From c7653cc6987d8bfced3e591b0b883c4bcafa01d4 Mon Sep 17 00:00:00 2001 From: "Xing.Wu" <329106954@qq.com> Date: Thu, 14 May 2026 22:50:00 +0800 Subject: [PATCH 1/2] feat: addresses.19823.json --- frida/config/win/addresses.19823.json | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 frida/config/win/addresses.19823.json diff --git a/frida/config/win/addresses.19823.json b/frida/config/win/addresses.19823.json new file mode 100644 index 0000000..78a907f --- /dev/null +++ b/frida/config/win/addresses.19823.json @@ -0,0 +1,6 @@ +{ + "Version": 19823, + "LoadStartHookOffset": "0x25ED1C0", + "CDPFilterHookOffset": "0x30B3320", + "SceneOffsets": [64, 1408, 8, 1344, 16, 456] +} From 6a94b31be7e45d675f8bf9106a8c49b26c1541e0 Mon Sep 17 00:00:00 2001 From: "Xing.Wu" <329106954@qq.com> Date: Thu, 14 May 2026 23:16:08 +0800 Subject: [PATCH 2/2] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E6=8C=87=E9=92=88?= =?UTF-8?q?=E9=93=BE=E8=A7=A3=E6=9E=90=E7=9A=84=E9=97=AE=E9=A2=98=EF=BC=8C?= =?UTF-8?q?=E5=B9=B6=E4=BB=8EWMPFDebugger=E5=90=8C=E6=AD=A5=E5=A4=A7?= =?UTF-8?q?=E4=BD=AC=E4=BB=AC=E7=9A=84=E8=A7=A3=E6=9E=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- frida/config/win/addresses.11581.json | 2 +- frida/config/win/addresses.11633.json | 2 +- frida/config/win/addresses.13331.json | 2 +- frida/config/win/addresses.13341.json | 2 +- frida/config/win/addresses.13487.json | 2 +- frida/config/win/addresses.13639.json | 2 +- frida/config/win/addresses.13655.json | 2 +- frida/config/win/addresses.13871.json | 2 +- frida/config/win/addresses.13909.json | 2 +- frida/config/win/addresses.14161.json | 2 +- frida/config/win/addresses.14199.json | 2 +- frida/config/win/addresses.14315.json | 2 +- frida/config/win/addresses.16133.json | 2 +- frida/config/win/addresses.16203.json | 2 +- frida/config/win/addresses.16389.json | 2 +- frida/config/win/addresses.16467.json | 2 +- frida/config/win/addresses.16771.json | 2 +- frida/config/win/addresses.16815.json | 2 +- frida/config/win/addresses.16965.json | 2 +- frida/config/win/addresses.17037.json | 2 +- frida/config/win/addresses.17071.json | 2 +- frida/config/win/addresses.17127.json | 2 +- frida/config/win/addresses.18055.json | 2 +- frida/config/win/addresses.18151.json | 2 +- frida/config/win/addresses.18787.json | 2 +- frida/config/win/addresses.18891.json | 2 +- frida/config/win/addresses.18955.json | 2 +- frida/config/win/addresses.19027.json | 2 +- frida/config/win/addresses.19201.json | 2 +- frida/config/win/addresses.19339.json | 6 ++++++ frida/config/win/addresses.19459.json | 6 ++++++ frida/config/win/addresses.19481.json | 6 ++++++ frida/config/win/addresses.19749.json | 6 ++++++ frida/config/win/addresses.19769.json | 6 ++++++ frida/hook.js | 17 ++++++++++++++--- 35 files changed, 73 insertions(+), 32 deletions(-) create mode 100644 frida/config/win/addresses.19339.json create mode 100644 frida/config/win/addresses.19459.json create mode 100644 frida/config/win/addresses.19481.json create mode 100644 frida/config/win/addresses.19749.json create mode 100644 frida/config/win/addresses.19769.json diff --git a/frida/config/win/addresses.11581.json b/frida/config/win/addresses.11581.json index 9ab82ca..ad14d17 100644 --- a/frida/config/win/addresses.11581.json +++ b/frida/config/win/addresses.11581.json @@ -2,5 +2,5 @@ "Version": 11581, "LoadStartHookOffset": "0x28E9190", "CDPFilterHookOffset": "0x38C4350", - "SceneOffsets": [1208, 1160, 488] + "SceneOffsets": [56, 1208, 8, 1160, 16, 488] } diff --git