前言
使用以下代码实现隐藏自己的头像和昵称
重点研究WCRedEnvelopesReceiveHomeViewOpenRedEnvelopes
CContactMgr *contactManager = [[%c(MMServiceCenter) defaultCenter] getService:[%c(CContactMgr) class]];
CContact *selfContact = [contactManager getSelfContact];
[args setObject:[selfContact getContactDisplayName] forKey:@"nickName"];
[args setObject:[selfContact m_nsHeadImgUrl] forKey:@"headImg"];
以下方法为拆红包的方法。
void -[WCRedEnvelopesLogicMgr ReceiverQueryRedEnvelopesRequest:](void * self, void * _cmd, void * arg2) {
loc_e0b79c(self, @selector(GetHongbaoBusinessRequest:CMDID:OutputType:), arg2, 0x3, 0x1, r7, lr);
return;
}
void -[WCRedEnvelopesLogicMgr OpenRedEnvelopesRequest:](void * self, void * _cmd, void * arg2) {
loc_e0b79c(self, @selector(GetHongbaoBusinessRequest:CMDID:OutputType:), arg2, 0x4, 0x1, r7, lr);
return;
}
loc_1c0d080(stack[2023], stack[2012], r5, @"sessionUserName");
sessionUserName大概是会话名称,也就是群名称
[args setObject:nativeUrl forKey:@"nativeUrl"];
[args setObject:xxx forKey:@"sessionUserName"];
下来这一段还是用mmservicecenter来获取WCRedLogicMgr对象,然后调用WCRedLogicMgr的open方法来拆红包,可以想象open方法的参数就是上面我们辛苦组装的字典
loc_1c0d0f4();
loc_1c0d080(@class(MMServiceCenter), @selector(defaultCenter));
r4 = loc_1c0d08c();
loc_1c0d080(r4, @selector(getService:), loc_1c0d080(@class(WCPayLogicMgr), @selector(class)));
r0 = loc_1c0d08c();
loc_1c0d080(r0, @selector(setRealnameReportScene:), 0x3eb);
loc_1c0d090(r0);
loc_1c0d090(r4);
loc_1c0d080(@class(MMServiceCenter), @selector(defaultCenter));
r4 = loc_1c0d08c();
loc_1c0d080(r4, @selector(getService:), loc_1c0d080(@class(WCPayLogicMgr), @selector(class)));
loc_1c0d08c();
loc_1c0d080(*(stack[2024] + stack[2022]), @selector(m_structDicRedEnvelopesBaseInfo));
loc_1c0d08c();
loc_1c0d080();
r4 = loc_1c0d08c();
r5 = stack[2024];
asm { strd fp, r0, [sp, #0x8c + var_30] };
loc_1c0d094(stack[2023]);
r8 = loc_1c0d094(r5);
r5 = sp + 0x38;
asm { stm.w r0, {r6, sl, fp} };
loc_1c0d0f0();
loc_1c0d094(r8);
loc_1c0d080(stack[2020], @selector(checkHongbaoOpenLicense:acceptCallback:denyCallback:), r4, sp + 0x54, r5);
loc_1c0d090(r4);
loc_1c0d090(stack[2022]);
[[[%c(MMServiceCenter) defaultCenter] getService:[%c(WCRedEnvelopesLogicMgr) class]] OpenRedEnvelopesRequest:args];
领红包逻辑
到这里,我们再总结一下我们上面分析的过程……
得到m_oWCPayInfoItem属性
解析m_oWCPayInfoItem的m_c2cNativeUrl属性
得到selfcontact
组装相关参数
调用OpenRedEnvelopesRequest:领取红包
最终的抢红包代码合并起来如下:
#import "WxMsgPreview.h"
%hook CMessageMgr
-(void)AsyncOnAddMsg:(id)message MsgWrap:(CMessageWrap* )msgWrap {
%log;
%orig;
if(msgWrap.m_uiMessageType == 49){
CContactMgr *contactManager = [[%c(MMServiceCenter) defaultCenter] getService:[%c(CContactMgr) class]];
CContact *selfContact = [contactManager getSelfContact];
if ([msgWrap.m_nsContent rangeOfString:@"wxpay://c2cbizmessagehandler/hongbao/receivehongbao"].location != NSNotFound) { // 红包
NSString *nativeUrl = [[msgWrap m_oWCPayInfoItem] m_c2cNativeUrl];
nativeUrl = [nativeUrl substringFromIndex:[@"wxpay://c2cbizmessagehandler/hongbao/receivehongbao?" length]];
NSDictionary *nativeUrlDict = [%c(WCBizUtil) dictionaryWithDecodedComponets:nativeUrl separator:@"&"];
NSMutableDictionary *args = [[%c(NSMutableDictionary) alloc] init];
[args setObject:nativeUrlDict[@"msgtype"] forKey:@"msgType"];
[args setObject:nativeUrlDict[@"sendid"] forKey:@"sendId"];
[args setObject:nativeUrlDict[@"channelid"] forKey:@"channelId"];
[args setObject:[selfContact getContactDisplayName] forKey:@"nickName"];
[args setObject:[selfContact m_nsHeadImgUrl] forKey:@"headImg"];
[args setObject:nativeUrl forKey:@"nativeUrl"];
[args setObject:msgWrap.m_nsFromUsr forKey:@"sessionUserName"];
[[[%c(MMServiceCenter) defaultCenter] getService:[%c(WCRedEnvelopesLogicMgr) class]] OpenRedEnvelopesRequest:args];
}
}
}
%end
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用
。你还可以使用@
来通知其他用户。