@walkerch/wxecho 1.0.0

package/dist/cli.js

@@ -0,0 +1,460 @@
+#!/usr/bin/env node
+
+import { createRequire } from 'module';
+const require = createRequire(import.meta.url);
+
+
+// src/cli.ts
+import { Command } from "commander";
+
+// src/utils/python.ts
+import { spawn } from "child_process";
+import path from "path";
+import { fileURLToPath } from "url";
+import { dirname } from "path";
+var __filename = fileURLToPath(import.meta.url);
+var __dirname = dirname(__filename);
+var PY_DIR = path.resolve(__dirname, "../../py");
+function runPythonScript(scriptName, args = []) {
+  return new Promise((resolve2, reject) => {
+    const scriptPath = path.join(PY_DIR, scriptName);
+    const child = spawn("python3", [scriptPath, ...args], {
+      cwd: PY_DIR,
+      stdio: "inherit",
+      env: { ...process.env, PYTHONIOENCODING: "utf-8" }
+    });
+    child.on("close", (code) => {
+      if (code === 0) {
+        resolve2();
+      } else {
+        reject(new Error(`Python \u811A\u672C\u9000\u51FA\uFF0C\u4EE3\u7801: ${code}`));
+      }
+    });
+    child.on("error", (error) => {
+      reject(new Error(`\u542F\u52A8 Python \u5931\u8D25: ${error.message}`));
+    });
+  });
+}
+
+// src/commands/export.ts
+function runExport(cmd) {
+  const args = [];
+  const opts = cmd.opts();
+  const name = cmd.args[0];
+  if (opts.list) {
+    args.push("-l");
+    if (opts.top) args.push("--top", opts.top);
+  } else if (name) {
+    args.push("-n", name);
+  } else {
+    console.error("\u9519\u8BEF\uFF1A\u9700\u8981\u63D0\u4F9B\u8054\u7CFB\u4EBA\u540D\u79F0\u6216\u4F7F\u7528 --list");
+    console.log("\n\u7528\u6CD5\u793A\u4F8B\uFF1A");
+    console.log("  wxecho export -l                    # \u5217\u51FA\u6240\u6709\u4F1A\u8BDD");
+    console.log('  wxecho export -n "\u5F20\u4E09"             # \u5BFC\u51FA\u5F20\u4E09\u7684\u804A\u5929');
+    console.log("  wxecho export -u wxid_xxxxx          # \u901A\u8FC7\u7528\u6237\u540D\u5BFC\u51FA");
+    process.exit(1);
+  }
+  if (opts.username) args.push("-u", opts.username);
+  if (opts.output) args.push("-o", opts.output);
+  if (opts.myWxid) args.push("--my-wxid", opts.myWxid);
+  return runPythonScript("export_chat.py", args).then(() => {
+  }).catch((error) => {
+    console.error("\u5BFC\u51FA\u5931\u8D25:", error);
+    process.exit(1);
+  });
+}
+
+// src/utils/decrypt_db.ts
+import * as crypto from "node:crypto";
+import * as fs from "node:fs";
+import * as path2 from "node:path";
+import { fileURLToPath as fileURLToPath2 } from "node:url";
+import { dirname as dirname3 } from "node:path";
+function getScriptDir() {
+  return dirname3(fileURLToPath2(import.meta.url));
+}
+var PAGE_SZ = 4096;
+var KEY_SZ = 32;
+var SALT_SZ = 16;
+var IV_SZ = 16;
+var HMAC_SZ = 64;
+var RESERVE_SZ = IV_SZ + HMAC_SZ;
+var SQLITE_HDR = Buffer.from("SQLite format 3\0");
+function deriveMacKey(encKey, salt) {
+  const macSalt = Buffer.alloc(SALT_SZ);
+  for (let i = 0; i < SALT_SZ; i++) {
+    macSalt[i] = salt[i] ^ 58;
+  }
+  return crypto.pbkdf2Sync(encKey, macSalt, 2, KEY_SZ, "sha512");
+}
+function decryptPage(encKey, pageData, pgno) {
+  const iv = pageData.subarray(PAGE_SZ - RESERVE_SZ, PAGE_SZ - RESERVE_SZ + IV_SZ);
+  let encrypted;
+  if (pgno === 1) {
+    encrypted = pageData.subarray(SALT_SZ, PAGE_SZ - RESERVE_SZ);
+  } else {
+    encrypted = pageData.subarray(0, PAGE_SZ - RESERVE_SZ);
+  }
+  const cipher = crypto.createDecipheriv("aes-256-cbc", encKey, iv);
+  try {
+    var decrypted = Buffer.concat([cipher.update(encrypted), cipher.final()]);
+  } catch {
+    const cipher2 = crypto.createDecipheriv("aes-256-cbc", encKey, iv);
+    cipher2.setAutoPadding(false);
+    decrypted = Buffer.concat([cipher2.update(encrypted), cipher2.final()]);
+  }
+  if (pgno === 1) {
+    const page = Buffer.alloc(PAGE_SZ);
+    SQLITE_HDR.copy(page);
+    decrypted.copy(page, SQLITE_HDR.length);
+    return page;
+  } else {
+    const page = Buffer.alloc(PAGE_SZ);
+    decrypted.copy(page, 0);
+    return page;
+  }
+}
+function decryptDatabase(dbPath, outPath, encKeyHex) {
+  const encKey = Buffer.from(encKeyHex, "hex");
+  const fileSize = fs.statSync(dbPath).size;
+  const totalPages = Math.ceil(fileSize / PAGE_SZ);
+  const fd = fs.openSync(dbPath, "r");
+  try {
+    const page1 = Buffer.alloc(PAGE_SZ);
+    fs.readSync(fd, page1, 0, PAGE_SZ, 0);
+    const salt = page1.subarray(0, SALT_SZ);
+    const macKey = deriveMacKey(encKey, salt);
+    const p1HmacData = Buffer.concat([
+      page1.subarray(SALT_SZ, PAGE_SZ - RESERVE_SZ + IV_SZ),
+      Buffer.from([1, 0, 0, 0])
+      // pgno=1 as little-endian uint32
+    ]);
+    const computedHmac = crypto.createHmac("sha512", macKey).update(p1HmacData).digest();
+    const storedHmac = page1.subarray(PAGE_SZ - HMAC_SZ, PAGE_SZ);
+    if (!computedHmac.equals(storedHmac)) {
+      console.log(`  [ERROR] Page 1 HMAC mismatch! salt: ${salt.toString("hex")}`);
+      return false;
+    }
+    console.log(`  HMAC OK, ${totalPages} pages`);
+    fs.mkdirSync(path2.dirname(outPath), { recursive: true });
+    const outFd = fs.openSync(outPath, "w");
+    try {
+      for (let pgno = 1; pgno <= totalPages; pgno++) {
+        const pageBuf = Buffer.alloc(PAGE_SZ);
+        const bytesRead = fs.readSync(fd, pageBuf, 0, PAGE_SZ, (pgno - 1) * PAGE_SZ);
+        if (bytesRead < PAGE_SZ) {
+          if (bytesRead > 0) {
+            pageBuf.fill(0, bytesRead);
+          } else {
+            break;
+          }
+        }
+        const decrypted = decryptPage(encKey, pageBuf, pgno);
+        fs.writeSync(outFd, decrypted, 0, PAGE_SZ, (pgno - 1) * PAGE_SZ);
+        if (pgno === 1 && decrypted.subarray(0, 16).compare(SQLITE_HDR) !== 0) {
+          console.log(`  [WARN] Decrypted header mismatch!`);
+        }
+        if (pgno % 1e4 === 0) {
+          console.log(`  Progress: ${pgno}/${totalPages} (${(100 * pgno / totalPages).toFixed(1)}%)`);
+        }
+      }
+    } finally {
+      fs.closeSync(outFd);
+    }
+  } finally {
+    fs.closeSync(fd);
+  }
+  return true;
+}
+function stripKeyMetadata(keys) {
+  const result = {};
+  for (const [k, v] of Object.entries(keys)) {
+    if (!k.startsWith("_")) {
+      result[k] = v;
+    }
+  }
+  return result;
+}
+function isSafeRelPath(relPath) {
+  const normalized = path2.normalize(relPath).replace(/\\/g, "/");
