diff --git a/Cargo.toml b/Cargo.toml index 8a00dd5..5642989 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "wechat-dump-rs" -version = "1.0.22" +version = "1.0.22-no-phone" edition = "2021" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/src/main.rs b/src/main.rs index ed37693..05a6f35 100644 --- a/src/main.rs +++ b/src/main.rs @@ -494,56 +494,6 @@ fn dump_wechat_info_v4( .expect("Should have compiled rules"); let results = rules.scan_process(pid, 0).expect("Should have scanned"); - let phone_str_match = results - .iter() - .filter(|x| x.identifier == "GetPhoneNumberOffset") - .next() - .expect("unbale to find phone string") - .strings - .iter() - .filter(|x| { - x.matches.iter().any(|y| { - wechat_writeable_private_mem_infos - .iter() - .any(|z| y.base == z.base) - }) - }) - .next() - .expect("unbale to find phone string") - .matches - .iter() - .filter(|x| { - wechat_writeable_private_mem_infos - .iter() - .any(|y| x.base == y.base) - }) - .next() - .expect("unable to find phone string"); - - // let key_memory_info = wechat_writeable_private_mem_infos - // .iter() - // .find(|v| v.base == phone_str_match.base) - // .unwrap(); - // let key_search_range = 0..key_memory_info.base + key_memory_info.region_size; - - let nick_name_length = u64::from_le_bytes(phone_str_match.data[..8].try_into().unwrap()); - let phone_str_address = phone_str_match.base + phone_str_match.offset + 0x10; - let phone_str = read_string(pid, phone_str_address, 11).unwrap(); - println!("[+] found phone at 0x{:x} --> {}********", phone_str_address, &phone_str[..3]); - let nick_name = - read_string_or_ptr(pid, phone_str_address - 0x20, nick_name_length as usize).unwrap(); - - let account_name_length = read_number::(pid, phone_str_address - 0x30).unwrap(); - let mut account_name = - read_string_or_ptr(pid, phone_str_address - 0x40, account_name_length as _).unwrap(); - - // No account name - if account_name.is_empty() { - let wxid_length = read_number::(pid, phone_str_address - 0x50).unwrap(); - let wxid = read_string_or_ptr(pid, phone_str_address - 0x60, wxid_length as _).unwrap(); - account_name = wxid; - } - let data_dir = if special_data_dir.is_some() { special_data_dir .unwrap() @@ -634,10 +584,6 @@ rule GetKeyAddrStub } let mut pre_addresses: HashSet = HashSet::new(); - key_stub_str_addresses.sort_by(|&a, &b| { - a.abs_diff(phone_str_address as _) - .cmp(&b.abs_diff(phone_str_address as _)) - }); for cur_stub_addr in key_stub_str_addresses { // if cur_stub_addr < key_search_range.end as _ { if wechat_writeable_private_mem_infos.iter().any(|v| { @@ -754,9 +700,9 @@ rule GetKeyAddrStub WechatInfo { pid, version, - account_name, - nick_name: Some(nick_name), - phone: Some(phone_str), + account_name: "Unknown".to_owned(), + nick_name: Some("Unknown".to_owned()), + phone: Some("Unknown".to_owned()), data_dir, key: key, } @@ -1077,7 +1023,7 @@ fn cli() -> clap::Command { use clap::{arg, value_parser, Command}; Command::new("wechat-dump-rs") - .version("1.0.22") + .version("1.0.22-no-phone") .about("A wechat db dump tool") .author("REinject") .help_template("{name} ({version}) - {author}\n{about}\n{all-args}")