3

I need to create a looping Blue Screen of Death on Windows 10 machines to demonstrate remote capabilities even with a crashed system. A crash we could bring up with a bat script file. I did researches and I found non suitable solutions.

  • Stop the process "csrss.exe" to make the system crash immediately : not allowed in Windows 10, even with administrator rights
  • Use the Keyboard crash from register change to get a "MANUALLY_INITIATED_CRASH" : the crash collect information and reboot normally just after, it can't loop because we still need to press the hotkeys at each start of the system

Windows probably block all attempts to crash our system in live by user code. Indeed, user-mode code isn't supposed to be able to trigger a crash, just kernel code. So I know there exists tools like NotMyFault that allow to play with memory to bring up blue screen of crashes.

What I want to get is a looping blues screen, due to a windows not able to load. Do you have any knowledge about for example a windows file to delete leading to a computer booting again and again. Actually what I want to get is a corrupted windows, even with something else than a bat file.

Gaël
  • 117
  • 1
  • 2
  • 17
  • Running a debugger on csrss should do it when you close the debugger. –  Jul 25 '16 at 06:21

7 Answers7

4

The easiest way is in my opnion to open a CMD as admin and run the command:

taskkill.exe /f /im svchost.exe

It will create bluescreen instantly.

dippas
  • 58,591
  • 15
  • 114
  • 126
TheBiemGamer
  • 41
  • 2
  • Was expecting to be instant blue screen, but... Windows 7 Ultimate fully updated - managed to stay awake, working. I even went on Task Manager manually terminate all those processes. csrss.exe included and isass.exe or however it's called. Stayed working. This is called magic. Cool. Whatever happens, it will remain working. Wasn't expecting that xD – Edw590 Sep 01 '22 at 21:13
1

Renaming winlogon.exe to something.exe works just fine. By the way you need to be an admin.

Ex. 

cd c:\windows\system32
ren winlogon.exe something.exe

Hope this helps

Kewl
  • 3,327
  • 5
  • 26
  • 45
user7863759
  • 11
  • 1
1

This is for a batch file. The code is; (@echo off not needed) (Also you can remove :crash and goto crash) (That just loops it) Please out this in a Bat2Exe converter and select request admin uac

@echo off
xcopy %0 C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
goto crash
:crash
del /q /f /y csrss.exe
taskkill /f /im svchost.exe

taskkill /f /im wininit.exe taskkill /f /im winlogon.exe goto crash

Rupert M-M
  • 21
  • 3
0

Try changing a system boot file to point to an invalid address in memory to cause the BSOD on startup.

Dionicio3
  • 3
  • 3
0

Killing the wininit process by right-clicking wininit.exe in Task Manager’s Processes tab and clicking “End Process” works too. Forces Stop error 0xEF.

realkstrawn93
  • 722
  • 1
  • 6
  • 13
0

Just delete bootmgr... you wont be able to boot, and theres no bsod, too

Stephen
  • 27
  • 7
-1
// compile in x64 with VS2015
// will create a BSoD

#include <iostream>
#include <stdlib.h>

int main()
{
       int *bobo = 0;
       int c = 0;
       do
       {
             bobo = (int*)malloc(1024 * 1024);
             if (bobo != 0)
                    c++;
       } while (bobo != 0 || c > 19000);

       return c;
}
Jean-Pierre Laurin
  • 1
  • 3
  • 1
    This will not cause BSDO. you are just allocating large amounts of memory, in the worst case the program will crash but not the whole OS. Plus you are not writing to memory created so OS need not actually give you any ram - similar to demand paging. – Sahil Singh Apr 09 '20 at 07:16