├── requirements.txt
├── .gitignore
├── config.py
├── readme.md
├── LICENSE
└── main.py


/requirements.txt:
--------------------------------------------------------------------------------
1 | pymem


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | .idea
2 | __pycache__


--------------------------------------------------------------------------------
/config.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/python
 2 | # -*- coding: UTF-8 -*-
 3 | """
 4 | @ Author: HeliantHuS
 5 | @ Codes are far away from bugs with the animal protecting
 6 | @ Time:  6/23/2020
 7 | @ FileName: config.py
 8 | """
 9 | 
10 | # wechatVersion = "2.6.6.28"
11 | # wechatOffset = 0x1131B64
12 | 
13 | # wechatVersion = "2.9.0.123"
14 | # wechatOffset = 0x16B4D50
15 | 
16 | # wechatVersion = "2.9.0.112"
17 | # wechatOffset = 0x16B4C70
18 | 
19 | # wechatVersion = "3.7.0.30"
20 | # wechatOffset = 0x2366524
21 | 
22 | # wechatVersion = "3.9.6.33"
23 | # wechatOffset = 0x3B28800
24 | 
25 | wechatVersion = "3.9.7.15"
26 | wechatOffset = 0x3C8B040
27 | 
28 | 


--------------------------------------------------------------------------------
/readme.md:
--------------------------------------------------------------------------------
 1 | # GetWeChatDBPassword
 2 | 用于获取`Windows`版本的微信聊天记录数据库密码, 可以自己添加各种版本的偏移量.
 3 | 
 4 | ## 介绍
 5 | #### config.py
 6 | 用于配置版本号以及偏移量
 7 | 
 8 | #### main.py
 9 | 主程序, 通过[Pymem](https://github.com/srounet/Pymem)模块来进行进程中内存数据的查找 (果然好东西知道的人就是少, 这东西真的好用).
10 | 
11 | 程序运行结果示例: 
12 | ```python
13 |         当前微信版本: 2.9.0.123,
14 |         WeChatWin.Dll的基地址为: 0x78880000,
15 |         最终密码的位置为: 0x79f34d50,
16 |         ChatMsg.db的密码为: d1eef413cac44d5a9572411334144af01de56ddf05aa49a3b820b8c1a6a9bc35,
17 |         解密数据库的C语言格式密码:
18 |         unsigned char pass[] = {0xd1, 0xee, 0xf4, 0x13, 0xca, 0xc4, 0x4d, 0x5a, 0x95, 0x72, 0x41, 0x13, 0x34, 0x14, 0x4a, 0xf0, 0x1d, 0xe5, 0x6d, 0xdf, 0x05, 0xaa, 0x49, 0xa3, 0xb8, 0x20, 0xb8, 0xc1, 0xa6, 0xa9, 0xbc, 0x35, };
19 | 
20 | 
21 | 
22 |             Enjoy Python!
23 | ```
24 | 程序编写时, `Windows`版本微信最新版本为`2.9.0.123`, 具体可用版本请看`config.py`里面的版本
25 | 
26 | ## 感谢
27 | 程序使用`PyCharm`进行编写, 特此感谢[JetBrains](https://www.jetbrains.com/)提供的开源许可。
28 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2023 Hel1antHu5
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.


--------------------------------------------------------------------------------
/main.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/python
 2 | # -*- coding: UTF-8 -*-
 3 | """
 4 | @ Author: HeliantHuS
 5 | @ Codes are far away from bugs with the animal protecting
 6 | @ Time:  6/23/2020
 7 | @ FileName: main.py
 8 | """
 9 | 
10 | import pymem
11 | import config
12 | import struct
13 | import binascii
14 | 
15 | # getCBytes 获得C语言格式的密码
16 | def getCBytes(password) -> str:
17 |     result = ""
18 |     for i in range(0, len(password), 2):
19 |         result += "0x" + password[i:i + 2] + ", "
20 | 
21 |     return """
22 |         unsigned char pass[] = {%s};
23 |     """ % (result)
24 | 
25 | 
26 | # getPassword 获得数据库密码
27 | def getPassword(p) -> (int, str):
28 |     # 得到这个进程加载的WeChatWin.dll的基地址
29 |     base_address = pymem.process.module_from_name(p.process_handle, "wechatwin.dll").lpBaseOfDll
30 | 
31 |     # 获得一个地址中内存的数据
32 |     result = p.read_bytes(base_address + config.wechatOffset, 4)
33 |     addr = struct.unpack("<I", result)[0]
34 | 
35 |     # 读上一个内存中存储的地址的内容
36 |     password = p.read_bytes(addr, 0x20)
37 | 
38 |     # 解码
39 |     result = binascii.b2a_hex(password)
40 |     return base_address, result.decode()
41 | 
42 | 
43 | # printResult 打印最后的结果 (更好看一些
44 | def printResult(base_offset, password) -> None:
45 |     print(f"""
46 |         当前微信版本: {config.wechatVersion},
47 |         WeChatWin.Dll的基地址为: {hex(base_offset)},
48 |         最终密码的位置为: {hex(base_offset + config.wechatOffset)},
49 |         ChatMsg.db的密码为: {password},
50 |         解密数据库的C语言格式密码: {getCBytes(password)}
51 | 
52 | 
53 |             Enjoy Python!  
54 |                 By: HeliantHuS
55 |     """)
56 | 
57 | 
58 | if __name__ == '__main__':
59 |     p = pymem.Pymem()
60 |     p.open_process_from_name("WeChat.exe")
61 |     base_offset, password = getPassword(p)
62 |     printResult(base_offset, password)
63 | 


--------------------------------------------------------------------------------