a/frida/config/win/addresses.11633.json b/frida/config/win/addresses.11633.json index baab01b..88feded 100644 --- a/frida/config/win/addresses.11633.json +++ b/frida/config/win/addresses.11633.json @@ -2,5 +2,5 @@ "Version": 11633, "LoadStartHookOffset": "0x28F22A0", "CDPFilterHookOffset": "0x38D41E0", - "SceneOffsets": [1208, 1160, 488] + "SceneOffsets": [56, 1208, 8, 1160, 16, 488] } diff --git a/frida/config/win/addresses.13331.json b/frida/config/win/addresses.13331.json index 55b04dd..f80e4b2 100644 --- a/frida/config/win/addresses.13331.json +++ b/frida/config/win/addresses.13331.json @@ -2,5 +2,5 @@ "Version": 13331, "LoadStartHookOffset": "0x0FFC200", "CDPFilterHookOffset": "0x2420100", - "SceneOffsets": [1272, 1224, 488] + "SceneOffsets": [56, 1272, 8, 1224, 16, 488] } diff --git a/frida/config/win/addresses.13341.json b/frida/config/win/addresses.13341.json index d93c5e1..3bff51f 100644 --- a/frida/config/win/addresses.13341.json +++ b/frida/config/win/addresses.13341.json @@ -2,5 +2,5 @@ "Version": 13341, "LoadStartHookOffset": "0x10009E0", "CDPFilterHookOffset": "0x242E8E0", - "SceneOffsets": [1272, 1224, 488] + "SceneOffsets": [56, 1272, 8, 1224, 16, 488] } diff --git a/frida/config/win/addresses.13487.json b/frida/config/win/addresses.13487.json index 5243107..5c332bd 100644 --- a/frida/config/win/addresses.13487.json +++ b/frida/config/win/addresses.13487.json @@ -2,5 +2,5 @@ "Version": 13487, "LoadStartHookOffset": "0x0FFB600", "CDPFilterHookOffset": "0x241FEB0", - "SceneOffsets": [1272, 1224, 488] + "SceneOffsets": [56, 1272, 8, 1224, 16, 488] } diff --git a/frida/config/win/addresses.13639.json b/frida/config/win/addresses.13639.json index 4c627d0..9ea2d0b 100644 --- a/frida/config/win/addresses.13639.json +++ b/frida/config/win/addresses.13639.json @@ -2,5 +2,5 @@ "Version": 13639, "LoadStartHookOffset": "0x1000990", "CDPFilterHookOffset": "0x2424DE0", - "SceneOffsets": [1272, 1224, 488] + "SceneOffsets": [56, 1272, 8, 1224, 16, 488] } diff --git a/frida/config/win/addresses.13655.json b/frida/config/win/addresses.13655.json index a0b0ffe..7f1ced3 100644 --- a/frida/config/win/addresses.13655.json +++ b/frida/config/win/addresses.13655.json @@ -2,5 +2,5 @@ "Version": 13655, "LoadStartHookOffset": "0x100F4B0", "CDPFilterHookOffset": "0x244A9E0", - "SceneOffsets": [1280, 1232, 488] + "SceneOffsets": [56, 1280, 8, 1232, 16, 488] } diff --git a/frida/config/win/addresses.13871.json b/frida/config/win/addresses.13871.json index 441320e..622ace9 100644 --- a/frida/config/win/addresses.13871.json +++ b/frida/config/win/addresses.13871.json @@ -2,5 +2,5 @@ "Version": 13871, "LoadStartHookOffset": "0x101F160", "CDPFilterHookOffset": "0x246FC40", - "SceneOffsets": [1360, 1312, 488] + "SceneOffsets": [56, 1360, 8, 1312, 16, 488] } diff --git a/frida/config/win/addresses.13909.json b/frida/config/win/addresses.13909.json index e5e6650..ac7db48 100644 --- a/frida/config/win/addresses.13909.json +++ b/frida/config/win/addresses.13909.json @@ -2,5 +2,5 @@ "Version": 13909, "LoadStartHookOffset": "0x101F0E0", "CDPFilterHookOffset": "0x246FDC0", - "SceneOffsets": [1360, 1312, 488] + "SceneOffsets": [56, 1360, 8, 1312, 16, 488] } diff --git a/frida/config/win/addresses.14161.json b/frida/config/win/addresses.14161.json index 8a21a02..db77159 100644 --- a/frida/config/win/addresses.14161.json +++ b/frida/config/win/addresses.14161.json @@ -2,5 +2,5 @@ "Version": 14161, "LoadStartHookOffset": "0x10246C0", "CDPFilterHookOffset": "0x24839B0", - "SceneOffsets": [1360, 