微信群防封代码,微信共存防封代码分析
微信共存防封版伪代码分析,想要避免被封就需要了解一下哪些操作行为会被封。只要不去做这样的行为那就可以规避被封的风险,关于微信群防封代码下面小编就介绍一篇关于微信共存防封版代码文章供大家参考。
解压 "微信共存防封版_v6.3.22.ipa", 发现 addone.dylib.
打开hopper, 发现hook了以下6个方法.
CHLoadClass_(0xe0f8, objc_getClass("NSBundle"));
CHLoadClass_(0xe104, objc_getClass("UIDevice"));
CHLoadClass_(0xe110, objc_getClass("NSDictionary"));
CHLoadClass_(0xe11c, objc_getClass("MMCrashReportExtLogMgr"));
CHLoadClass_(0xe128, objc_getClass("JailBreakHelper"));
CHLoadClass_(0xe134, objc_getClass("ASIdentifierManager"));
NSBundle
int __ZL33$NSBundle_bundleIdentifier_methodP8NSBundleP13objc_selector(void * arg0, void * arg1) {
sp = sp - 0x1c;
stack[2044] = arg0;
if (sign_extend_32(isDirectCalledByModule("WeChat")) != 0x0) {
stack[2045] = @"com.tencent.xin";
}
else {
r1 = *0xe140;
stack[2045] = (r1)(stack[2044], @selector(bundleIdentifier), @selector(bundleIdentifier), r1, r1, @selector(bundleIdentifier));
}
r0 = stack[2045];
return r0;
}
NSDictionary
int __ZL33$NSDictionary_valueForKey$_methodP12NSDictionaryP13objc_selectorP8NSString(void * arg0, void * arg1, void * arg2) {
sp = sp - 0x20;
stack[2044] = arg0;
stack[2042] = arg2;
if ((sign_extend_32((*arg0)(stack[2042], @selector(isEqualToString:), @"CFBundleIdentifier", @"CFBundleIdentifier", stack[2040], stack[2041], stack[2042])) != 0x0) && (sign_extend_32(isDirectCalledByModule("WeChat")) != 0x0)) {
stack[2045] = @"com.tencent.xin";
}
else {
r1 = *0xe148;
stack[2045] = (r1)(stack[2044], @selector(valueForKey:), stack[2042], r1, r1, @selector(valueForKey:));
}
r0 = stack[2045];
return r0;
}
int __ZL45$NSDictionary_objectForKeyedSubscript$_methodP12NSDictionaryP13objc_selectorPU19objcproto9NSCopying11objc_object(void * arg0, void * arg1, void * arg2) {
sp = sp - 0x34;
stack[2044] = arg0;
stack[2042] = arg2;
r2 = *stack[2042];
if ((([stack[2042] isKindOfClass:_objc_msgSend(@class(NSString), r2, r2, r3, stack[2035], stack[2036], stack[2037], stack[2038]), stack[2042], stack[2035], stack[2036]] != 0x0) && ([stack[2042] isEqualToString:@"CFBundleIdentifier", r1, stack[2035], stack[2036]] != 0x0)) && (sign_extend_32(isDirectCalledByModule("WeChat")) != 0x0)) {
stack[2045] = @"com.tencent.xin";
}
else {
r1 = *0xe14c;
stack[2045] = (r1)(stack[2044], @selector(objectForKeyedSubscript:), stack[2042], r1, r1, @selector(objectForKeyedSubscript:));
}
r0 = stack[2045];
return r0;
}
int __ZL34$NSDictionary_objectForKey$_methodP12NSDictionaryP13objc_selectorPU19objcproto9NSCopying11objc_object(void * arg0, void * arg1, void * arg2) {
sp = sp - 0x34;
stack[2044] = arg0;
stack[2042] = arg2;
r2 = *stack[2042];
