(C++) Obscuring Control Flow Using Pointers by Unprotect

Created the Tuesday 06 December 2022. Updated 1 month, 3 weeks ago.

Description:

This code ncludes a real function, my_function, which is called by the original and obfuscated instructions. This allows the code to demonstrate the intended behavior of the original instructions, which is to declare and initialize the variable x, declare and initialize the pointer ptr, and use the pointer ptr to dereference and modify the value of x.

However, the obfuscated instructions use pointers in a more complex way, by declaring and initializing two additional pointers, ptr1 and ptr2. This makes it more difficult for the disassembler to accurately interpret the instructions and generate correct disassembly output.

Code

            #include <iostream>

int my_function() {
    std::cout << "Hello, world!" << std::endl;
    return 0;
}

int main() {
    // Original instructions
    int x = 0x12345678;
    int *ptr = &x;
    *ptr = 0x87654321;

    // Obfuscated instructions using pointers
    int y = 0x12345678;
    int *ptr1 = &y;
    int *ptr2 = ptr1;
    *ptr2 = 0x87654321;

    return 0;
}