Windows C++ / Obscuring Control Flow
| Author | Unprotect |
| Platform | Windows |
| Language | C++ |
| Technique | Obscuring Control Flow |
Description:
This code includes an exception handler that is called whenever an exception occurs. This exception handler calls the my_function function, which simply prints "Hello, world!" to the console. The obfuscated instructions use the SEH mechanism to obscure the control flow of the program, by raising an exception and handling it with the exception handler.
Code
#include <Windows.h>
#include <stdio.h>
void my_function() {
printf("Hello, world!\n");
}
LONG WINAPI exception_handler(EXCEPTION_POINTERS *exception) {
my_function();
return EXCEPTION_EXECUTE_HANDLER;
}
int main() {
int eax = 0x12345678;
// Obfuscated instructions using SEH
__try {
if (eax == 0) {
my_function();
}
RaiseException(0x12345678, 0, 0, NULL);
} __except (exception_handler(GetExceptionInformation())) {
}
return 0;
}Created
December 6, 2022
Last Revised
April 22, 2024