├── LICENSE
├── README.md
├── 交流群.jpg
├── 入门教程.png
├── 微信Duilib界面
├── WeChatDuiLibXML.sln
└── WeChatDuiLibXML
│ ├── WeChatDuiLibXML.cpp
│ ├── WeChatDuiLibXML.vcxproj
│ ├── WeChatDuiLibXML.vcxproj.filters
│ ├── WeChatDuiLibXML.vcxproj.user
│ ├── dllmain.cpp
│ ├── stdafx.cpp
│ ├── stdafx.h
│ └── targetver.h
├── 打开公众号历史消息
├── WeChatArticle
│ ├── WeChatArticle.sln
│ └── WeChatArticle
│ │ ├── WeChatArticle.aps
│ │ ├── WeChatArticle.cpp
│ │ ├── WeChatArticle.h
│ │ ├── WeChatArticle.rc
│ │ ├── WeChatArticle.vcxproj
│ │ ├── WeChatArticle.vcxproj.filters
│ │ ├── WeChatArticle.vcxproj.user
│ │ ├── WeChatArticleDlg.cpp
│ │ ├── WeChatArticleDlg.h
│ │ ├── res
│ │ ├── WeChatArticle.ico
│ │ └── WeChatArticle.rc2
│ │ ├── resource.h
│ │ ├── stdafx.cpp
│ │ ├── stdafx.h
│ │ └── targetver.h
├── 使用说明书.docx
└── 成品
│ ├── Debug
│ └── WeChatArticle.exe
│ └── Release
│ └── WeChatArticle.exe
├── 打开微信文章.png
├── 无痕清粉-注入
├── WechatClearContact.sln
├── WechatClearContact
│ ├── Cmd.cpp
│ ├── Cmd.h
│ ├── Inject.cpp
│ ├── Inject.h
│ ├── WechatClearContact.aps
│ ├── WechatClearContact.cpp
│ ├── WechatClearContact.h
│ ├── WechatClearContact.rc
│ ├── WechatClearContact.vcxproj
│ ├── WechatClearContact.vcxproj.filters
│ ├── WechatClearContact.vcxproj.user
│ ├── WechatClearContactDlg.cpp
│ ├── WechatClearContactDlg.h
│ ├── res
│ │ ├── WechatClearContact.ico
│ │ └── WechatClearContact.rc2
│ ├── resource.h
│ ├── stdafx.cpp
│ ├── stdafx.h
│ └── targetver.h
├── WechatClearContactDLL
│ ├── Cmd.cpp
│ ├── Cmd.h
│ ├── Contacts.cpp
│ ├── Contacts.h
│ ├── Friend.cpp
│ ├── Friend.h
│ ├── Message.cpp
│ ├── Message.h
│ ├── Util.cpp
│ ├── Util.h
│ ├── VerifyUser.cpp
│ ├── VerifyUser.h
│ ├── WechatClearContactDLL.cpp
│ ├── WechatClearContactDLL.vcxproj
│ ├── WechatClearContactDLL.vcxproj.filters
│ ├── WechatClearContactDLL.vcxproj.user
│ ├── Wnd.cpp
│ ├── Wnd.h
│ ├── dllmain.cpp
│ ├── stdafx.cpp
│ ├── stdafx.h
│ └── targetver.h
└── 成品
│ ├── WechatClearContact.exe
│ └── WechatClearContactDLL.dll
├── 无痕清粉效果图.png
├── 最终demo.png
├── 逆向入门源码
├── 个人信息
│ ├── DLLGetUserInfo
│ │ ├── DLLGetUserInfo.sln
│ │ └── DLLGetUserInfo
│ │ │ ├── DLLGetUserInfo.cpp
│ │ │ ├── DLLGetUserInfo.vcxproj
│ │ │ ├── DLLGetUserInfo.vcxproj.filters
│ │ │ ├── DLLGetUserInfo.vcxproj.user
│ │ │ ├── dllmain.cpp
│ │ │ ├── stdafx.cpp
│ │ │ ├── stdafx.h
│ │ │ └── targetver.h
│ └── MFCGetUserInfo
│ │ ├── MFCGetUserInfo.sln
│ │ └── MFCGetUserInfo
│ │ ├── MFCGetUserInfo.aps
│ │ ├── MFCGetUserInfo.cpp
│ │ ├── MFCGetUserInfo.h
│ │ ├── MFCGetUserInfo.rc
│ │ ├── MFCGetUserInfo.vcxproj
│ │ ├── MFCGetUserInfo.vcxproj.filters
│ │ ├── MFCGetUserInfo.vcxproj.user
│ │ ├── MFCGetUserInfoDlg.cpp
│ │ ├── MFCGetUserInfoDlg.h
│ │ ├── res
│ │ ├── MFCGetUserInfo.ico
│ │ └── MFCGetUserInfo.rc2
│ │ ├── resource.h
│ │ ├── stdafx.cpp
│ │ ├── stdafx.h
│ │ └── targetver.h
├── 刷新二维码
│ └── DLLRefreshQrcode
│ │ ├── DLLRefreshQrcode.sln
│ │ └── DLLRefreshQrcode
│ │ ├── DLLRefreshQrcode.cpp
│ │ ├── DLLRefreshQrcode.vcxproj
│ │ ├── DLLRefreshQrcode.vcxproj.filters
│ │ ├── DLLRefreshQrcode.vcxproj.user
│ │ ├── dllmain.cpp
│ │ ├── stdafx.cpp
│ │ ├── stdafx.h
│ │ └── targetver.h
├── 发送消息
│ └── DLLSendMsgText
│ │ ├── DLLSendMsgText.sln
│ │ └── DLLSendMsgText
│ │ ├── DLLSendMsgText.cpp
│ │ ├── DLLSendMsgText.vcxproj
│ │ ├── DLLSendMsgText.vcxproj.filters
│ │ ├── DLLSendMsgText.vcxproj.user
│ │ ├── dllmain.cpp
│ │ ├── stdafx.cpp
│ │ ├── stdafx.h
│ │ └── targetver.h
├── 接收消息
│ └── DLLRecvMsg
│ │ ├── DLLRecvMsg.sln
│ │ └── DLLRecvMsg
│ │ ├── DLLRecvMsg.cpp
│ │ ├── DLLRecvMsg.vcxproj
│ │ ├── DLLRecvMsg.vcxproj.filters
│ │ ├── DLLRecvMsg.vcxproj.user
│ │ ├── dllmain.cpp
│ │ ├── stdafx.cpp
│ │ ├── stdafx.h
│ │ └── targetver.h
└── 通讯录
│ └── MFCGetContacts
│ ├── MFCGetContacts.sln
│ └── MFCGetContacts
│ ├── MFCGetContacts.aps
│ ├── MFCGetContacts.cpp
│ ├── MFCGetContacts.h
│ ├── MFCGetContacts.rc
│ ├── MFCGetContacts.vcxproj
│ ├── MFCGetContacts.vcxproj.filters
│ ├── MFCGetContacts.vcxproj.user
│ ├── MFCGetContactsDlg.cpp
│ ├── MFCGetContactsDlg.h
│ ├── res
│ ├── MFCGetContacts.ico
│ └── MFCGetContacts.rc2
│ ├── resource.h
│ ├── stdafx.cpp
│ ├── stdafx.h
│ └── targetver.h
├── 通讯录-非注入
├── WeChatContacts.exe
├── WeChatContacts.sln
└── WeChatContacts
│ ├── WeChatContacts.aps
│ ├── WeChatContacts.cpp
│ ├── WeChatContacts.h
│ ├── WeChatContacts.rc
│ ├── WeChatContacts.vcxproj
│ ├── WeChatContacts.vcxproj.filters
│ ├── WeChatContacts.vcxproj.user
│ ├── WeChatContactsDlg.cpp
│ ├── WeChatContactsDlg.h
│ ├── res
│ ├── WeChatContacts.ico
│ └── WeChatContacts.rc2
│ ├── resource.h
│ ├── stdafx.cpp
│ ├── stdafx.h
│ └── targetver.h
└── 通讯录效果图.jpg
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2019 KongKong20
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # WeChatPCHook
2 | 微信 电脑 机器人 基于HOOK 入门教程
3 | 开源不易,觉得还可以的话,麻烦给个Star支持下,会更有动力更新版本,添加功能~
4 |
5 | # 交流
6 | QQ群:163419350
7 | # 入门教程
8 | 博客地址:https://www.cnblogs.com/wwgk/
9 | 
10 | # 通讯录效果图
11 | 
12 | # 无痕清粉效果图
13 | 
14 | # 打开微信公众号文章效果图
15 | 
16 | # 声明
17 | 本项目仅供技术研究,请勿用于任何商业用途,请勿用于非法用途,如有任何人凭此做何非法事情,均于作者无关,特此声明。
18 |
--------------------------------------------------------------------------------
/交流群.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/交流群.jpg
--------------------------------------------------------------------------------
/入门教程.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/入门教程.png
--------------------------------------------------------------------------------
/微信Duilib界面/WeChatDuiLibXML.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 15
4 | VisualStudioVersion = 15.0.28307.902
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "WeChatDuiLibXML", "WeChatDuiLibXML\WeChatDuiLibXML.vcxproj", "{AEE67DC6-EE2F-4A20-A5F1-4DB7E82A0B86}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|x64 = Debug|x64
11 | Debug|x86 = Debug|x86
12 | Release|x64 = Release|x64
13 | Release|x86 = Release|x86
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {AEE67DC6-EE2F-4A20-A5F1-4DB7E82A0B86}.Debug|x64.ActiveCfg = Debug|x64
17 | {AEE67DC6-EE2F-4A20-A5F1-4DB7E82A0B86}.Debug|x64.Build.0 = Debug|x64
18 | {AEE67DC6-EE2F-4A20-A5F1-4DB7E82A0B86}.Debug|x86.ActiveCfg = Debug|Win32
19 | {AEE67DC6-EE2F-4A20-A5F1-4DB7E82A0B86}.Debug|x86.Build.0 = Debug|Win32
20 | {AEE67DC6-EE2F-4A20-A5F1-4DB7E82A0B86}.Release|x64.ActiveCfg = Release|x64
21 | {AEE67DC6-EE2F-4A20-A5F1-4DB7E82A0B86}.Release|x64.Build.0 = Release|x64
22 | {AEE67DC6-EE2F-4A20-A5F1-4DB7E82A0B86}.Release|x86.ActiveCfg = Release|Win32
23 | {AEE67DC6-EE2F-4A20-A5F1-4DB7E82A0B86}.Release|x86.Build.0 = Release|Win32
24 | EndGlobalSection
25 | GlobalSection(SolutionProperties) = preSolution
26 | HideSolutionNode = FALSE
27 | EndGlobalSection
28 | GlobalSection(ExtensibilityGlobals) = postSolution
29 | SolutionGuid = {96ECDDFB-CA5F-4749-90BD-5BF2E564CD05}
30 | EndGlobalSection
31 | EndGlobal
32 |
--------------------------------------------------------------------------------
/微信Duilib界面/WeChatDuiLibXML/WeChatDuiLibXML.cpp:
--------------------------------------------------------------------------------
1 | // WeChatDuiLibXML.cpp : 定义 DLL 应用程序的导出函数。
2 | //
3 |
4 | #include "stdafx.h"
5 |
6 |
7 |
--------------------------------------------------------------------------------
/微信Duilib界面/WeChatDuiLibXML/WeChatDuiLibXML.vcxproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | Win32
7 |
8 |
9 | Release
10 | Win32
11 |
12 |
13 | Debug
14 | x64
15 |
16 |
17 | Release
18 | x64
19 |
20 |
21 |
22 | 15.0
23 | {AEE67DC6-EE2F-4A20-A5F1-4DB7E82A0B86}
24 | Win32Proj
25 | WeChatDuiLibXML
26 | 10.0.17763.0
27 |
28 |
29 |
30 | DynamicLibrary
31 | true
32 | v141
33 | Unicode
34 |
35 |
36 | DynamicLibrary
37 | false
38 | v141
39 | true
40 | Unicode
41 |
42 |
43 | DynamicLibrary
44 | true
45 | v141
46 | Unicode
47 |
48 |
49 | DynamicLibrary
50 | false
51 | v141
52 | true
53 | Unicode
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 | true
75 |
76 |
77 | true
78 |
79 |
80 | false
81 |
82 |
83 | false
84 |
85 |
86 |
87 | Use
88 | Level3
89 | Disabled
90 | true
91 | WIN32;_DEBUG;WECHATDUILIBXML_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
92 | true
93 |
94 |
95 | Windows
96 | true
97 |
98 |
99 |
100 |
101 | Use
102 | Level3
103 | Disabled
104 | true
105 | _DEBUG;WECHATDUILIBXML_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
106 | true
107 |
108 |
109 | Windows
110 | true
111 |
112 |
113 |
114 |
115 | Use
116 | Level3
117 | MaxSpeed
118 | true
119 | true
120 | true
121 | WIN32;NDEBUG;WECHATDUILIBXML_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
122 | true
123 |
124 |
125 | Windows
126 | true
127 | true
128 | true
129 |
130 |
131 |
132 |
133 | Use
134 | Level3
135 | MaxSpeed
136 | true
137 | true
138 | true
139 | NDEBUG;WECHATDUILIBXML_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
140 | true
141 |
142 |
143 | Windows
144 | true
145 | true
146 | true
147 |
148 |
149 |
150 |
151 |
152 |
153 |
154 |
155 |
156 | Create
157 | Create
158 | Create
159 | Create
160 |
161 |
162 |
163 |
164 |
165 |
166 |
--------------------------------------------------------------------------------
/微信Duilib界面/WeChatDuiLibXML/WeChatDuiLibXML.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 |
18 |
19 | 头文件
20 |
21 |
22 | 头文件
23 |
24 |
25 |
26 |
27 | 源文件
28 |
29 |
30 | 源文件
31 |
32 |
33 | 源文件
34 |
35 |
36 |
--------------------------------------------------------------------------------
/微信Duilib界面/WeChatDuiLibXML/WeChatDuiLibXML.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/微信Duilib界面/WeChatDuiLibXML/dllmain.cpp:
--------------------------------------------------------------------------------
1 | // dllmain.cpp : 定义 DLL 应用程序的入口点。
2 | #include "stdafx.h"
3 | #include
4 | #include
5 | using namespace std;
6 | #pragma comment(lib, "Shlwapi.lib")
7 |
8 | //#define OFFSET_DUILIB_HOOK_ADDRESS 0x6E5540
9 | #define OFFSET_DUILIB_HOOK_ADDRESS 0x81DC70
10 |
11 | DWORD jmpBackAddress = 0;
12 |
13 | VOID SaveDuiLibXML(BYTE* xmlData, DWORD xmlSize, WCHAR* xmlPathFileName)
14 | {
15 | wstring filepath = L"D:\\WeChatDuiLibXMLFile";
16 | if (!PathIsDirectory(filepath.c_str()))
17 | {
18 | CreateDirectory(filepath.c_str(), NULL);
19 | }
20 |
21 | wstring wsXmlPathFileName = xmlPathFileName;
22 | int index = wsXmlPathFileName.find(L"/");
23 | if (index < 0) index = wsXmlPathFileName.find(L"\\");
24 |
25 | if (index > 0)
26 | {
27 | wstring wsXmlPath = wsXmlPathFileName.substr(0, index);
28 | filepath += L"\\" + wsXmlPath;
29 | if (!PathIsDirectory(filepath.c_str()))
30 | {
31 | CreateDirectory(filepath.c_str(), NULL);
32 | }
33 | }
34 |
35 | wstring wsXmlFileName = wsXmlPathFileName.substr(index+1);
36 | filepath += L"\\" + wsXmlFileName;
37 |
38 | OutputDebugString(filepath.c_str());
39 |
40 | HANDLE hFile = CreateFile(filepath.c_str(),
41 | GENERIC_WRITE, 0, NULL,
42 | CREATE_NEW, FILE_ATTRIBUTE_NORMAL, 0);
43 |
44 | DWORD dwBytesWriten = 0;
45 | WriteFile(hFile, xmlData, xmlSize*2, &dwBytesWriten, NULL);
46 |
47 | CloseHandle(hFile);
48 | }
49 |
50 | __declspec(naked) VOID ListenDuiLibXML()
51 | {
52 | _asm
53 | {
54 | mov ebx, dword ptr ss : [ebp - 0x4];
55 | xor ecx, ecx;
56 |
57 | pushfd;
58 | pushad;
59 |
60 | mov eax, [ebp];
61 | push [eax+0x8];
62 | push edx;
63 | push [ebx];
64 | call SaveDuiLibXML;
65 | add esp, 0xC;
66 |
67 | popad
68 | popfd
69 |
70 | jmp jmpBackAddress
71 | }
72 | }
73 |
74 | VOID HookDuiLibXML(HMODULE hModule)
75 | {
76 | DWORD wxBaseAddress = 0;
77 | while (wxBaseAddress == 0)
78 | {
79 | Sleep(100);
80 | wxBaseAddress = (DWORD)GetModuleHandle(TEXT("WeChatWin.dll"));
81 | }
82 |
83 | DWORD hookAddress = wxBaseAddress + 0x81DC70;
84 | jmpBackAddress = hookAddress + 5;
85 |
86 | BYTE jmpCode[5] = { 0xE9 };
87 | *((int*)& jmpCode[1]) = (DWORD)ListenDuiLibXML - hookAddress - 5;
88 | WriteProcessMemory(GetCurrentProcess(), (LPVOID)hookAddress, jmpCode, 5, 0);
89 | }
90 |
91 | BOOL APIENTRY DllMain( HMODULE hModule,
92 | DWORD ul_reason_for_call,
93 | LPVOID lpReserved
94 | )
95 | {
96 | switch (ul_reason_for_call)
97 | {
98 | case DLL_PROCESS_ATTACH:
99 | {
100 | HANDLE hANDLE = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)HookDuiLibXML, hModule, NULL, 0);
101 | if (hANDLE != 0)
102 | {
103 | CloseHandle(hANDLE);
104 | }
105 | }
106 | break;
107 |
108 | case DLL_THREAD_ATTACH:
109 | case DLL_THREAD_DETACH:
110 | case DLL_PROCESS_DETACH:
111 | break;
112 | }
113 | return TRUE;
114 | }
115 |
116 |
--------------------------------------------------------------------------------
/微信Duilib界面/WeChatDuiLibXML/stdafx.cpp:
--------------------------------------------------------------------------------
1 | #include "stdafx.h"
2 |
--------------------------------------------------------------------------------
/微信Duilib界面/WeChatDuiLibXML/stdafx.h:
--------------------------------------------------------------------------------
1 | // stdafx.h: 标准系统包含文件的包含文件,
2 | // 或是经常使用但不常更改的
3 | // 项目特定的包含文件
4 | //
5 |
6 | #pragma once
7 |
8 | #include "targetver.h"
9 |
10 | #define WIN32_LEAN_AND_MEAN // 从 Windows 头文件中排除极少使用的内容
11 | // Windows 头文件
12 | #include
13 |
14 |
15 |
16 | // 在此处引用程序需要的其他标头
17 |
--------------------------------------------------------------------------------
/微信Duilib界面/WeChatDuiLibXML/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | // 包括 SDKDDKVer.h 将定义可用的最高版本的 Windows 平台。
4 |
5 | // 如果要为以前的 Windows 平台生成应用程序,请包括 WinSDKVer.h,并
6 | // 将 _WIN32_WINNT 宏设置为要支持的平台,然后再包括 SDKDDKVer.h。
7 |
8 | #include
9 |
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 15
4 | VisualStudioVersion = 15.0.28307.902
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "WeChatArticle", "WeChatArticle\WeChatArticle.vcxproj", "{0F726806-A9AE-4089-8824-A08C0A54116B}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|x64 = Debug|x64
11 | Debug|x86 = Debug|x86
12 | Release|x64 = Release|x64
13 | Release|x86 = Release|x86
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {0F726806-A9AE-4089-8824-A08C0A54116B}.Debug|x64.ActiveCfg = Debug|x64
17 | {0F726806-A9AE-4089-8824-A08C0A54116B}.Debug|x64.Build.0 = Debug|x64
18 | {0F726806-A9AE-4089-8824-A08C0A54116B}.Debug|x86.ActiveCfg = Debug|Win32
19 | {0F726806-A9AE-4089-8824-A08C0A54116B}.Debug|x86.Build.0 = Debug|Win32
20 | {0F726806-A9AE-4089-8824-A08C0A54116B}.Release|x64.ActiveCfg = Release|x64
21 | {0F726806-A9AE-4089-8824-A08C0A54116B}.Release|x64.Build.0 = Release|x64
22 | {0F726806-A9AE-4089-8824-A08C0A54116B}.Release|x86.ActiveCfg = Release|Win32
23 | {0F726806-A9AE-4089-8824-A08C0A54116B}.Release|x86.Build.0 = Release|Win32
24 | EndGlobalSection
25 | GlobalSection(SolutionProperties) = preSolution
26 | HideSolutionNode = FALSE
27 | EndGlobalSection
28 | GlobalSection(ExtensibilityGlobals) = postSolution
29 | SolutionGuid = {670B2F72-933C-41CA-BD1F-3B263547AFCD}
30 | EndGlobalSection
31 | EndGlobal
32 |
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/WeChatArticle.aps:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/打开公众号历史消息/WeChatArticle/WeChatArticle/WeChatArticle.aps
