cyonjan/PyWxDump
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'xaoyaoo:master' into master

Browse Source
This commit is contained in:
LVtomatoJ 2024-01-29 10:00:42 +08:00 committed by GitHub
commit 10cca704e8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 400 additions and 367 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
doc/CHANGELOG.md
View File

@ -1,5 +1,17 @@
## v2.4.28
- 更新FAQ
- v2.4.28
- 更新偏移地址获取函数
- 更新test Bias
- 3.9.9.35 版本支持
- UPDATE CHANGELOG.md
- add video api (#69)
- Merge branch 'master' of https://github.com/xaoyaoo/PyWxDump
## v2.4.27
- UPDATE CHANGELOG.md
- fix 自动解密中获取主要数据库失败问题
## v2.4.26

5
doc/FAQ.md
View File

@ -139,3 +139,8 @@ eg`wxdump.exe merge -i "C:\Users\user\Desktop\decrypted\MSG0.db,C:\Users\user
不能,必须登录微信才能获取到密钥。
但是可以保存密钥,下次再次使用时候,不需要登录即可。
### 二十一、打开浏览器页面空白
https://blog.csdn.net/qq_46106285/article/details/124749512
根据这个链接进行修复

2
pywxdump/__init__.py
View File

@ -23,4 +23,4 @@ except:
VERSION_LIST = {}
VERSION_LIST_PATH = None
__version__ = "2.4.27"
__version__ = "2.4.28"

