添加源码

zhuhuibeishadiao · Sep 7, 2019 · 19bf907 · 19bf907
1 parent 646ba67
commit 19bf907
Show file tree

Hide file tree

Showing 7 changed files with 347 additions and 0 deletions.
diff --git a/配套代码/L071_ContractLink/L069.exe b/配套代码/L071_ContractLink/L069.exe
diff --git a/配套代码/L071_ContractLink/L069.sln b/配套代码/L071_ContractLink/L069.sln
@@ -0,0 +1,25 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.29209.152
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "L069", "L069\L069.csproj", "{8A78B2DB-4F20-4866-BE5C-7A1913A66166}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{8A78B2DB-4F20-4866-BE5C-7A1913A66166}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{8A78B2DB-4F20-4866-BE5C-7A1913A66166}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{8A78B2DB-4F20-4866-BE5C-7A1913A66166}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{8A78B2DB-4F20-4866-BE5C-7A1913A66166}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {96D54C3A-D0F3-4C63-81DA-B3755B74DF76}
+	EndGlobalSection
+EndGlobal
diff --git a/配套代码/L071_ContractLink/L069/App.config b/配套代码/L071_ContractLink/L069/App.config
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<configuration>
+    <startup> 
+        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.7.2" />
+    </startup>
+</configuration>
diff --git a/配套代码/L071_ContractLink/L069/L069.csproj b/配套代码/L071_ContractLink/L069/L069.csproj
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{8A78B2DB-4F20-4866-BE5C-7A1913A66166}</ProjectGuid>
+    <OutputType>Exe</OutputType>
+    <RootNamespace>L069</RootNamespace>
+    <AssemblyName>L069</AssemblyName>
+    <TargetFrameworkVersion>v4.7.2</TargetFrameworkVersion>
+    <FileAlignment>512</FileAlignment>
+    <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
+    <Deterministic>true</Deterministic>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="System" />
+    <Reference Include="System.Core" />
+    <Reference Include="System.Xml.Linq" />
+    <Reference Include="System.Data.DataSetExtensions" />
+    <Reference Include="Microsoft.CSharp" />
+    <Reference Include="System.Data" />
+    <Reference Include="System.Net.Http" />
+    <Reference Include="System.Xml" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="Program.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
+    <Compile Include="WxContractList.cs" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="App.config" />
+  </ItemGroup>
+  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+</Project>
diff --git a/配套代码/L071_ContractLink/L069/Program.cs b/配套代码/L071_ContractLink/L069/Program.cs
@@ -0,0 +1,19 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace L069
+{
+    class Program
+    {
+        static void Main(string[] args)
+        {
+            WxContractList wxContractList = new WxContractList();
+            wxContractList.GetData();
+
+            Console.ReadLine();
+        }
+    }
+}
diff --git a/配套代码/L071_ContractLink/L069/Properties/AssemblyInfo.cs b/配套代码/L071_ContractLink/L069/Properties/AssemblyInfo.cs
@@ -0,0 +1,36 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// 有关程序集的一般信息由以下
+// 控制。更改这些特性值可修改
+// 与程序集关联的信息。
+[assembly: AssemblyTitle("L069")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("L069")]
+[assembly: AssemblyCopyright("Copyright ©  2019")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// 将 ComVisible 设置为 false 会使此程序集中的类型
+//对 COM 组件不可见。如果需要从 COM 访问此程序集中的类型
+//请将此类型的 ComVisible 特性设置为 true。
+[assembly: ComVisible(false)]
+
+// 如果此项目向 COM 公开，则下列 GUID 用于类型库的 ID
+[assembly: Guid("8a78b2db-4f20-4866-be5c-7a1913a66166")]
+
+// 程序集的版本信息由下列四个值组成: 
+//
+//      主版本
+//      次版本
+//      生成号
+//      修订号
+//
+//可以指定所有这些值，也可以使用“生成号”和“修订号”的默认值
+//通过使用 "*"，如下所示:
+// [assembly: AssemblyVersion("1.0.*")]
+[assembly: AssemblyVersion("1.0.0.0")]
+[assembly: AssemblyFileVersion("1.0.0.0")]
diff --git a/配套代码/L071_ContractLink/L069/WxContractList.cs b/配套代码/L071_ContractLink/L069/WxContractList.cs
@@ -0,0 +1,207 @@
+using Microsoft.Win32;