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/WeChatArticle.cpp:
--------------------------------------------------------------------------------
1 |
2 | // WeChatArticle.cpp: 定义应用程序的类行为。
3 | //
4 |
5 | #include "stdafx.h"
6 | #include "WeChatArticle.h"
7 | #include "WeChatArticleDlg.h"
8 |
9 | #ifdef _DEBUG
10 | #define new DEBUG_NEW
11 | #endif
12 |
13 |
14 | // CWeChatArticleApp
15 |
16 | BEGIN_MESSAGE_MAP(CWeChatArticleApp, CWinApp)
17 | ON_COMMAND(ID_HELP, &CWinApp::OnHelp)
18 | END_MESSAGE_MAP()
19 |
20 |
21 | // CWeChatArticleApp 构造
22 |
23 | CWeChatArticleApp::CWeChatArticleApp()
24 | {
25 | // 支持重新启动管理器
26 | m_dwRestartManagerSupportFlags = AFX_RESTART_MANAGER_SUPPORT_RESTART;
27 |
28 | // TODO: 在此处添加构造代码,
29 | // 将所有重要的初始化放置在 InitInstance 中
30 | }
31 |
32 |
33 | // 唯一的 CWeChatArticleApp 对象
34 |
35 | CWeChatArticleApp theApp;
36 |
37 |
38 | // CWeChatArticleApp 初始化
39 |
40 | BOOL CWeChatArticleApp::InitInstance()
41 | {
42 | // 如果一个运行在 Windows XP 上的应用程序清单指定要
43 | // 使用 ComCtl32.dll 版本 6 或更高版本来启用可视化方式,
44 | //则需要 InitCommonControlsEx()。 否则,将无法创建窗口。
45 | INITCOMMONCONTROLSEX InitCtrls;
46 | InitCtrls.dwSize = sizeof(InitCtrls);
47 | // 将它设置为包括所有要在应用程序中使用的
48 | // 公共控件类。
49 | InitCtrls.dwICC = ICC_WIN95_CLASSES;
50 | InitCommonControlsEx(&InitCtrls);
51 |
52 | CWinApp::InitInstance();
53 |
54 |
55 | AfxEnableControlContainer();
56 |
57 | // 创建 shell 管理器,以防对话框包含
58 | // 任何 shell 树视图控件或 shell 列表视图控件。
59 | CShellManager *pShellManager = new CShellManager;
60 |
61 | // 激活“Windows Native”视觉管理器,以便在 MFC 控件中启用主题
62 | CMFCVisualManager::SetDefaultManager(RUNTIME_CLASS(CMFCVisualManagerWindows));
63 |
64 | // 标准初始化
65 | // 如果未使用这些功能并希望减小
66 | // 最终可执行文件的大小,则应移除下列
67 | // 不需要的特定初始化例程
68 | // 更改用于存储设置的注册表项
69 | // TODO: 应适当修改该字符串,
70 | // 例如修改为公司或组织名
71 | SetRegistryKey(_T("应用程序向导生成的本地应用程序"));
72 |
73 | CWeChatArticleDlg dlg;
74 | m_pMainWnd = &dlg;
75 | INT_PTR nResponse = dlg.DoModal();
76 | if (nResponse == IDOK)
77 | {
78 | // TODO: 在此放置处理何时用
79 | // “确定”来关闭对话框的代码
80 | }
81 | else if (nResponse == IDCANCEL)
82 | {
83 | // TODO: 在此放置处理何时用
84 | // “取消”来关闭对话框的代码
85 | }
86 | else if (nResponse == -1)
87 | {
88 | TRACE(traceAppMsg, 0, "警告: 对话框创建失败,应用程序将意外终止。\n");
89 | TRACE(traceAppMsg, 0, "警告: 如果您在对话框上使用 MFC 控件,则无法 #define _AFX_NO_MFC_CONTROLS_IN_DIALOGS。\n");
90 | }
91 |
92 | // 删除上面创建的 shell 管理器。
93 | if (pShellManager != nullptr)
94 | {
95 | delete pShellManager;
96 | }
97 |
98 | #if !defined(_AFXDLL) && !defined(_AFX_NO_MFC_CONTROLS_IN_DIALOGS)
99 | ControlBarCleanUp();
100 | #endif
101 |
102 | // 由于对话框已关闭,所以将返回 FALSE 以便退出应用程序,
103 | // 而不是启动应用程序的消息泵。
104 | return FALSE;
105 | }
106 |
107 |
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/WeChatArticle.h:
--------------------------------------------------------------------------------
1 |
2 | // WeChatArticle.h: PROJECT_NAME 应用程序的主头文件
3 | //
4 |
5 | #pragma once
6 |
7 | #ifndef __AFXWIN_H__
8 | #error "在包含此文件之前包含“stdafx.h”以生成 PCH 文件"
9 | #endif
10 |
11 | #include "resource.h" // 主符号
12 |
13 |
14 | // CWeChatArticleApp:
15 | // 有关此类的实现,请参阅 WeChatArticle.cpp
16 | //
17 |
18 | class CWeChatArticleApp : public CWinApp
19 | {
20 | public:
21 | CWeChatArticleApp();
22 |
23 | // 重写
24 | public:
25 | virtual BOOL InitInstance();
26 |
27 | // 实现
28 |
29 | DECLARE_MESSAGE_MAP()
30 | };
31 |
32 | extern CWeChatArticleApp theApp;
33 |
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/WeChatArticle.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/打开公众号历史消息/WeChatArticle/WeChatArticle/WeChatArticle.rc
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/WeChatArticle.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 |
18 |
19 | 头文件
20 |
21 |
22 | 头文件
23 |
24 |
25 | 头文件
26 |
27 |
28 | 头文件
29 |
30 |
31 | 头文件
32 |
33 |
34 |
35 |
36 | 源文件
37 |
38 |
39 | 源文件
40 |
41 |
42 | 源文件
43 |
44 |
45 |
46 |
47 | 资源文件
48 |
49 |
50 |
51 |
52 | 资源文件
53 |
54 |
55 |
56 |
57 | 资源文件
58 |
59 |
60 |
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/WeChatArticle.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | WeChatArticle.rc
5 |
6 |
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/WeChatArticleDlg.cpp:
--------------------------------------------------------------------------------
1 |
2 | // WeChatArticleDlg.cpp: 实现文件
3 | //
4 |
5 | #include "stdafx.h"
6 | #include "WeChatArticle.h"
7 | #include "WeChatArticleDlg.h"
8 | #include "afxdialogex.h"
9 | #include
10 |
11 | #ifdef _DEBUG
12 | #define new DEBUG_NEW
13 | #endif
14 |
15 |
16 | // CWeChatArticleDlg 对话框
17 |
18 |
19 |
20 | CWeChatArticleDlg::CWeChatArticleDlg(CWnd* pParent /*=nullptr*/)
21 | : CDialogEx(IDD_WECHATARTICLE_DIALOG, pParent)
22 | {
23 | m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);
24 | }
25 |
26 | void CWeChatArticleDlg::DoDataExchange(CDataExchange* pDX)
27 | {
28 | CDialogEx::DoDataExchange(pDX);
29 | }
30 |
31 | BEGIN_MESSAGE_MAP(CWeChatArticleDlg, CDialogEx)
32 | ON_WM_PAINT()
33 | ON_WM_QUERYDRAGICON()
34 | ON_BN_CLICKED(IDC_BUTTON_OPEN_WECHAT, &CWeChatArticleDlg::OnBnClickedButtonOpenWechat)
35 | ON_BN_CLICKED(IDC_BUTTON_OPEN_ARTIClE, &CWeChatArticleDlg::OnBnClickedButtonOpenArticle)
36 | END_MESSAGE_MAP()
37 |
38 |
39 | // CWeChatArticleDlg 消息处理程序
40 |
41 | BOOL CWeChatArticleDlg::OnInitDialog()
42 | {
43 | CDialogEx::OnInitDialog();
44 |
45 | // 设置此对话框的图标。 当应用程序主窗口不是对话框时,框架将自动
46 | // 执行此操作
47 | SetIcon(m_hIcon, TRUE); // 设置大图标
48 | SetIcon(m_hIcon, FALSE); // 设置小图标
49 |
50 | // TODO: 在此添加额外的初始化代码
51 | srand((unsigned)time(NULL));
52 |
53 | return TRUE; // 除非将焦点设置到控件,否则返回 TRUE
54 | }
55 |
56 | // 如果向对话框添加最小化按钮,则需要下面的代码
57 | // 来绘制该图标。 对于使用文档/视图模型的 MFC 应用程序,
58 | // 这将由框架自动完成。
59 |
60 | void CWeChatArticleDlg::OnPaint()
61 | {
62 | if (IsIconic())
63 | {
64 | CPaintDC dc(this); // 用于绘制的设备上下文
65 |
66 | SendMessage(WM_ICONERASEBKGND, reinterpret_cast(dc.GetSafeHdc()), 0);
67 |
68 | // 使图标在工作区矩形中居中
69 | int cxIcon = GetSystemMetrics(SM_CXICON);
70 | int cyIcon = GetSystemMetrics(SM_CYICON);
71 | CRect rect;
72 | GetClientRect(&rect);
73 | int x = (rect.Width() - cxIcon + 1) / 2;
74 | int y = (rect.Height() - cyIcon + 1) / 2;
75 |
76 | // 绘制图标
77 | dc.DrawIcon(x, y, m_hIcon);
78 | }
79 | else
80 | {
81 | CDialogEx::OnPaint();
82 | }
83 | }
84 |
85 | //当用户拖动最小化窗口时系统调用此函数取得光标
86 | //显示。
87 | HCURSOR CWeChatArticleDlg::OnQueryDragIcon()
88 | {
89 | return static_cast(m_hIcon);
90 | }
91 |
92 |
93 | int GetWeChatPath(WCHAR* Path)
94 | {
95 | int ret = -1;
96 | //HKEY_CURRENT_USER\Software\Tencent\WeChat InstallPath = xx
97 | HKEY hKey = NULL;
98 | if (ERROR_SUCCESS != RegOpenKey(HKEY_CURRENT_USER, L"Software\\Tencent\\WeChat", &hKey))
99 | {
100 | ret = GetLastError();
101 | return ret;
102 | }
103 |
104 | DWORD Type = REG_SZ;
105 | // WCHAR Path[MAX_PATH] = { 0 };
106 | DWORD cbData = MAX_PATH * sizeof(WCHAR);
107 | if (ERROR_SUCCESS != RegQueryValueEx(hKey, L"InstallPath", 0, &Type, (LPBYTE)Path, &cbData))
108 | {
109 | ret = GetLastError();
110 | goto __exit;
111 | }
112 |
113 | PathAppend(Path, L"WeChat.exe");
114 | //PathAppend(Path, L"WeChat.exe");
115 |
116 | __exit:
117 | if (hKey)
118 | {
119 | RegCloseKey(hKey);
120 | }
121 |
122 | return ERROR_SUCCESS;
123 | }
124 |
125 | void CWeChatArticleDlg::OnBnClickedButtonOpenWechat()
126 | {
127 | WCHAR Path[MAX_PATH] = { 0 };
128 | int ret = GetWeChatPath(Path);
129 | if (ERROR_SUCCESS == ret)
130 | {
131 | ShellExecute(NULL, L"open", Path, L"--remote-debugging-port=8200", NULL, SW_SHOW);
132 | }
133 | }
134 |
135 |
136 | void CWeChatArticleDlg::OnBnClickedButtonOpenArticle()
137 | {
138 | CString random;
139 | random.Format(_T("%d"), rand());
140 |
141 | CInternetSession session(NULL, 0);
142 | CHttpFile* htmlFile = NULL;
143 |
144 | CString strLine, strHtml;
145 | CString url = _T("http://localhost:8200/json?") + random;
146 | TCHAR sRecv[1024];
147 | UINT CodePage = 65001;//CP_UTF8:65001 CP_ACP:0
148 | strHtml = _T("");
149 | //获取网页源码
150 | htmlFile = (CHttpFile*)session.OpenURL(url);//重新打开连接
151 | DWORD dwStatusCode; //接受请求返回值
152 | htmlFile->QueryInfoStatusCode(dwStatusCode);
153 | if (dwStatusCode == HTTP_STATUS_OK)
154 | {
155 | while (htmlFile->ReadString(sRecv, 1024))
156 | {
157 | // 编码转换,可解决中文乱码问题
158 | //gb2312转为unicode,则用CP_ACP
159 | //gbk转为unicode,也用CP_ACP
160 | //utf-8转为unicode,则用CP_UTF8
161 | int nBufferSize = MultiByteToWideChar(CodePage, 0, (LPCSTR)sRecv, -1, NULL, 0);
162 |
163 | wchar_t *pBuffer = new wchar_t[nBufferSize + 1];
164 | memset(pBuffer, 0, (nBufferSize + 1) * sizeof(wchar_t));
165 |
166 | //gb2312转为unicode,则用CP_ACP
167 | //gbk转为unicode,也用CP_ACP
168 | //utf-8转为unicode,则用CP_UTF8
169 | MultiByteToWideChar(CodePage, 0, (LPCSTR)sRecv, -1, pBuffer, nBufferSize * sizeof(wchar_t));
170 |
171 | strHtml += pBuffer;
172 | strHtml += "\r\n";
173 | delete pBuffer;
174 | }
175 |
176 | int begin = strHtml.Find(L"https");
177 | if (begin >= 0)
178 | {
179 | int end = strHtml.Find(L"\"", begin);
180 | if (end >= 0)
181 | {
182 | CString articleUrl = strHtml.Mid(begin, end-begin);
183 | OutputDebugString(articleUrl);
184 | ShellExecute(0, NULL, articleUrl, NULL, NULL, SW_NORMAL);
185 | }
186 | }
187 | }
188 |
189 | htmlFile->Close();
190 | session.Close();
191 | delete htmlFile;
192 | }
193 |
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/WeChatArticleDlg.h:
--------------------------------------------------------------------------------
1 |
2 | // WeChatArticleDlg.h: 头文件
3 | //
4 |
5 | #pragma once
6 |
7 |
8 | // CWeChatArticleDlg 对话框
9 | class CWeChatArticleDlg : public CDialogEx
10 | {
11 | // 构造
12 | public:
13 | CWeChatArticleDlg(CWnd* pParent = nullptr); // 标准构造函数
14 |
15 | // 对话框数据
16 | #ifdef AFX_DESIGN_TIME
17 | enum { IDD = IDD_WECHATARTICLE_DIALOG };
18 | #endif
19 |
20 | protected:
21 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
22 |
23 |
24 | // 实现
25 | protected:
26 | HICON m_hIcon;
27 |
28 | // 生成的消息映射函数
29 | virtual BOOL OnInitDialog();
30 | afx_msg void OnPaint();
31 | afx_msg HCURSOR OnQueryDragIcon();
32 | DECLARE_MESSAGE_MAP()
33 | public:
34 | afx_msg void OnBnClickedButtonOpenWechat();
35 | afx_msg void OnBnClickedButtonOpenArticle();
36 | };
37 |
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/res/WeChatArticle.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/打开公众号历史消息/WeChatArticle/WeChatArticle/res/WeChatArticle.ico
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/res/WeChatArticle.rc2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/打开公众号历史消息/WeChatArticle/WeChatArticle/res/WeChatArticle.rc2
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/resource.h:
--------------------------------------------------------------------------------
1 | //{{NO_DEPENDENCIES}}
2 | // Microsoft Visual C++ 生成的包含文件。
3 | // 供 WeChatArticle.rc 使用
4 | //
5 | #define IDD_WECHATARTICLE_DIALOG 102
6 | #define IDR_MAINFRAME 128
7 | #define IDC_BUTTON_OPEN_WECHAT 1000
8 | #define IDC_BUTTON_OPEN_ARTIClE 1001
9 |
10 | // Next default values for new objects
11 | //
12 | #ifdef APSTUDIO_INVOKED
13 | #ifndef APSTUDIO_READONLY_SYMBOLS
14 | #define _APS_NEXT_RESOURCE_VALUE 130
15 | #define _APS_NEXT_COMMAND_VALUE 32771
16 | #define _APS_NEXT_CONTROL_VALUE 1002
17 | #define _APS_NEXT_SYMED_VALUE 101
18 | #endif
19 | #endif
20 |
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/stdafx.cpp:
--------------------------------------------------------------------------------
1 |
2 | // stdafx.cpp : 只包括标准包含文件的源文件
3 | // WeChatArticle.pch 将作为预编译标头
4 | // stdafx.obj 将包含预编译类型信息
5 |
6 | #include "stdafx.h"
7 |
8 |
9 |
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/stdafx.h:
--------------------------------------------------------------------------------
1 |
2 | // stdafx.h : 标准系统包含文件的包含文件,
3 | // 或是经常使用但不常更改的
4 | // 特定于项目的包含文件
5 |
6 | #pragma once
7 |
8 | #ifndef VC_EXTRALEAN
9 | #define VC_EXTRALEAN // 从 Windows 头中排除极少使用的资料
10 | #endif
11 |
12 | #include "targetver.h"
13 |
14 | #define _ATL_CSTRING_EXPLICIT_CONSTRUCTORS // 某些 CString 构造函数将是显式的
15 |
16 | // 关闭 MFC 对某些常见但经常可放心忽略的警告消息的隐藏
17 | #define _AFX_ALL_WARNINGS
18 |
19 | #include // MFC 核心组件和标准组件
20 | #include // MFC 扩展
21 |
22 |
23 | #include // MFC 自动化类
24 |
25 |
26 |
27 | #ifndef _AFX_NO_OLE_SUPPORT
28 | #include // MFC 对 Internet Explorer 4 公共控件的支持
29 | #endif
30 | #ifndef _AFX_NO_AFXCMN_SUPPORT
31 | #include // MFC 对 Windows 公共控件的支持
32 | #endif // _AFX_NO_AFXCMN_SUPPORT
33 |
34 | #include // 功能区和控件条的 MFC 支持
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 | #ifdef _UNICODE
45 | #if defined _M_IX86
46 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='x86' publicKeyToken='6595b64144ccf1df' language='*'\"")
47 | #elif defined _M_X64
48 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='amd64' publicKeyToken='6595b64144ccf1df' language='*'\"")
49 | #else
50 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='*' publicKeyToken='6595b64144ccf1df' language='*'\"")
51 | #endif
52 | #endif
53 |
54 |
55 |
--------------------------------------------------------------------------------
/打开公众号历史消息/WeChatArticle/WeChatArticle/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | // 包括 SDKDDKVer.h 将定义可用的最高版本的 Windows 平台。
4 |
5 | // 如果要为以前的 Windows 平台生成应用程序,请包括 WinSDKVer.h,并将
6 | // 将 _WIN32_WINNT 宏设置为要支持的平台,然后再包括 SDKDDKVer.h。
7 |
8 | #include
9 |
--------------------------------------------------------------------------------
/打开公众号历史消息/使用说明书.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/打开公众号历史消息/使用说明书.docx
--------------------------------------------------------------------------------
/打开公众号历史消息/成品/Debug/WeChatArticle.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/打开公众号历史消息/成品/Debug/WeChatArticle.exe
--------------------------------------------------------------------------------
/打开公众号历史消息/成品/Release/WeChatArticle.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/打开公众号历史消息/成品/Release/WeChatArticle.exe
--------------------------------------------------------------------------------
/打开微信文章.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/打开微信文章.png
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 15
4 | VisualStudioVersion = 15.0.28307.902
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "WechatClearContact", "WechatClearContact\WechatClearContact.vcxproj", "{79181664-F9E7-47A5-8058-85B364957317}"
7 | EndProject
8 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "WechatClearContactDLL", "WechatClearContactDLL\WechatClearContactDLL.vcxproj", "{C723FC30-A819-4668-95BF-4F0B6B620B0C}"
9 | EndProject
10 | Global
11 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
12 | Debug|x64 = Debug|x64
13 | Debug|x86 = Debug|x86
14 | Release|x64 = Release|x64
15 | Release|x86 = Release|x86
16 | EndGlobalSection
17 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
18 | {79181664-F9E7-47A5-8058-85B364957317}.Debug|x64.ActiveCfg = Debug|x64
19 | {79181664-F9E7-47A5-8058-85B364957317}.Debug|x64.Build.0 = Debug|x64
20 | {79181664-F9E7-47A5-8058-85B364957317}.Debug|x86.ActiveCfg = Debug|Win32
21 | {79181664-F9E7-47A5-8058-85B364957317}.Debug|x86.Build.0 = Debug|Win32