+  return !normalized.includes("..");
+}
+function getKeyInfo(keys, relPath) {
+  if (!isSafeRelPath(relPath)) return null;
+  const normalized = relPath.replace(/\\/g, "/");
+  const variants = [relPath, normalized, normalized.replace("/", "\\")];
+  for (const candidate of variants) {
+    if (candidate in keys && !candidate.startsWith("_")) {
+      return keys[candidate];
+    }
+  }
+  return null;
+}
+async function verifySqlite(outPath) {
+  try {
+    const { execSync: execSync2 } = await import("child_process");
+    const safePath = outPath.replace(/'/g, "'\\''");
+    const output = execSync2(
+      `python3 -c "import sqlite3; conn=sqlite3.connect('${safePath}'); print(','.join([r[0] for r in conn.execute('SELECT name FROM sqlite_master WHERE type=\\'table\\'').fetchall()]))"`,
+      { encoding: "utf-8" }
+    ).trim();
+    return output.split(",").filter(Boolean);
+  } catch {
+    return null;
+  }
+}
+async function runDecrypt(config) {
+  const { dbDir, outDir, keysFile } = config;
+  if (!fs.existsSync(keysFile)) {
+    console.error(`[ERROR] Key file not found: ${keysFile}`);
+    console.error('Please run "wxecho keys" first.');
+    process.exit(1);
+  }
+  const keysRaw = JSON.parse(fs.readFileSync(keysFile, "utf-8"));
+  const keys = stripKeyMetadata(keysRaw);
+  console.log(`Loaded ${Object.keys(keys).length} database keys`);
+  console.log(`Output directory: ${outDir}`);
+  fs.mkdirSync(outDir, { recursive: true });
+  const dbFiles = [];
+  function walkDir(dir) {
+    try {
+      const entries = fs.readdirSync(dir, { withFileTypes: true });
+      for (const entry of entries) {
+        const full = path2.join(dir, entry.name);
+        if (entry.isDirectory()) {
+          walkDir(full);
+        } else if (entry.isFile() && entry.name.endsWith(".db") && !entry.name.endsWith("-wal") && !entry.name.endsWith("-shm")) {
+          const rel = path2.relative(dbDir, full).replace(/\\/g, "/");
+          dbFiles.push({ rel, abs: full, size: fs.statSync(full).size });
+        }
+      }
+    } catch {
+    }
+  }
+  walkDir(dbDir);
+  dbFiles.sort((a, b) => a.size - b.size);
+  console.log(`Found ${dbFiles.length} database files
+`);
+  let success = 0;
+  let failed = 0;
+  let totalBytes = 0;
+  for (const { rel, abs, size } of dbFiles) {
+    const keyInfo = getKeyInfo(keys, rel);
+    if (!keyInfo) {
+      console.log(`SKIP: ${rel} (no key)`);
+      failed++;
+      continue;
+    }
+    const outPath = path2.join(outDir, rel);
+    process.stdout.write(`Decrypting: ${rel} (${(size / 1024 / 1024).toFixed(1)}MB) ... `);
+    const ok = decryptDatabase(abs, outPath, keyInfo.enc_key);
+    if (ok) {
+      const tables = await verifySqlite(outPath);
+      if (tables) {
+        const tableNames = tables.slice(0, 5).join(", ");
+        const suffix = tables.length > 5 ? ` ...total ${tables.length}` : "";
+        console.log(`  OK! Tables: ${tableNames}${suffix}`);
+        success++;
+        totalBytes += size;
+      } else {
+        console.log(`  [WARN] SQLite verification failed`);
+        failed++;
+      }
+    } else {
+      failed++;
+    }
+  }
+  console.log(`
