微信HOOK获取用户信息,aardio源码如下:
import win.ui;
import console;
import process
import inet.whttp
/*DSG{{*/
mainForm = win.form(text="简码编程 www.jianma123.com 微信wxHook";right=381;bottom=288)
mainForm.add(
button={cls="button";text="hook";left=203;top=233;right=366;bottom=278;z=1};
edt_city={cls="edit";left=231;top=169;right=366;bottom=194;edge=1;readonly=1;z=16};
edt_count={cls="edit";left=231;top=107;right=366;bottom=132;edge=1;readonly=1;z=14};
edt_mail={cls="edit";left=231;top=45;right=366;bottom=70;edge=1;readonly=1;z=6};
edt_name={cls="edit";left=231;top=14;right=366;bottom=39;edge=1;readonly=1;z=4};
edt_province={cls="edit";left=231;top=138;right=366;bottom=163;edge=1;readonly=1;z=10};
edt_tele={cls="edit";left=231;top=76;right=366;bottom=101;edge=1;readonly=1;z=8};
edt_wxid={cls="edit";left=231;top=200;right=366;bottom=225;edge=1;readonly=1;z=12};
plus={cls="plus";left=9;top=32;right=179;bottom=207;bgcolor=16777215;foreRepeat="expand";notify=1;z=2};
static={cls="static";text="名字:";left=191;top=18;right=227;bottom=33;transparent=1;z=3};
static2={cls="static";text="邮箱:";left=191;top=49;right=227;bottom=64;transparent=1;z=5};
static3={cls="static";text="手机:";left=191;top=80;right=227;bottom=95;transparent=1;z=7};
static4={cls="static";text="省份:";left=191;top=142;right=227;bottom=157;transparent=1;z=9};
static5={cls="static";text="wxid:";left=191;top=204;right=227;bottom=219;transparent=1;z=11};
static6={cls="static";text="国家:";left=191;top=111;right=227;bottom=126;transparent=1;z=13};
static7={cls="static";text="市区:";left=191;top=173;right=227;bottom=188;transparent=1;z=15}
)
/*}}*/
/**针对2.6.8.65**/
var whttp=inet.whttp()
mainForm.button.oncommand = function(id,event){
var pid
var t
for processEntry in process.each( ) {
if(processEntry.szExeFile = "WeChat.exe"){
for moduleEntry in process.eachModule(processEntry.th32ProcessID) {
if(string.find(moduleEntry.szExePath,"WeChatWin.dll")){
t = moduleEntry.modBaseAddr //模块基址
var 微信手机 = t+0x126D930 //0x135AE10-ED4E0
var 微信名称 =t+0x126D8FC //0x135ADDC-ED4E0
var 国家 =t+ 0x126DAD8 ; //0x135AFB8-ED4E0
var 省份 =t+ 0x126D9E8 //0x135AEC8-ED4E0
var 市区 =t+ 0x126DA00 //0x135AEE0-ED4E0
var 帐号 = t+0x126DA60 //0x135AF40-ED4E0
var 邮箱 = t+0x126D918 //0x135ADF8-ED4E0
var 头像 = t-0x6AEE6279 ;
var b = process(processEntry.th32ProcessID)
微信名称 = b.readString(微信名称,100)
微信手机 = b.readString(微信手机,101)
国家 = b.readString(国家,50)
省份 = b.readString(省份,50)
市区 = b.readString(市区,50)
帐号 = b.readString(帐号,100)
邮箱 = b.readString(邮箱,50)
头像 = b.readString(头像,250)
mainForm.edt_name.text=string.match(微信名称,".+?\z")
mainForm.edt_tele.text=string.match(微信手机,".+?\z")
mainForm.edt_count.text=string.match(国家,".+?\z")
mainForm.edt_province.text=string.match(省份,".+?\z")
mainForm.edt_city.text=string.match(市区,".+?\z")
mainForm.edt_wxid.text =string.match(帐号,".+?\z")
mainForm.edt_mail.text = string.match(邮箱,".+?\z")
try{
mainForm.plus.background =whttp.get("http://"++string.match(头像,"wx.+?\z"))
}
break ;
}
}
}
}
}
mainForm.show();
return win.loopMessage()
/**2.7.0.65
var 微信手机 = t+0x135AE10 //5C75AF40
var 微信名称 =t+0x135ADDC
var 国家 =t+ 0x135AFB8 ;
var 省份 =t+ 0x135AEC8
var 市区 =t+ 0x135AEE0
var 帐号 = t+0x135AF40
var 邮箱 = t+0x135ADF8
**/
感谢群友:阿法兔 Beta v0.2