From 0d847622a44e7bbcbc729f88adf104917c043fe4 Mon Sep 17 00:00:00 2001 From: Changhua Date: Thu, 29 Jun 2023 11:00:05 +0800 Subject: [PATCH] Impl Functions_FUNC_DEL_ROOM_MEMBERS --- rpc/proto/wcf.proto | 5 +-- spy/chatroom_mgmt.cpp | 56 +++++++++++++++++++++++++++++ spy/chatroom_mgmt.h | 2 +- spy/load_calls.cpp | 1 + spy/rpc_server.cpp | 83 ++++++++++++++++++++++++++++--------------- spy/spy_types.h | 1 + 6 files changed, 117 insertions(+), 31 deletions(-) diff --git a/rpc/proto/wcf.proto b/rpc/proto/wcf.proto index b0d05bc..caf79f6 100644 --- a/rpc/proto/wcf.proto +++ b/rpc/proto/wcf.proto @@ -21,9 +21,10 @@ enum Functions { FUNC_DISABLE_RECV_TXT = 0x40; FUNC_EXEC_DB_QUERY = 0x50; FUNC_ACCEPT_FRIEND = 0x51; - FUNC_ADD_ROOM_MEMBERS = 0x52; - FUNC_RECV_TRANSFER = 0x53; + FUNC_RECV_TRANSFER = 0x52; FUNC_DECRYPT_IMAGE = 0x60; + FUNC_ADD_ROOM_MEMBERS = 0x70; + FUNC_DEL_ROOM_MEMBERS = 0x71; } message Request diff --git a/spy/chatroom_mgmt.cpp b/spy/chatroom_mgmt.cpp index a9c68d6..e064178 100644 --- a/spy/chatroom_mgmt.cpp +++ b/spy/chatroom_mgmt.cpp @@ -1,5 +1,6 @@ #include "framework.h" #include +#include #include "chatroom_mgmt.h" #include "load_calls.h" @@ -70,3 +71,58 @@ int AddChatroomMember(string roomid, string wxids) } return rv; } + +int DelChatroomMember(string roomid, string wxids) +{ + if (roomid.empty() || wxids.empty()) { + LOG_ERROR("Empty roomid or wxids."); + return -1; + } + + int rv = 0; + DWORD delRoomMemberCall1 = g_WeChatWinDllAddr + g_WxCalls.drm.call1; + DWORD delRoomMemberCall2 = g_WeChatWinDllAddr + g_WxCalls.drm.call2; + DWORD delRoomMemberCall3 = g_WeChatWinDllAddr + g_WxCalls.drm.call3; + + DWORD temp = 0; + WxString_t txtRoomid = { 0 }; + wstring wsRoomid = String2Wstring(roomid); + txtRoomid.text = (wchar_t *)wsRoomid.c_str(); + txtRoomid.size = wsRoomid.size(); + txtRoomid.capacity = wsRoomid.capacity(); + + vector vMembers; + vector vTxtMembers; + wstringstream wss(String2Wstring(wxids)); + while (wss.good()) { + wstring wstr; + getline(wss, wstr, L','); + vMembers.push_back(wstr); + WxString_t txtMember = { 0 }; + txtMember.text = (wchar_t *)vMembers.back().c_str(); + txtMember.size = vMembers.back().size(); + txtMember.capacity = vMembers.back().capacity(); + vTxtMembers.push_back(txtMember); + } + + LOG_DEBUG("Adding {} members[{}] to {}", vTxtMembers.size(), wxids.c_str(), roomid.c_str()); + __asm { + pushad; + pushfd; + call delRoomMemberCall1; + sub esp, 0x14; + mov esi, eax; + mov ecx, esp; + lea edi, txtRoomid; + push edi; + call delRoomMemberCall2; + mov ecx, esi; + lea eax, vTxtMembers; + push eax; + call delRoomMemberCall3; + mov rv, eax; + popfd; + popad; + } + return rv; +} diff --git a/spy/chatroom_mgmt.h b/spy/chatroom_mgmt.h index eacb825..a53b55b 100644 --- a/spy/chatroom_mgmt.h +++ b/spy/chatroom_mgmt.h @@ -1,6 +1,6 @@ #pragma once #include -#include int AddChatroomMember(std::string roomid, std::string wxids); +int DelChatroomMember(std::string roomid, std::string wxids); diff --git a/spy/load_calls.cpp b/spy/load_calls.cpp index 31680f1..a989338 100644 --- a/spy/load_calls.cpp +++ b/spy/load_calls.cpp @@ -23,6 +23,7 @@ WxCalls_t wxCalls = { { 0x141BDF0, 0x2366934, 0x1428, 0x142C, 0x3C, 0x50 }, { 0xA17D50, 0xF59E40, 0xA18BD0, 0xA17E70 }, // Accept New Friend application { 0x78CF20, 0xF59E40, 0xBD1DC0 }, // Add chatroom members + { 0x78CF20, 0xF59E40, 0xBD22A0 }, // Delete chatroom members { 0x7B2E60, 0x15E2C20, 0x79C250 } // Receive transfer }; diff --git a/spy/rpc_server.cpp b/spy/rpc_server.cpp index ffed0f7..bbc56a6 100644 --- a/spy/rpc_server.cpp +++ b/spy/rpc_server.cpp @@ -17,9 +17,9 @@ #include "wcf.pb.h" #include "chatroom_mgmt.h" +#include "contact_mgmt.h" #include "decrypt_image.h" #include "exec_sql.h" -#include "contact_mgmt.h" #include "log.h" #include "pb_types.h" #include "pb_util.h" @@ -464,28 +464,6 @@ bool func_accept_friend(char *v3, char *v4, int32_t scene, uint8_t *out, size_t return true; } -bool func_add_room_members(char *roomid, char *wxids, uint8_t *out, size_t *len) -{ - Response rsp = Response_init_default; - rsp.func = Functions_FUNC_ADD_ROOM_MEMBERS; - rsp.which_msg = Response_status_tag; - rsp.msg.status = 0; - - rsp.msg.status = AddChatroomMember(roomid, wxids); - if (rsp.msg.status != 1) { - LOG_ERROR("AddChatroomMember failed: {}", rsp.msg.status); - } - - pb_ostream_t stream = pb_ostream_from_buffer(out, *len); - if (!pb_encode(&stream, Response_fields, &rsp)) { - LOG_ERROR("Encoding failed: {}", PB_GET_ERROR(&stream)); - return false; - } - *len = stream.bytes_written; - - return true; -} - bool func_receive_transfer(char *wxid, char *tfid, char *taid, uint8_t *out, size_t *len) { Response rsp = Response_init_default; @@ -530,6 +508,50 @@ bool func_decrypt_image(char *src, char *dst, uint8_t *out, size_t *len) return true; } +bool func_add_room_members(char *roomid, char *wxids, uint8_t *out, size_t *len) +{ + Response rsp = Response_init_default; + rsp.func = Functions_FUNC_ADD_ROOM_MEMBERS; + rsp.which_msg = Response_status_tag; + rsp.msg.status = 0; + + rsp.msg.status = AddChatroomMember(roomid, wxids); + if (rsp.msg.status != 1) { + LOG_ERROR("AddChatroomMember failed: {}", rsp.msg.status); + } + + pb_ostream_t stream = pb_ostream_from_buffer(out, *len); + if (!pb_encode(&stream, Response_fields, &rsp)) { + LOG_ERROR("Encoding failed: {}", PB_GET_ERROR(&stream)); + return false; + } + *len = stream.bytes_written; + + return true; +} + +bool func_del_room_members(char *roomid, char *wxids, uint8_t *out, size_t *len) +{ + Response rsp = Response_init_default; + rsp.func = Functions_FUNC_DEL_ROOM_MEMBERS; + rsp.which_msg = Response_status_tag; + rsp.msg.status = 0; + + rsp.msg.status = DelChatroomMember(roomid, wxids); + if (rsp.msg.status != 1) { + LOG_ERROR("DelChatroomMember failed: {}", rsp.msg.status); + } + + pb_ostream_t stream = pb_ostream_from_buffer(out, *len); + if (!pb_encode(&stream, Response_fields, &rsp)) { + LOG_ERROR("Encoding failed: {}", PB_GET_ERROR(&stream)); + return false; + } + *len = stream.bytes_written; + + return true; +} + static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len) { bool ret = false; @@ -625,11 +647,6 @@ static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len ret = func_accept_friend(req.msg.v.v3, req.msg.v.v4, req.msg.v.scene, out, out_len); break; } - case Functions_FUNC_ADD_ROOM_MEMBERS: { - LOG_DEBUG("[Functions_FUNC_ADD_ROOM_MEMBERS]"); - ret = func_add_room_members(req.msg.m.roomid, req.msg.m.wxids, out, out_len); - break; - } case Functions_FUNC_RECV_TRANSFER: { LOG_DEBUG("[Functions_FUNC_RECV_TRANSFER]"); ret = func_receive_transfer(req.msg.tf.wxid, req.msg.tf.tfid, req.msg.tf.taid, out, out_len); @@ -640,6 +657,16 @@ static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len ret = func_decrypt_image(req.msg.dec.src, req.msg.dec.dst, out, out_len); break; } + case Functions_FUNC_ADD_ROOM_MEMBERS: { + LOG_DEBUG("[Functions_FUNC_ADD_ROOM_MEMBERS]"); + ret = func_add_room_members(req.msg.m.roomid, req.msg.m.wxids, out, out_len); + break; + } + case Functions_FUNC_DEL_ROOM_MEMBERS: { + LOG_DEBUG("[Functions_FUNC_DEL_ROOM_MEMBERS]"); + ret = func_del_room_members(req.msg.m.roomid, req.msg.m.wxids, out, out_len); + break; + } default: { LOG_ERROR("[UNKNOW FUNCTION]"); break; diff --git a/spy/spy_types.h b/spy/spy_types.h index e34cd67..89287af 100644 --- a/spy/spy_types.h +++ b/spy/spy_types.h @@ -98,6 +98,7 @@ typedef struct WxCalls { Sql_t sql; // 执行 SQL NewFriend_t anf; // 通过好友申请 RoomMember_t arm; // 添加群成员 + RoomMember_t drm; // 删除群成员 TF_t tf; // 接收转账 } WxCalls_t;