Merge branch 'xaoyaoo:master' into master

2024-01-29 10:00:42 +08:00 · 2024-01-29 10:00:42 +08:00 · 10cca704e8
commit 10cca704e8
parent 4573ce1e72 77805f42d4
6 changed files with 400 additions and 367 deletions
--- a/doc/CHANGELOG.md
+++ b/doc/CHANGELOG.md
@ -1,5 +1,17 @@
+## v2.4.28
+
+- 更新FAQ
+- v2.4.28
+- 更新偏移地址获取函数
+- 更新test Bias
+- 3.9.9.35 版本支持
+- UPDATE CHANGELOG.md
+- add video api (#69)
+- Merge branch 'master' of https://github.com/xaoyaoo/PyWxDump
+
 ## v2.4.27

+- UPDATE CHANGELOG.md
 - fix 自动解密中获取主要数据库失败问题

 ## v2.4.26
--- a/doc/FAQ.md
+++ b/doc/FAQ.md
@ -139,3 +139,8 @@ eg：`wxdump.exe merge -i "C:\Users\user\Desktop\decrypted\MSG0.db,C:\Users\user

 不能，必须登录微信才能获取到密钥。
 但是可以保存密钥，下次再次使用时候，不需要登录即可。
+
+### 二十一、打开浏览器页面空白
+
+https://blog.csdn.net/qq_46106285/article/details/124749512 
+根据这个链接进行修复
--- a/pywxdump/init.py
+++ b/pywxdump/init.py
@ -23,4 +23,4 @@ except:
    VERSION_LIST = {}
    VERSION_LIST_PATH = None

-__version__ = "2.4.27"
+__version__ = "2.4.28"
--- a/pywxdump/version_list.json
+++ b/pywxdump/version_list.json
@ -355,5 +355,12 @@
    68065112,
    0,
    68066576
+  ],
+  "3.9.9.35": [
+    68065304,
+    68066640,
+    68065112,
+    0,
+    68066576
  ]
 }
--- a/pywxdump/wx_info/get_bias_addr.py
+++ b/pywxdump/wx_info/get_bias_addr.py
@ -68,6 +68,10 @@ class BiasAddr:
        return ret

    def get_key_bias1(self):
+        """
+        2024.01.26 wx version：3.9.9.35 失效
+        :return:
+        """
        try:
            byteLen = self.address_len  # 4 if self.bits == 32 else 8  # 4字节或8字节

@ -119,20 +123,25 @@ class BiasAddr:
        phone_type2 = "android\x00"
        phone_type3 = "ipad\x00"

-        pm = pymem.Pymem("WeChat.exe")
+        pm = pymem.Pymem(self.pid)
        module_name = "WeChatWin.dll"

        MicroMsg_path = os.path.join(db_path, "MSG", "MicroMsg.db")

+        type1_addrs = pm.pattern_scan_module(phone_type1.encode(), module_name, return_multiple=True)
+        type2_addrs = pm.pattern_scan_module(phone_type2.encode(), module_name, return_multiple=True)
+        type3_addrs = pm.pattern_scan_module(phone_type3.encode(), module_name, return_multiple=True)
+
+        type_addrs = []
+        if len(type1_addrs) >= 2: type_addrs += type1_addrs
+        if len(type2_addrs) >= 2: type_addrs += type2_addrs
+        if len(type3_addrs) >= 2: type_addrs += type3_addrs
+        if len(type_addrs) == 0: return "None"
+
+        type_addrs.sort()  # 从小到大排序
+
        module = pymem.process.module_from_name(pm.process_handle, module_name)

-        type1_addrs = pm.pattern_scan_module(phone_type1.encode(), module, return_multiple=True)
-        type2_addrs = pm.pattern_scan_module(phone_type2.encode(), module, return_multiple=True)
-        type3_addrs = pm.pattern_scan_module(phone_type3.encode(), module, return_multiple=True)
-        type_addrs = type1_addrs if len(type1_addrs) >= 2 else type2_addrs if len(
-            type2_addrs) >= 2 else type3_addrs if len(type3_addrs) >= 2 else "None"
-        if type_addrs == "None":
-            return 0
        for i in type_addrs[::-1]:
            for j in range(i, i - 2000, -addr_len):
                key_bytes = read_key_bytes(pm.process_handle, j, addr_len)
--- a/tests/test_Bias.py
+++ b/tests/test_Bias.py
@ -7,7 +7,7 @@
 # -------------------------------------------------------------------------------
 import pywxdump
 from pywxdump import VERSION_LIST_PATH, VERSION_LIST
-from pywxdump.bias_addr import BiasAddr
+from pywxdump import BiasAddr
 from pywxdump.wx_info import read_info

 mobile = '13800138000'