1312, 488] + "SceneOffsets": [56, 1360, 8, 1312, 16, 488] } diff --git a/frida/config/win/addresses.14199.json b/frida/config/win/addresses.14199.json index 3420708..f6ff155 100644 --- a/frida/config/win/addresses.14199.json +++ b/frida/config/win/addresses.14199.json @@ -2,5 +2,5 @@ "Version": 14199, "LoadStartHookOffset": "0x10246F0", "CDPFilterHookOffset": "0x24839E0", - "SceneOffsets": [1360, 1312, 488] + "SceneOffsets": [56, 1360, 8, 1312, 16, 488] } diff --git a/frida/config/win/addresses.14315.json b/frida/config/win/addresses.14315.json index f610e8f..145f083 100644 --- a/frida/config/win/addresses.14315.json +++ b/frida/config/win/addresses.14315.json @@ -2,5 +2,5 @@ "Version": 14315, "LoadStartHookOffset": "0x10004C0", "CDPFilterHookOffset": "0x2424B50", - "SceneOffsets": [1272, 1224, 488] + "SceneOffsets": [56, 1272, 8, 1224, 16, 488] } diff --git a/frida/config/win/addresses.16133.json b/frida/config/win/addresses.16133.json index 0118bd5..f294ed2 100644 --- a/frida/config/win/addresses.16133.json +++ b/frida/config/win/addresses.16133.json @@ -2,5 +2,5 @@ "Version": 16133, "LoadStartHookOffset": "0x470FAD0", "CDPFilterHookOffset": "0x90FC7E0", - "SceneOffsets": [1360, 1312, 488] + "SceneOffsets": [56, 1360, 8, 1312, 16, 488] } diff --git a/frida/config/win/addresses.16203.json b/frida/config/win/addresses.16203.json index 18e41ae..d7fb5a9 100644 --- a/frida/config/win/addresses.16203.json +++ b/frida/config/win/addresses.16203.json @@ -2,5 +2,5 @@ "Version": 16203, "LoadStartHookOffset": "0x4710890", "CDPFilterHookOffset": "0x90FD640", - "SceneOffsets": [1360, 1312, 488] + "SceneOffsets": [56, 1360, 8, 1312, 16, 488] } diff --git a/frida/config/win/addresses.16389.json b/frida/config/win/addresses.16389.json index eb6d05b..3e5a67d 100644 --- a/frida/config/win/addresses.16389.json +++ b/frida/config/win/addresses.16389.json @@ -2,5 +2,5 @@ "Version": 16389, "LoadStartHookOffset": "0x24E4830", "CDPFilterHookOffset": "0x2E2A880", - "SceneOffsets": [1360, 1312, 488] + "SceneOffsets": [56, 1360, 8, 1312, 16, 488] } diff --git a/frida/config/win/addresses.16467.json b/frida/config/win/addresses.16467.json index 2d327ae..85df50c 100644 --- a/frida/config/win/addresses.16467.json +++ b/frida/config/win/addresses.16467.json @@ -2,5 +2,5 @@ "Version": 16467, "LoadStartHookOffset": "0x24E4FD0", "CDPFilterHookOffset": "0x2E2CC90", - "SceneOffsets": [1360, 1312, 488] + "SceneOffsets": [56, 1360, 8, 1312, 16, 488] } diff --git a/frida/config/win/addresses.16771.json b/frida/config/win/addresses.16771.json index c453dee..9964498 100644 --- a/frida/config/win/addresses.16771.json +++ b/frida/config/win/addresses.16771.json @@ -2,5 +2,5 @@ "Version": 16771, "LoadStartHookOffset": "0x24E9130", "CDPFilterHookOffset": "0x2E3C470", - "SceneOffsets": [1360, 1312, 488] + "SceneOffsets": [56, 1360, 8, 1312, 16, 488] } diff --git a/frida/config/win/addresses.16815.json b/frida/config/win/addresses.16815.json index d34fa2b..5ac8bfe 100644 --- a/frida/config/win/addresses.16815.json +++ b/frida/config/win/addresses.16815.json @@ -2,5 +2,5 @@ "Version": 16815, "LoadStartHookOffset": "0x2509690", "CDPFilterHookOffset": "0x2E768D0", - "SceneOffsets": [1416, 1360, 488] + "SceneOffsets": [56, 1416, 8, 1360, 16, 488] } diff --git a/frida/config/win/addresses.16965.json b/frida/config/win/addresses.16965.json index 2e23abc..7772174 100644 --- a/frida/config/win/addresses.16965.json +++ b/frida/config/win/addresses.16965.json @@ -2,5 +2,5 @@ "Version": 