hitsword
/
wx-cli
mirror of https://github.com/jackwener/wx-cli.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docs(readme): mention Windows VirtualQueryEx + ReadProcessMemory in 原理 section (#55) 

The 原理 section previously listed only macOS Mach VM API and Linux /proc/<pid>/mem,
omitting the Windows scanner path that has existed in src/scanner/windows.rs since
the Rust rewrite. Add the Windows API pair and the required process access rights
so the section accurately reflects all three platforms supported in CI/builds.
pull/58/head
jakevin 2026-05-14 17:20:07 +08:00 committed by GitHub
parent 70aa3a44e3
commit c4c3b72796
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -294,7 +294,7 @@ daemon 首次解密后将数据库和 mtime 持久化到 `~/.wx-cli/cache/`。
微信 4.x 使用 SQLCipher 4 加密本地数据库AES-256-CBC + HMAC-SHA512PBKDF2 256,000 次迭代。WCDB 在进程内存中缓存派生后的 raw key格式为 `x'<64hex_key><32hex_salt>'` 微信 4.x 使用 SQLCipher 4 加密本地数据库AES-256-CBC + HMAC-SHA512PBKDF2 256,000 次迭代。WCDB 在进程内存中缓存派生后的 raw key格式为 `x'<64hex_key><32hex_salt>'`
wx-cli 通过 macOS Mach VM API`mach_vm_region` + `mach_vm_read`或 Linux `/proc/<pid>/mem` 扫描微信进程内存匹配该模式提取密钥daemon 按需解密并缓存。 wx-cli 通过 macOS Mach VM API`mach_vm_region` + `mach_vm_read`、Linux `/proc/<pid>/mem` 或 Windows `VirtualQueryEx` + `ReadProcessMemory`(需要 `PROCESS_VM_READ | PROCESS_QUERY_INFORMATION` 权限)扫描微信进程内存匹配该模式提取密钥daemon 按需解密并缓存。
--- ---