+using System;
+using System.Collections.Generic;
+using System.Diagnostics;
+using System.Linq;
+using System.Runtime.InteropServices;
+using System.Text;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace L069
+{
+    public class WxContractList
+    {
+        Process wxProcess = null;
+        int weChatBaseAdress = 0;
+        int roomLinkOffset = 0x126E0A0;
+        List<int> nodeAddressList = new List<int>();
+        int index = 0;
+        public void GetData()
+        {
+            WeChatStart();
+            WeChatCheck();
+
+            int linkPointer = GetWxMemoryInt(wxProcess.Handle, weChatBaseAdress + roomLinkOffset) + 0x24 + 0x68;
+            Console.WriteLine("链表指针：\t0x" + linkPointer.ToString("X8"));
+            Console.WriteLine("#######################################################");
+
+            GetLinkData(linkPointer);
+        }
+
+        private void GetLinkData(int LinkHeader)
+        {
+            //联系人链表地址
+            int headerAddress = GetWxMemoryInt(wxProcess.Handle, LinkHeader);
+            Console.WriteLine("头地址：\t0x" + headerAddress.ToString("X8"));
+            if (headerAddress == 0)
+            {
+                Console.WriteLine("请先登录微信");
+                return;
+            }
+
+            //群数量
+            int contractCount = GetWxMemoryInt(wxProcess.Handle, LinkHeader + 4);
+            Console.WriteLine("节点数量：\t0x" + contractCount.ToString("X8"));
+            nodeAddressList.Add(headerAddress);
+
+            Console.WriteLine("#######################################################");
+            int header1 = GetWxMemoryInt(wxProcess.Handle, headerAddress);
+            int header2 = GetWxMemoryInt(wxProcess.Handle, headerAddress + 4);
+            int header3 = GetWxMemoryInt(wxProcess.Handle, headerAddress + 8);
+
+            Console.WriteLine("分支1：\t\t0x" + header1.ToString("X8"));
+            Console.WriteLine("分支2：\t\t0x" + header2.ToString("X8"));
+            Console.WriteLine("分支3：\t\t0x" + header3.ToString("X8"));
+            Console.WriteLine("#######################################################");
+
+            GetRoomInfo(header1, "0x" + headerAddress.ToString("X8"));
+            GetRoomInfo(header2, "0x" + headerAddress.ToString("X8"));
+            GetRoomInfo(header3, "0x" + headerAddress.ToString("X8"));
+        }
+
+        private void GetRoomInfo(int roomAddress, string log)
+        {
+            foreach (var item in nodeAddressList)
+            {
+                if (item == roomAddress) return;
+            }
+            nodeAddressList.Add(roomAddress);
+
+            index++;
+            Console.WriteLine("---------------" + index + "------------------");
+            log = log + "->" + "0x" + roomAddress.ToString("X8");
+            Console.WriteLine(log);
+
+//$ ==>    > 07E0C958
+//$+4 > 07D18478
+//$+8 > 03F6C278
+            int header1 = GetWxMemoryInt(wxProcess.Handle, roomAddress);
+            int header2 = GetWxMemoryInt(wxProcess.Handle, roomAddress + 4);
+            int header3 = GetWxMemoryInt(wxProcess.Handle, roomAddress + 8);
+
+//$+10 > 07D50890  UNICODE "wxid_e3hyk98lir0t21"
+//$+14 > 00000013
+//$+18 > 00000020
+
+            String contractWxId = GetWxMemoryUnicodeString(
+                wxProcess.Handle,
+                GetWxMemoryInt(wxProcess.Handle, roomAddress + 0x10),
+                GetWxMemoryInt(wxProcess.Handle, roomAddress + 0x14)
+                );
+            Console.WriteLine("联系人wxid：\t" + contractWxId);
+
+            //$+44 > 07AFAFE0 UNICODE "qq694950743"
+            //$+48 > 0000000B
+            //$+4C > 00000010
+            String contractWxName = GetWxMemoryUnicodeString(
+                           wxProcess.Handle,
+                           GetWxMemoryInt(wxProcess.Handle, roomAddress + 0x44),
+                           GetWxMemoryInt(wxProcess.Handle, roomAddress + 0x48)
+                           );
+            Console.WriteLine("联系人账号：\t" + contractWxName);
+
