You can also open multiple WeChat accounts on your computer
Yesterday, I accidentally learned from my good friend Xiao Lin (WeChat public account: Xiao Lin Coding) that his computer can actually log in to two WeChat IDs at the same time.
Open WeChat on mobile phones. I know that mobile phone systems such as Huawei and Xiaomi have supported this. However, how to start two WeChat on a computer running Windows system? This really aroused my concern. curious.
Xiao Lin told me that he did this and wrote a batch process:
<code>start D:\WeChat\WeChat.exe<br>start D:\WeChat\WeChat.exe</code>
Then he directly double-clicked the batch file to start two WeChat processes.
I tried it, and it was indeed the case!
Then I added another line, and I was able to start 3 more:

Then I searched on the Internet and found out that this trick had been used by others a long time ago. It seemed like I was on Mars. But why can I open more doors in this way? I really want to know the mystery.
TIPS: If you are not interested in the technical analysis part, you can skip and go directly to the truth part at the end.
WeChat’s singleton mode
Under normal circumstances, you can directly double-click the WeChat icon to start. The process started later will perform a global singleton mode check. If it is found that a WeChat process already exists, it will directly Activate the WeChat window of the corresponding process, position it at the front of the desktop, and then exit.
But why can we start both using the above method? Let’s find out.
First, let’s analyze how the single instance of WeChat described above is implemented.
Friends who have done Windows platform application development may be familiar with this. Generally, a mutex with a globally unique name is created after the process is started. If the creation is successful, it will start normally. If the creation fails, it will be judged whether the mutex is the same. The repeller already exists. If it already exists, it means that the corresponding program has been started before.
With this conjecture, use the tool procexp to check all the kernel objects opened by the WeChat process and find the mutex part:

Sure enough, there is a mutex named _WeChat_App_Instance_Identity_Mutex_Name. From this name, we can guess that this is definitely related to WeChat’s singleton mode.
Next, start the artifact APIMonitor, which can help you monitor the API calls of the specified process, and check the two Windows API functions CreateMutex and GetLastError. When WeChat is already running, use this tool to start another WeChat process and take a look at the function calls:

You can see that after creating the mutex with this name, the GetLastError function was subsequently called and 0x000000b7 was returned. Check the manual for its meaning:

means it already exists.
Let’s take a look at the stack of this CreateMutex call and see where the code is creating this global mutex:

It can be seen from the stack that the call comes from a dynamic library WeChatWin.dll in the WeChat directory. The specific location is the previous instruction at offset 0x8e271b.
Next, we will introduce the artifact among artifacts, the famous disassembly software IDA. This guy supports x86, x64, ARM, MIPS and other processor architectures as well as Windows, Linux, Android, MacOS, JVM Program analysis on various system platforms.
Open the WeChatWin.dll file with IDA and locate the offset 0x8e271b:


- If the return value of sub_108e26d0 is 0, it means there is no error, and the current function will return directly 0.
如果sub_108e26d0的返回值不为0,表示出现了错误,则依次判断 WeChatMainWndForPC和 WeChatLoginWndForPC两个窗口是否存在,如果存在则使用 BringWindowToTop函数将其置顶弹出。这两个窗口分别代表的是微信的主界面窗口和登陆界面窗口,如果一个微信实例已经存在,则势必处于这两种状态之一。
问题就出在上面这个判断中,汇编代码看起来有点辣眼睛,咱们F5来还原一下C代码(还原效果只能凑合看,能看清楚逻辑就行):

上面图片的注解已经说明了,函数sub_108e2660的返回值将决定是否启动微信实例进程,还是直接退出。
真相只有一个
事情到这里就真相大白了,来总结一下。
微信判断是否启动的2个条件:
如果能成功创建互斥体对象,则启动微信
如果不能创建互斥体:
如果找到对应窗口,则置顶之,自己退出
如果没有找到,则启动微信
用伪代码来表示一下:
<code>if (CreateMutex() == SUCCESS) {<br> 启动微信<br>} else {<br> if (FindWindow() == SUCCESS) {<br> 将已有窗口置顶<br> } else {<br> 启动微信<br> }<br>}</code>
而直接使用脚本启动的多个进程,虽然操作系统内核层面保证了互斥体的唯一,但由于启动速度相差不大,相应的窗口还没有来得及创建出来,导致走入上面的第二个启动逻辑,从而可以启动多个实例。
小发现
在分析的过程中,发现了一个有趣的事情:
在WeChatWin.dll中,上面的创建互斥体再上一级函数名字叫StartWaChat,也是作为导出函数被该DLL导出:

The above is the detailed content of How to use Java to open multiple accounts on WeChat PC?. For more information, please follow other related articles on the PHP Chinese website!

本篇文章给大家带来了关于java的相关知识,其中主要介绍了关于结构化数据处理开源库SPL的相关问题,下面就一起来看一下java下理想的结构化数据处理类库,希望对大家有帮助。

本篇文章给大家带来了关于java的相关知识,其中主要介绍了关于PriorityQueue优先级队列的相关知识,Java集合框架中提供了PriorityQueue和PriorityBlockingQueue两种类型的优先级队列,PriorityQueue是线程不安全的,PriorityBlockingQueue是线程安全的,下面一起来看一下,希望对大家有帮助。

本篇文章给大家带来了关于java的相关知识,其中主要介绍了关于java锁的相关问题,包括了独占锁、悲观锁、乐观锁、共享锁等等内容,下面一起来看一下,希望对大家有帮助。

本篇文章给大家带来了关于java的相关知识,其中主要介绍了关于多线程的相关问题,包括了线程安装、线程加锁与线程不安全的原因、线程安全的标准类等等内容,希望对大家有帮助。

本篇文章给大家带来了关于java的相关知识,其中主要介绍了关于枚举的相关问题,包括了枚举的基本操作、集合类对枚举的支持等等内容,下面一起来看一下,希望对大家有帮助。

本篇文章给大家带来了关于Java的相关知识,其中主要介绍了关于关键字中this和super的相关问题,以及他们的一些区别,下面一起来看一下,希望对大家有帮助。

本篇文章给大家带来了关于java的相关知识,其中主要介绍了关于平衡二叉树(AVL树)的相关知识,AVL树本质上是带了平衡功能的二叉查找树,下面一起来看一下,希望对大家有帮助。

封装是一种信息隐藏技术,是指一种将抽象性函式接口的实现细节部分包装、隐藏起来的方法;封装可以被认为是一个保护屏障,防止指定类的代码和数据被外部类定义的代码随机访问。封装可以通过关键字private,protected和public实现。


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

AI Hentai Generator
Generate AI Hentai for free.

Hot Article

Hot Tools

Dreamweaver CS6
Visual web development tools

Notepad++7.3.1
Easy-to-use and free code editor

Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.

SublimeText3 English version
Recommended: Win version, supports code prompts!

ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment