Skip to content

feat: add WeChat 4 WMPF debugging support #206

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Klutton wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: add WeChat 4 WMPF debugging support #206

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
frida-example
.DS_Store
**/__pycache__
node_modules
tmp
.uv-cache
1 change: 1 addition & 0 deletions .python-version
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
3.13
65 changes: 63 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,8 @@

> 感谢志远大佬的WeChatOpenDevTool开源 代码只是把node改用python3重写,简单实现了一些自动化问题,重要代码都是原作者的。

### Windows 微信 3.x

| Windows 微信版本 | 小程序版本 | 是否为最新版 |
| ---------------- | ---------- | ------------ |
| | 11275_x64 | ✅ |
Expand All @@ -51,6 +53,21 @@

---

### Windows 微信 4.x / WMPF

> 微信 4 已切换为 Remote Debug/CDP 调试链路,不再沿用旧版内置 F12 补丁。
>
> 实现来源说明:
> 微信 4 兼容逻辑主要参考了 [`evi0s/WMPFDebugger`](https://github.com/evi0s/WMPFDebugger) 的公开实现、适配说明与相关 issue 讨论;本仓库在此基础上改造成了 Python 主控 + Frida 注入 + 本地 Node bridge 的版本。

已内置地址配置的 WMPF 版本:

`11581` `11633` `13331` `13341` `13487` `13639` `13655` `13871` `13909` `14161` `14199` `14315` `16133` `16203` `16389` `16467` `16771` `16815` `16965` `17037` `17071` `17127` `18055` `18151` `18787` `18891` `18955` `19027` `19201` `19339` `19459`

如果当前 WMPF 版本不在上面的列表里,`-x` 会提示你缺少 `configs/wx4/addresses.<version>.json`。

---


| Mac x64微信版本 | 是否为最新版 | x
| ---------------- | ------------ | ------------
Expand All @@ -60,6 +77,14 @@

## 如何查看当前运行版本?
### windows

微信 3.x 可以看关于页或小程序目录版本。

微信 4.x 可以在任务管理器里找到 `WeChatAppEx.exe`,右键“打开文件所在的位置”,查看路径里 `RadiumWMPF` 和 `extracted` 之间的数字,例如:

```text
...\RadiumWMPF\19201\extracted\...
```

![image](./docs/images/version0.jpg)

Expand All @@ -76,24 +101,44 @@ ps aux | grep 'WeChatAppEx' | grep -v 'grep' | grep "wmpf-mojo-handle"

### 开启小程序F12

> ~~只支持windows版本微信~~,运行前先启动微信运行前先启动微信(建议小号,别被封了。。。)
> 现在同时支持微信 3.x 和微信 4.x,但两者的调试方式不同。运行前先启动微信(建议小号,自担风险)。

1. 安装python3版本
2. 下载WeChatOpenDevTools-Python或直接下载编译好的exe
2. 如果要调试微信 4.x,请额外安装 Node.js(建议 20+)
3. 下载WeChatOpenDevTools-Python或直接下载编译好的exe
[WeChatOpenDevTools_64.exe](https://github.com/JaveleyQAQ/WeChatOpenDevTools-Python/releases/)

安装依赖

```
pip3 install -r requirements.txt
npm install
```

> 如果你只调试微信 3.x,可以跳过 `npm install`。

运行✅

```
python main.py -x
```

微信 3.x:

- 仍然沿用原来的注入逻辑,直接恢复小程序里的调试能力。

微信 4.x:

- 工具会自动识别 WMPF 运行时并切换到 Remote Debug 模式。
- 启动后会输出一个 `devtools://devtools/bundled/inspector.html?ws=127.0.0.1:<port>` 链接。
- 先启动要调试的小程序,等终端出现“微信4小程序调试客户端已连接”。
- 再用 Chrome / Edge 之类的 Chromium 浏览器打开这个链接。
- 可以通过下面两个参数改端口:

```bash
python main.py -x --debug-port 9421 --cdp-port 62000
```

