nalzok / Wechat Decipher Macos
Licence: mit
Scripts to extract chat history from WeChat on macOS
Stars: ✭ 128
Projects that are alternatives of or similar to Wechat Decipher Macos
Wechatspellbook
Wechat Spellbook 是一个使用Kotlin编写的开源微信插件框架,底层需要 Xposed 或 VirtualXposed 等Hooking框架的支持,而顶层可以轻松对接Java、Kotlin、Scala等JVM系语言。让程序员能够在几分钟内编写出简单的微信插件,随意揉捏微信的内部逻辑。
Stars: ✭ 1,584 (+1137.5%)
Mutual labels: wechat
Examples Of Web Crawlers
一些非常有趣的python爬虫例子,对新手比较友好,主要爬取淘宝、天猫、微信、豆瓣、QQ等网站。(Some interesting examples of python crawlers that are friendly to beginners. )
Stars: ✭ 10,724 (+8278.13%)
Mutual labels: wechat
Markdown Css
A tool convert css style into markdown inline style
Stars: ✭ 122 (-4.69%)
Mutual labels: wechat
Git Webhook Ci
A Git (github/gitee) webhook callback server to do stuff e.g. fetch new code (poor man CI)
Stars: ✭ 118 (-7.81%)
Mutual labels: wechat
Laravel Template
RESTful 模板,企业号/企业微信微信扫码登录/同步通讯录——Laravel vue2 iView
Stars: ✭ 119 (-7.03%)
Mutual labels: wechat
Cos Wx Upload File
微信小程序上传文件到腾讯云v5;Wechat mini program upload file to tencent cos v5
Stars: ✭ 129 (+0.78%)
Mutual labels: wechat
Wx Miniprogram Boilerplate
基于Gulp微信小程序开发工作流,支持less样式编写,支持ESLint代码检查等功能
Stars: ✭ 122 (-4.69%)
Mutual labels: wechat
WeChat Deciphers for macOS
This toolkit consists of three DTrace scripts for messing with WeChat.app on macOS.
-
eavesdropper.d
logs the conversation in real time. This shows everything to be saved to the database. -
dbcracker.d
reveals locations of the encrypted SQLite3 databases and their credentials. Since it can only capture secrets when WeChat.app opens these files, you need to either login or trigger a backup while the script is running. Simply copy & paste the script output to invoke SQLCipher and supply the respectivePRAGMA
s. -
xlogger.d
prints the log messages going to/Users/$USER/Library/Containers/com.tencent.xinWeChat/Data/Library/Caches/com.tencent.xinWeChat/2.0b4.0.9/log/*.xlog
. I made this script destructive so that I can overwrite the global log level variablegs_level
. While the log messages may not be super helpful to end users, they can be handy for further reverse engineering (for example, the AES key used for backup encryption is logged in plaintext).
Dependencies
Since dtrace(1)
is pre-installed on macOS, no dependencies are required to run the scripts. However, you may need to disable SIP if you haven't done that yet. In addition, you'll need SQLCipher to inspect the databases discovered by dbcracker.d
.
Usage
Launch WeChat and run
sudo $DECIPHER_SCRIPT -p $(pgrep -f '^/Applications/WeChat.app/Contents/MacOS/WeChat$')
replace $DECIPHER_SCRIPT
with ./dbcracker.d
, ./eavesdropper.d
, or ./xlogger.d
.
Version Information
The production of these scripts involved an excess amount of guesswork and wishful thinking, but at least it works on my machine :)
Device Type: MacBookPro14,1
System Version: Version 10.14.6 (Build 18G7016)
System Language: en
WeChat Version: [2020-10-14 12:55:50] v2.5.0.16 (15731) #2fb3ec2537
WeChat Language: en
Historic Version: [2020-07-24 20:51:39] v2.4.2.16 (15067) #d2826975af
Network Status: Reachable via WiFi or Ethernet
Display: *(1440x900)/Retina
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].