Giter Club home page Giter Club logo

Comments (5)

simoole avatar simoole commented on June 27, 2024

因为key是个32位的字节串

from pywxdump.

TaihouKai avatar TaihouKai commented on June 27, 2024

因为key是个32位的字节串

感谢回复。如果按照代码里的话,get_exe_bit会返回64吧?(因为是64位的exe)
那样的话addr_len就得是64了……?

(get_wx_info.py)

addrLen = get_exe_bit(process.exe())
...
...
if rd['filePath'] != "None" and rd['key'] == "None" and not isKey:
    rd['key'] = get_key(rd['pid'], rd['filePath'], addrLen)

from pywxdump.

xaoyaoo avatar xaoyaoo commented on June 27, 2024

这个和系统位数以及内存读写方式有关。
32位系统和64位系统,对内存读写单元大小不同。

from pywxdump.

TaihouKai avatar TaihouKai commented on June 27, 2024

这个和系统位数以及内存读写方式有关。
32位系统和64位系统,对内存读写单元大小不同。

感谢回复。
这样的话,如果我要手动复现遍历,请问这个地方的for j in range(i, i - 2000, -addr_len):是不是该改成-int(addr_len/8),以匹配读写单元的大小(4/8 bytes)?我试了下,不改成/8的话在我的电脑上遍历不着key

for i in type_addrs[::-1]:
    for j in range(i, i - 2000, -addr_len):
        key_bytes = read_key_bytes(pm.process_handle, j, addr_len)
        if key_bytes == "None":
            continue
        # print(key_bytes.hex())
        if verify_key(key_bytes, MicroMsg_path):
            key = key_bytes.hex()

from pywxdump.

xaoyaoo avatar xaoyaoo commented on June 27, 2024

@TaihouKai
所以你已经有了结论。

from pywxdump.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.