![image](./docs/images/run.jpg)
![image](./docs/images/MG38.jpg)

Expand All @@ -105,6 +150,8 @@ python main.py -x
python main.py -c
```

> 这条路径目前仍然是旧版实现,微信 4.x 暂未适配。

![1709657739316](./docs/images/demo1.png)

![1709657739316](./docs/images/demo2.png)
Expand All @@ -125,6 +172,20 @@ python main.py -c
2. **如果微信版本相同小程序版本不同,就删除小程序版本目录并重启微信,直到刷出支持的小程序版本目录**
3. 最后回到上级目录,设置文件夹权限为只读,这样就能一直保持小程序版本一致
[image](https://github.com/JaveleyQAQ/WeChatOpenDevTools-Python/assets/132129852/c2b793c3-6d81-424e-a167-3b1e584cef6f)
* 微信4启动后没有出现内置 F12

- 这是正常现象。微信 4 走的是浏览器 DevTools 远程调试,不是旧版的小程序内置 F12。
- 请看终端输出里的 `devtools://...` 链接,用 Chromium 浏览器打开。
* 微信4小程序一闪而过 / 调试连接立刻断开

- 先确认顺序:先开小程序,等终端出现“微信4小程序调试客户端已连接”,再打开浏览器 DevTools。
- 看终端里的 `[frida] [hook] scene: ...` 和 `hook scene condition -> 1101`。
- 如果没有看到 `scene` 日志,说明这次流程没有命中小程序加载 hook。
- 如果看到了 `scene`,但没有 `1101`,说明当前小程序入口 scene 不在已适配列表里。
* 微信4提示缺少配置

- 终端会打印当前 WMPF 版本号。
- 对应补充 `configs/wx4/addresses.<version>.json` 后再重试。
* 怎么回退版本?

- https://weixin.qq.com/cgi-bin/readtemplate?lang=zh_CN&t=weixin_faq_list&head=true
Expand Down
6 changes: 6 additions & 0 deletions configs/wx4/addresses.11581.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 11581,
"LoadStartHookOffset": "0x28E9190",
"CDPFilterHookOffset": "0x38C4350",
"SceneOffsets": [1208, 1160, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.11633.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 11633,
"LoadStartHookOffset": "0x28F22A0",
"CDPFilterHookOffset": "0x38D41E0",
"SceneOffsets": [1208, 1160, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.13331.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 13331,
"LoadStartHookOffset": "0x0FFC200",
"CDPFilterHookOffset": "0x2420100",
"SceneOffsets": [1272, 1224, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.13341.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 13341,
"LoadStartHookOffset": "0x10009E0",
"CDPFilterHookOffset": "0x242E8E0",
"SceneOffsets": [1272, 1224, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.13487.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 13487,
"LoadStartHookOffset": "0x0FFB600",
"CDPFilterHookOffset": "0x241FEB0",
"SceneOffsets": [1272, 1224, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.13639.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 13639,
"LoadStartHookOffset": "0x1000990",
"CDPFilterHookOffset": "0x2424DE0",
"SceneOffsets": [1272, 1224, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.13655.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 13655,
"LoadStartHookOffset": "0x100F4B0",
"CDPFilterHookOffset": "0x244A9E0",
"SceneOffsets": [1280, 1232, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.13871.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 13871,
"LoadStartHookOffset": "0x101F160",
"CDPFilterHookOffset": "0x246FC40",
"SceneOffsets": [1360, 1312, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.13909.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 13909,
"LoadStartHookOffset": "0x101F0E0",
"CDPFilterHookOffset": "0x246FDC0",
"SceneOffsets": [1360, 1312, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.14161.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 14161,
"LoadStartHookOffset": "0x10246C0",
"CDPFilterHookOffset": "0x24839B0",
"SceneOffsets": [1360, 1312, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.14199.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 14199,
"LoadStartHookOffset": "0x10246F0",
"CDPFilterHookOffset": "0x24839E0",
"SceneOffsets": [1360, 1312, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.14315.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 14315,
"LoadStartHookOffset": "0x10004C0",
"CDPFilterHookOffset": "0x2424B50",
"SceneOffsets": [1272, 1224, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.16133.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 16133,
"LoadStartHookOffset": "0x470FAD0",
"CDPFilterHookOffset": "0x90FC7E0",
