PC微信无视版本无限多开，c++源代码_微信pc端版本过低资源-CSDN文库

共2个文件

h：1个

cpp：1个

微信多开

需积分: 10 96 浏览量 2022-04-03 13:27:28 上传评论收藏 8KB RAR 举报

资源详情

资源评论

资源推荐

收起资源包目录

WeChatStart.rar （2个子文件）

OpenWeChat.cpp 7KB

OpenWeChat.h 25KB

//#include "stdafx.h" #include "pch.h" #include "OpenWeChat.h" #include "util.h" #include <Windows.h> #include <TlHelp32.h> #include <Shlwapi.h> #include <shellapi.h> #pragma comment(lib, "shlwapi") #pragma comment(lib, "Advapi32") #pragma comment(lib, "Shell32") ZWQUERYSYSTEMINFORMATION ZwQuerySystemInformation = (ZWQUERYSYSTEMINFORMATION)GetProcAddress( GetModuleHandleA("ntdll.dll"), "ZwQuerySystemInformation"); NTQUERYOBJECT NtQueryObject = (NTQUERYOBJECT)GetProcAddress( GetModuleHandleA("ntdll.dll"), "NtQueryObject"); static SYSTEM_INFORMATION_CLASS ex_information = SystemExtendedHandleInformation;//SystemExtendedHandleInformation; #pragma warning(disable:4996) //进程提权 BOOL ElevatePrivileges() { HANDLE hToken; TOKEN_PRIVILEGES tkp; tkp.PrivilegeCount = 1; if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) return FALSE; LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &tkp.Privileges[0].Luid); tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(TOKEN_PRIVILEGES), NULL, NULL)) { return FALSE; } return TRUE; } HANDLE DuplicateHandleEx(DWORD pid, HANDLE h, DWORD flags) { HANDLE hHandle = NULL; HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid); if (hProc) { if (!DuplicateHandle(hProc, (HANDLE)h, GetCurrentProcess(), &hHandle, 0, FALSE, /*DUPLICATE_SAME_ACCESS*/flags)) { hHandle = NULL; } CloseHandle(hProc); } return hHandle; } int GetProcIds(LPCWSTR Name, DWORD* Pids) { PROCESSENTRY32 pe32 = { sizeof(pe32) }; int num = 0; HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); if (hSnap) { if (Process32First(hSnap, &pe32)) { do { if (!_wcsicmp(Name, pe32.szExeFile)) { if (Pids) { Pids[num++] = pe32.th32ProcessID; } } } while (Process32Next(hSnap, &pe32)); } CloseHandle(hSnap); } return num; } BOOL IsTargetPid(DWORD Pid, DWORD* Pids, int num) { for (int i = 0; i < num; i++) { if (Pid == Pids[i]) { return TRUE; } } return FALSE; } int PatchWeChat() { CString strNames; DWORD dwSize = 0; POBJECT_NAME_INFORMATION pNameInfo; POBJECT_NAME_INFORMATION pNameType; PVOID pbuffer = NULL; NTSTATUS Status; int nIndex = 0; DWORD dwFlags = 0; char szType[128] = { 0 }; char szName[512] = { 0 }; PSYSTEM_HANDLE_INFORMATION1 pHandleInfo = NULL; DWORD Pids[100] = { 0 }; int ret = -1; ElevatePrivileges(); DWORD Num = GetProcIds(L"WeChat.exe", Pids); if (Num == 0) { return ret; } if (!ZwQuerySystemInformation) { goto Exit0; } pbuffer = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE); if (!pbuffer) { goto Exit0; } Status = ZwQuerySystemInformation(SystemHandleInformation, pbuffer, 0x1000, &dwSize); if (!NT_SUCCESS(Status)) { if (STATUS_INFO_LENGTH_MISMATCH != Status) { goto Exit0; } else { // 这里大家可以保证程序的正确性使用循环分配稍好 if (NULL != pbuffer) { VirtualFree(pbuffer, 0, MEM_RELEASE); } if (dwSize * 2 > 0x4000000) // MAXSIZE { goto Exit0; } pbuffer = VirtualAlloc(NULL, dwSize * 2, MEM_COMMIT, PAGE_READWRITE); if (!pbuffer) { goto Exit0; } Status = ZwQuerySystemInformation(SystemHandleInformation, pbuffer, dwSize * 2, NULL); if (!NT_SUCCESS(Status)) { goto Exit0; } } } DWORD pid = 0; if (Num > 0) { pid = Pids[0]; } pHandleInfo = (PSYSTEM_HANDLE_INFORMATION1)pbuffer; for (nIndex = 0; nIndex < pHandleInfo->NumberOfHandles; nIndex++) { if (IsTargetPid(pHandleInfo->Handles[nIndex].ProcessId, Pids, Num)) { HANDLE hHandle = DuplicateHandleEx(pHandleInfo->Handles[nIndex].ProcessId, (HANDLE)pHandleInfo->Handles[nIndex].Handle, DUPLICATE_SAME_ACCESS ); /* HANDLE hHandle; DuplicateHandle(OpenProcess(PROCESS_ALL_ACCESS, FALSE, pHandleInfo->Handles[nIndex].ProcessId), (HANDLE)pHandleInfo->Handles[nIndex].Handle, GetCurrentProcess(), &hHandle, DUPLICATE_SAME_ACCESS, FALSE, DUPLICATE_SAME_ACCESS);*/ /* if (hHandle == NULL) continue;*/ Status = NtQueryObject(hHandle, ObjectNameInformation, szName, 512, &dwFlags); if (!NT_SUCCESS(Status)) { CloseHandle(hHandle); continue; } Status = NtQueryObject(hHandle, ObjectTypeInformation, szType, 128, &dwFlags); if (!NT_SUCCESS(Status)) { CloseHandle(hHandle); continue; } pNameInfo = (POBJECT_NAME_INFORMATION)szName; pNameType = (POBJECT_NAME_INFORMATION)szType; WCHAR TypName[1024] = { 0 }; WCHAR Name[1024] = { 0 }; wcsncpy_s(TypName, (WCHAR*)pNameType->Name.Buffer, pNameType->Name.Length / 2); wcsncpy_s(Name, (WCHAR*)pNameInfo->Name.Buffer, pNameInfo->Name.Length / 2); if (wcsstr(Name, L"_WeChat_App_Instance_Identity_Mutex_Name")) { CloseHandle(hHandle); hHandle = DuplicateHandleEx(pHandleInfo->Handles[nIndex].ProcessId, (HANDLE)pHandleInfo->Handles[nIndex].Handle, DUPLICATE_CLOSE_SOURCE ); if (hHandle) { ret = ERROR_SUCCESS; CloseHandle(hHandle); } else { ret = GetLastError(); } goto Exit0; } CloseHandle(hHandle); } } Exit0: if (strNames.GetLength() > 0) { CString sssss = strNames; } if (NULL != pbuffer) { VirtualFree(pbuffer, 0, MEM_RELEASE); } return ret; } int OpenWeChat(DWORD* pid) { int ret = -1; STARTUPINFO si = { sizeof(si) }; PROCESS_INFORMATION pi = { 0 }; PatchWeChat(); /*if (ret != ERROR_SUCCESS) { return ret; }*/ WCHAR Path[MAX_PATH] = { 0 }; ret = GetWeChatPath(Path); if (ERROR_SUCCESS != ret) { return ret; } //ShellExecute(NULL, L"Open", Path, NULL, NULL, SW_SHOW); if (!CreateProcess(NULL, Path, NULL, NULL, FALSE, CREATE_NEW_CONSOLE, NULL, NULL, &si, &pi)) { ret = GetLastError(); return ret; } CloseHandle(pi.hThread); CloseHandle(pi.hProcess); *pid = pi.dwProcessId; ret = ERROR_SUCCESS; return ret; }