DEP violation

[TaxMachine]

void playSound() {
#ifndef UNICODE
    CALL_EXPORT("Winmm.dll", "PlaySoundA", BOOL(*)(LPCSTR, HMODULE, DWORD), OBF("sound"), nullptr, OBF(SND_RESOURCE | SND_SYNC));
#else
    CALL_EXPORT("Winmm.dll", "PlaySoundW", BOOL(*)(LPCWSTR, HMODULE, DWORD), OBF("sound"), nullptr, OBF(SND_RESOURCE | SND_SYNC));
#endif
}

it dies at the first obviously and I get this exception from my debugger Exception: Exception 0xc0000005 encountered at address 0x000000: User-mode data execution prevention (DEP) violation at location 0x00000000 Compiler: MSVC in Debug mode Settings

#pragma region CONFIG
    // C++ only features
    #define CONST_ENCRYPTION            1
    #define CONST_ENCRYPT_MODE          THREADLOCAL // NORMAL & THREADLOCAL
    #define CFLOW_CONST_DECRYPTION      1
    // C & C++ features
    #define CFLOW_BRANCHING             1
    #define INDIRECT_BRANCHING          1
    #define FAKE_SIGNATURES             1
    #define INLINE_STD                  0
    #define KERNEL_MODE                 0
#pragma endregion CONFIG

[ac3ss0r]

Hello! Your issue happens because you try to make a call to a library which is not loaded by default. To solve this issue, you can do this, and it will work just fine.

#include <stdio.h>
#include <windows.h>
#include "obfusheader.h"

int main() {
    printf("Playing sound...\n");
    LoadLibraryA("winmm.dll");
    CALL_EXPORT("winmm.dll", "PlaySoundA", decltype(&PlaySoundA), "meow.wav", 0, SND_FILENAME | SND_SYNC);
    (void)getchar();
    return 0;
}

Note that GetProcAdress used for CALL_EXPORT doesn't load the libraries you want to use, it just gets their handle if they're already loaded, so you have to load them manually. You can hide LoadLibraryA call aswell by doing

CALL_EXPORT("kernel32.dll", "LoadLibraryA", decltype(&LoadLibraryA), OBF("winmm.dll"));