"SceneOffsets": [1360, 1312, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.16203.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 16203,
"LoadStartHookOffset": "0x4710890",
"CDPFilterHookOffset": "0x90FD640",
"SceneOffsets": [1360, 1312, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.16389.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 16389,
"LoadStartHookOffset": "0x24E4830",
"CDPFilterHookOffset": "0x2E2A880",
"SceneOffsets": [1360, 1312, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.16467.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 16467,
"LoadStartHookOffset": "0x24E4FD0",
"CDPFilterHookOffset": "0x2E2CC90",
"SceneOffsets": [1360, 1312, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.16771.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 16771,
"LoadStartHookOffset": "0x24E9130",
"CDPFilterHookOffset": "0x2E3C470",
"SceneOffsets": [1360, 1312, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.16815.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 16815,
"LoadStartHookOffset": "0x2509690",
"CDPFilterHookOffset": "0x2E768D0",
"SceneOffsets": [1416, 1360, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.16965.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 16965,
"LoadStartHookOffset": "0x2570220",
"CDPFilterHookOffset": "0x2F844A0",
"SceneOffsets": [1416, 1360, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.17037.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 17037,
"LoadStartHookOffset": "0x257D0A0",
"CDPFilterHookOffset": "0x2FB2310",
"SceneOffsets": [1408, 1352, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.17071.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 17071,
"LoadStartHookOffset": "0x258F370",
"CDPFilterHookOffset": "0x2FD3080",
"SceneOffsets": [1408, 1352, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.17127.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 17127,
"LoadStartHookOffset": "0x2590910",
"CDPFilterHookOffset": "0x2FD4040",
"SceneOffsets": [1408, 1352, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.18055.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 18055,
"LoadStartHookOffset": "0x25A1040",
"CDPFilterHookOffset": "0x30031E0",
"SceneOffsets": [1416, 1352, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.18151.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 18151,
"LoadStartHookOffset": "0x25A2E20",
"CDPFilterHookOffset": "0x3013D20",
"SceneOffsets": [1416, 1352, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.18787.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 18787,
"LoadStartHookOffset": "0x25B2870",
"CDPFilterHookOffset": "0x3028AD0",
"SceneOffsets": [1408, 1344, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.18891.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 18891,
"LoadStartHookOffset": "0x25B50C0",
"CDPFilterHookOffset": "0x30245E0",
"SceneOffsets": [1408, 1344, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.18955.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 18955,
"LoadStartHookOffset": "0x25B52C0",
"CDPFilterHookOffset": "0x30248B0",
"SceneOffsets": [1408, 1344, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.19027.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 19027,
"LoadStartHookOffset": "0x25B52D0",
"CDPFilterHookOffset": "0x3024AD0",
"SceneOffsets": [1408, 1344, 488]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.19201.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 19201,
"LoadStartHookOffset": "0x25B5DD0",
"CDPFilterHookOffset": "0x301B3C0",
"SceneOffsets": [1376, 1312, 456]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.19339.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 19339,
"LoadStartHookOffset": "0x25B5DD0",
"CDPFilterHookOffset": "0x301BA00",
"SceneOffsets": [1376, 1312, 456]
}
6 changes: 6 additions & 0 deletions configs/wx4/addresses.19459.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"Version": 19459,
"LoadStartHookOffset": "0x25BB580",
"CDPFilterHookOffset": "0x3022F20",
"SceneOffsets": [1376, 1312, 456]
}
Loading