Read the value stored in the register rsi in memory.
Then enter the command memory read -size 1 -format x -count 32 $rsi
WECHAT TENCENT XLOG FILE MAC
Don't worry about whether Mac Wechat is stuck at this timeĦ.
WECHAT TENCENT XLOG FILE CODE
Then log in to Mac Wechat normally, click log in, and click allow (or scan code to log in) on the mobile phone. Input command in lldb debugging interface br set -n sqlite3_keyĪt this time, some error s may appear on the debugging screen, which can be ignored temporarily.ĥ. Press enter to enter the lldb debugging interfaceģ. The above meaning is to use lldb attach to the WeChat process to debug. Open the terminal and enter the command lldb -p $(pgrep WeChat)
But fortunately, there are all kinds of gods, you can refer to the reference link at the end of the article. It's just an over encrypted database, which can't be viewed directly. This is similar to msg_0.db, msg_1.db is the data file of chat records. The above directory is the directory where wechat data is stored. Wechat data directory # Replace smaug with your own user nameĬd /Users/smaug/Library/Containers//Data/Library/Application Support//2.0b4.0.9
WECHAT TENCENT XLOG FILE HOW TO
Here we mainly talk about how to read chat records by cracking wechat DB, and then export chat records. It is said that the chat records are stored in DB in plaintext. The simplest way to export wechat chat records is to use itunes to back up the iphone without encryption, and then find the data in the backup file. There's nothing to say, but suddenly I wonder where the Mac Wechat has backed up the chat records? Or where is the data of the normal chat? Can you export these chat records into a txt file? Among them, wechat occupies nearly 5G, which is simply too terrible, so I plan to back up the wechat chat records to the computer. In addition, you'll need SQLCipher to inspect the databases discovered by dbcracker.d.įor some scripts in devel, you will also need Frida and a (preferably jailbroken) iOS device.Recently, due to the shortage of mobile phone memory, I plan to slim down the mobile phone. However, you may need to disable SIP if you haven't done that yet. Since dtrace(1) is pre-installed on macOS, no dependencies are required to run the scripts. init.js contains the helper function for frida-trace._handlers_/ contains some handlers to be used with frida-trace.protobuf_config.py describes the protobuf format used by the backup files for protobuf-inspector.I made this script destructive to overwrite the global variable gs_level. xlogger.d prints the log messages going to /Users/$USER/Library/Containers//Data/Library/Caches//2.0b4.0.9/log/*.xlog.They are intended for hackers only, and the end-users of this project are not expected to use them. In devel/ resides utilities for further reverse engineering.
0 kommentar(er)
