C++ / Disassembly Desynchronization

Windows C++ / Disassembly Desynchronization

Author	Unprotect
Platform	Windows
Language	C++
Technique	Disassembly Desynchronization

Description:

This code contains the original instructions mov eax, 0x12345678 and add eax, 0x00000004, but it also includes some "garbage" instructions (the nop instructions) between these two instructions. This breaks the normal sequence of instructions and can cause a disassembler to generate incorrect disassembly output.

Code

#include <stdio.h>

int main() {
    // Original instructions
    __asm__("mov eax, 0x12345678\n"
            "add eax, 0x00000004\n");

    // "Garbage" instructions that break the normal sequence of instructions
    __asm__("nop\n"
            "nop\n"
            "nop\n"
            "nop\n");

    // More original instructions
    __asm__("mov ebx, 0x87654321\n"
            "sub ebx, 0x00000004\n");

    return 0;
}

Download Raw

Created

December 6, 2022

Last Revised

April 22, 2024