if ((([stack[2042] isKindOfClass:_objc_msgSend(@class(NSString), r2, r2, r3, stack[2035], stack[2036], stack[2037], stack[2038]), stack[2042], stack[2035], stack[2036]] != 0x0) && ([stack[2042] isEqualToString:@"CFBundleIdentifier", r1, stack[2035], stack[2036]] != 0x0)) && (sign_extend_32(isDirectCalledByModule("WeChat")) != 0x0)) {
stack[2045] = @"com.tencent.xin";
}
else {
r1 = *0xe150;
stack[2045] = (r1)(stack[2044], @selector(objectForKey:), stack[2042], r1, r1, @selector(objectForKey:));
}
r0 = stack[2045];
return r0;
}
JailBreakHelper
越狱检测
int __ZL50$JailBreakHelper_HasInstallJailbreakPlugin$_methodP11objc_objectP13objc_selectorS0_(void * arg0, void * arg1, void * arg2) {
r0 = sign_extend_32(0x0);
return r0;
}
int __ZL67$JailBreakHelper_HasInstallJailbreakPluginInvalidIAPPurchase_methodP11objc_objectP13objc_selector(void * arg0, void * arg1) {
r0 = sign_extend_32(0x0);
return r0;
}
int __ZL35$JailBreakHelper_IsJailBreak_methodP11objc_objectP13objc_selector(void * arg0, void * arg1) {
r0 = sign_extend_32(0x0);
return r0;
}
MMCrashReportExtLogMgr
崩溃记录
int __ZL54$MMCrashReportExtLogMgr_addLogInfo$withMessage$_methodP11objc_objectP13objc_selectorS0_S0_(void * arg0, void * arg1, void * arg2, void * arg3) {
r0 = arg0;
return r0;
}
ASIdentifierManager
修改广告标识
int __ZL49$ASIdentifierManager_advertisingIdentifier_methodP11objc_objectP13objc_selector(void * arg0, void * arg1) {
sp = sp - 0x4c;
stack[2045] = arg0;
r0 = [*@class(UICKeyChainStore) mainBundle];
r0 = [r0 bundleIdentifier];
r1 = *((")" | 0x0) + 0x1bca);
stack[2043] = (r1)(@class(UICKeyChainStore), @selector(keyChainStoreWithService:), r0, r1, stack[2029], stack[2030]);
if ([stack[2043] objectForKeyedSubscript:@"idfa", @"idfa", stack[2029], stack[2030]] == 0x0) {
r0 = (*0xe164)(stack[2045], @selector(advertisingIdentifier), stack[2043], @selector(advertisingIdentifier), stack[2029], stack[2030], stack[2031]);
[stack[2043] setObject:r0 forKeyedSubscript:@"idfa", stack[2029], stack[2030], r2];
}
r0 = [stack[2043] objectForKeyedSubscript:@"idfa", r1, r1, @"idfa"];
return r0;
}
其他方法
修改设备名称
int __ZL21$UIDevice_name_methodP8UIDeviceP13objc_selector(void * arg0, void * arg1) {
r0 = @"iPhone";
return r0;
}
防封补丁源码
#import
#import "CaptainHook/CaptainHook.h"
#import
CHDeclareClass(ASIdentifierManager)
//广告标识符伪装
CHMethod0(NSUUID *, ASIdentifierManager, advertisingIdentifier)
{
NSUUID *advertisingIdentifier;
NSString *key = @"idfa";
NSString *idfa = [[NSUserDefaults standardUserDefaults] stringForKey:key];
if (idfa && idfa.length)
{
advertisingIdentifier = [[NSUUID alloc] initWithUUIDString:idfa];
}
else
{
advertisingIdentifier = [NSUUID UUID];
[[NSUserDefaults standardUserDefaults] setObject:advertisingIdentifier.UUIDString forKey:key];
}
return advertisingIdentifier;
}