22 | {79181664-F9E7-47A5-8058-85B364957317}.Release|x64.ActiveCfg = Release|x64
23 | {79181664-F9E7-47A5-8058-85B364957317}.Release|x64.Build.0 = Release|x64
24 | {79181664-F9E7-47A5-8058-85B364957317}.Release|x86.ActiveCfg = Release|Win32
25 | {79181664-F9E7-47A5-8058-85B364957317}.Release|x86.Build.0 = Release|Win32
26 | {C723FC30-A819-4668-95BF-4F0B6B620B0C}.Debug|x64.ActiveCfg = Debug|x64
27 | {C723FC30-A819-4668-95BF-4F0B6B620B0C}.Debug|x64.Build.0 = Debug|x64
28 | {C723FC30-A819-4668-95BF-4F0B6B620B0C}.Debug|x86.ActiveCfg = Debug|Win32
29 | {C723FC30-A819-4668-95BF-4F0B6B620B0C}.Debug|x86.Build.0 = Debug|Win32
30 | {C723FC30-A819-4668-95BF-4F0B6B620B0C}.Release|x64.ActiveCfg = Release|x64
31 | {C723FC30-A819-4668-95BF-4F0B6B620B0C}.Release|x64.Build.0 = Release|x64
32 | {C723FC30-A819-4668-95BF-4F0B6B620B0C}.Release|x86.ActiveCfg = Release|Win32
33 | {C723FC30-A819-4668-95BF-4F0B6B620B0C}.Release|x86.Build.0 = Release|Win32
34 | EndGlobalSection
35 | GlobalSection(SolutionProperties) = preSolution
36 | HideSolutionNode = FALSE
37 | EndGlobalSection
38 | GlobalSection(ExtensibilityGlobals) = postSolution
39 | SolutionGuid = {4DBF16B8-407E-4C6E-84BA-236DC317072D}
40 | EndGlobalSection
41 | EndGlobal
42 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/Cmd.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContact/Cmd.cpp
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/Cmd.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | #include
3 | using namespace std;
4 |
5 | #pragma once
6 | #include
7 | using namespace std;
8 |
9 | #define SLAVE_NAME "Slave"
10 | #define MASTER_NAME "Master"
11 |
12 | #define CT_CONTACT_LIST 1
13 | #define CT_CONTACT_CHECK 2
14 | #define CT_FRIEND_DEL 3
15 |
16 | struct ContactInfoStruct
17 | {
18 | wchar_t wcWxId[80];
19 | wchar_t wcWxName[80];
20 | wchar_t wcCheckResult[80];
21 | };
22 |
23 | struct FriendOperStruct
24 | {
25 | wchar_t wcWxId[80];
26 | wchar_t param[50];
27 | };
28 |
29 | void SendCmdToSlave(ULONG_PTR dwData, DWORD cbData, PVOID lpData);
30 | void DealCmdFromSlave(ULONG_PTR dwData, DWORD cbData, PVOID lpData);
31 |
32 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/Inject.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContact/Inject.cpp
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/Inject.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContact/Inject.h
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/WechatClearContact.aps:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContact/WechatClearContact.aps
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/WechatClearContact.cpp:
--------------------------------------------------------------------------------
1 |
2 | // WechatClearContact.cpp: 定义应用程序的类行为。
3 | //
4 |
5 | #include "stdafx.h"
6 | #include "WechatClearContact.h"
7 | #include "WechatClearContactDlg.h"
8 |
9 | #ifdef _DEBUG
10 | #define new DEBUG_NEW
11 | #endif
12 |
13 |
14 | // CWechatClearContactApp
15 |
16 | BEGIN_MESSAGE_MAP(CWechatClearContactApp, CWinApp)
17 | ON_COMMAND(ID_HELP, &CWinApp::OnHelp)
18 | END_MESSAGE_MAP()
19 |
20 |
21 | // CWechatClearContactApp 构造
22 |
23 | CWechatClearContactApp::CWechatClearContactApp()
24 | {
25 | // 支持重新启动管理器
26 | m_dwRestartManagerSupportFlags = AFX_RESTART_MANAGER_SUPPORT_RESTART;
27 |
28 | // TODO: 在此处添加构造代码,
29 | // 将所有重要的初始化放置在 InitInstance 中
30 | }
31 |
32 |
33 | // 唯一的 CWechatClearContactApp 对象
34 |
35 | CWechatClearContactApp theApp;
36 |
37 |
38 | // CWechatClearContactApp 初始化
39 |
40 | BOOL CWechatClearContactApp::InitInstance()
41 | {
42 | // 如果一个运行在 Windows XP 上的应用程序清单指定要
43 | // 使用 ComCtl32.dll 版本 6 或更高版本来启用可视化方式,
44 | //则需要 InitCommonControlsEx()。 否则,将无法创建窗口。
45 | INITCOMMONCONTROLSEX InitCtrls;
46 | InitCtrls.dwSize = sizeof(InitCtrls);
47 | // 将它设置为包括所有要在应用程序中使用的
48 | // 公共控件类。
49 | InitCtrls.dwICC = ICC_WIN95_CLASSES;
50 | InitCommonControlsEx(&InitCtrls);
51 |
52 | CWinApp::InitInstance();
53 |
54 |
55 | AfxEnableControlContainer();
56 |
57 | // 创建 shell 管理器,以防对话框包含
58 | // 任何 shell 树视图控件或 shell 列表视图控件。
59 | CShellManager *pShellManager = new CShellManager;
60 |
61 | // 激活“Windows Native”视觉管理器,以便在 MFC 控件中启用主题
62 | CMFCVisualManager::SetDefaultManager(RUNTIME_CLASS(CMFCVisualManagerWindows));
63 |
64 | // 标准初始化
65 | // 如果未使用这些功能并希望减小
66 | // 最终可执行文件的大小,则应移除下列
67 | // 不需要的特定初始化例程
68 | // 更改用于存储设置的注册表项
69 | // TODO: 应适当修改该字符串,
70 | // 例如修改为公司或组织名
71 | SetRegistryKey(_T("应用程序向导生成的本地应用程序"));
72 |
73 | CWechatClearContactDlg dlg;
74 | m_pMainWnd = &dlg;
75 | INT_PTR nResponse = dlg.DoModal();
76 | if (nResponse == IDOK)
77 | {
78 | // TODO: 在此放置处理何时用
79 | // “确定”来关闭对话框的代码
80 | }
81 | else if (nResponse == IDCANCEL)
82 | {
83 | // TODO: 在此放置处理何时用
84 | // “取消”来关闭对话框的代码
85 | }
86 | else if (nResponse == -1)
87 | {
88 | TRACE(traceAppMsg, 0, "警告: 对话框创建失败,应用程序将意外终止。\n");
89 | TRACE(traceAppMsg, 0, "警告: 如果您在对话框上使用 MFC 控件,则无法 #define _AFX_NO_MFC_CONTROLS_IN_DIALOGS。\n");
90 | }
91 |
92 | // 删除上面创建的 shell 管理器。
93 | if (pShellManager != nullptr)
94 | {
95 | delete pShellManager;
96 | }
97 |
98 | #if !defined(_AFXDLL) && !defined(_AFX_NO_MFC_CONTROLS_IN_DIALOGS)
99 | ControlBarCleanUp();
100 | #endif
101 |
102 | // 由于对话框已关闭,所以将返回 FALSE 以便退出应用程序,
103 | // 而不是启动应用程序的消息泵。
104 | return FALSE;
105 | }
106 |
107 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/WechatClearContact.h:
--------------------------------------------------------------------------------
1 |
2 | // WechatClearContact.h: PROJECT_NAME 应用程序的主头文件
3 | //
4 |
5 | #pragma once
6 |
7 | #ifndef __AFXWIN_H__
8 | #error "在包含此文件之前包含“stdafx.h”以生成 PCH 文件"
9 | #endif
10 |
11 | #include "resource.h" // 主符号
12 |
13 |
14 | // CWechatClearContactApp:
15 | // 有关此类的实现,请参阅 WechatClearContact.cpp
16 | //
17 |
18 | class CWechatClearContactApp : public CWinApp
19 | {
20 | public:
21 | CWechatClearContactApp();
22 |
23 | // 重写
24 | public:
25 | virtual BOOL InitInstance();
26 |
27 | // 实现
28 |
29 | DECLARE_MESSAGE_MAP()
30 | };
31 |
32 | extern CWechatClearContactApp theApp;
33 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/WechatClearContact.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContact/WechatClearContact.rc
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/WechatClearContact.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 | {b9b1347b-d952-4104-9915-485b66f9cdde}
18 |
19 |
20 |
21 |
22 | 头文件
23 |
24 |
25 | 头文件
26 |
27 |
28 | 头文件
29 |
30 |
31 | 头文件
32 |
33 |
34 | 头文件
35 |
36 |
37 | 功能库
38 |
39 |
40 | 功能库
41 |
42 |
43 |
44 |
45 | 源文件
46 |
47 |
48 | 源文件
49 |
50 |
51 | 源文件
52 |
53 |
54 | 功能库
55 |
56 |
57 | 功能库
58 |
59 |
60 |
61 |
62 | 资源文件
63 |
64 |
65 |
66 |
67 | 资源文件
68 |
69 |
70 |
71 |
72 | 资源文件
73 |
74 |
75 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/WechatClearContact.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | WechatClearContact.rc
5 |
6 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/WechatClearContactDlg.h:
--------------------------------------------------------------------------------
1 |
2 | // WechatClearContactDlg.h: 头文件
3 | //
4 |
5 | #pragma once
6 |
7 |
8 | // CWechatClearContactDlg 对话框
9 | class CWechatClearContactDlg : public CDialogEx
10 | {
11 | // 构造
12 | public:
13 | CWechatClearContactDlg(CWnd* pParent = nullptr); // 标准构造函数
14 |
15 | // 对话框数据
16 | #ifdef AFX_DESIGN_TIME
17 | enum { IDD = IDD_WECHATCLEARCONTACT_DIALOG };
18 | #endif
19 |
20 | protected:
21 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
22 |
23 |
24 | // 实现
25 | protected:
26 | HICON m_hIcon;
27 |
28 | // 生成的消息映射函数
29 | virtual BOOL OnInitDialog();
30 | afx_msg void OnPaint();
31 | afx_msg HCURSOR OnQueryDragIcon();
32 | DECLARE_MESSAGE_MAP()
33 | public:
34 | CListCtrl m_ContactList;
35 | CProgressCtrl m_progressVerify;
36 | CProgressCtrl m_progressClear;
37 | int m_posVerify;
38 | int m_posClear;
39 | afx_msg void OnBnClickedButtonWechat();
40 | afx_msg BOOL OnCopyData(CWnd* pWnd, COPYDATASTRUCT* pCopyDataStruct);
41 | void UpdateProgress();
42 | afx_msg void OnBnClickedButtonAllVerify();
43 | afx_msg void OnBnClickedButtonClear();
44 | afx_msg void OnHScroll(UINT nSBCode, UINT nPos, CScrollBar* pScrollBar);
45 | CEdit m_editVerifyMin;
46 | CEdit m_editVerifyMax;
47 | CEdit m_editClearMin;
48 | CEdit m_editClearMax;
49 | afx_msg void OnTimer(UINT_PTR nIDEvent);
50 | };
51 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/res/WechatClearContact.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContact/res/WechatClearContact.ico
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/res/WechatClearContact.rc2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContact/res/WechatClearContact.rc2
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/resource.h:
--------------------------------------------------------------------------------
1 | //{{NO_DEPENDENCIES}}
2 | // Microsoft Visual C++ 生成的包含文件。
3 | // 供 WechatClearContact.rc 使用
4 | //
5 | #define IDD_WECHATCLEARCONTACT_DIALOG 102
6 | #define IDR_MAINFRAME 128
7 | #define IDC_LIST_CONTACTS 1000
8 | #define IDC_BUTTON_ALL_VERIFY 1001
9 | #define IDC_BUTTON_CLEAR 1002
10 | #define IDC_SLIDER_VERIFY 1003
11 | #define IDC_SLIDER_CLEAR 1004
12 | #define IDC_PROGRESS_VERIFY 1005
13 | #define IDC_PROGRESS_CLEAR 1006
14 | #define IDC_BUTTON_WECHAT 1007
15 | #define IDC_STATIC_PROGRESS_VERIFY 1008
16 | #define IDC_STATIC_VERIFY_INTERVAL 1009
17 | #define IDC_STATIC_PROGRESS_CLEAR 1010
18 | #define IDC_STATIC_CLEAR_INTERVAL 1011
19 | #define IDC_EDIT_VERIFY_MIN 1012
20 | #define IDC_EDIT_VERIFY_MAX 1013
21 | #define IDC_EDIT_CLEAR_MIN 1014
22 | #define IDC_EDIT4 1015
23 | #define IDC_EDIT_CLEAR_MAX 1015
24 |
25 | // Next default values for new objects
26 | //
27 | #ifdef APSTUDIO_INVOKED
28 | #ifndef APSTUDIO_READONLY_SYMBOLS
29 | #define _APS_NEXT_RESOURCE_VALUE 130
30 | #define _APS_NEXT_COMMAND_VALUE 32771
31 | #define _APS_NEXT_CONTROL_VALUE 1016
32 | #define _APS_NEXT_SYMED_VALUE 101
33 | #endif
34 | #endif
35 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/stdafx.cpp:
--------------------------------------------------------------------------------
1 |
2 | // stdafx.cpp : 只包括标准包含文件的源文件
3 | // WechatClearContact.pch 将作为预编译标头
4 | // stdafx.obj 将包含预编译类型信息
5 |
6 | #include "stdafx.h"
7 |
8 |
9 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/stdafx.h:
--------------------------------------------------------------------------------
1 |
2 | // stdafx.h : 标准系统包含文件的包含文件,
3 | // 或是经常使用但不常更改的
4 | // 特定于项目的包含文件
5 |
6 | #pragma once
7 |
8 | #ifndef VC_EXTRALEAN
9 | #define VC_EXTRALEAN // 从 Windows 头中排除极少使用的资料
10 | #endif
11 |
12 | #include "targetver.h"
13 |
14 | #define _ATL_CSTRING_EXPLICIT_CONSTRUCTORS // 某些 CString 构造函数将是显式的
15 |
16 | // 关闭 MFC 对某些常见但经常可放心忽略的警告消息的隐藏
17 | #define _AFX_ALL_WARNINGS
18 |
19 | #include // MFC 核心组件和标准组件
20 | #include // MFC 扩展
21 |
22 |
23 | #include // MFC 自动化类
24 |
25 |
26 |
27 | #ifndef _AFX_NO_OLE_SUPPORT
28 | #include // MFC 对 Internet Explorer 4 公共控件的支持
29 | #endif
30 | #ifndef _AFX_NO_AFXCMN_SUPPORT
31 | #include // MFC 对 Windows 公共控件的支持
32 | #endif // _AFX_NO_AFXCMN_SUPPORT
33 |
34 | #include // 功能区和控件条的 MFC 支持
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 | #ifdef _UNICODE
45 | #if defined _M_IX86
46 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='x86' publicKeyToken='6595b64144ccf1df' language='*'\"")
47 | #elif defined _M_X64
48 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='amd64' publicKeyToken='6595b64144ccf1df' language='*'\"")
49 | #else
50 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='*' publicKeyToken='6595b64144ccf1df' language='*'\"")
51 | #endif
52 | #endif
53 |
54 |
55 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContact/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | // 包括 SDKDDKVer.h 将定义可用的最高版本的 Windows 平台。
4 |
5 | // 如果要为以前的 Windows 平台生成应用程序,请包括 WinSDKVer.h,并将
6 | // 将 _WIN32_WINNT 宏设置为要支持的平台,然后再包括 SDKDDKVer.h。
7 |
8 | #include
9 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/Cmd.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContactDLL/Cmd.cpp
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/Cmd.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | #include
3 | using namespace std;
4 |
5 | #define SLAVE_NAME "Slave"
6 | #define MASTER_NAME "Master"
7 |
8 | #define CT_CONTACT_LIST 1
9 | #define CT_CONTACT_CHECK 2
10 | #define CT_FRIEND_DEL 3
11 |
12 |
13 | struct ContactInfoStruct
14 | {
15 | wchar_t wcWxId[80];
16 | wchar_t wcWxName[80];
17 | wchar_t wcCheckResult[80];
18 | };
19 |
20 | struct FriendOperStruct
21 | {
22 | wchar_t wcWxId[80];
23 | wchar_t param[50];
24 | };
25 |
26 | void SendCmdToMaster(ULONG_PTR dwData, DWORD cbData, PVOID lpData);
27 | void DealCmdFromMaster(ULONG_PTR dwData, DWORD cbData, PVOID lpData);
28 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/Contacts.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContactDLL/Contacts.cpp
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/Contacts.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContactDLL/Contacts.h
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/Friend.cpp:
--------------------------------------------------------------------------------
1 | #include "stdafx.h"
2 | #include "Friend.h"
3 | #include "Util.h"
4 |
5 | void DelFriend(wchar_t* wxid)
6 | {
7 | DWORD delFriendCallAddr = GetWeChatWinBaseAddress() + OFFSET_FRIEND_DEL_FRIEND;
8 |
9 | struct WxStringFill2
10 | {
11 | const wchar_t* buffer;
12 | int size;
13 | int capacity;
14 | int fill[2];
15 | };
16 |
17 | wstring wsWxId = wxid;
18 | WxStringFill2 wxWxId = { 0 };
19 | wxWxId.buffer = wsWxId.c_str();
20 | wxWxId.size = wsWxId.size();
21 | wxWxId.capacity = wsWxId.capacity();
22 |
23 | __asm {
24 | mov ecx, 0;
25 | push ecx;
26 | lea edi, wxWxId;
27 | push edi;
28 | call delFriendCallAddr;
29 | }
30 | }
31 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/Friend.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContactDLL/Friend.h
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/Message.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContactDLL/Message.cpp
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/Message.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContactDLL/Message.h
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/Util.cpp:
--------------------------------------------------------------------------------
1 | #include "stdafx.h"
2 | #include
3 | #include "Util.h"
4 |
5 |
6 | DWORD GetWeChatWinBaseAddress()
7 | {
8 | DWORD baseAddress = 0;
9 |
10 | baseAddress = (DWORD)GetModuleHandle(L"WeChatWin.dll");
11 |
12 | return baseAddress;
13 | }
14 |
15 | wstring GetWStringByAddress(DWORD memoryAddress)
16 | {
17 | wstring message;
18 |
19 | DWORD msgLength = *(DWORD*)(memoryAddress + 4);
20 | if (msgLength > 0) {
21 | WCHAR* msg = new WCHAR[msgLength + 1]{ 0 };
22 |
23 | try {
24 | wmemcpy_s(msg, msgLength + 1, (WCHAR*)(*(DWORD*)memoryAddress), msgLength + 1);
25 | message = msg;
26 | }
27 | catch(...)
28 | {
29 |
30 | }
31 |
32 | delete[]msg;
33 | }
34 |
35 | return message;
36 | }
37 |
38 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/Util.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | #include
3 | using namespace std;
4 |
5 | DWORD GetWeChatWinBaseAddress();
6 | wstring GetWStringByAddress(DWORD memAddress);
7 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/VerifyUser.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContactDLL/VerifyUser.cpp
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/VerifyUser.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | VOID HookVerifyUserResult();
3 | VOID UnHookVerifyUserResult();
4 | VOID StartVerifyUser(wchar_t* pWxid);
5 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/WechatClearContactDLL.cpp:
--------------------------------------------------------------------------------
1 | // WechatClearContactDLL.cpp : 定义 DLL 应用程序的导出函数。
2 | //
3 |
4 | #include "stdafx.h"
5 |
6 |
7 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/WechatClearContactDLL.vcxproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | Win32
7 |
8 |
9 | Release
10 | Win32
11 |
12 |
13 | Debug
14 | x64
15 |
16 |
17 | Release
18 | x64
19 |
20 |
21 |
22 | 15.0
23 | {C723FC30-A819-4668-95BF-4F0B6B620B0C}
24 | Win32Proj
25 | WechatClearContactDLL
26 | 10.0.17763.0
27 |
28 |
29 |
30 | DynamicLibrary
31 | true
32 | v141
33 | Unicode
34 |
35 |
36 | DynamicLibrary
37 | false
38 | v141
39 | true
40 | Unicode
41 |
42 |
43 | DynamicLibrary
44 | true
45 | v141
46 | Unicode
47 |
48 |
49 | DynamicLibrary
50 | false
51 | v141
52 | true
53 | Unicode
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 | true
75 |
76 |
77 | true
78 |
79 |
80 | false
81 |
82 |
83 | false
84 |
85 |
86 |
87 | Use
88 | Level3
89 | Disabled
90 | true
91 | WIN32;_DEBUG;WECHATCLEARCONTACTDLL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
92 | true
93 | MultiThreaded
94 |
95 |
96 | Windows
97 | true
98 |
99 |
100 |
101 |
102 | Use
103 | Level3
104 | Disabled
105 | true
106 | _DEBUG;WECHATCLEARCONTACTDLL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
107 | true
108 |
109 |
110 | Windows
111 | true
112 |
113 |
114 |
115 |
116 | Use
117 | Level3
118 | Disabled
119 | true
120 | true
121 | true
122 | WIN32;NDEBUG;WECHATCLEARCONTACTDLL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
123 | true
124 | MultiThreaded
125 |
126 |
127 | Windows
128 | true
129 | true
130 | true
131 |
132 |
133 |
134 |
135 | Use
136 | Level3
137 | MaxSpeed
138 | true
139 | true
140 | true
141 | NDEBUG;WECHATCLEARCONTACTDLL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
142 | true
143 |
144 |
145 | Windows
146 | true
147 | true
148 | true
149 |
150 |
151 |
152 |
153 |
154 |
155 |
156 |
157 |
158 |
159 |
160 |
161 |
162 |
163 |
164 |
165 |
166 |
167 | Create
168 | Create
169 | Create
170 | Create
171 |
172 |
173 |
174 |
175 |
176 |
177 |
178 |
179 |
180 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/WechatClearContactDLL.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 | {8e282709-bff7-453b-b707-cc22fa700e4d}
18 |
19 |
20 |
21 |
22 | 头文件
23 |
24 |
25 | 头文件
26 |
27 |
28 | 功能库
29 |
30 |
31 | 功能库
32 |
33 |
34 | 功能库
35 |
36 |
37 | 功能库
38 |
39 |
40 | 功能库
41 |
42 |
43 | 功能库
44 |
45 |
46 |
47 |
48 | 源文件
49 |
50 |
51 | 源文件
52 |
53 |
54 | 源文件
55 |
56 |
57 | 功能库
58 |
59 |
60 | 功能库
61 |
62 |
63 | 功能库
64 |
65 |
66 | 功能库
67 |
68 |
69 | 功能库
70 |
71 |
72 | 功能库
73 |
74 |
75 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/WechatClearContactDLL.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/Wnd.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContactDLL/Wnd.cpp
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/Wnd.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/WechatClearContactDLL/Wnd.h
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/dllmain.cpp:
--------------------------------------------------------------------------------
1 | // dllmain.cpp : 定义 DLL 应用程序的入口点。
2 | #include "stdafx.h"
3 | #include "Wnd.h"
4 | #include "VerifyUser.h"
5 |
6 | BOOL APIENTRY DllMain( HMODULE hModule,
7 | DWORD ul_reason_for_call,
8 | LPVOID lpReserved
9 | )
10 | {
11 | switch (ul_reason_for_call)
12 | {
13 | case DLL_PROCESS_ATTACH:
14 | {
15 | CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)InitMsgWnd, hModule, 0, NULL);
16 | }
17 | break;
18 | case DLL_PROCESS_DETACH:
19 | {
20 | UnHookVerifyUserResult();
21 | }
22 | break;
23 | case DLL_THREAD_ATTACH:
24 | case DLL_THREAD_DETACH:
25 | break;
26 | }
27 | return TRUE;
28 | }
29 |
30 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/stdafx.cpp:
--------------------------------------------------------------------------------
1 | #include "stdafx.h"
2 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/stdafx.h:
--------------------------------------------------------------------------------
1 | // stdafx.h: 标准系统包含文件的包含文件,
2 | // 或是经常使用但不常更改的
3 | // 项目特定的包含文件
4 | //
5 |
6 | #pragma once
7 |
8 | #include "targetver.h"
9 |
10 | #define WIN32_LEAN_AND_MEAN // 从 Windows 头文件中排除极少使用的内容
11 | // Windows 头文件
12 | #include
13 |
14 |
15 |
16 | // 在此处引用程序需要的其他标头
17 |
--------------------------------------------------------------------------------
/无痕清粉-注入/WechatClearContactDLL/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | // 包括 SDKDDKVer.h 将定义可用的最高版本的 Windows 平台。
4 |
5 | // 如果要为以前的 Windows 平台生成应用程序,请包括 WinSDKVer.h,并
6 | // 将 _WIN32_WINNT 宏设置为要支持的平台,然后再包括 SDKDDKVer.h。
7 |
8 | #include
9 |
--------------------------------------------------------------------------------
/无痕清粉-注入/成品/WechatClearContact.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/成品/WechatClearContact.exe
--------------------------------------------------------------------------------
/无痕清粉-注入/成品/WechatClearContactDLL.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉-注入/成品/WechatClearContactDLL.dll
--------------------------------------------------------------------------------
/无痕清粉效果图.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/无痕清粉效果图.png
--------------------------------------------------------------------------------
/最终demo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/最终demo.png
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/DLLGetUserInfo/DLLGetUserInfo.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 15
4 | VisualStudioVersion = 15.0.28307.902
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DLLGetUserInfo", "DLLGetUserInfo\DLLGetUserInfo.vcxproj", "{D4B23420-D9DD-4728-8208-76379FFA4ED7}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|x64 = Debug|x64
11 | Debug|x86 = Debug|x86
12 | Release|x64 = Release|x64
13 | Release|x86 = Release|x86
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {D4B23420-D9DD-4728-8208-76379FFA4ED7}.Debug|x64.ActiveCfg = Debug|x64
17 | {D4B23420-D9DD-4728-8208-76379FFA4ED7}.Debug|x64.Build.0 = Debug|x64
18 | {D4B23420-D9DD-4728-8208-76379FFA4ED7}.Debug|x86.ActiveCfg = Debug|Win32
19 | {D4B23420-D9DD-4728-8208-76379FFA4ED7}.Debug|x86.Build.0 = Debug|Win32
20 | {D4B23420-D9DD-4728-8208-76379FFA4ED7}.Release|x64.ActiveCfg = Release|x64
21 | {D4B23420-D9DD-4728-8208-76379FFA4ED7}.Release|x64.Build.0 = Release|x64
22 | {D4B23420-D9DD-4728-8208-76379FFA4ED7}.Release|x86.ActiveCfg = Release|Win32
23 | {D4B23420-D9DD-4728-8208-76379FFA4ED7}.Release|x86.Build.0 = Release|Win32
24 | EndGlobalSection
25 | GlobalSection(SolutionProperties) = preSolution
26 | HideSolutionNode = FALSE
27 | EndGlobalSection
28 | GlobalSection(ExtensibilityGlobals) = postSolution
29 | SolutionGuid = {0797A6D8-09BA-40B5-9766-AB5BE46CC82B}
30 | EndGlobalSection
31 | EndGlobal
32 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/DLLGetUserInfo/DLLGetUserInfo/DLLGetUserInfo.cpp:
--------------------------------------------------------------------------------
1 | // DLLGetUserInfo.cpp : 定义 DLL 应用程序的导出函数。
2 | //
3 |
4 | #include "stdafx.h"
5 |
6 |
7 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/DLLGetUserInfo/DLLGetUserInfo/DLLGetUserInfo.vcxproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | Win32
7 |
8 |
9 | Release
10 | Win32
11 |
12 |
13 | Debug
14 | x64
15 |
16 |
17 | Release
18 | x64
19 |
20 |
21 |
22 | 15.0
23 | {D4B23420-D9DD-4728-8208-76379FFA4ED7}
24 | Win32Proj
25 | DLLGetUserInfo
26 | 10.0.17763.0
27 |
28 |
29 |
30 | DynamicLibrary
31 | true
32 | v141
33 | Unicode
34 |
35 |
36 | DynamicLibrary
37 | false
38 | v141
39 | true
40 | Unicode
41 |
42 |
43 | DynamicLibrary
44 | true
45 | v141
46 | Unicode
47 |
48 |
49 | DynamicLibrary
50 | false
51 | v141
52 | true
53 | Unicode
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 | true
75 |
76 |
77 | true
78 |
79 |
80 | false
81 |
82 |
83 | false
84 |
85 |
86 |
87 | Use
88 | Level3
89 | Disabled
90 | true
91 | WIN32;_DEBUG;DLLGETUSERINFO_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
92 | true
93 |
94 |
95 | Windows
96 | true
97 |
98 |
99 |
100 |
101 | Use
102 | Level3
103 | Disabled
104 | true
105 | _DEBUG;DLLGETUSERINFO_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
106 | true
107 |
108 |
109 | Windows
110 | true
111 |
112 |
113 |
114 |
115 | Use
116 | Level3
117 | MaxSpeed
118 | true
119 | true
120 | true
121 | WIN32;NDEBUG;DLLGETUSERINFO_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
122 | true
123 |
124 |
125 | Windows
126 | true
127 | true
128 | true
129 |
130 |
131 |
132 |
133 | Use
134 | Level3
135 | MaxSpeed
136 | true
137 | true
138 | true
139 | NDEBUG;DLLGETUSERINFO_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
140 | true
141 |
142 |
143 | Windows
144 | true
145 | true
146 | true
147 |
148 |
149 |
150 |
151 |
152 |
153 |
154 |
155 |
156 |
157 | Create
158 | Create
159 | Create
160 | Create
161 |
162 |
163 |
164 |
165 |
166 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/DLLGetUserInfo/DLLGetUserInfo/DLLGetUserInfo.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 |
18 |
19 | 头文件
20 |
21 |
22 | 头文件
23 |
24 |
25 |
26 |
27 | 源文件
28 |
29 |
30 | 源文件
31 |
32 |
33 | 源文件
34 |
35 |
36 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/DLLGetUserInfo/DLLGetUserInfo/DLLGetUserInfo.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/DLLGetUserInfo/DLLGetUserInfo/dllmain.cpp:
--------------------------------------------------------------------------------
1 | // dllmain.cpp : 定义 DLL 应用程序的入口点。
2 | #include "stdafx.h"
3 |
4 | #include
5 | using namespace std;
6 |
7 | DWORD GetIntByAddress(DWORD address)
8 | {
9 | DWORD intValue = 0;
10 |
11 | intValue = *(DWORD*)address;
12 |
13 | return intValue;
14 | }
15 |
16 | string GetStringByAddress(DWORD address)
17 | {
18 | string sValue = "";
19 |
20 | char cValue[500] = { 0 };
21 | memcpy(cValue, (const void*)address, 500);
22 | sValue = string(cValue);
23 |
24 | return sValue;
25 | }
26 |
27 | BOOL APIENTRY DllMain( HMODULE hModule,
28 | DWORD ul_reason_for_call,
29 | LPVOID lpReserved
30 | )
31 | {
32 | switch (ul_reason_for_call)
33 | {
34 | // dll被加载进内存后,会执行到这里
35 | case DLL_PROCESS_ATTACH:
36 | {
37 | // 1、获取DLL模块基址
38 |
39 | // 模块基址
40 | DWORD dllBaseAddress = (DWORD)GetModuleHandle(L"WeChatWin.dll");
41 |
42 | // 2、获取用户名
43 |
44 | // 用户名偏移
45 | DWORD wxNameOffset = 0x16B498C;
46 | // 用户名内存地址
47 | DWORD wxNameAddress = dllBaseAddress + wxNameOffset;
48 | // 用户名
49 | string sWxName = GetStringByAddress(wxNameAddress);
50 |
51 | // 3、获取WXID
52 |
53 | // WXID指针偏移
54 | DWORD wxIDPointerOffset = 0x16B4D90;
55 | // WXID指针地址
56 | DWORD wxIDPointerAddress = dllBaseAddress + wxIDPointerOffset;
57 | // WXID内存地址
58 | DWORD wxIDAddress = GetIntByAddress(wxIDPointerAddress);
59 | // WXID
60 | string sWxId = GetStringByAddress(wxIDAddress);
61 |
62 | // 4、显示结果
63 |
64 | // 用户信息
65 | string csUserInfo = string("用户信息: 用户名:") + sWxName + " 用户ID: " + sWxId;
66 | MessageBoxA(NULL, csUserInfo.c_str(), "用户信息", 0);
67 | }
68 | break;
69 | case DLL_THREAD_ATTACH:
70 | case DLL_THREAD_DETACH:
71 | case DLL_PROCESS_DETACH:
72 | break;
73 | }
74 | return TRUE;
75 | }
76 |
77 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/DLLGetUserInfo/DLLGetUserInfo/stdafx.cpp:
--------------------------------------------------------------------------------
1 | #include "stdafx.h"
2 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/DLLGetUserInfo/DLLGetUserInfo/stdafx.h:
--------------------------------------------------------------------------------
1 | // stdafx.h: 标准系统包含文件的包含文件,
2 | // 或是经常使用但不常更改的
3 | // 项目特定的包含文件
4 | //
5 |
6 | #pragma once
7 |
8 | #include "targetver.h"
9 |
10 | #define WIN32_LEAN_AND_MEAN // 从 Windows 头文件中排除极少使用的内容
11 | // Windows 头文件
12 | #include
13 |
14 |
15 |
16 | // 在此处引用程序需要的其他标头
17 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/DLLGetUserInfo/DLLGetUserInfo/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | // 包括 SDKDDKVer.h 将定义可用的最高版本的 Windows 平台。
4 |
5 | // 如果要为以前的 Windows 平台生成应用程序,请包括 WinSDKVer.h,并
6 | // 将 _WIN32_WINNT 宏设置为要支持的平台,然后再包括 SDKDDKVer.h。
7 |
8 | #include
9 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 15
4 | VisualStudioVersion = 15.0.28307.902
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "MFCGetUserInfo", "MFCGetUserInfo\MFCGetUserInfo.vcxproj", "{F109B40F-A8F1-4F56-B1FC-E04DDD494A0C}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|x64 = Debug|x64
11 | Debug|x86 = Debug|x86
12 | Release|x64 = Release|x64
13 | Release|x86 = Release|x86
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {F109B40F-A8F1-4F56-B1FC-E04DDD494A0C}.Debug|x64.ActiveCfg = Debug|x64
17 | {F109B40F-A8F1-4F56-B1FC-E04DDD494A0C}.Debug|x64.Build.0 = Debug|x64
18 | {F109B40F-A8F1-4F56-B1FC-E04DDD494A0C}.Debug|x86.ActiveCfg = Debug|Win32
19 | {F109B40F-A8F1-4F56-B1FC-E04DDD494A0C}.Debug|x86.Build.0 = Debug|Win32
20 | {F109B40F-A8F1-4F56-B1FC-E04DDD494A0C}.Release|x64.ActiveCfg = Release|x64
21 | {F109B40F-A8F1-4F56-B1FC-E04DDD494A0C}.Release|x64.Build.0 = Release|x64
22 | {F109B40F-A8F1-4F56-B1FC-E04DDD494A0C}.Release|x86.ActiveCfg = Release|Win32
23 | {F109B40F-A8F1-4F56-B1FC-E04DDD494A0C}.Release|x86.Build.0 = Release|Win32
24 | EndGlobalSection
25 | GlobalSection(SolutionProperties) = preSolution
26 | HideSolutionNode = FALSE
27 | EndGlobalSection
28 | GlobalSection(ExtensibilityGlobals) = postSolution
29 | SolutionGuid = {B503E29C-9295-4722-A2F7-00F2464F75F7}
30 | EndGlobalSection
31 | EndGlobal
32 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/MFCGetUserInfo.aps:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/MFCGetUserInfo.aps
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/MFCGetUserInfo.cpp:
--------------------------------------------------------------------------------
1 |
2 | // MFCGetUserInfo.cpp: 定义应用程序的类行为。
3 | //
4 |
5 | #include "stdafx.h"
6 | #include "MFCGetUserInfo.h"
7 | #include "MFCGetUserInfoDlg.h"
8 |
9 | #ifdef _DEBUG
10 | #define new DEBUG_NEW
11 | #endif
12 |
13 |
14 | // CMFCGetUserInfoApp
15 |
16 | BEGIN_MESSAGE_MAP(CMFCGetUserInfoApp, CWinApp)
17 | ON_COMMAND(ID_HELP, &CWinApp::OnHelp)
18 | END_MESSAGE_MAP()
19 |
20 |
21 | // CMFCGetUserInfoApp 构造
22 |
23 | CMFCGetUserInfoApp::CMFCGetUserInfoApp()
24 | {
25 | // 支持重新启动管理器
26 | m_dwRestartManagerSupportFlags = AFX_RESTART_MANAGER_SUPPORT_RESTART;
27 |
28 | // TODO: 在此处添加构造代码,
29 | // 将所有重要的初始化放置在 InitInstance 中
30 | }
31 |
32 |
33 | // 唯一的 CMFCGetUserInfoApp 对象
34 |
35 | CMFCGetUserInfoApp theApp;
36 |
37 |
38 | // CMFCGetUserInfoApp 初始化
39 |
40 | BOOL CMFCGetUserInfoApp::InitInstance()
41 | {
42 | // 如果一个运行在 Windows XP 上的应用程序清单指定要
43 | // 使用 ComCtl32.dll 版本 6 或更高版本来启用可视化方式,
44 | //则需要 InitCommonControlsEx()。 否则,将无法创建窗口。
45 | INITCOMMONCONTROLSEX InitCtrls;
46 | InitCtrls.dwSize = sizeof(InitCtrls);
47 | // 将它设置为包括所有要在应用程序中使用的
48 | // 公共控件类。
49 | InitCtrls.dwICC = ICC_WIN95_CLASSES;
50 | InitCommonControlsEx(&InitCtrls);
51 |
52 | CWinApp::InitInstance();
53 |
54 |
55 | AfxEnableControlContainer();
56 |
57 | // 创建 shell 管理器,以防对话框包含
58 | // 任何 shell 树视图控件或 shell 列表视图控件。
59 | CShellManager *pShellManager = new CShellManager;
60 |
61 | // 激活“Windows Native”视觉管理器,以便在 MFC 控件中启用主题
62 | CMFCVisualManager::SetDefaultManager(RUNTIME_CLASS(CMFCVisualManagerWindows));
63 |
64 | // 标准初始化
65 | // 如果未使用这些功能并希望减小
66 | // 最终可执行文件的大小,则应移除下列
67 | // 不需要的特定初始化例程
68 | // 更改用于存储设置的注册表项
69 | // TODO: 应适当修改该字符串,
70 | // 例如修改为公司或组织名
71 | SetRegistryKey(_T("应用程序向导生成的本地应用程序"));
72 |
73 | CMFCGetUserInfoDlg dlg;
74 | m_pMainWnd = &dlg;
