键字符串
 62 | def rekeystring(jss=[]):
 63 |     search_data = {}
 64 |     for key, value in relist.items():
 65 |         search_data[key] = []
 66 |     for js in jss:
 67 |         with open(js, "r", encoding="utf-8") as f:
 68 |             txt = f.read()
 69 |             for key, value in relist.items():
 70 |                 search_data[key].append(re.findall(value, txt))
 71 |     return search_data
 72 | 
 73 | # 信息输出
 74 | def outprintf(httplist=[], rule_name=""):
 75 |     with open("infolist.txt", "a", encoding="utf-8") as f:
 76 |         f.write(f"====={rule_name}=====\n") # 写入规则标题
 77 |         for http1 in httplist:
 78 |             for http2 in http1:
 79 |                 if isinstance(http2, tuple):
 80 |                     for s1 in http2:
 81 |                         f.write(str(s1).strip("\"").rstrip("\"") + "\n") # 输出到控制台
 82 |                 else:
 83 |                     s1 = str(http2).strip("\"").rstrip("\"") + "\n"
 84 |                     f.write(s1)
 85 |         f.write("\n")  # 每个规则的结束后添加一个空行
 86 | 
 87 |     for http1 in httplist: # 输出到控制台
 88 |         for http2 in http1:
 89 |             if isinstance(http2, tuple):
 90 |                 for s1 in http2:
 91 |                     print(str(s1).strip("\"").rstrip("\"") + "\n")
 92 |             else:
 93 |                 s1 = str(http2).strip("\"").rstrip("\"") + "\n"
 94 |                 print(s1)
 95 | 
 96 | def domain(directory):
 97 |     jss = jspath(directory)  # 从命令行传入的目录
 98 |     search_data = rekeystring(jss)
 99 |     for key, value in relist.items(): # 将匹配的结果写到 infolist.txt 中
100 |         outprintf(search_data[key], key)
101 | 
102 | def main():
103 |     parser = argparse.ArgumentParser(description="微信小程序源码包 wxapkg 信息收集脚本")
104 |     parser.add_argument("-f", "--folder", required=True, help="指定要扫描的目录路径") # 创建命令行参数解析器
105 |     args = parser.parse_args() # 解析命令行参数
106 |     domain(args.folder) # 运行主逻辑
107 | 
108 | if __name__ == "__main__":
109 |     banner()
110 |     main()
111 | 


--------------------------------------------------------------------------------