16965, "LoadStartHookOffset": "0x2570220", "CDPFilterHookOffset": "0x2F844A0", - "SceneOffsets": [1416, 1360, 488] + "SceneOffsets": [56, 1416, 8, 1360, 16, 488] } diff --git a/frida/config/win/addresses.17037.json b/frida/config/win/addresses.17037.json index 65267ff..49a1e66 100644 --- a/frida/config/win/addresses.17037.json +++ b/frida/config/win/addresses.17037.json @@ -2,5 +2,5 @@ "Version": 17037, "LoadStartHookOffset": "0x257D0A0", "CDPFilterHookOffset": "0x2FB2310", - "SceneOffsets": [1408, 1352, 488] + "SceneOffsets": [56, 1408, 8, 1352, 16, 488] } diff --git a/frida/config/win/addresses.17071.json b/frida/config/win/addresses.17071.json index 45a0c10..7426e5d 100644 --- a/frida/config/win/addresses.17071.json +++ b/frida/config/win/addresses.17071.json @@ -2,5 +2,5 @@ "Version": 17071, "LoadStartHookOffset": "0x258F370", "CDPFilterHookOffset": "0x2FD3080", - "SceneOffsets": [1408, 1352, 488] + "SceneOffsets": [56, 1408, 8, 1352, 16, 488] } diff --git a/frida/config/win/addresses.17127.json b/frida/config/win/addresses.17127.json index 2a5b4f6..7837783 100644 --- a/frida/config/win/addresses.17127.json +++ b/frida/config/win/addresses.17127.json @@ -2,5 +2,5 @@ "Version": 17127, "LoadStartHookOffset": "0x2590910", "CDPFilterHookOffset": "0x2FD4040", - "SceneOffsets": [1408, 1352, 488] + "SceneOffsets": [56, 1408, 8, 1352, 16, 488] } diff --git a/frida/config/win/addresses.18055.json b/frida/config/win/addresses.18055.json index f7aa78b..ad40179 100644 --- a/frida/config/win/addresses.18055.json +++ b/frida/config/win/addresses.18055.json @@ -2,5 +2,5 @@ "Version": 18055, "LoadStartHookOffset": "0x25A1040", "CDPFilterHookOffset": "0x30031E0", - "SceneOffsets": [1416, 1352, 488] + "SceneOffsets": [56, 1416, 8, 1352, 16, 488] } diff --git a/frida/config/win/addresses.18151.json b/frida/config/win/addresses.18151.json index 3e5fdc5..8c99057 100644 --- a/frida/config/win/addresses.18151.json +++ b/frida/config/win/addresses.18151.json @@ -2,5 +2,5 @@ "Version": 18151, "LoadStartHookOffset": "0x25A2E20", "CDPFilterHookOffset": "0x3013D20", - "SceneOffsets": [1416, 1352, 488] + "SceneOffsets": [56, 1416, 8, 1352, 16, 488] } diff --git a/frida/config/win/addresses.18787.json b/frida/config/win/addresses.18787.json index f55b59c..996bbcc 100644 --- a/frida/config/win/addresses.18787.json +++ b/frida/config/win/addresses.18787.json @@ -2,5 +2,5 @@ "Version": 18787, "LoadStartHookOffset": "0x25B2870", "CDPFilterHookOffset": "0x3028AD0", - "SceneOffsets": [1408, 1344, 488] + "SceneOffsets": [56, 1408, 8, 1344, 16, 488] } diff --git a/frida/config/win/addresses.18891.json b/frida/config/win/addresses.18891.json index c5c3adc..67596d2 100644 --- a/frida/config/win/addresses.18891.json +++ b/frida/config/win/addresses.18891.json @@ -2,5 +2,5 @@ "Version": 18891, "LoadStartHookOffset": "0x25B50C0", "CDPFilterHookOffset": "0x30245E0", - "SceneOffsets": [1408, 1344, 488] + "SceneOffsets": [56, 1408, 8, 1344, 16, 488] } diff --git a/frida/config/win/addresses.18955.json b/frida/config/win/addresses.18955.json index 99e4ec3..f266ed6 100644 --- a/frida/config/win/addresses.18955.json +++ b/frida/config/win/addresses.18955.json @@ -2,5 +2,5 @@ "Version": 18955, "LoadStartHookOffset": "0x25B52C0", "CDPFilterHookOffset": "0x30248B0", - "SceneOffsets": [1408, 1344, 488] + "SceneOffsets": [56, 1408, 8, 1344, 16, 488] } diff --git a/frida/config/win/addresses.19027.json b/frida/config/win/addresses.19027.json index b7ff6f1..c6af7b7 100644 --- a/frida/config/win/addresses.19027.json +++ b/frida/config/win/addresses.19027.json @@ -2,5 +2,5 @@ "Version": 19027, "LoadStartHookOffset": "0x25B52D0", "CDPFilterHookOffset": "0x3024AD0", - "SceneOffsets": [1408, 1344, 488] + "SceneOffsets": [56, 1408, 8, 1344, 16, 488] } diff --git a/frida/config/win/addresses.19201.json b/frida/config/win/addresses.19201.json index 3bfe1fe..9133c7c 100644 --- a/frida/config/win/addresses.19201.json +++ b/frida/config/win/addresses.19201.json @@ -2,5 +2,5 @@ "Version": 19201, "LoadStartHookOffset": "0x25B5DD0", "CDPFilterHookOffset": "0x301B3C0", - "SceneOffsets": [1376, 1312, 456] + "SceneOffsets": [56, 1376, 8, 1312, 16, 456] } diff --git a/frida/config/win/addresses.19339.json b/frida/config/win/addresses.19339.json new file mode 100644 index 0000000..56415e3 --- /dev/null +++ b/frida/config/win/addresses.19339.json @@ -0,0 +1,6 @@ +{ + "Version": 19339, + "LoadStartHookOffset": "0x25B5DD0", + "CDPFilterHookOffset": "0x301BA00", + "SceneOffsets": [56, 1376, 8, 1312, 16, 456] +} diff --git a/frida/config/win/addresses.19459.json b/frida/config/win/addresses.19459.json new file mode 100644 index 0000000..0635a66 --- /dev/null +++ b/frida/config/win/addresses.19459.json @@ -0,0 +1,6 @@ +{ + "Version": 19459, + "LoadStartHookOffset": "0x25BB580", + "CDPFilterHookOffset": "0x3022F20", + "SceneOffsets": [56, 1376, 8, 1312, 16, 456] +} diff --git a/frida/config/win/addresses.19481.json b/frida/config/win/addresses.19481.json new file mode 100644 index 0000000..795077c --- /dev/null +++ b/frida/config/win/addresses.19481.json @@ -0,0 +1,6 @@ +{ + "Version": 19481, + "LoadStartHookOffset": "0x25BBA80", + "CDPFilterHookOffset": "0x3023420", + "SceneOffsets": [56, 1376, 8, 1312, 16, 456] +} diff --git a/frida/config/win/addresses.19749.json b/frida/config/win/addresses.19749.json new file mode 100644 index 0000000..14b3748 --- /dev/null +++ b/frida/config/win/addresses.19749.json @@ -0,0 +1,6 @@ +{ + "Version": 19749, + "LoadStartHookOffset": "0x25E77C0", + "CDPFilterHookOffset": "0x30ABC60", + "SceneOffsets": [64, 1408, 8, 1344, 16, 456] +} diff --git a/frida/config/win/addresses.19769.json b/frida/config/win/addresses.19769.json new file mode 100644 index 0000000..917103c --- /dev/null +++ b/frida/config/win/addresses.19769.json @@ -0,0 +1,6 @@ +{ + "Version": 19769, + "LoadStartHookOffset": "0x25E7990", + "CDPFilterHookOffset": "0x30AC0A0", + "SceneOffsets": [64, 1408, 8, 1344, 16, 456] +} diff --git a/frida/hook.js b/frida/hook.js index e675de3..bec8f4f 100644 --- a/frida/hook.js +++ b/frida/hook.js @@ -124,8 +124,19 @@ const winPatchLoadStart = (base, config) => { // Scene hijack via SceneOffsets pointer chain try { const offsets = config.SceneOffsets; - const ptr1 = this.context.rcx.add(56).readPointer().add(offsets[0]).readPointer(); - const scenePtr = ptr1.add(8).readPointer().add(offsets[1]).readPointer().add(16).readPointer().add(488); + const miniappConfigPtr = this.context.rcx + .add(offsets[0]) + .readPointer() + .add(offsets[1]) + .readPointer(); + const scenePtr = miniappConfigPtr + .add(offsets[2]) + .readPointer() + .add(offsets[3]) + .readPointer() + .add(offsets[4]) + .readPointer() + .add(offsets[5]); const scene = scenePtr.readInt(); send(`[hook] scene: ${scene}`); if (SCENE_WHITELIST.includes(scene)) { @@ -164,7 +175,7 @@ const parseConfig = () => { Version: 18955, LoadStartHookOffset: "0x25B52C0", CDPFilterHookOffset: "0x30248B0", - SceneOffsets: [1408, 1344, 488], + SceneOffsets: [56, 1408, 8, 1344, 16, 488], }; } return JSON.parse(rawConfig);