75 | INT_PTR nResponse = dlg.DoModal();
76 | if (nResponse == IDOK)
77 | {
78 | // TODO: 在此放置处理何时用
79 | // “确定”来关闭对话框的代码
80 | }
81 | else if (nResponse == IDCANCEL)
82 | {
83 | // TODO: 在此放置处理何时用
84 | // “取消”来关闭对话框的代码
85 | }
86 | else if (nResponse == -1)
87 | {
88 | TRACE(traceAppMsg, 0, "警告: 对话框创建失败,应用程序将意外终止。\n");
89 | TRACE(traceAppMsg, 0, "警告: 如果您在对话框上使用 MFC 控件,则无法 #define _AFX_NO_MFC_CONTROLS_IN_DIALOGS。\n");
90 | }
91 |
92 | // 删除上面创建的 shell 管理器。
93 | if (pShellManager != nullptr)
94 | {
95 | delete pShellManager;
96 | }
97 |
98 | #if !defined(_AFXDLL) && !defined(_AFX_NO_MFC_CONTROLS_IN_DIALOGS)
99 | ControlBarCleanUp();
100 | #endif
101 |
102 | // 由于对话框已关闭,所以将返回 FALSE 以便退出应用程序,
103 | // 而不是启动应用程序的消息泵。
104 | return FALSE;
105 | }
106 |
107 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/MFCGetUserInfo.h:
--------------------------------------------------------------------------------
1 |
2 | // MFCGetUserInfo.h: PROJECT_NAME 应用程序的主头文件
3 | //
4 |
5 | #pragma once
6 |
7 | #ifndef __AFXWIN_H__
8 | #error "在包含此文件之前包含“stdafx.h”以生成 PCH 文件"
9 | #endif
10 |
11 | #include "resource.h" // 主符号
12 |
13 |
14 | // CMFCGetUserInfoApp:
15 | // 有关此类的实现,请参阅 MFCGetUserInfo.cpp
16 | //
17 |
18 | class CMFCGetUserInfoApp : public CWinApp
19 | {
20 | public:
21 | CMFCGetUserInfoApp();
22 |
23 | // 重写
24 | public:
25 | virtual BOOL InitInstance();
26 |
27 | // 实现
28 |
29 | DECLARE_MESSAGE_MAP()
30 | };
31 |
32 | extern CMFCGetUserInfoApp theApp;
33 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/MFCGetUserInfo.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/MFCGetUserInfo.rc
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/MFCGetUserInfo.vcxproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | Win32
7 |
8 |
9 | Release
10 | Win32
11 |
12 |
13 | Debug
14 | x64
15 |
16 |
17 | Release
18 | x64
19 |
20 |
21 |
22 | 15.0
23 | {F109B40F-A8F1-4F56-B1FC-E04DDD494A0C}
24 | MFCProj
25 | MFCGetUserInfo
26 | 10.0.17763.0
27 |
28 |
29 |
30 | Application
31 | true
32 | v141
33 | Unicode
34 | Dynamic
35 |
36 |
37 | Application
38 | false
39 | v141
40 | true
41 | Unicode
42 | Dynamic
43 |
44 |
45 | Application
46 | true
47 | v141
48 | Unicode
49 | Dynamic
50 |
51 |
52 | Application
53 | false
54 | v141
55 | true
56 | Unicode
57 | Dynamic
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 | true
79 |
80 |
81 | true
82 |
83 |
84 | false
85 |
86 |
87 | false
88 |
89 |
90 |
91 | Use
92 | Level3
93 | Disabled
94 | true
95 | WIN32;_WINDOWS;_DEBUG;%(PreprocessorDefinitions)
96 |
97 |
98 | Windows
99 |
100 |
101 | false
102 | true
103 | _DEBUG;%(PreprocessorDefinitions)
104 |
105 |
106 | 0x0804
107 | _DEBUG;%(PreprocessorDefinitions)
108 | $(IntDir);%(AdditionalIncludeDirectories)
109 |
110 |
111 |
112 |
113 | Use
114 | Level3
115 | Disabled
116 | true
117 | _WINDOWS;_DEBUG;%(PreprocessorDefinitions)
118 |
119 |
120 | Windows
121 |
122 |
123 | false
124 | true
125 | _DEBUG;%(PreprocessorDefinitions)
126 |
127 |
128 | 0x0804
129 | _DEBUG;%(PreprocessorDefinitions)
130 | $(IntDir);%(AdditionalIncludeDirectories)
131 |
132 |
133 |
134 |
135 | Use
136 | Level3
137 | MaxSpeed
138 | true
139 | true
140 | true
141 | WIN32;_WINDOWS;NDEBUG;%(PreprocessorDefinitions)
142 |
143 |
144 | Windows
145 | true
146 | true
147 |
148 |
149 | false
150 | true
151 | NDEBUG;%(PreprocessorDefinitions)
152 |
153 |
154 | 0x0804
155 | NDEBUG;%(PreprocessorDefinitions)
156 | $(IntDir);%(AdditionalIncludeDirectories)
157 |
158 |
159 |
160 |
161 | Use
162 | Level3
163 | MaxSpeed
164 | true
165 | true
166 | true
167 | _WINDOWS;NDEBUG;%(PreprocessorDefinitions)
168 |
169 |
170 | Windows
171 | true
172 | true
173 |
174 |
175 | false
176 | true
177 | NDEBUG;%(PreprocessorDefinitions)
178 |
179 |
180 | 0x0804
181 | NDEBUG;%(PreprocessorDefinitions)
182 | $(IntDir);%(AdditionalIncludeDirectories)
183 |
184 |
185 |
186 |
187 |
188 |
189 |
190 |
191 |
192 |
193 |
194 |
195 |
196 | Create
197 | Create
198 | Create
199 | Create
200 |
201 |
202 |
203 |
204 |
205 |
206 |
207 |
208 |
209 |
210 |
211 |
212 |
213 |
214 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/MFCGetUserInfo.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 |
18 |
19 | 头文件
20 |
21 |
22 | 头文件
23 |
24 |
25 | 头文件
26 |
27 |
28 | 头文件
29 |
30 |
31 | 头文件
32 |
33 |
34 |
35 |
36 | 源文件
37 |
38 |
39 | 源文件
40 |
41 |
42 | 源文件
43 |
44 |
45 |
46 |
47 | 资源文件
48 |
49 |
50 |
51 |
52 | 资源文件
53 |
54 |
55 |
56 |
57 | 资源文件
58 |
59 |
60 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/MFCGetUserInfo.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | MFCGetUserInfo.rc
5 |
6 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/MFCGetUserInfoDlg.cpp:
--------------------------------------------------------------------------------
1 |
2 | // MFCGetUserInfoDlg.cpp: 实现文件
3 | //
4 |
5 | #include "stdafx.h"
6 | #include "MFCGetUserInfo.h"
7 | #include "MFCGetUserInfoDlg.h"
8 | #include "afxdialogex.h"
9 |
10 | #include
11 |
12 | #ifdef _DEBUG
13 | #define new DEBUG_NEW
14 | #endif
15 |
16 |
17 | // 用于应用程序“关于”菜单项的 CAboutDlg 对话框
18 |
19 | class CAboutDlg : public CDialogEx
20 | {
21 | public:
22 | CAboutDlg();
23 |
24 | // 对话框数据
25 | #ifdef AFX_DESIGN_TIME
26 | enum { IDD = IDD_ABOUTBOX };
27 | #endif
28 |
29 | protected:
30 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
31 |
32 | // 实现
33 | protected:
34 | DECLARE_MESSAGE_MAP()
35 | };
36 |
37 | CAboutDlg::CAboutDlg() : CDialogEx(IDD_ABOUTBOX)
38 | {
39 | }
40 |
41 | void CAboutDlg::DoDataExchange(CDataExchange* pDX)
42 | {
43 | CDialogEx::DoDataExchange(pDX);
44 | }
45 |
46 | BEGIN_MESSAGE_MAP(CAboutDlg, CDialogEx)
47 | END_MESSAGE_MAP()
48 |
49 |
50 | // CMFCGetUserInfoDlg 对话框
51 |
52 |
53 |
54 | CMFCGetUserInfoDlg::CMFCGetUserInfoDlg(CWnd* pParent /*=nullptr*/)
55 | : CDialogEx(IDD_MFCGETUSERINFO_DIALOG, pParent)
56 | {
57 | m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);
58 | }
59 |
60 | void CMFCGetUserInfoDlg::DoDataExchange(CDataExchange* pDX)
61 | {
62 | CDialogEx::DoDataExchange(pDX);
63 | }
64 |
65 | BEGIN_MESSAGE_MAP(CMFCGetUserInfoDlg, CDialogEx)
66 | ON_WM_SYSCOMMAND()
67 | ON_WM_PAINT()
68 | ON_WM_QUERYDRAGICON()
69 | ON_BN_CLICKED(IDC_BUTTON_GET_USER_INFO, &CMFCGetUserInfoDlg::OnBnClickedButtonGetUserInfo)
70 | END_MESSAGE_MAP()
71 |
72 |
73 | // CMFCGetUserInfoDlg 消息处理程序
74 |
75 | BOOL CMFCGetUserInfoDlg::OnInitDialog()
76 | {
77 | CDialogEx::OnInitDialog();
78 |
79 | // 将“关于...”菜单项添加到系统菜单中。
80 |
81 | // IDM_ABOUTBOX 必须在系统命令范围内。
82 | ASSERT((IDM_ABOUTBOX & 0xFFF0) == IDM_ABOUTBOX);
83 | ASSERT(IDM_ABOUTBOX < 0xF000);
84 |
85 | CMenu* pSysMenu = GetSystemMenu(FALSE);
86 | if (pSysMenu != nullptr)
87 | {
88 | BOOL bNameValid;
89 | CString strAboutMenu;
90 | bNameValid = strAboutMenu.LoadString(IDS_ABOUTBOX);
91 | ASSERT(bNameValid);
92 | if (!strAboutMenu.IsEmpty())
93 | {
94 | pSysMenu->AppendMenu(MF_SEPARATOR);
95 | pSysMenu->AppendMenu(MF_STRING, IDM_ABOUTBOX, strAboutMenu);
96 | }
97 | }
98 |
99 | // 设置此对话框的图标。 当应用程序主窗口不是对话框时,框架将自动
100 | // 执行此操作
101 | SetIcon(m_hIcon, TRUE); // 设置大图标
102 | SetIcon(m_hIcon, FALSE); // 设置小图标
103 |
104 | // TODO: 在此添加额外的初始化代码
105 |
106 | return TRUE; // 除非将焦点设置到控件,否则返回 TRUE
107 | }
108 |
109 | void CMFCGetUserInfoDlg::OnSysCommand(UINT nID, LPARAM lParam)
110 | {
111 | if ((nID & 0xFFF0) == IDM_ABOUTBOX)
112 | {
113 | CAboutDlg dlgAbout;
114 | dlgAbout.DoModal();
115 | }
116 | else
117 | {
118 | CDialogEx::OnSysCommand(nID, lParam);
119 | }
120 | }
121 |
122 | // 如果向对话框添加最小化按钮,则需要下面的代码
123 | // 来绘制该图标。 对于使用文档/视图模型的 MFC 应用程序,
124 | // 这将由框架自动完成。
125 |
126 | void CMFCGetUserInfoDlg::OnPaint()
127 | {
128 | if (IsIconic())
129 | {
130 | CPaintDC dc(this); // 用于绘制的设备上下文
131 |
132 | SendMessage(WM_ICONERASEBKGND, reinterpret_cast(dc.GetSafeHdc()), 0);
133 |
134 | // 使图标在工作区矩形中居中
135 | int cxIcon = GetSystemMetrics(SM_CXICON);
136 | int cyIcon = GetSystemMetrics(SM_CYICON);
137 | CRect rect;
138 | GetClientRect(&rect);
139 | int x = (rect.Width() - cxIcon + 1) / 2;
140 | int y = (rect.Height() - cyIcon + 1) / 2;
141 |
142 | // 绘制图标
143 | dc.DrawIcon(x, y, m_hIcon);
144 | }
145 | else
146 | {
147 | CDialogEx::OnPaint();
148 | }
149 | }
150 |
151 | //当用户拖动最小化窗口时系统调用此函数取得光标
152 | //显示。
153 | HCURSOR CMFCGetUserInfoDlg::OnQueryDragIcon()
154 | {
155 | return static_cast(m_hIcon);
156 | }
157 |
158 | DWORD FindProgressPidByName(const char* progressName)
159 | {
160 | DWORD processID = 0;
161 |
162 | PROCESSENTRY32 pe32 = { 0 };
163 | pe32.dwSize = sizeof(PROCESSENTRY32);
164 |
165 | // 获取所有进程的信息
166 | HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
167 |
168 | // 拿到第一个进程的信息
169 | if (Process32First(hSnapshot, &pe32) == TRUE)
170 | {
171 | do
172 | {
173 | USES_CONVERSION;
174 | // 进程名字是progressName就返回
175 | if (strcmp(progressName, W2A(pe32.szExeFile)) == 0)
176 | {
177 | processID = pe32.th32ProcessID;
178 | break;
179 | }
180 | // 进程名字不是progressName,获取下一个进程信息
181 | } while (Process32Next(hSnapshot, &pe32));
182 | }
183 |
184 | CloseHandle(hSnapshot);
185 |
186 | return processID;
187 | }
188 |
189 | DWORD GetDLLBaseAddress(DWORD processID, const wchar_t* moduleName)
190 | {
191 | DWORD moduleBaseAddress = 0;
192 |
193 | // 获取进程ID processID 对应的进程信息
194 | HANDLE hProcessSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, processID);
195 | if (hProcessSnapshot == INVALID_HANDLE_VALUE) return moduleBaseAddress;
196 |
197 | MODULEENTRY32 me32;
198 | SecureZeroMemory(&me32, sizeof(MODULEENTRY32));
199 | me32.dwSize = sizeof(MODULEENTRY32);
200 |
201 | // 遍历进程的模块信息
202 | while (Module32Next(hProcessSnapshot, &me32))
203 | {
204 | me32.dwSize = sizeof(MODULEENTRY32);
205 |
206 | // 判断是不是目标模块moduleName
207 | if (!_tcscmp(me32.szModule, moduleName))
208 | {
209 | moduleBaseAddress = (DWORD)me32.modBaseAddr;
210 | break;
211 | }
212 | }
213 |
214 | CloseHandle(hProcessSnapshot);
215 |
216 | return moduleBaseAddress;
217 | }
218 |
219 | DWORD GetIntByAddress(HANDLE hProcess, DWORD address)
220 | {
221 | DWORD intValue = 0;
222 |
223 | ReadProcessMemory(hProcess, (LPVOID)address, &intValue, 4, 0);
224 |
225 | return intValue;
226 | }
227 |
228 | CString GetCStringByAddress(HANDLE hProcess, DWORD address)
229 | {
230 | CString csValue = L"";
231 |
232 | char cValue[500] = { 0 };
233 | if (ReadProcessMemory(hProcess, (LPVOID)address, cValue, 500, 0))
234 | {
235 | csValue = CString(cValue);
236 | }
237 |
238 | return csValue;
239 | }
240 |
241 | void CMFCGetUserInfoDlg::OnBnClickedButtonGetUserInfo()
242 | {
243 | // 1、获取DLL模块基址
244 |
245 | // 进程IP
246 | DWORD processID = FindProgressPidByName("WeChat.exe");
247 | // 进程句柄
248 | HANDLE hProcess = OpenProcess(PROCESS_VM_READ, FALSE, processID);
249 | // 模块基址
250 | DWORD dllBaseAddress = GetDLLBaseAddress(processID, L"WeChatWin.dll");
251 |
252 | // 2、获取用户名
253 |
254 | // 用户名偏移
255 | DWORD wxNameOffset = 0x16B498C;
256 | // 用户名内存地址
257 | DWORD wxNameAddress = dllBaseAddress + wxNameOffset;
258 | // 用户名
259 | CString csWxName = GetCStringByAddress(hProcess, wxNameAddress);
260 |
261 | // 3、获取WXID
262 |
263 | // WXID指针偏移
264 | DWORD wxIDPointerOffset = 0x16B4D90;
265 | // WXID指针地址
266 | DWORD wxIDPointerAddress = dllBaseAddress + wxIDPointerOffset;
267 | // WXID内存地址
268 | DWORD wxIDAddress = GetIntByAddress(hProcess, wxIDPointerAddress);
269 | // WXID
270 | CString csWxId = GetCStringByAddress(hProcess, wxIDAddress);
271 |
272 | // 4、显示结果
273 |
274 | // 用户信息
275 | CString csUserInfo = L"用户信息: 用户名:" + csWxName + L" 用户ID: " + csWxId;
276 | GetDlgItem(IDC_STATIC_USER_INFO)->SetWindowText(csUserInfo);
277 | }
278 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/MFCGetUserInfoDlg.h:
--------------------------------------------------------------------------------
1 |
2 | // MFCGetUserInfoDlg.h: 头文件
3 | //
4 |
5 | #pragma once
6 |
7 |
8 | // CMFCGetUserInfoDlg 对话框
9 | class CMFCGetUserInfoDlg : public CDialogEx
10 | {
11 | // 构造
12 | public:
13 | CMFCGetUserInfoDlg(CWnd* pParent = nullptr); // 标准构造函数
14 |
15 | // 对话框数据
16 | #ifdef AFX_DESIGN_TIME
17 | enum { IDD = IDD_MFCGETUSERINFO_DIALOG };
18 | #endif
19 |
20 | protected:
21 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
22 |
23 |
24 | // 实现
25 | protected:
26 | HICON m_hIcon;
27 |
28 | // 生成的消息映射函数
29 | virtual BOOL OnInitDialog();
30 | afx_msg void OnSysCommand(UINT nID, LPARAM lParam);
31 | afx_msg void OnPaint();
32 | afx_msg HCURSOR OnQueryDragIcon();
33 | DECLARE_MESSAGE_MAP()
34 | public:
35 | afx_msg void OnBnClickedButtonGetUserInfo();
36 | };
37 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/res/MFCGetUserInfo.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/res/MFCGetUserInfo.ico
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/res/MFCGetUserInfo.rc2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/res/MFCGetUserInfo.rc2
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/resource.h:
--------------------------------------------------------------------------------
1 | //{{NO_DEPENDENCIES}}
2 | // Microsoft Visual C++ 生成的包含文件。
3 | // 供 MFCGetUserInfo.rc 使用
4 | //
5 | #define IDM_ABOUTBOX 0x0010
6 | #define IDD_ABOUTBOX 100
7 | #define IDS_ABOUTBOX 101
8 | #define IDD_MFCGETUSERINFO_DIALOG 102
9 | #define IDR_MAINFRAME 128
10 | #define IDC_BUTTON_GET_USER_INFO 1000
11 | #define IDC_STATIC_USER_INFO 1001
12 |
13 | // Next default values for new objects
14 | //
15 | #ifdef APSTUDIO_INVOKED
16 | #ifndef APSTUDIO_READONLY_SYMBOLS
17 | #define _APS_NEXT_RESOURCE_VALUE 130
18 | #define _APS_NEXT_COMMAND_VALUE 32771
19 | #define _APS_NEXT_CONTROL_VALUE 1002
20 | #define _APS_NEXT_SYMED_VALUE 101
21 | #endif
22 | #endif
23 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/stdafx.cpp:
--------------------------------------------------------------------------------
1 |
2 | // stdafx.cpp : 只包括标准包含文件的源文件
3 | // MFCGetUserInfo.pch 将作为预编译标头
4 | // stdafx.obj 将包含预编译类型信息
5 |
6 | #include "stdafx.h"
7 |
8 |
9 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/stdafx.h:
--------------------------------------------------------------------------------
1 |
2 | // stdafx.h : 标准系统包含文件的包含文件,
3 | // 或是经常使用但不常更改的
4 | // 特定于项目的包含文件
5 |
6 | #pragma once
7 |
8 | #ifndef VC_EXTRALEAN
9 | #define VC_EXTRALEAN // 从 Windows 头中排除极少使用的资料
10 | #endif
11 |
12 | #include "targetver.h"
13 |
14 | #define _ATL_CSTRING_EXPLICIT_CONSTRUCTORS // 某些 CString 构造函数将是显式的
15 |
16 | // 关闭 MFC 对某些常见但经常可放心忽略的警告消息的隐藏
17 | #define _AFX_ALL_WARNINGS
18 |
19 | #include // MFC 核心组件和标准组件
20 | #include // MFC 扩展
21 |
22 |
23 | #include // MFC 自动化类
24 |
25 |
26 |
27 | #ifndef _AFX_NO_OLE_SUPPORT
28 | #include // MFC 对 Internet Explorer 4 公共控件的支持
29 | #endif
30 | #ifndef _AFX_NO_AFXCMN_SUPPORT
31 | #include // MFC 对 Windows 公共控件的支持
32 | #endif // _AFX_NO_AFXCMN_SUPPORT
33 |
34 | #include // 功能区和控件条的 MFC 支持
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 | #ifdef _UNICODE
45 | #if defined _M_IX86
46 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='x86' publicKeyToken='6595b64144ccf1df' language='*'\"")
47 | #elif defined _M_X64
48 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='amd64' publicKeyToken='6595b64144ccf1df' language='*'\"")
49 | #else
50 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='*' publicKeyToken='6595b64144ccf1df' language='*'\"")
51 | #endif
52 | #endif
53 |
54 |
55 |
--------------------------------------------------------------------------------
/逆向入门源码/个人信息/MFCGetUserInfo/MFCGetUserInfo/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | // 包括 SDKDDKVer.h 将定义可用的最高版本的 Windows 平台。
4 |
5 | // 如果要为以前的 Windows 平台生成应用程序,请包括 WinSDKVer.h,并将
6 | // 将 _WIN32_WINNT 宏设置为要支持的平台,然后再包括 SDKDDKVer.h。
7 |
8 | #include
9 |
--------------------------------------------------------------------------------
/逆向入门源码/刷新二维码/DLLRefreshQrcode/DLLRefreshQrcode.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 15
4 | VisualStudioVersion = 15.0.28307.902
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DLLRefreshQrcode", "DLLRefreshQrcode\DLLRefreshQrcode.vcxproj", "{DB603DEB-33A6-4114-8791-E2118FFA8051}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|x64 = Debug|x64
11 | Debug|x86 = Debug|x86
12 | Release|x64 = Release|x64
13 | Release|x86 = Release|x86
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {DB603DEB-33A6-4114-8791-E2118FFA8051}.Debug|x64.ActiveCfg = Debug|x64
17 | {DB603DEB-33A6-4114-8791-E2118FFA8051}.Debug|x64.Build.0 = Debug|x64