721
pywxdump/version_list.json
View File

@ -1,359 +1,366 @@
{
"3.2.1.154": [
328121948,
328122328,
328123056,
328121976,
328123020
],
"3.3.0.115": [
31323364,
31323744,
31324472,
31323392,
31324436
],
"3.3.0.84": [
31315212,
31315592,
31316320,
31315240,
31316284
],
"3.3.0.93": [
31323364,
31323744,
31324472,
31323392,
31324436
],
"3.3.5.34": [
30603028,
30603408,
30604120,
30603056,
30604100
],
"3.3.5.42": [
30603012,
30603392,
30604120,
30603040,
30604084
],
"3.3.5.46": [
30578372,
30578752,
30579480,
30578400,
30579444
],
"3.4.0.37": [
31608116,
31608496,
31609224,
31608144,
31609188
],
"3.4.0.38": [
31604044,
31604424,
31605152,
31604072,
31605116
],
"3.4.0.50": [
31688500,
31688880,
31689608,
31688528,
31689572
],
"3.4.0.54": [
31700852,
31701248,
31700920,
31700880,
31701924
],
"3.4.5.27": [
32133788,
32134168,
32134896,
32133816,
32134860
],
"3.4.5.45": [
32147012,
32147392,
32147064,
32147040,
32148084
],
"3.5.0.20": [
35494484,
35494864,
35494536,
35494512,
35495556
],
"3.5.0.29": [
35507980,
35508360,
35508032,
35508008,
35509052
],
"3.5.0.33": [
35512140,
35512520,
35512192,
35512168,
35513212
],
"3.5.0.39": [
35516236,
35516616,
35516288,
35516264,
35517308
],
"3.5.0.42": [
35512140,
35512520,
35512192,
35512168,
35513212
],
"3.5.0.44": [
35510836,
35511216,
35510896,
35510864,
35511908
],
"3.5.0.46": [
35506740,
35507120,
35506800,
35506768,
35507812
],
"3.6.0.18": [
35842996,
35843376,
35843048,
35843024,
35844068
],
"3.6.5.7": [
35864356,
35864736,
35864408,
35864384,
35865428
],
"3.6.5.16": [
35909428,
35909808,
35909480,
35909456,
35910500
],
"3.7.0.26": [
37105908,
37106288,
37105960,
37105936,
37106980
],
"3.7.0.29": [
37105908,
37106288,
37105960,
37105936,
37106980
],
"3.7.0.30": [
37118196,
37118576,
37118248,
37118224,
37119268
],
"3.7.5.11": [
37883280,
37884088,
37883136,
37883008,
37884052
],
"3.7.5.23": [
37895736,
37896544,
37895592,
37883008,
37896508
],
"3.7.5.27": [
37895736,
37896544,
37895592,
37895464,
37896508
],
"3.7.5.31": [
37903928,
37904736,
37903784,
37903656,
37904700
],
"3.7.6.24": [
38978840,
38979648,
38978696,
38978604,
38979612
],
"3.7.6.29": [
38986376,
38987184,
38986232,
38986104,
38987148
],
"3.7.6.44": [
39016520,
39017328,
39016376,
38986104,
39017292
],
"3.8.0.31": [
46064088,
46064912,
46063944,
38986104,
46064876
],
"3.8.0.33": [
46059992,
46060816,
46059848,
38986104,
46060780
],
"3.8.0.41": [
46064024,
46064848,
46063880,
38986104,
46064812
],
"3.8.1.26": [
46409448,
46410272,
46409304,
38986104,
46410236
],
"3.9.0.28": [
48418376,
48419280,
48418232,
38986104,
48419244
],
"3.9.2.23": [
50320784,
50321712,
50320640,
38986104,
50321676
],
"3.9.2.26": [
50329040,
50329968,
50328896,
38986104,
50329932
],
"3.9.5.81": [
61650872,
61652208,
61650680,
0,
61652144
],
"3.9.5.91": [
61654904,
61656240,
61654712,
38986104,
61656176
],
"3.9.6.19": [
61997688,
61997464,
61997496,
38986104,
61998960
],
"3.9.6.33": [
62030600,
62031936,
62030408,
0,
62031872
],
"3.9.7.15": [
63482696,
63484032,
63482504,
0,
63483968
],
"3.9.7.25": [
63482760,
63484096,
63482568,
0,
63484032
],
"3.9.7.29": [
63486984,
63488320,
63486792,
0,
63488256
],
"3.9.8.12": [
53479320,
53480288,
53479176,
0,
53480252
],
"3.9.8.15": [
64996632,
64997968,
64996440,
0,
64997904
],
"3.9.8.25": [
65000920,
65002256,
65000728,
0,
65002192
],
"3.9.9.27": [
68065304,
68066640,
68065112,
0,
68066576
]
"3.2.1.154": [
328121948,
328122328,
328123056,
328121976,
328123020
],
"3.3.0.115": [
31323364,
31323744,
31324472,
31323392,
31324436
],
"3.3.0.84": [
31315212,
31315592,
31316320,
31315240,
31316284
],
"3.3.0.93": [
31323364,
31323744,
31324472,
31323392,
31324436
],
"3.3.5.34": [
30603028,
30603408,
30604120,
30603056,
30604100
],
"3.3.5.42": [
30603012,
30603392,
30604120,
30603040,
30604084
],
"3.3.5.46": [
30578372,
30578752,
30579480,
30578400,
30579444
],
"3.4.0.37": [
31608116,
31608496,
31609224,
31608144,
31609188
],
"3.4.0.38": [
31604044,
31604424,
31605152,
31604072,
31605116
],
"3.4.0.50": [
31688500,
31688880,
31689608,
31688528,
31689572
],
"3.4.0.54": [
31700852,
31701248,
31700920,
31700880,
31701924
],
"3.4.5.27": [
32133788,
32134168,
32134896,
32133816,
32134860
],
"3.4.5.45": [
32147012,
32147392,
32147064,
32147040,
32148084
],
"3.5.0.20": [
35494484,
35494864,
35494536,
35494512,
35495556
],
"3.5.0.29": [
35507980,
35508360,
35508032,
35508008,
35509052
],
"3.5.0.33": [
35512140,
35512520,
35512192,
35512168,
35513212
],
"3.5.0.39": [
35516236,
35516616,
35516288,
35516264,
35517308
],
"3.5.0.42": [
35512140,
35512520,
35512192,
35512168,
35513212
],
"3.5.0.44": [
35510836,
35511216,
35510896,
35510864,
35511908
],
"3.5.0.46": [
35506740,
35507120,
35506800,
35506768,
35507812
],
"3.6.0.18": [
35842996,
35843376,
35843048,
35843024,
35844068
],
"3.6.5.7": [
35864356,
35864736,
35864408,
35864384,
35865428
],
"3.6.5.16": [
35909428,
35909808,
35909480,
35909456,
35910500
],
"3.7.0.26": [
37105908,
37106288,
37105960,
37105936,
37106980
],
"3.7.0.29": [
37105908,
37106288,
37105960,
37105936,
37106980
],
"3.7.0.30": [
37118196,
37118576,
37118248,
37118224,
37119268
],
"3.7.5.11": [
37883280,
37884088,
37883136,
37883008,
37884052
],
"3.7.5.23": [
37895736,
37896544,
37895592,
37883008,
37896508
],
"3.7.5.27": [
37895736,
37896544,
37895592,
37895464,
37896508
],
"3.7.5.31": [
37903928,
37904736,
37903784,
37903656,
37904700
],
"3.7.6.24": [
38978840,
38979648,
38978696,
38978604,
38979612
],
"3.7.6.29": [
38986376,
38987184,
38986232,
38986104,
38987148
],
"3.7.6.44": [
39016520,
39017328,
39016376,
38986104,
39017292
],
"3.8.0.31": [
46064088,
46064912,
46063944,
38986104,
46064876
],
"3.8.0.33": [
46059992,
46060816,
46059848,
38986104,
46060780
],
"3.8.0.41": [
46064024,
46064848,
46063880,
38986104,
46064812
],
"3.8.1.26": [
46409448,
46410272,
46409304,
38986104,
46410236
],
"3.9.0.28": [
48418376,
48419280,
48418232,
38986104,
48419244
],
"3.9.2.23": [
50320784,
50321712,
50320640,
38986104,
50321676
],
"3.9.2.26": [
50329040,
50329968,
50328896,
38986104,
50329932
],
"3.9.5.81": [
61650872,
61652208,
61650680,
0,
61652144
],
"3.9.5.91": [
61654904,
61656240,
61654712,
38986104,
61656176
],
"3.9.6.19": [
61997688,
61997464,
61997496,
38986104,
61998960
],
"3.9.6.33": [
62030600,
62031936,
62030408,
0,
62031872
],
"3.9.7.15": [
63482696,
63484032,
63482504,
0,
63483968
],
"3.9.7.25": [
63482760,
63484096,
63482568,
0,
63484032
],
"3.9.7.29": [
63486984,
63488320,
63486792,
0,
63488256
],
"3.9.8.12": [
53479320,
53480288,
53479176,
0,
53480252
],
"3.9.8.15": [
64996632,
64997968,
64996440,
0,
64997904
],
"3.9.8.25": [
65000920,
65002256,
65000728,
0,
65002192
],
"3.9.9.27": [
68065304,
68066640,
68065112,
0,
68066576
],
"3.9.9.35": [
68065304,
68066640,
68065112,
0,
68066576
]
}

