Merge pull request #5 from Mas0nShi/main

Fix: data dir rule in yara

.github/workflows/rust.yml

@@ -0,0 +1,34 @@
+name: Release
+
+permissions:
+  contents: write
+
+on:
+  push:
+    tags:
+      - v[0-9]+.*
+
+jobs:
+  create-release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: taiki-e/create-gh-release-action@v1
+        with:
+          # (optional) Path to changelog.
+          # changelog: CHANGELOG.md
+          # (required) GitHub token for creating GitHub Releases.
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+  upload-assets:
+    needs: create-release
+    runs-on: windows-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: taiki-e/upload-rust-binary-action@v1
+        with:
+          # (required) Comma-separated list of binary names (non-extension portion of filename) to build and upload.
+          # Note that glob pattern is not supported yet.
+          bin: wechat-dump-rs
+          # (required) GitHub token for uploading assets to GitHub Releases.
+          token: ${{ secrets.GITHUB_TOKEN }}

Cargo.toml

@@ -2,7 +2,6 @@
 name = "wechat-dump-rs"
 version = "0.1.0"
 edition = "2021"
-author = "REinject"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 

README.md

@@ -49,6 +49,7 @@ key: b16aa99b8e8323f6bb0ebf2ef83ff88f2e47d86d913345933a7168d55aa7e362
 
 - 3.9.6.33
 - 3.9.7.25
+- 3.9.7.29
 
 ## 如何手动寻找偏移
 

src/main.rs

@@ -39,7 +39,7 @@ const RULES: &str = r#"
     rule GetDataDir
     {
         strings:
-            $a = /[a-zA-Z]:\\Users\\.{0,50}\\Documents\\WeChat Files\\wxid_[0-9a-zA-Z]{14}/
+            $a = /[a-zA-Z]:\\Users\\.{0,50}\\Documents\\WeChat Files\\[0-9a-zA-Z_-]{6,20}/
         
         condition:
             $a