18 | {DB603DEB-33A6-4114-8791-E2118FFA8051}.Debug|x86.ActiveCfg = Debug|Win32
19 | {DB603DEB-33A6-4114-8791-E2118FFA8051}.Debug|x86.Build.0 = Debug|Win32
20 | {DB603DEB-33A6-4114-8791-E2118FFA8051}.Release|x64.ActiveCfg = Release|x64
21 | {DB603DEB-33A6-4114-8791-E2118FFA8051}.Release|x64.Build.0 = Release|x64
22 | {DB603DEB-33A6-4114-8791-E2118FFA8051}.Release|x86.ActiveCfg = Release|Win32
23 | {DB603DEB-33A6-4114-8791-E2118FFA8051}.Release|x86.Build.0 = Release|Win32
24 | EndGlobalSection
25 | GlobalSection(SolutionProperties) = preSolution
26 | HideSolutionNode = FALSE
27 | EndGlobalSection
28 | GlobalSection(ExtensibilityGlobals) = postSolution
29 | SolutionGuid = {5C23D05B-66DB-4E2A-BA4F-578AC555EEBD}
30 | EndGlobalSection
31 | EndGlobal
32 |
--------------------------------------------------------------------------------
/逆向入门源码/刷新二维码/DLLRefreshQrcode/DLLRefreshQrcode/DLLRefreshQrcode.cpp:
--------------------------------------------------------------------------------
1 | // DLLRefreshQrcode.cpp : 定义 DLL 应用程序的导出函数。
2 | //
3 |
4 | #include "stdafx.h"
5 |
6 |
7 |
--------------------------------------------------------------------------------
/逆向入门源码/刷新二维码/DLLRefreshQrcode/DLLRefreshQrcode/DLLRefreshQrcode.vcxproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | Win32
7 |
8 |
9 | Release
10 | Win32
11 |
12 |
13 | Debug
14 | x64
15 |
16 |
17 | Release
18 | x64
19 |
20 |
21 |
22 | 15.0
23 | {DB603DEB-33A6-4114-8791-E2118FFA8051}
24 | Win32Proj
25 | DLLRefreshQrcode
26 | 10.0.17763.0
27 |
28 |
29 |
30 | DynamicLibrary
31 | true
32 | v141
33 | Unicode
34 |
35 |
36 | DynamicLibrary
37 | false
38 | v141
39 | true
40 | Unicode
41 |
42 |
43 | DynamicLibrary
44 | true
45 | v141
46 | Unicode
47 |
48 |
49 | DynamicLibrary
50 | false
51 | v141
52 | true
53 | Unicode
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 | true
75 |
76 |
77 | true
78 |
79 |
80 | false
81 |
82 |
83 | false
84 |
85 |
86 |
87 | Use
88 | Level3
89 | Disabled
90 | true
91 | WIN32;_DEBUG;DLLREFRESHQRCODE_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
92 | true
93 |
94 |
95 | Windows
96 | true
97 |
98 |
99 |
100 |
101 | Use
102 | Level3
103 | Disabled
104 | true
105 | _DEBUG;DLLREFRESHQRCODE_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
106 | true
107 |
108 |
109 | Windows
110 | true
111 |
112 |
113 |
114 |
115 | Use
116 | Level3
117 | MaxSpeed
118 | true
119 | true
120 | true
121 | WIN32;NDEBUG;DLLREFRESHQRCODE_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
122 | true
123 |
124 |
125 | Windows
126 | true
127 | true
128 | true
129 |
130 |
131 |
132 |
133 | Use
134 | Level3
135 | MaxSpeed
136 | true
137 | true
138 | true
139 | NDEBUG;DLLREFRESHQRCODE_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
140 | true
141 |
142 |
143 | Windows
144 | true
145 | true
146 | true
147 |
148 |
149 |
150 |
151 |
152 |
153 |
154 |
155 |
156 |
157 | Create
158 | Create
159 | Create
160 | Create
161 |
162 |
163 |
164 |
165 |
166 |
--------------------------------------------------------------------------------
/逆向入门源码/刷新二维码/DLLRefreshQrcode/DLLRefreshQrcode/DLLRefreshQrcode.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 |
18 |
19 | 头文件
20 |
21 |
22 | 头文件
23 |
24 |
25 |
26 |
27 | 源文件
28 |
29 |
30 | 源文件
31 |
32 |
33 | 源文件
34 |
35 |
36 |
--------------------------------------------------------------------------------
/逆向入门源码/刷新二维码/DLLRefreshQrcode/DLLRefreshQrcode/DLLRefreshQrcode.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/逆向入门源码/刷新二维码/DLLRefreshQrcode/DLLRefreshQrcode/dllmain.cpp:
--------------------------------------------------------------------------------
1 | // dllmain.cpp : 定义 DLL 应用程序的入口点。
2 | #include "stdafx.h"
3 |
4 | BOOL APIENTRY DllMain( HMODULE hModule,
5 | DWORD ul_reason_for_call,
6 | LPVOID lpReserved
7 | )
8 | {
9 | switch (ul_reason_for_call)
10 | {
11 | // dll被加载进内存后,会执行到这里
12 | case DLL_PROCESS_ATTACH:
13 | {
14 | // 1、获取DLL模块基址
15 |
16 | // 模块基址
17 | DWORD dllBaseAddress = (DWORD)GetModuleHandle(L"WeChatWin.dll");
18 |
19 | // 2、计算函数的内存地址
20 |
21 | // 第一个函数偏移
22 | DWORD firstCallOffset = 0x22C010;
23 | // 第一个函数内存地址
24 | DWORD firstCallAddress = dllBaseAddress + firstCallOffset;
25 | // 第二个函数偏移
26 | DWORD secondCallOffset = 0x344170;
27 | // 第二个函数内存地址
28 | DWORD secondCallAddress = dllBaseAddress + secondCallOffset;
29 |
30 | // 3、编写调用函数的代码
31 | /*
32 | 参照源码
33 | 5C00FA88 E8 83C5FFFF call WeChatWi.5C00C010
34 | 5C00FA8D 8BC8 mov ecx,eax
35 | 5C00FA8F E8 DC461100 call WeChatWi.5C124170
36 | */
37 | __asm {
38 | call firstCallAddress;
39 | mov ecx, eax;
40 | call secondCallAddress;
41 | }
42 | }
43 | break;
44 |
45 | case DLL_THREAD_ATTACH:
46 | case DLL_THREAD_DETACH:
47 | case DLL_PROCESS_DETACH:
48 | break;
49 | }
50 | return TRUE;
51 | }
52 |
53 |
--------------------------------------------------------------------------------
/逆向入门源码/刷新二维码/DLLRefreshQrcode/DLLRefreshQrcode/stdafx.cpp:
--------------------------------------------------------------------------------
1 | #include "stdafx.h"
2 |
--------------------------------------------------------------------------------
/逆向入门源码/刷新二维码/DLLRefreshQrcode/DLLRefreshQrcode/stdafx.h:
--------------------------------------------------------------------------------
1 | // stdafx.h: 标准系统包含文件的包含文件,
2 | // 或是经常使用但不常更改的
3 | // 项目特定的包含文件
4 | //
5 |
6 | #pragma once
7 |
8 | #include "targetver.h"
9 |
10 | #define WIN32_LEAN_AND_MEAN // 从 Windows 头文件中排除极少使用的内容
11 | // Windows 头文件
12 | #include
13 |
14 |
15 |
16 | // 在此处引用程序需要的其他标头
17 |
--------------------------------------------------------------------------------
/逆向入门源码/刷新二维码/DLLRefreshQrcode/DLLRefreshQrcode/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | // 包括 SDKDDKVer.h 将定义可用的最高版本的 Windows 平台。
4 |
5 | // 如果要为以前的 Windows 平台生成应用程序,请包括 WinSDKVer.h,并
6 | // 将 _WIN32_WINNT 宏设置为要支持的平台,然后再包括 SDKDDKVer.h。
7 |
8 | #include
9 |
--------------------------------------------------------------------------------
/逆向入门源码/发送消息/DLLSendMsgText/DLLSendMsgText.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 15
4 | VisualStudioVersion = 15.0.28307.902
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DLLSendMsgText", "DLLSendMsgText\DLLSendMsgText.vcxproj", "{B7EEFEF9-EAD3-47F8-B237-4AA3E2010D87}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|x64 = Debug|x64
11 | Debug|x86 = Debug|x86
12 | Release|x64 = Release|x64
13 | Release|x86 = Release|x86
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {B7EEFEF9-EAD3-47F8-B237-4AA3E2010D87}.Debug|x64.ActiveCfg = Debug|x64
17 | {B7EEFEF9-EAD3-47F8-B237-4AA3E2010D87}.Debug|x64.Build.0 = Debug|x64
18 | {B7EEFEF9-EAD3-47F8-B237-4AA3E2010D87}.Debug|x86.ActiveCfg = Debug|Win32
19 | {B7EEFEF9-EAD3-47F8-B237-4AA3E2010D87}.Debug|x86.Build.0 = Debug|Win32
20 | {B7EEFEF9-EAD3-47F8-B237-4AA3E2010D87}.Release|x64.ActiveCfg = Release|x64
21 | {B7EEFEF9-EAD3-47F8-B237-4AA3E2010D87}.Release|x64.Build.0 = Release|x64
22 | {B7EEFEF9-EAD3-47F8-B237-4AA3E2010D87}.Release|x86.ActiveCfg = Release|Win32
23 | {B7EEFEF9-EAD3-47F8-B237-4AA3E2010D87}.Release|x86.Build.0 = Release|Win32
24 | EndGlobalSection
25 | GlobalSection(SolutionProperties) = preSolution
26 | HideSolutionNode = FALSE
27 | EndGlobalSection
28 | GlobalSection(ExtensibilityGlobals) = postSolution
29 | SolutionGuid = {9DE86663-E7A3-43BC-98A1-67722638DDE7}
30 | EndGlobalSection
31 | EndGlobal
32 |
--------------------------------------------------------------------------------
/逆向入门源码/发送消息/DLLSendMsgText/DLLSendMsgText/DLLSendMsgText.cpp:
--------------------------------------------------------------------------------
1 | // DLLSendMsgText.cpp : 定义 DLL 应用程序的导出函数。
2 | //
3 |
4 | #include "stdafx.h"
5 |
6 |
7 |
--------------------------------------------------------------------------------
/逆向入门源码/发送消息/DLLSendMsgText/DLLSendMsgText/DLLSendMsgText.vcxproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | Win32
7 |
8 |
9 | Release
10 | Win32
11 |
12 |
13 | Debug
14 | x64
15 |
16 |
17 | Release
18 | x64
19 |
20 |
21 |
22 | 15.0
23 | {B7EEFEF9-EAD3-47F8-B237-4AA3E2010D87}
24 | Win32Proj
25 | DLLSendMsgText
26 | 10.0.17763.0
27 |
28 |
29 |
30 | DynamicLibrary
31 | true
32 | v141
33 | Unicode
34 |
35 |
36 | DynamicLibrary
37 | false
38 | v141
39 | true
40 | Unicode
41 |
42 |
43 | DynamicLibrary
44 | true
45 | v141
46 | Unicode
47 |
48 |
49 | DynamicLibrary
50 | false
51 | v141
52 | true
53 | Unicode
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 | true
75 |
76 |
77 | true
78 |
79 |
80 | false
81 |
82 |
83 | false
84 |
85 |
86 |
87 | Use
88 | Level3
89 | Disabled
90 | true
91 | WIN32;_DEBUG;DLLSENDMSGTEXT_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
92 | true
93 |
94 |
95 | Windows
96 | true
97 |
98 |
99 |
100 |
101 | Use
102 | Level3
103 | Disabled
104 | true
105 | _DEBUG;DLLSENDMSGTEXT_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
106 | true
107 |
108 |
109 | Windows
110 | true
111 |
112 |
113 |
114 |
115 | Use
116 | Level3
117 | MaxSpeed
118 | true
119 | true
120 | true
121 | WIN32;NDEBUG;DLLSENDMSGTEXT_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
122 | true
123 |
124 |
125 | Windows
126 | true
127 | true
128 | true
129 |
130 |
131 |
132 |
133 | Use
134 | Level3
135 | MaxSpeed
136 | true
137 | true
138 | true
139 | NDEBUG;DLLSENDMSGTEXT_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
140 | true
141 |
142 |
143 | Windows
144 | true
145 | true
146 | true
147 |
148 |
149 |
150 |
151 |
152 |
153 |
154 |
155 |
156 |
157 | Create
158 | Create
159 | Create
160 | Create
161 |
162 |
163 |
164 |
165 |
166 |
--------------------------------------------------------------------------------
/逆向入门源码/发送消息/DLLSendMsgText/DLLSendMsgText/DLLSendMsgText.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 |
18 |
19 | 头文件
20 |
21 |
22 | 头文件
23 |
24 |
25 |
26 |
27 | 源文件
28 |
29 |
30 | 源文件
31 |
32 |
33 | 源文件
34 |
35 |
36 |
--------------------------------------------------------------------------------
/逆向入门源码/发送消息/DLLSendMsgText/DLLSendMsgText/DLLSendMsgText.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/逆向入门源码/发送消息/DLLSendMsgText/DLLSendMsgText/dllmain.cpp:
--------------------------------------------------------------------------------
1 | // dllmain.cpp : 定义 DLL 应用程序的入口点。
2 | #include "stdafx.h"
3 | #include
4 | using namespace std;
5 |
6 | struct WxString
7 | {
8 | // 存字符串
9 | wchar_t* buffer;
10 |
11 | // 存字符串长度
12 | int size;
13 |
14 | // 存字符串空间
15 | int capacity;
16 |
17 | // 8个空余的0
18 | char fill[8];
19 | };
20 |
21 | BOOL APIENTRY DllMain( HMODULE hModule,
22 | DWORD ul_reason_for_call,
23 | LPVOID lpReserved
24 | )
25 | {
26 | switch (ul_reason_for_call)
27 | {
28 | // dll被加载进内存后,会执行到这里
29 | case DLL_PROCESS_ATTACH:
30 | {
31 | wstring wsWxId = L"filehelper";
32 | wstring wsTextMsg = L"发送的消息";
33 |
34 | // 1、构造参数
35 |
36 | // 构造发送者结构
37 | WxString wxWxid = { 0 };
38 | wxWxid.buffer = (wchar_t*)wsWxId.c_str();
39 | wxWxid.size = wsWxId.size();
40 | wxWxid.capacity = wsWxId.capacity();
41 |
42 | // 构造消息结构
43 | WxString wxTextMsg = { 0 };
44 | wxTextMsg.buffer = (wchar_t*)wsTextMsg.c_str();
45 | wxTextMsg.size = wsTextMsg.size();
46 | wxTextMsg.capacity = wsTextMsg.capacity();
47 |
48 | // 构造空结构
49 | WxString wxNULL = { 0 };
50 |
51 | // 构造空buffer
52 | char buffer[0x738] = { 0 };
53 |
54 | // 2、获取DLL模块基址
55 |
56 | // 模块基址
57 | DWORD dllBaseAddress = (DWORD)GetModuleHandle(L"WeChatWin.dll");
58 |
59 | // 3、计算函数的内存地址
60 |
61 | // 函数偏移
62 | DWORD callOffset = 0x34CA50;
63 | // 函数内存地址
64 | DWORD callAddress = dllBaseAddress + callOffset;
65 |
66 | // 4、编写调用函数的代码
67 | /*
68 | 参照源码
69 | 5A17CA91 6A 01 push 0x1 ; 参数5:1
70 | 5A17CA93 8D43 34 lea eax,dword ptr ds:[ebx+0x34]
71 | 5A17CA96 50 push eax ; 参数4:空结构
72 | 5A17CA97 53 push ebx ; 参数3:发送的消息
73 | 5A17CA98 8D55 9C lea edx,dword ptr ss:[ebp-0x64] ; 参数2:接收人
74 | 5A17CA9B 8D8D C8F8FFFF lea ecx,dword ptr ss:[ebp-0x738] ; 参数1:未知 可置空
75 | 5A17CAA1 E8 AAFF2500 call WeChatWi.5A3DCA50 ; 发送文本消息函数
76 | 5A17CAA6 83C4 0C add esp,0xC ; 平衡堆栈用
77 | */
78 | __asm {
79 | // 参数5:1
80 | push 0x1;
81 |
82 | // 参数4:空结构
83 | lea eax, wxNULL;
84 | push eax;
85 |
86 | // 参数3:发送的消息
87 | lea ebx, wxTextMsg;
88 | push ebx;
89 |
90 | // 参数2:接收人
91 | lea edx, wxWxid;
92 |
93 | // 参数1:空buffer
94 | lea ecx, buffer;
95 |
96 | // 调用函数
97 | call callAddress;
98 |
99 | // 堆栈平衡
100 | add esp, 0xC;
101 | }
102 | }
103 | break;
104 | case DLL_THREAD_ATTACH:
105 | case DLL_THREAD_DETACH:
106 | case DLL_PROCESS_DETACH:
107 | break;
108 | }
109 | return TRUE;
110 | }
111 |
112 |
--------------------------------------------------------------------------------
/逆向入门源码/发送消息/DLLSendMsgText/DLLSendMsgText/stdafx.cpp:
--------------------------------------------------------------------------------
1 | #include "stdafx.h"
2 |
--------------------------------------------------------------------------------
/逆向入门源码/发送消息/DLLSendMsgText/DLLSendMsgText/stdafx.h:
--------------------------------------------------------------------------------
1 | // stdafx.h: 标准系统包含文件的包含文件,
2 | // 或是经常使用但不常更改的
3 | // 项目特定的包含文件
4 | //
5 |
6 | #pragma once
7 |
8 | #include "targetver.h"
9 |
10 | #define WIN32_LEAN_AND_MEAN // 从 Windows 头文件中排除极少使用的内容
11 | // Windows 头文件
12 | #include
13 |
14 |
15 |
16 | // 在此处引用程序需要的其他标头
17 |
--------------------------------------------------------------------------------
/逆向入门源码/发送消息/DLLSendMsgText/DLLSendMsgText/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | // 包括 SDKDDKVer.h 将定义可用的最高版本的 Windows 平台。
4 |
5 | // 如果要为以前的 Windows 平台生成应用程序,请包括 WinSDKVer.h,并
6 | // 将 _WIN32_WINNT 宏设置为要支持的平台,然后再包括 SDKDDKVer.h。
7 |
8 | #include
9 |
--------------------------------------------------------------------------------
/逆向入门源码/接收消息/DLLRecvMsg/DLLRecvMsg.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 15
4 | VisualStudioVersion = 15.0.28307.902
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DLLRecvMsg", "DLLRecvMsg\DLLRecvMsg.vcxproj", "{6EE27286-B88E-47A2-AA4C-C886F303C8FE}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|x64 = Debug|x64
11 | Debug|x86 = Debug|x86
12 | Release|x64 = Release|x64
13 | Release|x86 = Release|x86
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {6EE27286-B88E-47A2-AA4C-C886F303C8FE}.Debug|x64.ActiveCfg = Debug|x64
17 | {6EE27286-B88E-47A2-AA4C-C886F303C8FE}.Debug|x64.Build.0 = Debug|x64
18 | {6EE27286-B88E-47A2-AA4C-C886F303C8FE}.Debug|x86.ActiveCfg = Debug|Win32
19 | {6EE27286-B88E-47A2-AA4C-C886F303C8FE}.Debug|x86.Build.0 = Debug|Win32
20 | {6EE27286-B88E-47A2-AA4C-C886F303C8FE}.Release|x64.ActiveCfg = Release|x64
21 | {6EE27286-B88E-47A2-AA4C-C886F303C8FE}.Release|x64.Build.0 = Release|x64
22 | {6EE27286-B88E-47A2-AA4C-C886F303C8FE}.Release|x86.ActiveCfg = Release|Win32
23 | {6EE27286-B88E-47A2-AA4C-C886F303C8FE}.Release|x86.Build.0 = Release|Win32
24 | EndGlobalSection
25 | GlobalSection(SolutionProperties) = preSolution
26 | HideSolutionNode = FALSE
27 | EndGlobalSection
28 | GlobalSection(ExtensibilityGlobals) = postSolution
29 | SolutionGuid = {E7938D63-964C-4DA2-9F68-01AD4E2DDC96}
30 | EndGlobalSection
31 | EndGlobal
32 |
--------------------------------------------------------------------------------
/逆向入门源码/接收消息/DLLRecvMsg/DLLRecvMsg/DLLRecvMsg.cpp:
--------------------------------------------------------------------------------
1 | // DLLRecvMsg.cpp : 定义 DLL 应用程序的导出函数。
2 | //
3 |
4 | #include "stdafx.h"
5 |
6 |
7 |
--------------------------------------------------------------------------------
/逆向入门源码/接收消息/DLLRecvMsg/DLLRecvMsg/DLLRecvMsg.vcxproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | Win32
7 |
8 |
9 | Release
10 | Win32
11 |
12 |
13 | Debug
14 | x64
15 |
16 |
17 | Release
18 | x64
19 |
20 |
21 |
22 | 15.0
23 | {6EE27286-B88E-47A2-AA4C-C886F303C8FE}
24 | Win32Proj
25 | DLLRecvMsg
26 | 10.0.17763.0
27 |
28 |
29 |
30 | DynamicLibrary
31 | true
32 | v141
33 | Unicode
34 |
35 |
36 | DynamicLibrary
37 | false
38 | v141
39 | true
40 | Unicode
41 |
42 |
43 | DynamicLibrary
44 | true
45 | v141
46 | Unicode
47 |
48 |
49 | DynamicLibrary
50 | false
51 | v141
52 | true
53 | Unicode
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 | true
75 |
76 |
77 | true
78 |
79 |
80 | false
81 |
82 |
83 | false
84 |
85 |
86 |
87 | Use
88 | Level3
89 | Disabled
90 | true
91 | WIN32;_DEBUG;DLLRECVMSG_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
92 | true
93 |
94 |
95 | Windows
96 | true
97 |
98 |
99 |
100 |
101 | Use
