微慑信息网-VulSee.com环境:pixel 2xl (root)
adb shell
su
切换至微信小程序目录:
/data/data/com.tencent.mm/MicroMsg/{xxxxxx}/appbrand/pkg/
测试中,无法直接adb pull 小程序路径:
需要:
1、将小程序文件*.wxapkg ,拷贝至/data/local/tmp 目录下 并赋予666权限:
cp xxx.wxapkg /data/local/tmp
chmod 666 xxx.wxapkg
adb pull /daa/local/tmp/xxx.wxapkg
否则可能报错文件does not exist 或者没有权限:
从https://github.com/hkylin/wxTools 下载py脚本,进行解密:
解密成功后:
生成文件夹:
另一个解密脚本:wxappUnpacker(github搜wxappUnpacker)
# 安装
“`
npm install
“`# 安装依赖
“`
npm install esprimanpm install css-tree
npm install cssbeautify
npm install vm2
npm install uglify-es
npm install js-beautify
“`
分包功能
当检测到 wxapkg 为子包时, 添加-s 参数指定主包源码路径即可自动将子包的 wxss,wxml,js 解析到主包的对应位置下. 完整流程大致如下: 1. 获取主包和若干子包 2. 解包主包
– windows系统使用: ./bingo.bat testpkg/master-xxx.wxapkg – Linux系统使用: ./bingo.sh testpkg/master-xxx.wxapkg 3. 解包子包
– windows系统使用:./bingo.bat testpkg/sub-1-xxx.wxapkg -s=../master-xxx – Linux系统使用: ./bingo.sh testpkg/sub-1-xxx.wxapkg -s=../master-xxx
又一个工具–2020-12-23
https://github.com/xuedingmiaojun/mp-unpack/releases
拓展阅读(点评/知识):
py脚本:
#!/usr/bin/env python2
# lrdcq
# usage python2 unwxapkg.py filename
import sys, os
import struct
class WxapkgFile(object):
nameLen = 0
name = ""
offset = 0
size = 0
if len(sys.argv) < 2:
print 'usage: unwxapkg.py filename'
exit()
with open(sys.argv[1], "rb") as f:
root = os.path.dirname(os.path.realpath(f.name))
name = os.path.basename(f.name) + '_dir'
if len(sys.argv) > 2:
name = sys.argv[2]
#read header
firstMark = struct.unpack('B', f.read(1))[0]
print 'first header mark = ' + str(firstMark)
info1 = struct.unpack('>L', f.read(4))[0]
print 'info1 = ' + str(info1)
indexInfoLength = struct.unpack('>L', f.read(4))[0]
print 'indexInfoLength = ' + str(indexInfoLength)
bodyInfoLength = struct.unpack('>L', f.read(4))[0]
print 'bodyInfoLength = ' + str(bodyInfoLength)
lastMark = struct.unpack('B', f.read(1))[0]
print 'last header mark = ' + str(lastMark)
if firstMark != 0xBE or lastMark != 0xED:
print 'its not a wxapkg file!!!!!'
exit()
fileCount = struct.unpack('>L', f.read(4))[0]
print 'fileCount = ' + str(fileCount)
#read index
fileList = []
for i in range(fileCount):
data = WxapkgFile()
data.nameLen = struct.unpack('>L', f.read(4))[0]
data.name = f.read(data.nameLen)
data.offset = struct.unpack('>L', f.read(4))[0]
data.size = struct.unpack('>L', f.read(4))[0]
print 'readFile = ' + data.name + ' at Offset = ' + str(data.offset)
fileList.append(data)
#save files
for d in fileList:
d.name = '/' + name + d.name
path = root + os.path.dirname(d.name)
if not os.path.exists(path):
os.makedirs(path)
w = open(root + d.name, 'w')
f.seek(d.offset)
w.write(f.read(d.size))
w.close()
print 'writeFile = ' + root + d.name
f.close()
| 本文标题: | 微信小程序解密测试[20201223] |
| 本文链接: (转载请附上本文链接) | https://vulsee.com/archives/vulsee_2020/1208_13147.html |