zoukankan      html  css  js  c++  java

  • 基于Xposed hook 实时监测微信消息

    本文以微信版本6.7.3为例进行分析有hook, 大部分做微信机器人的话,首先要实时抓取微信的消息,在这里展示三种方式对微信的消息进行hook:
    1.基于UI层拉取加载进行监听
    2.基于微信dao层调用的保存进行监听
    3.基于数据库的插入保存进行监听 这三层各有各的特点请自行选用

    package cn.robot;

import android.content.ContentValues;
import android.database.Cursor;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XposedHelpers;
import de.robv.android.xposed.callbacks.XC_LoadPackage;
import org.xmlpull.v1.XmlPullParserException;

import java.io.IOException;

import static de.robv.android.xposed.XposedBridge.log;

/**
 * author: zhao .
 * date:  2019/4/19
 */
public class WechatTest {
    /**
     * 注册接收消息的监听,处理UI触发流程
     */
    public static void uiMsgListener(XC_LoadPackage.LoadPackageParam lpparam) {
        log("uiMsgListener 开始");
        Object[] arrayOfObject = new Object[2];
        arrayOfObject[0] = Cursor.class;
        arrayOfObject[1] = new XC_MethodHook() {
            protected void afterHookedMethod(MethodHookParam methodHookParam) throws XmlPullParserException, IOException {
                //0代表别人发的消息,1代表是自己发的消息
                int field_isSend = ((Integer) XposedHelpers.getObjectField(methodHookParam.thisObject, "field_isSend")).intValue();
                //消息类型:1是文本...参考wechat_manager里的消息类型定义
                int field_type = ((Integer) XposedHelpers.getObjectField(methodHookParam.thisObject, "field_type")).intValue();
                //微信服务器端的消息id
                Object field_msgSvrId =  XposedHelpers.getObjectField(methodHookParam.thisObject, "field_msgSvrId");
                //消息内容
                String field_content = (String) XposedHelpers.getObjectField(methodHookParam.thisObject, "field_content");
                String field_talker = (String) XposedHelpers.getObjectField(methodHookParam.thisObject, "field_talker");
                //消息创建时间
                long field_createTime = ((Long) XposedHelpers.getObjectField(methodHookParam.thisObject, "field_createTime")).longValue();
                log("uiMsgListener field_isSend:" + field_isSend + "--field_type:" + field_type + "--field_msgSvrId--" + field_msgSvrId + "--field_talker--" + field_talker + "--field_content--" + field_content);

            }
        };
        XposedHelpers.findAndHookMethod("com.tencent.mm.storage.bi", lpparam.classLoader, "d", arrayOfObject);
        log("uiMsgListener 结束");
    }

    /**
     * 插入消息监听 处理微信 dao层
     */
    public static void insertMsgDAOListener(XC_LoadPackage.LoadPackageParam lpparam) {
        log("insertMsgDAOListener 开始");
        Class<?> au = XposedHelpers.findClass("com.tencent.mm.storage.bi", lpparam.classLoader);
        Object[] arrayOfObject = new Object[3];
        arrayOfObject[0] = au;
        arrayOfObject[1] = boolean.class;
        arrayOfObject[2] = new XC_MethodHook() {
            protected void afterHookedMethod(MethodHookParam paramAnonymousMethodHookParam) throws XmlPullParserException, IOException {
                Object au = paramAnonymousMethodHookParam.args[0];
                if (au == null) {
                    return;
                }
                int field_isSend = ((Integer) XposedHelpers.getObjectField(au, "field_isSend")).intValue();
                int field_type = ((Integer) XposedHelpers.getObjectField(au, "field_type")).intValue();
                Object field_msgSvrId = XposedHelpers.getObjectField(au, "field_msgSvrId");
                String field_content = (String) XposedHelpers.getObjectField(au, "field_content");
                String field_talker = (String) XposedHelpers.getObjectField(au, "field_talker");
                log("insertMsgDAOListener field_isSend:" + field_isSend + "--field_type:" + field_type + "--field_msgSvrId--" + field_msgSvrId + "--field_talker--" + field_talker + "--field_content--" + field_content);

            }
        };
        XposedHelpers.findAndHookMethod(XposedHelpers.findClass("com.tencent.mm.storage.bj", lpparam.classLoader), "b", arrayOfObject);
        log("insertMsgDAOListener 结束");
    }

    /**
     * 插入消息监听
     */
    public static void insertMsgDBListener(XC_LoadPackage.LoadPackageParam lpparam) {
        log("insertMsgDBListener 开始");
        Object[] arrayOfObject = new Object[4];
        arrayOfObject[0] = String.class;
        arrayOfObject[1] = String.class;
        arrayOfObject[2] = ContentValues.class;
        arrayOfObject[3] = new XC_MethodHook() {
            protected void afterHookedMethod(MethodHookParam paramAnonymousMethodHookParam) throws XmlPullParserException, IOException {
                log("insertMsgDBListener 0"+paramAnonymousMethodHookParam.args[0]);
                log("insertMsgDBListener 1"+paramAnonymousMethodHookParam.args[1]);
                log("insertMsgDBListener 2"+paramAnonymousMethodHookParam.args[2]);

            }
        };
        XposedHelpers.findAndHookMethod(XposedHelpers.findClass("com.tencent.wcdb.database.SQLiteDatabase", lpparam.classLoader), "insert", arrayOfObject);
        log("insertMsgDBListener 结束");
    }
}
  • 相关阅读:
    POJ 3436 ACM Computer Factory (网络流,最大流)
    POJ 1847 Tram (最短路径)
    POJ 1062 昂贵的聘礼(图论,最短路径)
    POJ 2502 Subway / NBUT 1440 Subway / SCU 2186 Subway(图论,最短距离)
    POJ 3159 Candies (图论,差分约束系统,最短路)
    POJ 1511 Invitation Cards / UVA 721 Invitation Cards / SPOJ Invitation / UVAlive Invitation Cards / SCU 1132 Invitation Cards / ZOJ 2008 Invitation Cards / HDU 1535 (图论,最短路径)
    POJ 2240 Arbitrage / ZOJ 1092 Arbitrage / HDU 1217 Arbitrage / SPOJ Arbitrage(图论,环)
    POJ 3660 Cow Contest / HUST 1037 Cow Contest / HRBUST 1018 Cow Contest(图论,传递闭包)
    POJ 1502 MPI Maelstrom / UVA 432 MPI Maelstrom / SCU 1068 MPI Maelstrom / UVALive 5398 MPI Maelstrom /ZOJ 1291 MPI Maelstrom (最短路径)
    POJ 1860 Currency Exchange / ZOJ 1544 Currency Exchange (最短路径相关,spfa求环)
  • 原文地址:https://www.cnblogs.com/bqh10086/p/10985273.html
Copyright © 2011-2022 走看看