102 | Level3
103 | Disabled
104 | true
105 | _DEBUG;DLLRECVMSG_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
106 | true
107 |
108 |
109 | Windows
110 | true
111 |
112 |
113 |
114 |
115 | Use
116 | Level3
117 | MaxSpeed
118 | true
119 | true
120 | true
121 | WIN32;NDEBUG;DLLRECVMSG_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
122 | true
123 |
124 |
125 | Windows
126 | true
127 | true
128 | true
129 |
130 |
131 |
132 |
133 | Use
134 | Level3
135 | MaxSpeed
136 | true
137 | true
138 | true
139 | NDEBUG;DLLRECVMSG_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
140 | true
141 |
142 |
143 | Windows
144 | true
145 | true
146 | true
147 |
148 |
149 |
150 |
151 |
152 |
153 |
154 |
155 |
156 |
157 | Create
158 | Create
159 | Create
160 | Create
161 |
162 |
163 |
164 |
165 |
166 |
--------------------------------------------------------------------------------
/逆向入门源码/接收消息/DLLRecvMsg/DLLRecvMsg/DLLRecvMsg.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 |
18 |
19 | 头文件
20 |
21 |
22 | 头文件
23 |
24 |
25 |
26 |
27 | 源文件
28 |
29 |
30 | 源文件
31 |
32 |
33 | 源文件
34 |
35 |
36 |
--------------------------------------------------------------------------------
/逆向入门源码/接收消息/DLLRecvMsg/DLLRecvMsg/DLLRecvMsg.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/逆向入门源码/接收消息/DLLRecvMsg/DLLRecvMsg/dllmain.cpp:
--------------------------------------------------------------------------------
1 | // dllmain.cpp : 定义 DLL 应用程序的入口点。
2 | #include "stdafx.h"
3 | #include
4 | using namespace std;
5 |
6 | // 模块基址
7 | DWORD dllBaseAddress = (DWORD)GetModuleHandle(L"WeChatWin.dll");
8 |
9 | // 接收消息hook位置偏移
10 | DWORD recievedHookOffset = 0x329743;
11 |
12 | // 接收消息hook位置的内存地址
13 | DWORD recievedHookAddress = dllBaseAddress + recievedHookOffset;
14 |
15 | // 被覆盖的数据的偏移
16 | DWORD coeverDataOffset = 0x14003C0;
17 |
18 | // 被覆盖的数据的内存地址
19 | DWORD coeverDataAddress = dllBaseAddress + coeverDataOffset;
20 |
21 | // Hook下一个指令的地址
22 | DWORD recievedHookRetAddress = recievedHookAddress + 5;
23 | CHAR originalRecieveCode[5] = { 0 };
24 |
25 | void DealRecievedMessage(WCHAR* sender, WCHAR* msg)
26 | {
27 | wstring wsSender = sender;
28 | wstring wsMsg = msg;
29 | wstring wsShowMsg = L"发送者:" + wsSender + L" 消息: " + wsMsg;
30 | MessageBox(NULL, wsShowMsg.c_str(), L"收到消息", 0);
31 | }
32 |
33 | __declspec(naked) void ListenRecievedMessage()
34 | {
35 | __asm
36 | {
37 | //保存现场
38 | pushad;
39 | pushfd;
40 |
41 | // 发送的消息
42 | push [ebp - 0x1F8];
43 | // 发送的人
44 | push [ebp - 0x220];
45 |
46 | // 调用处理消息的函数
47 | call DealRecievedMessage;
48 |
49 | // 平衡堆栈 一个参数占0x4,两个参数就是0x8
50 | add esp, 0x8;
51 |
52 | //恢复现场
53 | popfd;
54 | popad;
55 |
56 | // 重新执行被覆盖的
57 | // push WeChatWi.5B4903C0
58 | push coeverDataAddress;
59 |
60 | // 返回hook的下一条指令
61 | jmp recievedHookRetAddress
62 | }
63 | }
64 |
65 | void HookRecievedMessage()
66 | {
67 | // 跳转需要五个字节
68 | BYTE jmpCode[5] = { 0 };
69 |
70 | // 第一个字节填 E9,对应汇编的jmp
71 | jmpCode[0] = 0xE9;
72 |
73 | // 后面四个字节,填要跳转的位置,之所以减5,是因为当前的指令占五个字节
74 | *(DWORD*)&jmpCode[1] = (DWORD)ListenRecievedMessage - recievedHookAddress - 5;
75 |
76 | // 把老的指令读出来存好,方便恢复
77 | ReadProcessMemory(GetCurrentProcess(), (LPVOID)recievedHookAddress, originalRecieveCode, 5, 0);
78 |
79 | // 把新的执行写到hook的位置
80 | WriteProcessMemory(GetCurrentProcess(), (LPVOID)recievedHookAddress, jmpCode, 5, 0);
81 | }
82 |
83 | void UnHookRecievedMessage()
84 | {
85 | // 回复被覆盖的指令
86 | WriteProcessMemory(GetCurrentProcess(), (LPVOID)recievedHookAddress, originalRecieveCode, 5, 0);
87 | }
88 |
89 | BOOL APIENTRY DllMain( HMODULE hModule,
90 | DWORD ul_reason_for_call,
91 | LPVOID lpReserved
92 | )
93 | {
94 | switch (ul_reason_for_call)
95 | {
96 | case DLL_PROCESS_ATTACH:
97 | {
98 | HookRecievedMessage();
99 | }
100 | break;
101 | case DLL_PROCESS_DETACH:
102 | {
103 | UnHookRecievedMessage();
104 | }
105 | break;
106 | case DLL_THREAD_ATTACH:
107 | case DLL_THREAD_DETACH:
108 | break;
109 | }
110 | return TRUE;
111 | }
112 |
113 |
--------------------------------------------------------------------------------
/逆向入门源码/接收消息/DLLRecvMsg/DLLRecvMsg/stdafx.cpp:
--------------------------------------------------------------------------------
1 | #include "stdafx.h"
2 |
--------------------------------------------------------------------------------
/逆向入门源码/接收消息/DLLRecvMsg/DLLRecvMsg/stdafx.h:
--------------------------------------------------------------------------------
1 | // stdafx.h: 标准系统包含文件的包含文件,
2 | // 或是经常使用但不常更改的
3 | // 项目特定的包含文件
4 | //
5 |
6 | #pragma once
7 |
8 | #include "targetver.h"
9 |
10 | #define WIN32_LEAN_AND_MEAN // 从 Windows 头文件中排除极少使用的内容
11 | // Windows 头文件
12 | #include
13 |
14 |
15 |
16 | // 在此处引用程序需要的其他标头
17 |
--------------------------------------------------------------------------------
/逆向入门源码/接收消息/DLLRecvMsg/DLLRecvMsg/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | // 包括 SDKDDKVer.h 将定义可用的最高版本的 Windows 平台。
4 |
5 | // 如果要为以前的 Windows 平台生成应用程序,请包括 WinSDKVer.h,并
6 | // 将 _WIN32_WINNT 宏设置为要支持的平台,然后再包括 SDKDDKVer.h。
7 |
8 | #include
9 |
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 15
4 | VisualStudioVersion = 15.0.28307.902
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "MFCGetContacts", "MFCGetContacts\MFCGetContacts.vcxproj", "{EDDF2B73-EFB6-4579-97F2-B3870D0BDE29}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|x64 = Debug|x64
11 | Debug|x86 = Debug|x86
12 | Release|x64 = Release|x64
13 | Release|x86 = Release|x86
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {EDDF2B73-EFB6-4579-97F2-B3870D0BDE29}.Debug|x64.ActiveCfg = Debug|x64
17 | {EDDF2B73-EFB6-4579-97F2-B3870D0BDE29}.Debug|x64.Build.0 = Debug|x64
18 | {EDDF2B73-EFB6-4579-97F2-B3870D0BDE29}.Debug|x86.ActiveCfg = Debug|Win32
19 | {EDDF2B73-EFB6-4579-97F2-B3870D0BDE29}.Debug|x86.Build.0 = Debug|Win32
20 | {EDDF2B73-EFB6-4579-97F2-B3870D0BDE29}.Release|x64.ActiveCfg = Release|x64
21 | {EDDF2B73-EFB6-4579-97F2-B3870D0BDE29}.Release|x64.Build.0 = Release|x64
22 | {EDDF2B73-EFB6-4579-97F2-B3870D0BDE29}.Release|x86.ActiveCfg = Release|Win32
23 | {EDDF2B73-EFB6-4579-97F2-B3870D0BDE29}.Release|x86.Build.0 = Release|Win32
24 | EndGlobalSection
25 | GlobalSection(SolutionProperties) = preSolution
26 | HideSolutionNode = FALSE
27 | EndGlobalSection
28 | GlobalSection(ExtensibilityGlobals) = postSolution
29 | SolutionGuid = {C10FBDD3-EA5F-4604-8F12-B9040FF857F4}
30 | EndGlobalSection
31 | EndGlobal
32 |
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/MFCGetContacts.aps:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/MFCGetContacts.aps
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/MFCGetContacts.cpp:
--------------------------------------------------------------------------------
1 |
2 | // MFCGetContacts.cpp: 定义应用程序的类行为。
3 | //
4 |
5 | #include "stdafx.h"
6 | #include "MFCGetContacts.h"
7 | #include "MFCGetContactsDlg.h"
8 |
9 | #ifdef _DEBUG
10 | #define new DEBUG_NEW
11 | #endif
12 |
13 |
14 | // CMFCGetContactsApp
15 |
16 | BEGIN_MESSAGE_MAP(CMFCGetContactsApp, CWinApp)
17 | ON_COMMAND(ID_HELP, &CWinApp::OnHelp)
18 | END_MESSAGE_MAP()
19 |
20 |
21 | // CMFCGetContactsApp 构造
22 |
23 | CMFCGetContactsApp::CMFCGetContactsApp()
24 | {
25 | // 支持重新启动管理器
26 | m_dwRestartManagerSupportFlags = AFX_RESTART_MANAGER_SUPPORT_RESTART;
27 |
28 | // TODO: 在此处添加构造代码,
29 | // 将所有重要的初始化放置在 InitInstance 中
30 | }
31 |
32 |
33 | // 唯一的 CMFCGetContactsApp 对象
34 |
35 | CMFCGetContactsApp theApp;
36 |
37 |
38 | // CMFCGetContactsApp 初始化
39 |
40 | BOOL CMFCGetContactsApp::InitInstance()
41 | {
42 | // 如果一个运行在 Windows XP 上的应用程序清单指定要
43 | // 使用 ComCtl32.dll 版本 6 或更高版本来启用可视化方式,
44 | //则需要 InitCommonControlsEx()。 否则,将无法创建窗口。
45 | INITCOMMONCONTROLSEX InitCtrls;
46 | InitCtrls.dwSize = sizeof(InitCtrls);
47 | // 将它设置为包括所有要在应用程序中使用的
48 | // 公共控件类。
49 | InitCtrls.dwICC = ICC_WIN95_CLASSES;
50 | InitCommonControlsEx(&InitCtrls);
51 |
52 | CWinApp::InitInstance();
53 |
54 |
55 | AfxEnableControlContainer();
56 |
57 | // 创建 shell 管理器,以防对话框包含
58 | // 任何 shell 树视图控件或 shell 列表视图控件。
59 | CShellManager *pShellManager = new CShellManager;
60 |
61 | // 激活“Windows Native”视觉管理器,以便在 MFC 控件中启用主题
62 | CMFCVisualManager::SetDefaultManager(RUNTIME_CLASS(CMFCVisualManagerWindows));
63 |
64 | // 标准初始化
65 | // 如果未使用这些功能并希望减小
66 | // 最终可执行文件的大小,则应移除下列
67 | // 不需要的特定初始化例程
68 | // 更改用于存储设置的注册表项
69 | // TODO: 应适当修改该字符串,
70 | // 例如修改为公司或组织名
71 | SetRegistryKey(_T("应用程序向导生成的本地应用程序"));
72 |
73 | CMFCGetContactsDlg dlg;
74 | m_pMainWnd = &dlg;
75 | INT_PTR nResponse = dlg.DoModal();
76 | if (nResponse == IDOK)
77 | {
78 | // TODO: 在此放置处理何时用
79 | // “确定”来关闭对话框的代码
80 | }
81 | else if (nResponse == IDCANCEL)
82 | {
83 | // TODO: 在此放置处理何时用
84 | // “取消”来关闭对话框的代码
85 | }
86 | else if (nResponse == -1)
87 | {
88 | TRACE(traceAppMsg, 0, "警告: 对话框创建失败,应用程序将意外终止。\n");
89 | TRACE(traceAppMsg, 0, "警告: 如果您在对话框上使用 MFC 控件,则无法 #define _AFX_NO_MFC_CONTROLS_IN_DIALOGS。\n");
90 | }
91 |
92 | // 删除上面创建的 shell 管理器。
93 | if (pShellManager != nullptr)
94 | {
95 | delete pShellManager;
96 | }
97 |
98 | #if !defined(_AFXDLL) && !defined(_AFX_NO_MFC_CONTROLS_IN_DIALOGS)
99 | ControlBarCleanUp();
100 | #endif
101 |
102 | // 由于对话框已关闭,所以将返回 FALSE 以便退出应用程序,
103 | // 而不是启动应用程序的消息泵。
104 | return FALSE;
105 | }
106 |
107 |
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/MFCGetContacts.h:
--------------------------------------------------------------------------------
1 |
2 | // MFCGetContacts.h: PROJECT_NAME 应用程序的主头文件
3 | //
4 |
5 | #pragma once
6 |
7 | #ifndef __AFXWIN_H__
8 | #error "在包含此文件之前包含“stdafx.h”以生成 PCH 文件"
9 | #endif
10 |
11 | #include "resource.h" // 主符号
12 |
13 |
14 | // CMFCGetContactsApp:
15 | // 有关此类的实现,请参阅 MFCGetContacts.cpp
16 | //
17 |
18 | class CMFCGetContactsApp : public CWinApp
19 | {
20 | public:
21 | CMFCGetContactsApp();
22 |
23 | // 重写
24 | public:
25 | virtual BOOL InitInstance();
26 |
27 | // 实现
28 |
29 | DECLARE_MESSAGE_MAP()
30 | };
31 |
32 | extern CMFCGetContactsApp theApp;
33 |
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/MFCGetContacts.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/MFCGetContacts.rc
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/MFCGetContacts.vcxproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | Win32
7 |
8 |
9 | Release
10 | Win32
11 |
12 |
13 | Debug
14 | x64
15 |
16 |
17 | Release
18 | x64
19 |
20 |
21 |
22 | 15.0
23 | {EDDF2B73-EFB6-4579-97F2-B3870D0BDE29}
24 | MFCProj
25 | MFCGetContacts
26 | 10.0.17763.0
27 |
28 |
29 |
30 | Application
31 | true
32 | v141
33 | Unicode
34 | Static
35 |
36 |
37 | Application
38 | false
39 | v141
40 | true
41 | Unicode
42 | Static
43 |
44 |
45 | Application
46 | true
47 | v141
48 | Unicode
49 | Static
50 |
51 |
52 | Application
53 | false
54 | v141
55 | true
56 | Unicode
57 | Static
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 | true
79 |
80 |
81 | true
82 |
83 |
84 | false
85 |
86 |
87 | false
88 |
89 |
90 |
91 | Use
92 | Level3
93 | Disabled
94 | true
95 | WIN32;_WINDOWS;_DEBUG;%(PreprocessorDefinitions)
96 |
97 |
98 | Windows
99 |
100 |
101 | false
102 | true
103 | _DEBUG;%(PreprocessorDefinitions)
104 |
105 |
106 | 0x0804
107 | _DEBUG;%(PreprocessorDefinitions)
108 | $(IntDir);%(AdditionalIncludeDirectories)
109 |
110 |
111 |
112 |
113 | Use
114 | Level3
115 | Disabled
116 | true
117 | _WINDOWS;_DEBUG;%(PreprocessorDefinitions)
118 |
119 |
120 | Windows
121 |
122 |
123 | false
124 | true
125 | _DEBUG;%(PreprocessorDefinitions)
126 |
127 |
128 | 0x0804
129 | _DEBUG;%(PreprocessorDefinitions)
130 | $(IntDir);%(AdditionalIncludeDirectories)
131 |
132 |
133 |
134 |
135 | Use
136 | Level3
137 | MaxSpeed
138 | true
139 | true
140 | true
141 | WIN32;_WINDOWS;NDEBUG;%(PreprocessorDefinitions)
142 |
143 |
144 | Windows
145 | true
146 | true
147 |
148 |
149 | false
150 | true
151 | NDEBUG;%(PreprocessorDefinitions)
152 |
153 |
154 | 0x0804
155 | NDEBUG;%(PreprocessorDefinitions)
156 | $(IntDir);%(AdditionalIncludeDirectories)
157 |
158 |
159 |
160 |
161 | Use
162 | Level3
163 | MaxSpeed
164 | true
165 | true
166 | true
167 | _WINDOWS;NDEBUG;%(PreprocessorDefinitions)
168 |
169 |
170 | Windows
171 | true
172 | true
173 |
174 |
175 | false
176 | true
177 | NDEBUG;%(PreprocessorDefinitions)
178 |
179 |
180 | 0x0804
181 | NDEBUG;%(PreprocessorDefinitions)
182 | $(IntDir);%(AdditionalIncludeDirectories)
183 |
184 |
185 |
186 |
187 |
188 |
189 |
190 |
191 |
192 |
193 |
194 |
195 |
196 | Create
197 | Create
198 | Create
199 | Create
200 |
201 |
202 |
203 |
204 |
205 |
206 |
207 |
208 |
209 |
210 |
211 |
212 |
213 |
214 |
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/MFCGetContacts.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 |
18 |
19 | 头文件
20 |
21 |
22 | 头文件
23 |
24 |
25 | 头文件
26 |
27 |
28 | 头文件
29 |
30 |
31 | 头文件
32 |
33 |
34 |
35 |
36 | 源文件
37 |
38 |
39 | 源文件
40 |
41 |
42 | 源文件
43 |
44 |
45 |
46 |
47 | 资源文件
48 |
49 |
50 |
51 |
52 | 资源文件
53 |
54 |
55 |
56 |
57 | 资源文件
58 |
59 |
60 |
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/MFCGetContacts.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | MFCGetContacts.rc
5 |
6 |
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/MFCGetContactsDlg.cpp:
--------------------------------------------------------------------------------
1 |
2 | // MFCGetContactsDlg.cpp: 实现文件
3 | //
4 |
5 | #include "stdafx.h"
6 | #include "MFCGetContacts.h"
7 | #include "MFCGetContactsDlg.h"
8 | #include "afxdialogex.h"
9 | #include "tlhelp32.h"
10 | #include
11 | #include
12 | using namespace std;
13 |
14 | #ifdef _DEBUG
15 | #define new DEBUG_NEW
16 | #endif
17 |
18 |
19 | // 用于应用程序“关于”菜单项的 CAboutDlg 对话框
20 |
21 | class CAboutDlg : public CDialogEx
22 | {
23 | public:
24 | CAboutDlg();
25 |
26 | // 对话框数据
27 | #ifdef AFX_DESIGN_TIME
28 | enum { IDD = IDD_ABOUTBOX };
29 | #endif
30 |
31 | protected:
32 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
33 |
34 | // 实现
35 | protected:
36 | DECLARE_MESSAGE_MAP()
37 | };
38 |
39 | CAboutDlg::CAboutDlg() : CDialogEx(IDD_ABOUTBOX)
40 | {
41 | }
42 |
43 | void CAboutDlg::DoDataExchange(CDataExchange* pDX)
44 | {
45 | CDialogEx::DoDataExchange(pDX);
46 | }
47 |
48 | BEGIN_MESSAGE_MAP(CAboutDlg, CDialogEx)
49 | END_MESSAGE_MAP()
50 |
51 |
52 | // CMFCGetContactsDlg 对话框
53 |
54 |
55 |
56 | CMFCGetContactsDlg::CMFCGetContactsDlg(CWnd* pParent /*=nullptr*/)
57 | : CDialogEx(IDD_MFCGETCONTACTS_DIALOG, pParent)
58 | {
59 | m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);
60 | }
61 |
62 | void CMFCGetContactsDlg::DoDataExchange(CDataExchange* pDX)
63 | {
64 | CDialogEx::DoDataExchange(pDX);
65 | DDX_Control(pDX, IDC_LIST1, m_ContactList);
66 | }
67 |
68 | BEGIN_MESSAGE_MAP(CMFCGetContactsDlg, CDialogEx)
69 | ON_WM_SYSCOMMAND()
70 | ON_WM_PAINT()
71 | ON_WM_QUERYDRAGICON()
72 | ON_BN_CLICKED(IDC_BUTTON_UPDATE_CONTACTS, &CMFCGetContactsDlg::OnBnClickedButtonUpdateContacts)
73 | END_MESSAGE_MAP()
74 |
75 |
76 | // CMFCGetContactsDlg 消息处理程序
77 |
78 | BOOL CMFCGetContactsDlg::OnInitDialog()
79 | {
80 | CDialogEx::OnInitDialog();
81 |
82 | // 将“关于...”菜单项添加到系统菜单中。
83 |
84 | // IDM_ABOUTBOX 必须在系统命令范围内。
85 | ASSERT((IDM_ABOUTBOX & 0xFFF0) == IDM_ABOUTBOX);
86 | ASSERT(IDM_ABOUTBOX < 0xF000);
87 |
88 | CMenu* pSysMenu = GetSystemMenu(FALSE);
89 | if (pSysMenu != nullptr)
90 | {
91 | BOOL bNameValid;
92 | CString strAboutMenu;
93 | bNameValid = strAboutMenu.LoadString(IDS_ABOUTBOX);
94 | ASSERT(bNameValid);
95 | if (!strAboutMenu.IsEmpty())
96 | {
97 | pSysMenu->AppendMenu(MF_SEPARATOR);
98 | pSysMenu->AppendMenu(MF_STRING, IDM_ABOUTBOX, strAboutMenu);
99 | }
100 | }
101 |
102 | // 设置此对话框的图标。 当应用程序主窗口不是对话框时,框架将自动
103 | // 执行此操作
104 | SetIcon(m_hIcon, TRUE); // 设置大图标
105 | SetIcon(m_hIcon, FALSE); // 设置小图标
106 |
107 | m_ContactList.SetExtendedStyle(LVS_EX_FULLROWSELECT | LVS_EX_GRIDLINES);
108 | m_ContactList.InsertColumn(0, _T("编号"), LVCFMT_LEFT, 50);
109 | m_ContactList.InsertColumn(1, _T("微信ID"), LVCFMT_LEFT, 200); // 插入第2列的列名
110 | m_ContactList.InsertColumn(2, _T("微信号"), LVCFMT_LEFT, 200); // 插入第3列的列名
111 | m_ContactList.InsertColumn(3, _T("微信名"), LVCFMT_LEFT, 300); // 插入第4列的列名
112 |
113 | return TRUE; // 除非将焦点设置到控件,否则返回 TRUE
114 | }
115 |
116 | void CMFCGetContactsDlg::OnSysCommand(UINT nID, LPARAM lParam)
117 | {
118 | if ((nID & 0xFFF0) == IDM_ABOUTBOX)
119 | {
120 | CAboutDlg dlgAbout;
121 | dlgAbout.DoModal();
122 | }
123 | else
124 | {
125 | CDialogEx::OnSysCommand(nID, lParam);
