(C++) Obscuring Control Flow by Unprotect

Created the Tuesday 06 December 2022. Updated 9 months, 3 weeks ago.

Description:

This code includes an exception handler that is called whenever an exception occurs. This exception handler calls the my_function function, which simply prints "Hello, world!" to the console. The obfuscated instructions use the SEH mechanism to obscure the control flow of the program, by raising an exception and handling it with the exception handler.

Code

            #include <Windows.h>
#include <stdio.h>

void my_function() {
    printf("Hello, world!\n");
}

LONG WINAPI exception_handler(EXCEPTION_POINTERS *exception) {
    my_function();
    return EXCEPTION_EXECUTE_HANDLER;
}

int main() {
    int eax = 0x12345678;

    // Obfuscated instructions using SEH
    __try {
        if (eax == 0) {
            my_function();
        }
        RaiseException(0x12345678, 0, 0, NULL);
    } __except (exception_handler(GetExceptionInformation())) {
    }

    return 0;
}