(C++) Control Flow Graph Flattening by Unprotect

Created the Tuesday 06 December 2022. Updated 1 month, 3 weeks ago.

Description:

This code contains the original instructions, which declare and initialize the variables x and y, and use an if statement to compare their values. The obfuscated instructions use control flow flattling to make it more difficult for the disassembler to accurately interpret the instructions and generate correct disassembly output.

The while loop in the obfuscated instructions contains a large switch statement, which has multiple cases that hide the original if statements. This creates a complex and unstructured control flow that is difficult for the disassembler to follow.

Code

            #include <iostream>

int main() {
    // Original instructions
    int x = 0x12345678;
    int y = 0x87654321;
    if (x == y) {
        x = 0x11111111;
        y = 0x22222222;
    } else {
        x = 0x33333333;
        y = 0x44444444;
    }

    // Obfuscated instructions using control flow flattening
    int i = 0;
    while (true) {
        switch (i) {
            case 0:
                if (x == y) {
                    x = 0x55555555;
                    y = 0x66666666;
                }
                break;
            case 1:
                if (x != y) {
                    x = 0x77777777;
                    y = 0x88888888;
                }
                break;
            // ...
            default:
                break;
        }
        i++;
        if (i > 10) {
            break;
        }
    }

    return 0;
}