e84f1d5130
fix: fallback key in multi-key mode + bound printf context
...
- decrypt_images.c: try image_keys.json lookup first, fall back to
config.json single key when CT pattern not mapped (previously returned
-5 immediately in multi-key mode)
- find_image_key.c: cap ASCII context printf to remaining buffer length,
preventing out-of-bounds read near region end
2026-03-07 21:35:00 +08:00
96c1a5ac2e
fix: add file size validation and clarify Method 2 intent
...
- decrypt_images.c: validate aes_ct_size + xor_size fits within file
before reading, preventing out-of-bounds reads on corrupt files
- decrypt_images.c: remove unused bytes2hex function
- find_image_key.c: add comment explaining Method 2 design intent —
hex ASCII bytes used directly as AES key (not hex-decoded)
2026-03-07 21:35:00 +08:00
0576151b67
feat: add macOS image key scanner and batch decryptor (C)
...
- find_image_key.c: scans WeChat process memory for V2 image AES keys
using Mach VM API + CommonCrypto batch decryption
- decrypt_images.c: batch decrypts V2 .dat image files using keys
from image_keys.json, handles AES-ECB + XOR + raw_data segments
Build: cc -O3 -o find_image_key find_image_key.c -framework Security
cc -O3 -o decrypt_images decrypt_images.c -framework Security
2026-03-07 21:35:00 +08:00
bbingz