wxhelper

wechat hook. PC side WeChat reverse learning. Supports versions 3.8.0.41, 3.8.1.26, 3.9.0.28, 3.9.2.23, and 3.9.2.26.

The content published in this warehouse is only for learning and research, please do not use it for illegal or commercial purposes! If any legal disputes arise as a result, the author has nothing to do with it!

This project is a reverse exercise project and may result in account bans and other consequences. Please use at your own risk. For study and research only, please do not use it for illegal purposes.

Reversely analyze the PC WeChat client, locate the key calls of related functions, and write a dll to call the key calls. Then inject the dll file into the WeChat process.
When the dll is successfully injected, an http server with a default port of 19088 is created, and then all functions can be called directly through the http protocol.

                                      |----------------
--------------------------    注入    |  WeChat.exe    |
| ConsoleApplication.exe  |————————>  |----------------           --------------    访问      ---------
|                         |           | wxhelper.dll   |————————>| 启动http服务  | <----------| clent |
|--------------------------           |-----------------          --------------              --------    

Supported versions 3.8.0.41, 3.8.1.26, 3.9.0.28, 3.9.2.23, 3.9.2.26, 3.9.5.81.
The source code and main implementation are in the corresponding branches.
src: main dll code
tool: A simple injection tool, one is the console and the other is the graphical interface.
python: tcpserver.py: A simple server for receiving message content. decrpty.py: WeChat database decryption tool. http_server.py: http server side.
source: Simple command line remote injection of source code.
Other directories: Some clients provided by enthusiastic authors.

My personal energy and level are limited, and the project still has many shortcomings. You are welcome to submit issues or PRs. Looking forward to your contribution.

For methods commonly used by individuals, please refer to https://github.com/ttttupup/wxhelper/wiki
For usage issues, please check https://github.com/ttttupup/wxhelper/discussions
Database decryption, please refer to https://github.com/ttttupup/wxhelper/wiki
My personal energy is limited, so I only maintain the latest version. Bugs in the old version will be fixed in the new version, and the old version will not be maintained.

Visual Studio 2022(x86)

Visual Studio code

cmake

vcpkg

Prepare the compilation environment first.

 cd wxhelper  
mkdir build  
cd build  
cmake -DCMAKE_C_COMPILER=cl.exe  
-DCMAKE_CXX_COMPILER=cl.exe 
-DCMAKE_BUILD_TYPE=Debug 
-DCMAKE_INSTALL_PREFIX=C:/other/codeSource/windows/wxhelper/out/install/x86-debug 
-DCMAKE_TOOLCHAIN_FILE:FILEPATH=C:/vcpkg/scripts/buildsystems/vcpkg.cmake 
-SC:/wxhelper 
-BC:/wxhelper/build/x86-debug
-G Ninja

cmake --build ..  

The following is the operation in vscode, the operation in vs is similar.
1. Install vcpkg, cmake, vscode

2. Install the corresponding library. If the installed versions are different, just modify the content of CMakeLists.txt according to the find_package prompted after the vcpkg installation is successful. Or compile it yourself.

    vcpkg  install mongoose  
    vcpkg  install nlohmann-json

3.vscode configure CMakePresets.json, mainly set CMAKE_C_COMPILER and CMAKE_CXX_COMPILER to cl.exe. Reference is as follows

 {
            "name": "x86-release",
            "displayName": "x86-release",
            "description": "Sets Ninja generator, build and install directory",
            "generator": "Ninja",
            "binaryDir": "${sourceDir}/out/build/${presetName}",
            "architecture":{
                "value": "x86",
                "strategy": "external"
            },
            "cacheVariables": {
                "CMAKE_C_COMPILER": "cl.exe",
                "CMAKE_CXX_COMPILER": "cl.exe",
                "CMAKE_BUILD_TYPE": "Release",
                "CMAKE_INSTALL_PREFIX": "${sourceDir}/out/install/${presetName}",
                "CMAKE_TOOLCHAIN_FILE": {
                    "value": "C:/soft/vcpkg/scripts/buildsystems/vcpkg.cmake",
                     "type": "FILEPATH"
                  }
            },
            "environment": {

            }
          
        }

4. Right-click configure all projects in cmake build vscode and click Run Task in Terminal. If you do not configure the build task first, then run it.

5. Command line injection tool, injection command

    //-i  注入程序名   -p 注入dll路径   
    // -u 卸载程序名   -d 卸载dll名称
    // -m pid  关闭微信互斥体，多开微信
    // -P port 指定http端口，需要使用 specify-port 分支的生成的dll
    // -I 注入程序的pid
    //注入  
    ConsoleInject . exe  - i demo . exe - p E:t estInject . dll
    //卸载 
    ConsoleInject . exe  - u demo . exe - d  testInject . dll
    //多开
    ConsoleInject . exe  - m 1222
    // 注入并指定http端口
    ConsoleInject . exe  - i demo . exe - p E:t estInject . dll  - P  18888   
    // 注入指定pid并关闭多开限制
    ConsoleInject . exe  - I 15048 - p E:t estInject . dll  - m 15048  
  

6. If you want to change the port, you can create the config.ini configuration file in the WeChat directory and modify the port. If not created, the default port is 19088.

[config]
port=19099

2022-12-26: Added support for version 3.8.1.26.

2022-12-29: Added text extraction function.

2023-01-02: Log out of WeChat.

2023-01-31: Added the ability to modify group nicknames (only supports 3.8.1.26).

2023-02-01: Added Paiyipai (only supports 3.8.1.26).

2023-02-04: Added group message pinning and unpinning.

2023-02-06: Added payment confirmation.

2023-02-08: Added new Moments messages.

2023-02-09: Added basic functions of version 3.9.0.28.

2023-02-13: Added group nickname and WeChat name.

2023-02-17: Added the ability to add friends through wxid and search for WeChat.

2023-03-02: Added new @message

2023-03-04: New message attachment download

2023-03-21: Added hook voice

2023-03-30: Added the ability to obtain voice files (it is recommended to use this non-hook interface)

2023-04-08 : Function update of version 3.9.2.23

2023-06-05: Version 3.9.2.26 updated

2023-07-07: Version 3.9.5.81 updated

0. Check if you are logged in
1. Get login information on WeChat
2. Send a text
3. Send @text
5.Send pictures
6.Send files
9.Hook message
10. Cancel hook message
11.hook pictures
12. Cancel hook picture
13.hook voice
14. Cancel hook voice
17.Delete friends
19. Search WeChat via mobile phone or QQ
20. Add friends through wxid
23. Apply through friends
25. Get group members
26. Get group member nicknames
27. Delete group members
28. Add group members
31. Modify the group nickname
32. Get database handle
34. Query the database
35.hook log
36. Cancel hook log
40.Forward message
44. Log out
45. Confirm payment
46. ​​Contact list
47. Get group details
48. Get decrypted pictures
49. Image extraction text OCR
50. Take a shot
51. Pinned message in group messages
52. Unpin group messages to the top
53. Home page of Moments
54. Moments next page
55. Get the contact or group name
56. Get message attachments (pictures, videos, files)
57. Get voice files (silk3 format)
58. Login QR code
59.Invite to join the group
60. Get group/group member details
61.Withdraw message
62.Send public account messages
63. Forward public account messages
64.Send mini program
65.Refund
66. Download avatar (don’t use it, it’s useless)

https://github.com/ljc545w/ComWeChatRobot

https://github.com/NationalSecurityAgency/ghidra

https://github.com/x64dbg/x64dbg

https://t.me/+LmvAauweyUpjYzJl