Skip to content

Instantly share code, notes, and snippets.

@liberize
Created September 20, 2017 16:44
Show Gist options
  • Save liberize/44b151b6b40a2af1716d484ccd4f8e66 to your computer and use it in GitHub Desktop.
Save liberize/44b151b6b40a2af1716d484ccd4f8e66 to your computer and use it in GitHub Desktop.
#!/bin/bash
apk="$1"
shopt -s expand_aliases
alias apktool="java -jar apktool_2.2.4.jar"
alias dex2jar="./dex2jar-2.0/d2j-dex2jar.sh"
alias jd-cli="java -jar jd-cli.jar"
echo "=> apk decompiling"
apktool d $apk -o wechat >/dev/null 2>&1
grep -oP 'version(Code|Name):.*' wechat/apktool.yml
echo "=> dex to java source"
for dex in classes.dex classes2.dex; do
unzip -j $apk $dex >/dev/null 2>&1
dex2jar $dex -o ${dex%.*}.jar >/dev/null 2>&1
jd-cli ${dex%.*}.jar -od src >/dev/null 2>&1
done
echo "=> find resource ids and variable names"
strings_xml="wechat/res/values/strings.xml"
public_xml="wechat/res/values/public.xml"
src_path="src/com/tencent/mm"
for png in wechat/res/drawable-xxhdpi-v4/*.png; do
cmp --silent $png fp.png && icon=$(basename -s .png $png) && break
done
[ -z "$icon" ] && echo "finger icon not found!" && exit
icon_id=$(grep -oP '(?<=type="drawable" name="'$icon'" id=")0x[0-9a-f]*' $public_xml)
echo "Finger_icon: "$((icon_id))
title=$(grep -oP '(?<=<string name=")\w+(?=">请验证指纹</string>)' $strings_xml | head -n 1)
[ -z "$title" ] && echo "finger title not found!" && exit
title_id=$(grep -oP '(?<=type="string" name="'$title'" id=")0x[0-9a-f]*' $public_xml)
echo "Finger_title: "$((title_id))
passwd=$(grep -oP '(?<=<string name=")\w+(?=">请输入支付密码</string>)' $strings_xml | head -n 1)
[ -z "$passwd" ] && echo "password title not found!" && exit
passwd_id=$(grep -oP '(?<=type="string" name="'$passwd'" id=")0x[0-9a-f]*' $public_xml)
echo "passwd_title: "$((passwd_id))
payui=$(grep -rl 'public EditHintPasswdView' $src_path/plugin/wallet_core/ui | grep -v Wallet)
[ $(echo $payui | wc -l) != 1 ] && echo "payui class files not found or not unique: $payui" && exit
echo "Payview: "$payui
passwd_view=$(grep -oP '(?<=public EditHintPasswdView )\w+' $payui)
[ $(echo $passwd_view | wc -l) != 1 ] && echo "password view variable not found or not unique: $passwd_view" && exit
echo "PaypwdView: "$passwd_view
edit_text=$(grep -oP '(?<=private TenpaySecureEditText )\w+' $src_path/wallet_core/ui/formview/EditHintPasswdView.java)
[ $(echo $edit_text | wc -l) != 1 ] && echo "edit text variable not found or not unique: $edit_text" && exit
echo "PaypwdEditText: "$edit_text
input_view=$(grep -P -A 1 '\.isShown\(\)' $payui | grep -oP '\w+(?=\.setVisibility\()' | sort -u)
[ $(echo $input_view | wc -l) != 1 ] && echo "input view variable not found or not unique: $input_view" && exit
echo "PayInputView: "$input_view
passwd_var=$(grep -oP '(?<=public static final int )\w+(?= = '$((passwd_id))';)' $src_path/R.java)
pay_title=$(grep -P '\.setText\(.*R\.\w\.'$passwd_var'\)' $payui | grep -oP '\w+(?=.setText)' | sort -u)
[ $(echo $pay_title | wc -l) != 1 ] && echo "pay title variable not found or not unique: $pay_title" && exit
echo "PayTitle: "$pay_title
use_finger=$(grep -oP '(?<=<string name=")\w+(?=">使用指纹</string>)' $strings_xml | head -n 1)
[ -z "$use_finger" ] && echo "use finger text not found!" && exit
use_finger_id=$(grep -oP '(?<=type="string" name="'$use_finger'" id=")0x[0-9a-f]*' $public_xml)
use_finger_var=$(grep -oP '(?<=public static final int )\w+(?= = '$((use_finger_id))';)' $src_path/R.java)
use_finger_title=$(grep -P '\.setText\(.*R\.\w\.'$use_finger_var'\)' $payui | grep -oP '\w+(?=.setText)' | sort -u)
[ $(echo $use_finger_title | wc -l) != 1 ] && echo "use finger title variable not found or not unique: $use_finger_title" && exit
echo "Passwd_Text: "$use_finger_title
echo "=> cleaning up"
rm -rf classes*.jar classes*.dex src/ wechat/
@eritpchy
Copy link

这...佩服大佬. 我准备周末改成版本无关的呢

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment