Login/Register
programmatically trigger BSOD
Asked Answered
Solved c#.netbsod
C

6

21

Purely for academic reasons.

is it possible to programmatically cause a BSOD to occur under windows xp/windows 7 in C#/.NET.

I'm suggesting there's got to be some dirty hack, or some vulnerability to abuse to cause this.

I'm looking for a snippet of code to run that guarantees a BSOD in a finite period of time.

Cram answered 20/4, 2011 at 21:57 Comment(11)
I think you would have to do this at a driver level.Insouciant
@ChadMoran if you can interface with a driver and trick it into causing a BSOD then that's fair game. I guess it becomes very machine specific then.Cram
Well, you can always enable the CrashOnCtrlScroll feature and then programmatically send a Ctrl+ScrollLock+ScrollLock. But that would require you to modify the Windows registry.Kaltman
@JonasGulle can we modify the registry through c# ?Cram
@Cram yes, but you have to reboot the machine to make the setting effective.Kaltman
@JonasGulle you can continue to run C# code on startup again, right? Just like an installer.Cram
@Jonas: "the CrashOnCtrlScroll feature" Awesome.Figurant
@Cram of course, use the AppInitDLLs key, RunOnce/Run, Startup or any other autorun feature in Windows. Autoruns list all executables that is run automatically, just take your pick :)Kaltman
@Martinho It's actually very useful to collect a memory dump for post-mortem when you're investigating or reproducing some bug in a kernel driver.Kaltman
Presenting a new operating system feature to a large audience usually does the trick. Try finding a old or new beta version of Windows, gather a large audience and call the new API :-)Mcknight
I posted an answer for the same question in python. You should be able to easily port the functionality implemented by this script in C#: https://mcmap.net/q/660051/-is-there-a-way-in-windows-to-throw-a-bsod-on-demand-from-pythonFeints
S
29

Killing process "csrss.exe" causes BSOD.

But you need Administrator privileges to do this. I'm not sure there is a way to do this purely with restricted privileges.

EDIT:

Yep, it works alright. I cooked myself a nice little BSOD :)

System.Diagnostics.Process.GetProcessesByName("csrss")[0].Kill();
Suicidal answered 20/4, 2011 at 21:59 Comment(5)
I'm afraid it has to be a piece of C# code. Having local administrator rights is fair game.Cram
Then this 'utility' probably won't do either :]Betterment
I guess you can kill the winlogon process aswell to trigger a BSODKaltman
@Betterment Or how about NotMyFault? dl.dropbox.com/u/16862782/NotMyFault.zip Run as admin, click "do bug" and BOOM, real bluescreen.Humour
@JonasGulle And wininit.exe but you need to kill all the children processes too.Vaticinate
V
4

Use Process.Start to run the SysInternals NotMyFault tool which causes a BSOD (it uses a diver to do this which is the only way).

Killing csrss.exe would also work currently but that that's an undocumented way that might just go away in future version of Windows. NotMyFault uses a documented and clean way to do it.

Vere answered 2/3, 2013 at 22:59 Comment(1)
Critical processes are documented: learn.microsoft.com/en-us/windows/win32/api/processthreadsapi/…, although I suppose it's true that it may not be documented that csrss.exe is one. It's possible to use the service control manager to create critical processes so worst comes to worst, you can create your own and then kill it.Existent
L
1

You could make the process critical and then kill it

using System;
using System.Runtime.InteropServices;

then:

[DllImport("ntdll.dll", SetLastError = true)]
private static extern void RtlSetProcessIsCritical(UInt32 v1, UInt32 v2, UInt32 v3);
System.Diagnostics.Process.EnterDebugMode();
RtlSetProcessIsCritical(1, 0, 0);
System.Diagnostics.Process.GetCurrentProcess().Kill();
Leucoma answered 9/8, 2020 at 14:42 Comment(0)
V
0

I once had "problems" under Windows 7, causing BSOD when using the Ping::Send method during debugging. So Debugger::Attach and then pinging might work for you, as well. :)

Vizor answered 20/4, 2011 at 22:9 Comment(0)
I
0

Create a ping. Kill the program. Instant bsod courtesy of microsoft's tcpip.sys in .net 4.

You'll get a process has locked pages. :)

Illyrian answered 11/2, 2016 at 12:28 Comment(0)
S
0

For all versions of windows you can kill svchost.exe and you will see the BSoD with Critical_Process_Died

Shroudlaid answered 2/7, 2019 at 18:14 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.