25
pywxdump/wx_info/get_bias_addr.py
View File

@ -68,6 +68,10 @@ class BiasAddr:
return ret
def get_key_bias1(self):
"""
2024.01.26 wx version3.9.9.35 失效
:return:
"""
try:
byteLen = self.address_len # 4 if self.bits == 32 else 8 # 4字节或8字节
@ -119,20 +123,25 @@ class BiasAddr:
phone_type2 = "android\x00"
phone_type3 = "ipad\x00"
pm = pymem.Pymem("WeChat.exe")
pm = pymem.Pymem(self.pid)
module_name = "WeChatWin.dll"
MicroMsg_path = os.path.join(db_path, "MSG", "MicroMsg.db")
type1_addrs = pm.pattern_scan_module(phone_type1.encode(), module_name, return_multiple=True)
type2_addrs = pm.pattern_scan_module(phone_type2.encode(), module_name, return_multiple=True)
type3_addrs = pm.pattern_scan_module(phone_type3.encode(), module_name, return_multiple=True)
type_addrs = []
if len(type1_addrs) >= 2: type_addrs += type1_addrs
if len(type2_addrs) >= 2: type_addrs += type2_addrs
if len(type3_addrs) >= 2: type_addrs += type3_addrs
if len(type_addrs) == 0: return "None"
type_addrs.sort() # 从小到大排序
module = pymem.process.module_from_name(pm.process_handle, module_name)
type1_addrs = pm.pattern_scan_module(phone_type1.encode(), module, return_multiple=True)
type2_addrs = pm.pattern_scan_module(phone_type2.encode(), module, return_multiple=True)
type3_addrs = pm.pattern_scan_module(phone_type3.encode(), module, return_multiple=True)
type_addrs = type1_addrs if len(type1_addrs) >= 2 else type2_addrs if len(
type2_addrs) >= 2 else type3_addrs if len(type3_addrs) >= 2 else "None"
if type_addrs == "None":
return 0
for i in type_addrs[::-1]:
for j in range(i, i - 2000, -addr_len):
key_bytes = read_key_bytes(pm.process_handle, j, addr_len)

2
tests/test_Bias.py
View File

@ -7,7 +7,7 @@
# -------------------------------------------------------------------------------
import pywxdump
from pywxdump import VERSION_LIST_PATH, VERSION_LIST
from pywxdump.bias_addr import BiasAddr
from pywxdump import BiasAddr
from pywxdump.wx_info import read_info
mobile = '13800138000'