Code Monkey home page Code Monkey logo

wx-hook's Introduction

wx-hook

介绍

用于记录老版本的小程序的基址和文件,用于绕过使用

bug处理

注意当前方法可能导致一些神奇的bug,提前声明这类bug,我不怎么会解决,可以反馈大家一起解决

90%的bug,可以采用将RadiumWMPF里面的所有小程序删除完,然后重启wx,重新替换,替换文件修改只读解决

优化使用

介绍

这里是 https://github.com/eeeeeeeeee-code/e0e1-wx 的hook优化扩展使用

新版的devtools十分难受,界面垃圾,功能稀少,感觉就是微信防止hook的一种限制手段

这里找到一种绕过的方法

使用方法

1.在 Releases,下载老版本的小程序文件,这里我下载的是8447.zip文件

image

2.退出微信,来到 %appdata%\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\ 文件夹,将新版小程序里面的文件清空,列如我这里是9129,将里面的文件清空

image

3.解压老版本的小程序文件,将里面的extracted文件夹所有内容复制到9129下面 (我是9129,你们是什么自己看)

image

4.将文件夹设置成只读,然后打开微信

image

5.然后来到addres,找到对应的基址替换上去,列如我替换的文件是8447的,就使用8447的基址

image

6.启动e0e1-wx脚本,发现成功hook以前的devtools了

image

windows 小程序抓包流程

介绍

发现些人还在用 安卓模拟器去搞小程序抓包,这样费时不省力,而且准备的工具e0e1-wx,就是为了配合windows小程序渗透的

所以接下来的优化,准备通过python脚本来抓小程序的http\https流量,直接转发到burp。

环境准备

1.Proxifier 老版中文版 (网上很多)

2.burp

首先打开Proxifier ,寻找代理服务器

image

选择添加一个代理,这里就添加自己burp设置的代理就可以了,端口也是burp对应的端口,自己设置

image

image

选择代理规则

image

这里选择添加个代理规则

image

应用程序填写为这些

WeChatApp.exe;WechatBrowser.exe;WeChatAppEx.exe

image

然后打开你的burp,打开你想要搞的小程序,是可以轻松拦包的,包括https的包

image

wx-hook's People

Contributors

eeeeeeeeee-code avatar

Stargazers

avatar stem avatar Michael Cade avatar skr avatar avatar avatar avatar avatar lsl_wislove avatar avatar Mount4in avatar xiangxiaowei avatar savil avatar CrE0m avatar avatar avatar avatar avatar Red256 avatar FerrisGong avatar avatar tutu avatar avatar pepoc3 avatar avatar avatar avatar wk avatar avatar guest_user avatar avatar s1g0day avatar mimo99 avatar AJay13 avatar WangGangdan avatar bdz avatar avatar avatar Public profile avatar KUANTECH avatar avatar ZFYy1 avatar avatar avatar avatar niko avatar Chen avatar saozi avatar avatar Valerian avatar Kingking avatar avatar suifeng avatar avatar avatar avatar DDRYY avatar Rentr02 avatar avatar avatar avatar kk1230 avatar 炁 avatar Lay0us avatar 二色之蝶 avatar lengf233 avatar Se4Gu1l avatar zhoushuren avatar avatar avatar GithubAutoBackupBot avatar hirak0 avatar avatar Jeffrey avatar JokerMask avatar avatar

Watchers

avatar avatar

Forkers

zhangyanlin2022 lay0us passwa11 shuaibibobo sxx2022 rentr02 gitgcccreate qxlcn pupulit mojitocean kingking888 junkrat686 nasireddin killman122 onegithuber savli shixiaoxianga

wx-hook's Issues

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.