+${"=".repeat(60)}`);
+  console.log(`Result: ${success} succeeded, ${failed} failed, ${dbFiles.length} total`);
+  console.log(`Decrypted data: ${(totalBytes / 1024 / 1024 / 1024).toFixed(2)}GB`);
+  console.log(`Decrypted files at: ${outDir}`);
+}
+function detectWeChatDbDir() {
+  const home = process.env.HOME || "";
+  let bestDir = null;
+  let bestMtime = 0;
+  try {
+    const xwechatRoot = path2.join(home, "Documents", "xwechat_files");
+    if (!fs.existsSync(xwechatRoot)) return null;
+    const accounts = fs.readdirSync(xwechatRoot);
+    for (const account of accounts) {
+      const dbStorage = path2.join(xwechatRoot, account, "db_storage");
+      const msgDir = path2.join(dbStorage, "message");
+      if (fs.existsSync(msgDir)) {
+        try {
+          const mtime = fs.statSync(msgDir).mtimeMs;
+          if (mtime > bestMtime) {
+            bestMtime = mtime;
+            bestDir = dbStorage;
+          }
+        } catch {
+        }
+      }
+    }
+  } catch {
+    return null;
+  }
+  return bestDir;
+}
+function getConfig() {
+  const scriptDir = getScriptDir();
+  const pyDir = path2.resolve(scriptDir, "..", "py");
+  const keysFile = path2.join(pyDir, "all_keys.json");
+  let dbDir = path2.join(process.env.HOME || "", "Documents", "xwechat_files", "your_wxid", "db_storage");
+  const configJsonPath = path2.join(pyDir, "config.json");
+  if (fs.existsSync(configJsonPath)) {
+    try {
+      const cfg = JSON.parse(fs.readFileSync(configJsonPath, "utf-8"));
+      if (cfg.db_dir && !cfg.db_dir.includes("your_wxid") && fs.existsSync(cfg.db_dir)) {
+        dbDir = cfg.db_dir;
+      }
+    } catch {
+    }
+  }
+  if (dbDir.includes("your_wxid") || !fs.existsSync(dbDir)) {
+    const detected = detectWeChatDbDir();
+    if (detected) {
+      dbDir = detected;
+      console.log(`[+] Auto-detected WeChat data directory: ${dbDir}`);
+    }
+  }
+  return {
+    dbDir,
+    outDir: path2.join(pyDir, "decrypted"),
+    keysFile
+  };
+}
+
+// src/commands/decrypt.ts
+async function runDecryptCmd() {
+  console.log("=".repeat(60));
+  console.log("  WeChat 4.0 Database Decryptor");
+  console.log("=".repeat(60));
+  console.log();
+  const config = getConfig();
+  await runDecrypt(config);
+}
+
+// src/commands/keys.ts
+import { spawn as spawn2 } from "child_process";
+import path3 from "path";
+import { fileURLToPath as fileURLToPath3 } from "url";
+import { dirname as dirname4 } from "path";
+import fs2 from "fs";
+var __filename2 = fileURLToPath3(import.meta.url);
+var __dirname2 = dirname4(__filename2);
+var PY_DIR2 = path3.resolve(__dirname2, "../../py");
+async function runKeys(options) {
+  const outputFile = options.output || "all_keys.json";
+  const binaryPath = path3.join(PY_DIR2, "find_all_keys_macos");
+  console.log("\u6B63\u5728\u4ECE\u5FAE\u4FE1\u8FDB\u7A0B\u63D0\u53D6\u5BC6\u94A5...\n");
+  console.log("\u6CE8\u610F\uFF1A\u6B64\u64CD\u4F5C\u9700\u8981\uFF1A");
+  console.log("  1. \u5FAE\u4FE1\u6B63\u5728\u8FD0\u884C\u4E14\u5DF2\u767B\u5F55");
+  console.log("  2. \u5DF2\u6267\u884C\u91CD\u7B7E\u540D\u7684\u5FAE\u4FE1\uFF08sudo codesign --force --deep --sign - /Applications/WeChat.app\uFF09\n");