126 | }
127 | }
128 |
129 | // 如果向对话框添加最小化按钮,则需要下面的代码
130 | // 来绘制该图标。 对于使用文档/视图模型的 MFC 应用程序,
131 | // 这将由框架自动完成。
132 |
133 | void CMFCGetContactsDlg::OnPaint()
134 | {
135 | if (IsIconic())
136 | {
137 | CPaintDC dc(this); // 用于绘制的设备上下文
138 |
139 | SendMessage(WM_ICONERASEBKGND, reinterpret_cast(dc.GetSafeHdc()), 0);
140 |
141 | // 使图标在工作区矩形中居中
142 | int cxIcon = GetSystemMetrics(SM_CXICON);
143 | int cyIcon = GetSystemMetrics(SM_CYICON);
144 | CRect rect;
145 | GetClientRect(&rect);
146 | int x = (rect.Width() - cxIcon + 1) / 2;
147 | int y = (rect.Height() - cyIcon + 1) / 2;
148 |
149 | // 绘制图标
150 | dc.DrawIcon(x, y, m_hIcon);
151 | }
152 | else
153 | {
154 | CDialogEx::OnPaint();
155 | }
156 | }
157 |
158 | //当用户拖动最小化窗口时系统调用此函数取得光标
159 | //显示。
160 | HCURSOR CMFCGetContactsDlg::OnQueryDragIcon()
161 | {
162 | return static_cast(m_hIcon);
163 | }
164 |
165 |
166 | DWORD GetIntByAddress(HANDLE hProcess, DWORD address)
167 | {
168 | DWORD intValue = 0;
169 |
170 | ReadProcessMemory(hProcess, (LPVOID)address, &intValue, 4, 0);
171 |
172 | return intValue;
173 | }
174 |
175 | CString GetUnicodeInfoByAddress(HANDLE hProcess, DWORD address)
176 | {
177 | CString csValue = L"";
178 |
179 | DWORD strAddress = GetIntByAddress(hProcess, address);
180 | DWORD strLen = GetIntByAddress(hProcess, address + 0x4);
181 | if (strLen > 500) return csValue;
182 |
183 | wchar_t cValue[500] = { 0 };
184 | memset(cValue, 0, sizeof(cValue) / sizeof(wchar_t));
185 | if (ReadProcessMemory(hProcess, (LPVOID)strAddress, cValue, (strLen + 1) * 2, 0))
186 | {
187 | csValue = CString(cValue);
188 | }
189 |
190 | return csValue;
191 | }
192 |
193 | DWORD FindProgressPidByName(const char* progressName)
194 | {
195 | DWORD processID = 0;
196 |
197 | PROCESSENTRY32 pe32 = { 0 };
198 | pe32.dwSize = sizeof(PROCESSENTRY32);
199 |
200 | // 获取所有进程的信息
201 | HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
202 |
203 | // 拿到第一个进程的信息
204 | if (Process32First(hSnapshot, &pe32) == TRUE)
205 | {
206 | do
207 | {
208 | USES_CONVERSION;
209 | // 进程名字是progressName就返回
210 | if (strcmp(progressName, W2A(pe32.szExeFile)) == 0)
211 | {
212 | processID = pe32.th32ProcessID;
213 | break;
214 | }
215 | // 进程名字不是progressName,获取下一个进程信息
216 | } while (Process32Next(hSnapshot, &pe32));
217 | }
218 |
219 | CloseHandle(hSnapshot);
220 |
221 | return processID;
222 | }
223 |
224 | DWORD GetDLLBaseAddress(DWORD processID, const wchar_t* moduleName)
225 | {
226 | DWORD moduleBaseAddress = 0;
227 |
228 | // 获取进程ID processID 对应的进程信息
229 | HANDLE hProcessSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, processID);
230 | if (hProcessSnapshot == INVALID_HANDLE_VALUE) return moduleBaseAddress;
231 |
232 | MODULEENTRY32 me32;
233 | SecureZeroMemory(&me32, sizeof(MODULEENTRY32));
234 | me32.dwSize = sizeof(MODULEENTRY32);
235 |
236 | // 遍历进程的模块信息
237 | while (Module32Next(hProcessSnapshot, &me32))
238 | {
239 | me32.dwSize = sizeof(MODULEENTRY32);
240 |
241 | // 判断是不是目标模块moduleName
242 | if (!_tcscmp(me32.szModule, moduleName))
243 | {
244 | moduleBaseAddress = (DWORD)me32.modBaseAddr;
245 | break;
246 | }
247 | }
248 |
249 | CloseHandle(hProcessSnapshot);
250 |
251 | return moduleBaseAddress;
252 | }
253 |
254 | // 先序遍历
255 | void CMFCGetContactsDlg::PreOrder(HANDLE hProcess, DWORD nodeAddress)
256 | {
257 | // 空节点退出
258 | BYTE nodeStatus = GetIntByAddress(hProcess, nodeAddress + 0xD);
259 | if (nodeStatus != 0) return;
260 |
261 | // 先遍历左节点
262 | DWORD leftNodeAddress = GetIntByAddress(hProcess, nodeAddress + 0x0);
263 | PreOrder(hProcess, leftNodeAddress);
264 |
265 | // 获取当前节点信息
266 | CString wxId = GetUnicodeInfoByAddress(hProcess, nodeAddress + 0x30);
267 | CString wxCode = GetUnicodeInfoByAddress(hProcess, nodeAddress + 0x44);
268 | CString wxName = GetUnicodeInfoByAddress(hProcess, nodeAddress + 0x8C);
269 | CString wxV1 = GetUnicodeInfoByAddress(hProcess, nodeAddress + 0x58);
270 |
271 | // 显示到界面
272 | CString csIndex;
273 | int listIndex = m_ContactList.GetItemCount();
274 | csIndex.Format(L"%d", listIndex + 1);
275 | m_ContactList.InsertItem(listIndex, csIndex);
276 | m_ContactList.SetItemText(listIndex, 0, csIndex);
277 | m_ContactList.SetItemText(listIndex, 1, wxId);
278 | m_ContactList.SetItemText(listIndex, 2, wxCode);
279 | m_ContactList.SetItemText(listIndex, 3, wxName);
280 |
281 | // 最后遍历右节点
282 | DWORD rightNodeAddress = GetIntByAddress(hProcess, nodeAddress + 0x8);
283 | PreOrder(hProcess, rightNodeAddress);
284 | }
285 |
286 | void CMFCGetContactsDlg::OnBnClickedButtonUpdateContacts()
287 | {
288 | // 0、清空界面上的数据
289 | m_ContactList.DeleteAllItems();
290 |
291 |
292 | // 1、获取DLL模块基址
293 |
294 | // 进程IP
295 | DWORD processID = FindProgressPidByName("WeChat.exe");
296 | // 进程句柄
297 | HANDLE hProcess = OpenProcess(PROCESS_VM_READ, FALSE, processID);
298 | // 模块基址
299 | DWORD dllBaseAddress = GetDLLBaseAddress(processID, L"WeChatWin.dll");
300 |
301 |
302 | // 2、获取通讯录二叉树头
303 | //根节点 = [[[WeChatWin.dll + 0x16B5060] + 0x28 + 0x84]] + 0x4]
304 | DWORD Address1 = dllBaseAddress + 0x16B5060;
305 | DWORD Address2 = GetIntByAddress(hProcess, Address1);
306 | DWORD Address3 = GetIntByAddress(hProcess, Address2 + 0x28 + 0x84);
307 | DWORD firstNodeAddress = GetIntByAddress(hProcess, Address3 + 0x4);
308 |
309 |
310 | // 3、遍历通讯录
311 | PreOrder(hProcess, firstNodeAddress);
312 |
313 | CloseHandle(hProcess);
314 | }
315 |
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/MFCGetContactsDlg.h:
--------------------------------------------------------------------------------
1 |
2 | // MFCGetContactsDlg.h: 头文件
3 | //
4 |
5 | #pragma once
6 |
7 |
8 | // CMFCGetContactsDlg 对话框
9 | class CMFCGetContactsDlg : public CDialogEx
10 | {
11 | // 构造
12 | public:
13 | CMFCGetContactsDlg(CWnd* pParent = nullptr); // 标准构造函数
14 |
15 | // 对话框数据
16 | #ifdef AFX_DESIGN_TIME
17 | enum { IDD = IDD_MFCGETCONTACTS_DIALOG };
18 | #endif
19 |
20 | protected:
21 | virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
22 |
23 |
24 | // 实现
25 | protected:
26 | HICON m_hIcon;
27 |
28 | // 生成的消息映射函数
29 | virtual BOOL OnInitDialog();
30 | afx_msg void OnSysCommand(UINT nID, LPARAM lParam);
31 | afx_msg void OnPaint();
32 | afx_msg HCURSOR OnQueryDragIcon();
33 | DECLARE_MESSAGE_MAP()
34 | public:
35 | CListCtrl m_ContactList;
36 | afx_msg void PreOrder(HANDLE hProcess, DWORD nodeAddress);
37 | void OnBnClickedButtonUpdateContacts();
38 | };
39 |
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/res/MFCGetContacts.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/res/MFCGetContacts.ico
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/res/MFCGetContacts.rc2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/res/MFCGetContacts.rc2
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/resource.h:
--------------------------------------------------------------------------------
1 | //{{NO_DEPENDENCIES}}
2 | // Microsoft Visual C++ 生成的包含文件。
3 | // 供 MFCGetContacts.rc 使用
4 | //
5 | #define IDM_ABOUTBOX 0x0010
6 | #define IDD_ABOUTBOX 100
7 | #define IDS_ABOUTBOX 101
8 | #define IDD_MFCGETCONTACTS_DIALOG 102
9 | #define IDR_MAINFRAME 128
10 | #define IDC_BUTTON1 1000
11 | #define IDC_BUTTON_UPDATE_CONTACTS 1000
12 | #define IDC_LIST1 1001
13 |
14 | // Next default values for new objects
15 | //
16 | #ifdef APSTUDIO_INVOKED
17 | #ifndef APSTUDIO_READONLY_SYMBOLS
18 | #define _APS_NEXT_RESOURCE_VALUE 130
19 | #define _APS_NEXT_COMMAND_VALUE 32771
20 | #define _APS_NEXT_CONTROL_VALUE 1002
21 | #define _APS_NEXT_SYMED_VALUE 101
22 | #endif
23 | #endif
24 |
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/stdafx.cpp:
--------------------------------------------------------------------------------
1 |
2 | // stdafx.cpp : 只包括标准包含文件的源文件
3 | // MFCGetContacts.pch 将作为预编译标头
4 | // stdafx.obj 将包含预编译类型信息
5 |
6 | #include "stdafx.h"
7 |
8 |
9 |
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/stdafx.h:
--------------------------------------------------------------------------------
1 |
2 | // stdafx.h : 标准系统包含文件的包含文件,
3 | // 或是经常使用但不常更改的
4 | // 特定于项目的包含文件
5 |
6 | #pragma once
7 |
8 | #ifndef VC_EXTRALEAN
9 | #define VC_EXTRALEAN // 从 Windows 头中排除极少使用的资料
10 | #endif
11 |
12 | #include "targetver.h"
13 |
14 | #define _ATL_CSTRING_EXPLICIT_CONSTRUCTORS // 某些 CString 构造函数将是显式的
15 |
16 | // 关闭 MFC 对某些常见但经常可放心忽略的警告消息的隐藏
17 | #define _AFX_ALL_WARNINGS
18 |
19 | #include // MFC 核心组件和标准组件
20 | #include // MFC 扩展
21 |
22 |
23 | #include // MFC 自动化类
24 |
25 |
26 |
27 | #ifndef _AFX_NO_OLE_SUPPORT
28 | #include // MFC 对 Internet Explorer 4 公共控件的支持
29 | #endif
30 | #ifndef _AFX_NO_AFXCMN_SUPPORT
31 | #include // MFC 对 Windows 公共控件的支持
32 | #endif // _AFX_NO_AFXCMN_SUPPORT
33 |
34 | #include // 功能区和控件条的 MFC 支持
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 | #ifdef _UNICODE
45 | #if defined _M_IX86
46 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='x86' publicKeyToken='6595b64144ccf1df' language='*'\"")
47 | #elif defined _M_X64
48 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='amd64' publicKeyToken='6595b64144ccf1df' language='*'\"")
49 | #else
50 | #pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='*' publicKeyToken='6595b64144ccf1df' language='*'\"")
51 | #endif
52 | #endif
53 |
54 |
55 |
--------------------------------------------------------------------------------
/逆向入门源码/通讯录/MFCGetContacts/MFCGetContacts/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | // 包括 SDKDDKVer.h 将定义可用的最高版本的 Windows 平台。
4 |
5 | // 如果要为以前的 Windows 平台生成应用程序,请包括 WinSDKVer.h,并将
6 | // 将 _WIN32_WINNT 宏设置为要支持的平台,然后再包括 SDKDDKVer.h。
7 |
8 | #include
9 |
--------------------------------------------------------------------------------
/通讯录-非注入/WeChatContacts.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/通讯录-非注入/WeChatContacts.exe
--------------------------------------------------------------------------------
/通讯录-非注入/WeChatContacts.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 15
4 | VisualStudioVersion = 15.0.28307.902
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "WeChatContacts", "WeChatContacts\WeChatContacts.vcxproj", "{716CE058-1097-4CC7-AF50-0B7E28DE9A1A}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|x64 = Debug|x64
11 | Debug|x86 = Debug|x86
12 | Release|x64 = Release|x64
13 | Release|x86 = Release|x86
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {716CE058-1097-4CC7-AF50-0B7E28DE9A1A}.Debug|x64.ActiveCfg = Debug|x64
17 | {716CE058-1097-4CC7-AF50-0B7E28DE9A1A}.Debug|x64.Build.0 = Debug|x64
18 | {716CE058-1097-4CC7-AF50-0B7E28DE9A1A}.Debug|x86.ActiveCfg = Debug|Win32
19 | {716CE058-1097-4CC7-AF50-0B7E28DE9A1A}.Debug|x86.Build.0 = Debug|Win32
20 | {716CE058-1097-4CC7-AF50-0B7E28DE9A1A}.Release|x64.ActiveCfg = Release|x64
21 | {716CE058-1097-4CC7-AF50-0B7E28DE9A1A}.Release|x64.Build.0 = Release|x64
22 | {716CE058-1097-4CC7-AF50-0B7E28DE9A1A}.Release|x86.ActiveCfg = Release|Win32
23 | {716CE058-1097-4CC7-AF50-0B7E28DE9A1A}.Release|x86.Build.0 = Release|Win32
24 | EndGlobalSection
25 | GlobalSection(SolutionProperties) = preSolution
26 | HideSolutionNode = FALSE
27 | EndGlobalSection
28 | GlobalSection(ExtensibilityGlobals) = postSolution
29 | SolutionGuid = {4E1F814E-30AE-4B9A-8EAE-8DCCA45D19A0}
30 | EndGlobalSection
31 | EndGlobal
32 |
--------------------------------------------------------------------------------
/通讯录-非注入/WeChatContacts/WeChatContacts.aps:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/通讯录-非注入/WeChatContacts/WeChatContacts.aps
--------------------------------------------------------------------------------
/通讯录-非注入/WeChatContacts/WeChatContacts.cpp:
--------------------------------------------------------------------------------
1 |
2 | // WeChatContacts.cpp: 定义应用程序的类行为。
3 | //
4 |
5 | #include "stdafx.h"
6 | #include "WeChatContacts.h"
7 | #include "WeChatContactsDlg.h"
8 |
9 | #ifdef _DEBUG
10 | #define new DEBUG_NEW
11 | #endif
12 |
13 |
14 | // CWeChatContactsApp
15 |
16 | BEGIN_MESSAGE_MAP(CWeChatContactsApp, CWinApp)
17 | ON_COMMAND(ID_HELP, &CWinApp::OnHelp)
18 | END_MESSAGE_MAP()
19 |
20 |
21 | // CWeChatContactsApp 构造
22 |
23 | CWeChatContactsApp::CWeChatContactsApp()
24 | {
25 | // 支持重新启动管理器
26 | m_dwRestartManagerSupportFlags = AFX_RESTART_MANAGER_SUPPORT_RESTART;
27 |
28 | // TODO: 在此处添加构造代码,
29 | // 将所有重要的初始化放置在 InitInstance 中
30 | }
31 |
32 |
33 | // 唯一的 CWeChatContactsApp 对象
34 |
35 | CWeChatContactsApp theApp;
36 |
37 |
38 | // CWeChatContactsApp 初始化
39 |
40 | BOOL CWeChatContactsApp::InitInstance()
41 | {
42 | // 如果一个运行在 Windows XP 上的应用程序清单指定要
43 | // 使用 ComCtl32.dll 版本 6 或更高版本来启用可视化方式,
44 | //则需要 InitCommonControlsEx()。 否则,将无法创建窗口。
45 | INITCOMMONCONTROLSEX InitCtrls;
46 | InitCtrls.dwSize = sizeof(InitCtrls);
47 | // 将它设置为包括所有要在应用程序中使用的
48 | // 公共控件类。
49 | InitCtrls.dwICC = ICC_WIN95_CLASSES;
50 | InitCommonControlsEx(&InitCtrls);
51 |
52 | CWinApp::InitInstance();
53 |
54 |
55 | AfxEnableControlContainer();
56 |
57 | // 创建 shell 管理器,以防对话框包含
58 | // 任何 shell 树视图控件或 shell 列表视图控件。
59 | CShellManager *pShellManager = new CShellManager;
60 |
61 | // 激活“Windows Native”视觉管理器,以便在 MFC 控件中启用主题
62 | CMFCVisualManager::SetDefaultManager(RUNTIME_CLASS(CMFCVisualManagerWindows));
63 |
64 | // 标准初始化
65 | // 如果未使用这些功能并希望减小
66 | // 最终可执行文件的大小,则应移除下列
67 | // 不需要的特定初始化例程
68 | // 更改用于存储设置的注册表项
69 | // TODO: 应适当修改该字符串,
70 | // 例如修改为公司或组织名
71 | SetRegistryKey(_T("应用程序向导生成的本地应用程序"));
72 |
73 | CWeChatContactsDlg dlg;
74 | m_pMainWnd = &dlg;
75 | INT_PTR nResponse = dlg.DoModal();
76 | if (nResponse == IDOK)
77 | {
78 | // TODO: 在此放置处理何时用
79 | // “确定”来关闭对话框的代码
80 | }
81 | else if (nResponse == IDCANCEL)
82 | {
83 | // TODO: 在此放置处理何时用
84 | // “取消”来关闭对话框的代码
85 | }
86 | else if (nResponse == -1)
87 | {
88 | TRACE(traceAppMsg, 0, "警告: 对话框创建失败,应用程序将意外终止。\n");
89 | TRACE(traceAppMsg, 0, "警告: 如果您在对话框上使用 MFC 控件,则无法 #define _AFX_NO_MFC_CONTROLS_IN_DIALOGS。\n");
90 | }
91 |
92 | // 删除上面创建的 shell 管理器。
93 | if (pShellManager != nullptr)
94 | {
95 | delete pShellManager;
96 | }
97 |
98 | #if !defined(_AFXDLL) && !defined(_AFX_NO_MFC_CONTROLS_IN_DIALOGS)
99 | ControlBarCleanUp();
100 | #endif
101 |
102 | // 由于对话框已关闭,所以将返回 FALSE 以便退出应用程序,
103 | // 而不是启动应用程序的消息泵。
104 | return FALSE;
105 | }
106 |
107 |
--------------------------------------------------------------------------------
/通讯录-非注入/WeChatContacts/WeChatContacts.h:
--------------------------------------------------------------------------------
1 |
2 | // WeChatContacts.h: PROJECT_NAME 应用程序的主头文件
3 | //
4 |
5 | #pragma once
6 |
7 | #ifndef __AFXWIN_H__
8 | #error "在包含此文件之前包含“stdafx.h”以生成 PCH 文件"
9 | #endif
10 |
11 | #include "resource.h" // 主符号
12 |
13 |
14 | // CWeChatContactsApp:
15 | // 有关此类的实现,请参阅 WeChatContacts.cpp
16 | //
17 |
18 | class CWeChatContactsApp : public CWinApp
19 | {
20 | public:
21 | CWeChatContactsApp();
22 |
23 | // 重写
24 | public:
25 | virtual BOOL InitInstance();
26 |
27 | // 实现
28 |
29 | DECLARE_MESSAGE_MAP()
30 | };
31 |
32 | extern CWeChatContactsApp theApp;
33 |
--------------------------------------------------------------------------------
/通讯录-非注入/WeChatContacts/WeChatContacts.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/KongKong20/WeChatPCHook/d1d61e6979fd8c1c3074788dd87f00047877b7c8/通讯录-非注入/WeChatContacts/WeChatContacts.rc
--------------------------------------------------------------------------------
/通讯录-非注入/WeChatContacts/WeChatContacts.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 |
18 |
19 | 头文件
20 |
21 |
22 | 头文件
23 |
24 |
25 | 头文件
26 |
27 |
28 | 头文件
29 |
30 |
31 | 头文件
32 |
33 |
34 |
35 |
36 | 源文件
37 |
38 |
39 | 源文件
40 |
41 |
42 | 源文件
43 |
44 |
45 |
46 |
47 | 资源文件
48 |
49 |
50 |
51 |
52 | 资源文件
53 |
54 |
55 |
56 |
57 | 资源文件
58 |
59 |
60 |
--------------------------------------------------------------------------------
/通讯录-非注入/WeChatContacts/WeChatContacts.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | WeChatContacts.rc
5 |
6 |
--------------------------------------------------------------------------------
/通讯录-非注入/WeChatContacts/WeChatContactsDlg.cpp:
--------------------------------------------------------------------------------
1 | // WeChatContactsDlg.cpp: 实现文件
2 | //
3 |
4 | #include "stdafx.h"
5 | #include "WeChatContacts.h"
6 | #include "WeChatContactsDlg.h"
7 | #include "afxdialogex.h"
8 | #include "tlhelp32.h"
9 | #include "afxdialogex.h"
10 | #include
11 | #include
12 |
13 | #include