admin管理员组文章数量:1590878
Tested on 2.9.2.23
特征码:
74 0A BE 03 00 00 00 E9 27 06 00 00 83 EC 08 8B C4 56 57
使用下面py脚本,会生成一个WeChatWin_patched.dll版本,将这个文件改名并替换微信安装目录下的WeChatWin.dll即可:
# -*- coding: utf-8 -*-
# crucial opcode in WeChatWin.dll
crucial_opcode = b"\x74\x0A\xBE\x03\x00\x00\x00\xE9\x27\x06\x00\x00\x83\xEC\x08\x8B\xC4\x56\x57"
patch_opcode = b"\x90\x90"
# main
if __name__ == "__main__":
with open("WeChatWin.dll", "rb") as fs:
byte_buf = bytes(fs.read())
position = byte_buf.find(crucial_opcode)
if position == -1:
print "[-] can not find crucial code in WeChatWin.dll"
else:
print "[+] find the crucial code offset at {}".format(hex(position))
print "[+] after adjusting offset of crucial code {}".format(hex(position))
print "[+] modifying crucial code with {} NOP's".format(len(patch_opcode))
print "[+] generating patched file named WeChatWin_patched.dll"
with open("WeChatWin_patched.dll", "wb") as wfs:
wfs.write(byte_buf[0:position])
wfs.write(patch_opcode)
wfs.write(byte_buf[position + len(patch_opcode):])
wfs.close()
print "[+] Please rename the patched file according to WeChatWin.dll in WeChat installation directory"
fs.close()
版权声明:本文标题:微信防撤回补丁脚本 内容由热心网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:https://m.elefans.com/xitong/1728104645a1145655.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论