+  if (!fs2.existsSync(binaryPath)) {
+    console.log("\u7F16\u8BD1\u5BC6\u94A5\u626B\u63CF\u5668...");
+    await compileBinary();
+  }
+  await extractKeys(binaryPath, outputFile);
+}
+function compileBinary() {
+  return new Promise((resolve2, reject) => {
+    const compile = spawn2("cc", [
+      "-O2",
+      "-o",
+      path3.join(PY_DIR2, "find_all_keys_macos"),
+      path3.join(PY_DIR2, "find_all_keys_macos.c"),
+      "-framework",
+      "Foundation"
+    ], { cwd: PY_DIR2 });
+    compile.on("close", (code) => {
+      if (code !== 0) {
+        reject(new Error("\u7F16\u8BD1\u5931\u8D25"));
+        return;
+      }
+      console.log("\u7F16\u8BD1\u6210\u529F\uFF0C\u73B0\u5728\u8FD0\u884C\u5BC6\u94A5\u63D0\u53D6...\n");
+      resolve2();
+    });
+    compile.on("error", reject);
+  });
+}
+function extractKeys(binaryPath, outputFile) {
+  return new Promise((resolve2, reject) => {
+    const child = spawn2("sudo", [binaryPath], {
+      cwd: PY_DIR2,
+      stdio: "inherit"
+    });
+    child.on("close", (code) => {
+      if (code === 0) {
+        console.log(`
+\u5BC6\u94A5\u5DF2\u4FDD\u5B58\u5230 ${outputFile}`);
+        resolve2();
+      } else {
+        reject(new Error(`\u5BC6\u94A5\u63D0\u53D6\u5931\u8D25\uFF0C\u9000\u51FA\u7801: ${code}`));
+      }
+    });
+    child.on("error", reject);
+  });
+}
+
+// src/utils/doctor.ts
+import { execSync } from "child_process";
+async function doctor() {
+  console.log("\u6B63\u5728\u68C0\u6D4B\u73AF\u5883\u4F9D\u8D56...\n");
+  const checks = [
+    { name: "Python 3", cmd: "python3 --version", required: true },
+    { name: "Xcode Command Line Tools", cmd: "xcode-select -p", required: true },
+    { name: "\u5FAE\u4FE1\u8FDB\u7A0B", cmd: "pgrep -x WeChat", required: true },
+    { name: "pycryptodome", cmd: 'python3 -c "import Crypto; print(Crypto.__version__)"', required: true }
+  ];
+  const infoChecks = [
+    { name: "\u5FAE\u4FE1\u7B7E\u540D\u72B6\u6001", cmd: 'codesign -d -v /Applications/WeChat.app 2>&1 || echo "NOT signed"', required: false }
+  ];
+  let allPassed = true;
+  for (const check of checks) {
+    try {
+      const output = execSync(check.cmd, { stdio: "pipe" }).toString().trim();
+      console.log(`\u2713 ${check.name}: ${output}`);
+    } catch {
+      if (check.required) {
+        console.log(`\u2717 ${check.name} - \u672A\u901A\u8FC7`);
+        allPassed = false;
+      } else {
+        console.log(`\u26A0 ${check.name} - \u53EF\u9009`);
+      }
+    }
+  }
+  for (const check of infoChecks) {
+    try {
+      const output = execSync(check.cmd, { stdio: "pipe" }).toString().trim();
+      console.log(`\u2139 ${check.name}: ${output}`);
+    } catch {
+      console.log(`\u2139 ${check.name}: \u65E0\u6CD5\u68C0\u6D4B`);
+    }
+  }
+  console.log("\n--- \u68C0\u67E5\u7ED3\u679C ---");
+  if (allPassed) {
+    console.log("\u2713 \u73AF\u5883\u5C31\u7EEA\uFF01\u53EF\u4EE5\u5F00\u59CB\u4F7F\u7528\u3002\n");
+    console.log("\u4F7F\u7528\u6B65\u9AA4\uFF1A");
+    console.log("  1. wxecho keys      # \u63D0\u53D6\u5BC6\u94A5\uFF08\u9700\u8981 sudo\uFF09");
+    console.log("  2. wxecho decrypt   # \u89E3\u5BC6\u6570\u636E\u5E93");