@class BaseAuthReqInfo, BaseRequest, ManualAuthAesReqData;
CHDeclareClass(ManualAuthAesReqData);
//bundleId 伪装(待完善)
CHMethod1(void, ManualAuthAesReqData, setBundleId, NSString *, bundleId)
{
if ([bundleId isEqualToString:[NSBundle mainBundle].bundleIdentifier])
{
bundleId = @"com.tencent.xin";
}
CHSuper1(ManualAuthAesReqData, setBundleId, bundleId);
}
//clientSeqId 伪装
CHMethod1(void, ManualAuthAesReqData, setClientSeqId, NSString *, clientSeqId)
{
NSString *key = @"clientSeqId";
NSString *clientSeqId_fist = [[NSUserDefaults standardUserDefaults] stringForKey:key];
if (!clientSeqId_fist || clientSeqId_fist.length == 0)
{
clientSeqId_fist = [[NSUUID UUID].UUIDString stringByReplacingOccurrencesOfString:@"-" withString:@""];
[[NSUserDefaults standardUserDefaults] setObject:clientSeqId_fist forKey:key];
}
NSString *newClientSeqId;
if ([clientSeqId containsString:@"-"])
{
NSRange range = [clientSeqId rangeOfString:@"-"];
NSString *clientSeqId_last = [clientSeqId substringFromIndex:range.location];
newClientSeqId = [NSString stringWithFormat:@"%@%@", clientSeqId_fist, clientSeqId_last];
}
else
{
newClientSeqId = clientSeqId_fist;
}
CHSuper1(ManualAuthAesReqData, setClientSeqId, newClientSeqId);
}
//deviceName 伪装
CHMethod1(void, ManualAuthAesReqData, setDeviceName, NSString *, deviceName)
{
//设置为默认名称
deviceName = @"iPhone";
CHSuper1(ManualAuthAesReqData, setDeviceName, deviceName);
}
//过日志记录
@class MMCrashReportExtLogMgr;
CHDeclareClass(MMCrashReportExtLogMgr);
CHMethod2(void, MMCrashReportExtLogMgr, addLogInfo, int *, arg1, withMessage, const char *, arg2)
{
return;
}
//过越狱检测
@class JailBreakHelper;
CHDeclareClass(JailBreakHelper);
CHMethod0(BOOL, JailBreakHelper, HasInstallJailbreakPluginInvalidIAPPurchase)
{
return NO;
}
CHMethod1(BOOL, JailBreakHelper, HasInstallJailbreakPlugin, id, arg1)
{
return NO;
}
CHMethod0(BOOL, JailBreakHelper, IsJailBreak)
{
return NO;
}
//所有被hook的类和函数放在这里的构造函数中
CHConstructor
{
@autoreleasepool
{
CHLoadLateClass(ASIdentifierManager);
CHHook0(ASIdentifierManager, advertisingIdentifier);
CHLoadLateClass(ManualAuthAesReqData);
CHHook1(ManualAuthAesReqData, setBundleId);
CHHook1(ManualAuthAesReqData, setClientSeqId);
CHHook1(ManualAuthAesReqData, setDeviceName);
CHLoadLateClass(MMCrashReportExtLogMgr);
CHHook2(MMCrashReportExtLogMgr, addLogInfo, withMessage);
CHLoadLateClass(JailBreakHelper);
CHHook0(JailBreakHelper, HasInstallJailbreakPluginInvalidIAPPurchase);
CHHook1(JailBreakHelper, HasInstallJailbreakPlugin);
CHHook0(JailBreakHelper, IsJailBreak);
}
}
以上就是微信群防封代码的全部内容,希望能够对需要的朋友有一些帮助,想要了解更多的微信公众号素材,可以访问微素达网站哦!
相关阅读:
《公众号被恶意举报怎么办?如何快速解封?》
《微信将严惩标题党账号 多次违规或永久封禁》
《微信公众号永久封号,被永久封号了如何解封?》
下一篇:怎么介绍微信公众号?