HOOK微信消息函数_微信版本7.0.14
一、编写Hook代码
1.微信版本:
2.效果预览:
3.Xposed代码(后续功能根据需求开发):package com.wechathk.tools;
import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodReplacement;
import de.robv.android.xposed.callbacks.XC_LoadPackage;
import java.io.IOException;
import org.xmlpull.v1.XmlPullParserException;
import android.content.ContentValues;
import android.database.Cursor;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XposedHelpers;
import static de.robv.android.xposed.XposedBridge.log;
public class WechatHookTools implements IXposedHookLoadPackage{
//实现方法
@Override
public void handleLoadPackage(XC_LoadPackage.LoadPackageParam loadPackageParam) throws Throwable {
//XposedBridge.log("packageName:"+lpparam.packageName);
if (loadPackageParam.packageName.equals("com.tencent.mm")){
//这里调用的是DAO层函数的HOOK
insertMsgDAOListener(loadPackageParam);
}
// TODO Auto-generated method stub
//insertMsgDBListener(lpparam);
}
/**
* 注册接收消息的监听,处理UI触发流程
*/
public static void uiMsgListener(XC_LoadPackage.LoadPackageParam lpparam) {
log("uiMsgListener 开始");
Object[] arrayOfObject = new Object[2];
arrayOfObject[0] = Cursor.class;
arrayOfObject[1] = new XC_MethodHook() {
protected void afterHookedMethod(MethodHookParam methodHookParam) throws XmlPullParserException, IOException {
//0代表别人发的消息,1代表是自己发的消息
int field_isSend = ((Integer) XposedHelpers.getObjectField(methodHookParam.thisObject, "field_isSend")).intValue();
//消息类型:1是文本...参考wechat_manager里的消息类型定义
int field_type = ((Integer) XposedHelpers.getObjectField(methodHookParam.thisObject, "field_type")).intValue();
//微信服务器端的消息id
Object field_msgSvrId = XposedHelpers.getObjectField(methodHookParam.thisObject, "field_msgSvrId");
//消息内容
String field_content = (String) XposedHelpers.getObjectField(methodHookParam.thisObject, "field_content");
String field_talker = (String) XposedHelpers.getObjectField(methodHookParam.thisObject, "field_talker");
//消息创建时间
long field_createTime = ((Long) XposedHelpers.getObjectField(methodHookParam.thisObject, "field_createTime")).longValue();
log("uiMsgListener field_isSend:" + field_isSend + "--field_type:" + field_type + "--field_msgSvrId--" + field_msgSvrId + "--field_talker--" + field_talker + "--field_content--" + field_content);
}
};
XposedHelpers.findAndHookMethod("com.tencent.mm.storage.bi", lpparam.classLoader, "d", arrayOfObject);
log("uiMsgListener 结束");
}
/**
* 插入消息监听 处理微信 dao层
*/
public static void insertMsgDAOListener(XC_LoadPackage.LoadPackageParam lpparam) {
log("insertMsgDAOListener 开始");
//这个类是参数,所以要获取这个类对象当做参数传入
Class<?> au = XposedHelpers.findClass("com.tencent.mm.storage.bk", lpparam.classLoader);
Object[] arrayOfObject = new Object[3];
arrayOfObject[0] = au;
arrayOfObject[1] = boolean.class;
arrayOfObject[2] = new XC_MethodHook() {
protected void afterHookedMethod(MethodHookParam paramAnonymousMethodHookParam) throws XmlPullParserException, IOException {
Object au = paramAnonymousMethodHookParam.args[0];
if (au == null) {
return;
}
log("==================================");
int field_isSend = ((Integer) XposedHelpers.getObjectField(au, "field_isSend")).intValue();
log("消息来自:"+(field_isSend==0?"接收消息":"发送消息"));
int field_type = ((Integer) XposedHelpers.getObjectField(au, "field_type")).intValue();
String field_type_str = "其他消息";
if (field_type==1){
field_type_str = "文本消息";
}else if(field_type==3){
field_type_str = "图片消息";
}else if(field_type==34){
field_type_str = "语音消息(非通话)";
}else if(field_type==419430449){
field_type_str = "转账消息";
}else if(field_type==436207665){
field_type_str = "红包消息";
}else if(field_type==48){
field_type_str = "地理位置信息";
}else if(field_type==49){
field_type_str = "来自收藏或文件消息";
}else if(field_type==42){
field_type_str = "名片消息";
}
log("消息类型:"+field_type_str);
Object field_msgSvrId = XposedHelpers.getObjectField(au, "field_msgSvrId");
log("消息ID:"+(field_msgSvrId.equals("0")?"无":field_msgSvrId));
String field_content = (String) XposedHelpers.getObjectField(au, "field_content");
log("消息内容:"+(field_content));
String field_talker = (String) XposedHelpers.getObjectField(au, "field_talker");
log("接受自或发送到(微信ID):"+(field_talker));
log("==================================");
}
};
XposedHelpers.findAndHookMethod(XposedHelpers.findClass("com.tencent.mm.storage.bl", lpparam.classLoader), "c", arrayOfObject);
log("insertMsgDAOListener 结束");
}
/**
* 插入消息监听
*/
public static void insertMsgDBListener(XC_LoadPackage.LoadPackageParam lpparam) {
log("insertMsgDBListener 开始");
Object[] arrayOfObject = new Object[4];
arrayOfObject[0] = String.class;
arrayOfObject[1] = String.class;
arrayOfObject[2] = ContentValues.class;
arrayOfObject[3] = new XC_MethodHook() {
protected void afterHookedMethod(MethodHookParam paramAnonymousMethodHookParam) throws XmlPullParserException, IOException {
log("参数长度:"+paramAnonymousMethodHookParam.args.length);
log("insertMsgDBListener 0"+paramAnonymousMethodHookParam.args[0]);
log("insertMsgDBListener 1"+paramAnonymousMethodHookParam.args[1]);
log("insertMsgDBListener 2"+paramAnonymousMethodHookParam.args[2]);
}
};
XposedHelpers.findAndHookMethod(XposedHelpers.findClass("com.tencent.wcdb.database.SQLiteDatabase", lpparam.classLoader), "insert", arrayOfObject);
log("insertMsgDBListener 结束");
}
}
在浏览的同时希望给予作者打赏,来支持作者的服务器维护费用.一分也是爱~
long0919
帅哥 针对这个微信的逆向 能否加个好友?Q:747024605 期待合作哦~~
用户 Windows10 609 天前回复