+            //$+70 > 00000003
+            int sex = GetWxMemoryInt(wxProcess.Handle,
+                GetWxMemoryInt(wxProcess.Handle, roomAddress + 0x70)
+                );
+            Console.WriteLine("联系人性别：\t" + sex);
+
+            //$+8C > 0408D1C8 UNICODE "叶静"
+            //$+90 > 00000002
+            //$+94 > 00000002
+            String contractNickName = GetWxMemoryUnicodeString(
+                                      wxProcess.Handle,
+                                      GetWxMemoryInt(wxProcess.Handle, roomAddress + 0x8c),
+                                      GetWxMemoryInt(wxProcess.Handle, roomAddress + 0x90)
+                                      );
+            Console.WriteLine("联系人昵称：\t" + contractNickName);
+
+            GetRoomInfo(header1, log);
+            GetRoomInfo(header2, log);
+            GetRoomInfo(header3, log);
+        }
+
+        private void WeChatCheck()
+        {
+            if (wxProcess == null) return;
+            Console.WriteLine("进程PID：\t" + wxProcess.Id);
+            Console.WriteLine("窗口标题：\t" + wxProcess.MainWindowTitle);
+            Console.WriteLine("启动时间：\t" + wxProcess.StartTime.ToString("yyyy-MM-dd HH:mm:ss"));
+            Console.WriteLine("微信目录：\t" + System.IO.Path.GetDirectoryName(wxProcess.MainModule.FileName));
+
+            var modules = (from ProcessModule module in wxProcess.Modules
+                           where module.ModuleName.ToLower() == "WeChatWin.dll".ToLower()
+                           select module).ToList();
+            if (modules == null || modules.Count() == 0)
+            {
+                return;
+            }
+            weChatBaseAdress = (int)modules[0].BaseAddress;
+            Console.WriteLine("微信基址：\t" + "0x" + weChatBaseAdress.ToString("X8"));
+
+            String wxVersion = modules[0].FileVersionInfo.FileVersion;
+            Console.WriteLine("微信版本：\t" + wxVersion);
+
+            if (wxVersion != "2.6.8.65")
+            {
+                Console.WriteLine("当前微信版本不支持！");
+                Console.WriteLine("请使用版本为2.6.8.65的微信！");
+                Console.ReadLine();
+                Environment.Exit(0);
+            }
+        }
+
+        private void WeChatStart()
+        {
+            var processes = Process.GetProcessesByName("WeChat");
+            //微信未启动
+            if (processes == null || processes.Length == 0)
+            {
+                //启动微信
+                RegistryKey registryKey = Registry.CurrentUser;
+                //算机\HKEY_CURRENT_USER\Software\Tencent\WeChat
+                RegistryKey software = registryKey.OpenSubKey("Software\\Tencent\\WeChat");
+                object InstallPath = software.GetValue("InstallPath");
+                String wxPath = InstallPath.ToString() + "\\WeChat.exe";
+                registryKey.Close();
+
+                wxProcess=Process.Start(wxPath);
+                Thread.Sleep(500);
+            }
+            else
+            {
+                wxProcess = processes[0];
+            }
+        }
+
+        public static String GetWxMemoryUnicodeString(IntPtr hProcess, int lpBaseAddress, int nSize = 100)
+        {
+            byte[] data = new byte[nSize * 2];
+            if (ReadProcessMemory(hProcess, (IntPtr)lpBaseAddress, data, nSize * 2, 0) == 0)
+            {
+                return "";
+            }
+            return Encoding.Unicode.GetString(data);
+        }
+
+
+        public static int GetWxMemoryInt(IntPtr hProcess, int lpBaseAddress)
+        {
+            byte[] data = new byte[4];
+            if (ReadProcessMemory(hProcess, (IntPtr)lpBaseAddress, data, 4, 0) == 0)
+            {
+                return 0;
+            }
+            return BitConverter.ToInt32(data, 0);
+        }
+
+        [DllImport("kernel32.dll", SetLastError = true)]
+        static extern int ReadProcessMemory(
+          IntPtr hProcess,
+          IntPtr lpBaseAddress,
+          [Out] byte[] lpBuffer,
+          int dwSize,
+          int lpNumberOfBytesRead);
+    }
+}