In my last tweet, I used wechat to synchronize articles to Bear and mentioned that I hope to realize an automatic message processing robot by monitoring the corresponding chat records of wechat. In my last tweet, I realized the automatic saving of articles I am interested in to Bear.
Although the article is practical and many friends like it, it still has many defects:
- It is difficult to reproduce for friends with weak technology. Many configurations of the project need to be generated manually, and there are a lot of preliminary verification work
- Secondary development is difficult and cannot be used directly as a third-party package
- The compatibility of the project is not strong. Currently, only Mac is supported and only wechat APP is supported
- Project stability is not strong, wechat change mechanism may need to start all over again
Yes, there are a lot of problems, but I’m not very motivated to develop new solutions when it’s barely working. So what reason prompted me to update the plan ~
Background: I deal with data mostly in the company. The operation department will send some form data to the nail group every day, and then the members of my team need to manually download and find the corresponding processing scripts for processing
Then I asked how long it would take me to work on this project for the next two weeks. I answered 1 hour, which is really unbearable!
So I spent 10 hours doing this solution! By the way, solve the four problems mentioned above and earn…
research
Before we begin, of course, we must resolve all historical problems:
- Across the system! Across software!
- The program can be used directly as a third party package, and fool!
Okay, here we go. The core technology is how to monitor messages for all platforms.
The scheme of the last tweet can only support wechat, so the monitoring object in my current background requirement is Dingding. Do I need to get DB files according to the previous method?
To sum up, WHAT I monitor is the information of the consumer application, and I need not only wechat, but also dingding, QQ and other any software messages, and I cannot crack them one by one (even if the decryption succeeds this time, what about other communication software next time?). So what to do?
So the way to deal with the problem this time is to stand in the perspective of God, which is easy to say and easy to do, haha.
You know, I had an Epiphany, and since the target is all app messages, why don’t I just move from the app level to the system level?
I’ll take my Mac as an example. Isn’t there a notification center already in place?
It can be said that it is another village, Lao Hu I this move from hill to hill, the posture is ok?
Now the question is clear:
- I care about you wechat, Dingding, QQ, I only look at the notification center of the system
- I care how you encrypt, how to limit, you will not limit the system, I still only see the notification center of the system
I back operating system boss, now also afraid of you a few small applications, together, I cry calculate I lose.
In the field of operating system, this plan is the wuxia world of Jiuyang shengong, but also with the dragon knife, it can be said: ten steps to kill a person, thousands of miles do not leave the line.
The investigation is over.
practice
With the solution established, it’s all about validation plus implementation, again using the Mac as an example.
Let’s take a look at apple’s system center. First of all, we will establish the storage mode of system center data and enter the terminal:
cd `getconf DARWIN_USER_DIR`/com.apple.notificationcenter/db2
ls
db db-shm db-wal
Copy the code
As you can see, there are three files, which, alas, are familiar, SQLite.
Open:
There are the following tables:
- app
- categories
- dbinfo
- delivered
- displayed
- record
- requests
- snoozed
It may be a bit much, but we only need to focus on two tables:
- App: indicates the APP ID
- Record: monitoring application messages
The construction sentences are as follows:
create table app
(
app_id INTEGER
primary key,
identifier VARCHAR,
badge INTEGER
);
create table record
(
rec_id INTEGER
primary key,
app_id INTEGER,
uuid BLOB,
data BLOB,
request_date REAL,
request_last_date REAL,
delivered_date REAL,
presented Bool,
style INTEGER,
snooze_fire_date REAL
);
Copy the code
In this row of the app table, you can see that the wechat app’s ID is 35.
app_id identifier
35 com.tencent.xinwechat
Copy the code
After knowing the application ID, you can directly find the notification message in the record table:
SELECT app_id,data, presented, delivered_date FROM record WHERE app_id IN (35) ORDER BY delivered_date DESC;
Copy the code
The results are as follows:
All was well, but what was that big string in the middle? Don’t panic, bplist inside gives a great hint.
In the Python world, there is no problem that can’t be solved by introducing a third party package, and if there is, two third party packages will do.
pip install biplist
Copy the code
Biplist will load that string into a language we humans can understand.
There doesn’t seem to be any obstacles, so you can just code it.
coding
Calculate, don’t say much, much I also can’t say, open source directly, see github.com/howie6879/e… Don’t skimp on your Star.
git clone https://github.com/howie6879/examiner
cd examiner
#Pipenv is recommended. You can build your environment any way you likePipenv install python = / Users/howie6879 / anaconda3 / envs/python36 / bin/python3.6 - skip - lockCopy the code
Then you just need to build your own monitoring script in the root directory, for example, wechat_app.py:
from examiner.notification import notification_factory
def get_data(app_names: list):
os_notification = notification_factory(app_names)
info_list = os_notification.get_target_notification()
for each in info_list:
# Self-realization of monitoring logic and processing scheme
print(each)
if __name__ == "__main__":
app_names = ["WeChat"]
get_data(app_names)
Copy the code
Compared with the previous article, this code, do not need to configure, do not need to prepare anything in advance, just need to fill in the list of the target application you want to monitor (I incidentally support multiple applications), you can monitor Dingding and wechat and so on
You can play slowly by yourself, and it will output like this:
{'title': 'Old Hu's locker ', 'subtitle': '', 'body':' Test message monitoring, any application ', 'delivered_date': datetime.datetime(2019, 10, 20, 21, 40, 26, 428654), 'presented': 1, 'app_identifier': 'com.tencent.xinwechat', 'app_name': 'WeChat', 'md5': '75e24e2ccc502f01c101fcbd3637950b'}Copy the code
Finish work, if you are interested, welcome to follow my public account: