Home
Blogs
Forums
News
Portfolios
Projects
Tutorials
39 users logged in
New? Learn about game development.
Before posting, review our community guidelines.
Follow Us
Chat in the GameDev.net Discord!
Mastodon

🎉 Celebrating 25 Years of GameDev.net! 🎉

Not many can claim 25 years on the Internet! Join us in celebrating this milestone. Learn more about our history, and thank you for being a part of our community!

Back to GDNet Lounge

How to "force" a BSOD?

Started by
2 comments, last by frob 7 years, 1 month ago

Okay, this is a really odd request, and frankly I can hear some of you saying "Are you retarded?? Why in the world would you want to do that?" Well, it's a first for me, but I have a job interview with the Surface team on Monday, and part of my prep is to write some automation code. Fortunately, I was given the exact interview questions and what not ahead of time, so I have a few days to get prepped and ready. I already have a basic plan of a few basic C# test cases I want to write, and I want the very last test case to cause a surprise BSOD where I fire up WinDBG and trace it back to what caused it. Since I have to be able to demonstrate my kernel debugging skills here, I really need to get him convinced on the spot that I know what I'm doing. Part of this is responding to BSODs.

So, what's the most ethical way to do it? I did some searching, and came up with a few quick ideas.

  1. Call KeBugCheck[Ex]() and be done with it. That's what I would have done already, but I heard that you can't call this in usermode (even if you do a call to ::LoadLibrary() and get a function pointer to it. So far I haven't tried that (I just know that I've done it several times with driver level stuff before) but I'm going to try it anyway later on.
  2. Write a basic driver that calls KeBugCheck[Ex]() instead. I haven't touched the basics of driver programming since the Win2k/XP days when I was attempting to write a Riva128 driver as a learning experience. A basic driver IIRC can be called from user mode code, so that seems like a way to do it.
  3. Call TerminateProcess() on some really critical process. I could imagine that a simple call to this may require certain privileges that a user mode program might not have. Someone tried this with "WinLogon" 12 years ago, but dunno if that would work today.

Personally, I'd like to go with #2, but it's been a while since I've touched any driver dev stuff. Plus since I don't have internet at home, I can't download the WDK for quite some time. Saturday and Sunday will be "busy all day" days for me, so if I could find the shortest distance between two points, that would be immensely helpful.

Any ideas? Thanks.

Shogun

Advertisement
Creating a BSOD from userland on a modern version of Windows is usually reserved for privilege escalation security exploits. Be cautious here, it verges on very shady territory and can lead to less savory websites.

In fact getting away from this vector of attack is largely what prompted user-mode driver support in Windows.

A kernel mode driver is your best shot at this but it's not a trivial lift as you have discovered.

Wielder of the Sacred Wands
[Work - ArenaNet] [Epoch Language] [Scribblings]

You can't get a KMD into a running Windows instance so trivially. Driver signing was introduced to shut off this very attack vector, and modern day 64 bit Windows will not load your unsigned driver unless you put it into dev mode at boot time. While you could do that, it does undermine the effectiveness of the demo.

It is possible to crash most GPU kernel drivers with the right combination of bugs. Unfortunately it's pretty hard to predict what that combination is likely to be ahead of time if you know nothing about the target system.

SlimDX | Ventspace Blog | Twitter | Diverse teams make better games. I am currently hiring capable C++ engine developers in Baltimore, MD.

One option is to use PowerShell to intentionally kill all processes. That includes kernel-space stuff, which gives a BOSD. https://p0w3rsh3ll.wordpress.com/2013/10/21/producing-an-intentional-bsod-blue-screen-of-death/

Edit: Also found this:

Perhaps more handy, but requires a little work, is to enable a debugging feature in Windows itself: https://msdn.microsoft.com/en-us/library/ff545499.aspx Don't forget to turn it back off when done.

This topic is closed to new replies.

Advertisement

Popular Topics

JoeJ
Custom memory allocator for STL - dead end due to constructors? General and Gameplay Programming
ScienceDiscoverer
Anybody else have aversion towards Unreal, Unity and other ready-made engines? Engines and Middleware
TryBoo
Predicting Over-Time Skill from Single Input Networking and Multiplayer
Net_
Best-performing collision algorithm when only using AABBs? Math and Physics
Advertisement

Recommended Tutorials

hafo
Advantages of HTML5 in Advergaming Production and Management
Myopic Rhino
Developing A GUI Using C++ and DirectX Part 4 Graphics and GPU Programming
RWThurman
Fur Shading in DirectX 9 Graphics and GPU Programming
Myopic Rhino
Marketing 101 Part 3: Advertising Part I Business and Law
DotStarMoney
Generalized Platformer AI Pathfinding Artificial Intelligence

Reticulating splines

About GameDev.net
Community Guidelines
Terms of Service
Privacy Policy
Contact Us
Copyright (c) 1999-2024 GameDev.net, LLC
Back to Top