微信步数
防撤回
自动抢红包
CrackerXI+砸壳,或手动使用dumpdecrypted砸壳
这里我使用的微信版本是8.0.0
使用scp或者助手把已砸壳的wechat.ipa导出
MonkeyDev集成在xcode上面,可以快速开发hook的代码,链接到Mach-O文件,支持修改ipa后的免越狱安装。
新建MonkeyDev项目
把砸壳后的微信ipa拖进工程中的TargetApp目录
run编译真机调试
打开微信设置页面,xcode打开Debug View Hierarychy查看层级。
新增控件类WCTableViewManager
新增自动抢红包、消息防撤回、微信步数修改选项
hook红包消息实现自动抢
防撤回实现
修改微信运动步数
自签名打包后实现多开,配合AltDeploy+AltStore食用更佳
MonkeyDev
WeChatRedEnvelop
[iOS应用逆向与安全之道]
新年快乐
%
hook NewSettingViewController
-
(void)reloadTableData{
%
orig;
WCTableViewManager
*
tableViewMgr
=
MSHookIvar<
id
>(
self
,
"m_tableViewMgr"
);
MMTableView
*
tableView
=
[tableViewMgr getTableView];
WCTableViewNormalCellManager
*
newCell
=
[
%
c(WCTableViewNormalCellManager) normalCellForSel:@selector(setting) target:
self
title:@
"你懂的"
];
[((WCTableViewSectionManager
*
)tableViewMgr.sections[
0
]) addCell: newCell];
[tableView reloadData];
}
%
new
-
(void)setting {
UIViewController
*
vc
=
[[HZWechatSettingController alloc] init];
[((UIViewController
*
)
self
).navigationController PushViewController:vc animated:true];
}
%
end
%
hook NewSettingViewController
-
(void)reloadTableData{
%
orig;
WCTableViewManager
*
tableViewMgr
=
MSHookIvar<
id
>(
self
,
"m_tableViewMgr"
);
MMTableView
*
tableView
=
[tableViewMgr getTableView];
WCTableViewNormalCellManager
*
newCell
=
[
%
c(WCTableViewNormalCellManager) normalCellForSel:@selector(setting) target:
self
title:@
"你懂的"
];
[((WCTableViewSectionManager
*
)tableViewMgr.sections[
0
]) addCell: newCell];
[tableView reloadData];
}
%
new
-
(void)setting {
UIViewController
*
vc
=
[[HZWechatSettingController alloc] init];
[((UIViewController
*
)
self
).navigationController PushViewController:vc animated:true];
}
%
end
WCTableViewCellManager
*
autoEnvelopCell
=
[HZWechat switchCellWithSel:@selector(autoEnvelopSwitchChange:) target:
self
title:@
"自动抢红包"
switchOn:[HZWechatConfig autoRedEnvelop]];
[nidongde addCell:autoEnvelopCell];
WCTableViewCellManager
*
revokeIntercept
=
[HZWechat switchCellWithSel:@selector(revokeIntercept:) target:
self
title:@
"消息防撤回"
switchOn:[HZWechatConfig preventRevoke]];
[nidongde addCell:revokeIntercept];
WCTableViewCellManager
*
changeStepsCell
=
[HZWechat switchCellWithSel:@selector(changedSteps:) target:
self
title:@
"修改微信步数"
switchOn:[HZWechatConfig changeSteps]];
[nidongde addCell:changeStepsCell];
WCTableViewCellManager
*
autoEnvelopCell
=
[HZWechat switchCellWithSel:@selector(autoEnvelopSwitchChange:) target:
self
title:@
"自动抢红包"
switchOn:[HZWechatConfig autoRedEnvelop]];
[nidongde addCell:autoEnvelopCell];
WCTableViewCellManager
*
revokeIntercept
=
[HZWechat switchCellWithSel:@selector(revokeIntercept:) target:
self
title:@
"消息防撤回"
switchOn:[HZWechatConfig preventRevoke]];
[nidongde addCell:revokeIntercept];
WCTableViewCellManager
*
changeStepsCell
=
[HZWechat switchCellWithSel:@selector(changedSteps:) target:
self
title:@
"修改微信步数"
switchOn:[HZWechatConfig changeSteps]];
[nidongde addCell:changeStepsCell];
BOOL
(^shouldReceiveRedEnvelop)()
=
^
BOOL
() {
if
(!HZWechatConfig.autoRedEnvelop) {
return
NO; }
if
(isGroupInBlackList()) {
return
NO; }
if
(isContaintKeyWords()) {
return
NO; }
return
isGroupReceiver() ||
(isGroupSender() && isReceiveSelfRedEnvelop()) ||
(!isGroupReceiver() && HZWechatConfig.personalRedEnvelopEnable);
};
NSDictionary
*
(^parseNativeUrl)(NSString
*
nativeUrl)
=
^(NSString
*
nativeUrl) {
nativeUrl
=
[nativeUrl substringFromIndex:[@
"wxpay://c2cbizmessagehandler/hongbao/receivehongbao?"
length]];
return
[
%
c(WCBizUtil) dictionaryWithDecodedComponets:nativeUrl separator:@
"&"
];
};
BOOL
(^shouldReceiveRedEnvelop)()
=
^
BOOL
() {
if
(!HZWechatConfig.autoRedEnvelop) {
return
NO; }
if
(isGroupInBlackList()) {
return
NO; }
if
(isContaintKeyWords()) {
return
NO; }
return
isGroupReceiver() ||
(isGroupSender() && isReceiveSelfRedEnvelop()) ||
(!isGroupReceiver() && HZWechatConfig.personalRedEnvelopEnable);
};
NSDictionary
*
(^parseNativeUrl)(NSString
*
nativeUrl)
=
^(NSString
*
nativeUrl) {
nativeUrl
=
[nativeUrl substringFromIndex:[@
"wxpay://c2cbizmessagehandler/hongbao/receivehongbao?"
length]];
return
[
%
c(WCBizUtil) dictionaryWithDecodedComponets:nativeUrl separator:@
"&"
];
};
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
最后于 2021-2-10 08:49
被HaDazs编辑
,原因: