UWP-SEH-Exception-Sniffing-POC/a_1authrowhook.asm

; crinkle the linkers load order
; a.obj < (anything else).obj
; A/B/C:\... <  ntstc_msvcrt's d:\os\obj\...

PUBLIC _CxxThrowException
EXTERN _CxxThrowExceptionHook : proc
EXTERN CXX_THROW_REFERENCE : qword

.code

_CxxThrowException PROC
    MOV R8, [RSP]
    
    push RCX
    push RDX
    
    SUB RSP, 24 ; yo wtf, we have [0, -8], [-8, -8], [-16, -8] writes in our stack?! stdcall compiler optimizer conflicting with the reality that stdcall does not exist under x64?
    MOV RAX, [_CxxThrowExceptionHook]
    CALL RAX
    add rsp, 24
    pop RDX
    pop RCX

    xor rax, rax

    jmp CXX_THROW_REFERENCE
    ret 
_CxxThrowException ENDP

END
Initial Commit 2022-01-23 02:32:46 +00:00			`; crinkle the linkers load order`
			`; a.obj < (anything else).obj`
			`; A/B/C:\... < ntstc_msvcrt's d:\os\obj\...`

			`PUBLIC _CxxThrowException`
			`EXTERN _CxxThrowExceptionHook : proc`
			`EXTERN CXX_THROW_REFERENCE : qword`

			`.code`

			`_CxxThrowException PROC`
			`MOV R8, [RSP]`

			`push RCX`
			`push RDX`

			`SUB RSP, 24 ; yo wtf, we have [0, -8], [-8, -8], [-16, -8] writes in our stack?! stdcall compiler optimizer conflicting with the reality that stdcall does not exist under x64?`
			`MOV RAX, [_CxxThrowExceptionHook]`
			`CALL RAX`
			`add rsp, 24`
			`pop RDX`
			`pop RCX`

			`xor rax, rax`

			`jmp CXX_THROW_REFERENCE`
			`ret`
			`_CxxThrowException ENDP`

			`END`