发表新帖
发表新帖

Invoke Blue Screen of Death using Managed Code

后端 未结
关注
11 2132
轮回少年
轮回少年 2020-12-30 01:25

Just curious here: is it possible to invoke a Windows Blue Screen of Death using .net managed code under Windows XP/Vista? And if it is possible, what could the example code

相关标签:
11条回答
  • 佛祖请我去吃肉
    2020-12-30 01:53

    This one doesn't need any kernel-mode drivers, just a SeDebugPrivilege. You can set your process critical by NtSetInformationProcess, or RtlSetProcessIsCritical and just kill your process. You will see same bugcheck code as you kill csrss.exe, because you set same "critical" flag on your process.

    0 讨论(0)
  • 不知归路
    2020-12-30 01:56

    I once managed to generate a BSOD on Windows XP using System.Net.Sockets in .NET 1.1 irresponsibly. I could repeat it fairly regularly, but unfortunately that was a couple of years ago and I don't remember exactly how I triggered it, or have the source code around anymore.

    0 讨论(0)
  • 不思量自难忘°
    2020-12-30 01:58

    You could use OSR Online's tool that triggers a kernel crash. I've never tried it myself but I imagine you could just run it via the standard .net Process class:

    http://www.osronline.com/article.cfm?article=153

    0 讨论(0)
  • 别跟我提以往
    2020-12-30 01:59

    Try live videoinput using directshow in directx8 or directx9, most of the calls go to kernel mode video drivers. I succeded in lots of blue screens when running a callback procedure from live videocaptureing source, particulary if your callback takes a long time, can halt the entire Kernel driver.

    0 讨论(0)
  • 自闭症患者
    2020-12-30 02:01

    I do not know if it really works and I am sure you need Admin rights, but you could set the CrashOnCtrlScroll Registry Key and then use a SendKeys to send CTRL+Scroll Lock+Scroll Lock.

    But I believe that this HAS to come from the Keyboard Driver, so I guess a simple SendKeys is not good enough and you would either need to somehow hook into the Keyboard Driver (sounds really messy) or check of that CrashDump has an API that can be called with P/Invoke.

    http://support.microsoft.com/kb/244139

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters
    Name: CrashOnCtrlScroll
    Data Type: REG_DWORD
    Value: 1
    Restart

    0 讨论(0)
  • 长发绾君心
    2020-12-30 02:01

    I found that if you have admin, you can run taskkill /F /IM svchost.exe. This tries to kill just about every service host at once.

    0 讨论(0)
 看不清?
提交回复
热议问题