White Knight Labs - Offensive Development Course - Demo of using Exception Filter Function in C++ to catch Access Violations for payload execution and anti-debugging.

AccessViolationHandlerPayloadExecution.cpp

// White Knight Labs - Offensive Development Course
// Guardrails - Control Flow & Anti-Debugging 

#include <windows.h>
#include <iostream>

// Test function to be called when an access violation occurs
void TestFunction() {
    std::cout << "Test function executed after catching access violation." << std::endl;
}

// Exception filter function
LONG WINAPI MyExceptionFilter(EXCEPTION_POINTERS* ExceptionInfo) {
    if (ExceptionInfo->ExceptionRecord->ExceptionCode == EXCEPTION_ACCESS_VIOLATION) {
        std::cout << "Access violation detected and caught" << std::endl;
        
        // Call the test function
        TestFunction();
        
        return EXCEPTION_EXECUTE_HANDLER; // Handle the exception
    }
    return EXCEPTION_CONTINUE_SEARCH; // Pass the exception up the chain
}

int main() {
    // Install exception filter
    SetUnhandledExceptionFilter(MyExceptionFilter);

    // Cause an access violation
    int* p = nullptr; // Null pointer
    *p = 42; // Access violation here

    std::cout << "This line won't be executed since the program will terminate after the access violation is handled." << std::endl;

    return 0;
}