[原创]反汇编:微信小程序 wxapkg
2023-6-9 09:31:0 Author: bbs.pediy.com(查看原文) 阅读量:10 收藏

将微信卸载重装,或者清空所有小程序后,重新加载要分析的小程序,
在/data/data/com.tencent.mm/MicroMsg/appbrand目录下搜索wxapkg会得到所在目录,导出即可。

wxapkg 文件的数据格式分成三个部分:
第一部分:文件的前 6 字节为 V1MMWX;
第二部分:之后的 1024 字节为 AES CBC 加密数据;
第三部分:从 1024+6 之后的所有数据为异或加密的数据。

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

__author__ = '行简'

import sys, os

import struct

class WxapkgFile(object):

    nameLen = 0

    name = ""

    offset = 0

    size = 0

def main(dir_path):

    with open(dir_path, "rb") as f:

        root = os.path.dirname(os.path.realpath(f.name))

        name = os.path.basename(f.name) + '_dir'

        if len(sys.argv) > 2:

            name = sys.argv[2]

        firstMark = struct.unpack('B', f.read(1))[0]

        print('first header mark = {}'.format(firstMark))

        info1 = struct.unpack('>L', f.read(4))[0]

        print('info1 = {}'.format(info1))

        indexInfoLength = struct.unpack('>L', f.read(4))[0]

        print('indexInfoLength = {}'.format(indexInfoLength))

        bodyInfoLength = struct.unpack('>L', f.read(4))[0]

        print('bodyInfoLength = {}'.format(bodyInfoLength))

        lastMark = struct.unpack('B', f.read(1))[0]

        print('last header mark = {}'.format(lastMark))

        if firstMark != 0xBE or lastMark != 0xED:

            print('its not a wxapkg file!!!!!')

            f.close()

            exit()

        fileCount = struct.unpack('>L', f.read(4))[0]

        print('fileCount = {}'.format(fileCount))

        fileList = []

        for i in range(fileCount):

            data = WxapkgFile()

            data.nameLen = struct.unpack('>L', f.read(4))[0]

            data.name = f.read(data.nameLen)

            data.offset = struct.unpack('>L', f.read(4))[0]

            data.size = struct.unpack('>L', f.read(4))[0]

            print('readFile = {} at Offset = {}'.format(str(data.name, encoding = "utf-8"), data.offset))

            fileList.append(data)

        for d in fileList:

            d.name = '/' + name + str(d.name, encoding = "utf-8")

            path = root + os.path.dirname(d.name)

            if not os.path.exists(path):

                os.makedirs(path)

            w = open(root + d.name, 'wb')

            f.seek(d.offset)

            w.write(f.read(d.size))

            w.close()

            print('writeFile = {}{}'.format(root, d.name))

        f.close()

if __name__ == '__main__':

    dir_path = r'xxxx'  

    main(dir_path)


文章来源: https://bbs.pediy.com/thread-277534.htm
如有侵权请联系:admin#unsafe.sh