+    console.log("  3. wxecho export -l # \u5217\u51FA\u6240\u6709\u4F1A\u8BDD");
+    console.log('  4. wxecho export -n "\u8054\u7CFB\u4EBA"  # \u5BFC\u51FA\u804A\u5929');
+  } else {
+    console.log("\u2717 \u73AF\u5883\u68C0\u67E5\u672A\u901A\u8FC7\uFF0C\u8BF7\u5B89\u88C5\u7F3A\u5931\u7684\u4F9D\u8D56\u3002\n");
+    console.log("\u5B89\u88C5\u4F9D\u8D56\uFF1A");
+    console.log("  pip install pycryptodome");
+    console.log("  xcode-select --install");
+    console.log("  \u91CD\u7B7E\u5FAE\u4FE1: sudo codesign --force --deep --sign - /Applications/WeChat.app");
+  }
+}
+
+// src/cli.ts
+var program = new Command();
+program.name("wxecho").description("macOS \u5FAE\u4FE1\u804A\u5929\u8BB0\u5F55\u4E00\u952E\u89E3\u5BC6\u5BFC\u51FA\u5DE5\u5177").version("1.0.0");
+program.command("export").description("\u5BFC\u51FA\u804A\u5929\u8BB0\u5F55").argument("[name]", "\u8054\u7CFB\u4EBA\u6635\u79F0\u6216\u5907\u6CE8\uFF08\u6A21\u7CCA\u641C\u7D22\uFF09").option("-u, --username <wxid>", "\u7CBE\u786E\u5339\u914D\u7528\u6237\u540D").option("-o, --output <dir>", "\u8F93\u51FA\u76EE\u5F55").option("-l, --list", "\u5217\u51FA\u6240\u6709\u4F1A\u8BDD").option("--top <n>", "\u5217\u51FA\u524D N \u4E2A\u4F1A\u8BDD", "20").option("--my-wxid <wxid>", "\u81EA\u5DF1\u7684\u5FAE\u4FE1 ID").action(runExport);
+program.command("decrypt").description("\u89E3\u5BC6\u5FAE\u4FE1\u6570\u636E\u5E93").action(runDecryptCmd);
+program.command("keys").description("\u4ECE\u5FAE\u4FE1\u8FDB\u7A0B\u63D0\u53D6\u6570\u636E\u5E93\u5BC6\u94A5\uFF08\u9700\u8981 sudo\uFF09").option("-o, --output <file>", "\u8F93\u51FA\u6587\u4EF6", "all_keys.json").action(runKeys);
+program.command("doctor").description("\u68C0\u6D4B\u73AF\u5883\u4F9D\u8D56").action(doctor);
+program.parse();

package/package.json

@@ -0,0 +1,53 @@
+{
+  "name": "@walkerch/wxecho",
+  "version": "1.0.0",
+  "description": "macOS native chat history export tool with local database decryption support",
+  "keywords": ["macos", "chat-export", "decrypt", "sqlite", "wxecho", "database", "cli"],
+  "license": "MIT",
+  "author": "Xinhai Chang <changxinhai@pku.edu.cn>",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/chang-xinhai/WxEcho"
+  },
+  "type": "module",
+  "main": "./dist/cli.js",
+  "bin": {
+    "wxecho": "./bin/wxecho"
+  },
+  "files": [
+    "dist/cli.js",
+    "bin/",
+    "py/config.py",
+    "py/export_chat.py",
+    "py/key_utils.py",
+    "py/*.c",
+    "py/find_all_keys_macos"
+  ],
+  "scripts": {
+    "build": "tsx scripts/build-cli.ts",
+    "build:landing": "cd landing && npm ci && npm run build",
+    "build:all": "npm run build && npm run build:landing",
+    "prepublishOnly": "npm run build",
+    "dev": "tsx src/cli.ts",
+    "typecheck": "tsc --noEmit"
+  },
+  "dependencies": {
+    "commander": "^12.1.0"
+  },
+  "devDependencies": {
+    "@types/node": "^20.14.0",
+    "esbuild": "^0.21.0",
+    "tsx": "^4.15.0",
+    "typescript": "^5.4.0"
+  },
+  "engines": {
+    "node": ">=18.0.0",
+    "python": ">=3.8"
+  },
+  "os": [
+    "darwin"
+  ],
+  "publishConfig": {
+    "registry": "https://registry.npmjs.org/"
+  }
+}