Obscuring Control Flow Using Pointers
Created the Monday 18 March 2019. Updated 1 year, 2 months ago.
The use of pointers in a program can be an issue for disassemblers, because pointers can be used in complex ways that are difficult for the disassembler to accurately interpret. This can make it more difficult for the disassembler to generate correct disassembly output, and can also make it more difficult for analysts to understand the program's behavior.
Pointers are a common programming idiom used in C and C++ to reference memory locations and manipulate data in memory. They are typically implemented as variables that contain the memory address of another variable. This allows the programmer to access and modify the data stored at that memory address, without having to know the exact memory address of the data.
Technique Identifier
Code Snippets
Additional Resources
External Links
The resources provided below are associated links that will give you even more detailed information and research on current evasion technique. It is important to note that, while these resources may be helpful, it is important to exercise caution when following external links. As always, be careful when clicking on links from unknown sources, as they may lead to malicious content.