Invoke of the blue BSOD screen
 

 

I will describe a nice function to trigger a system crash with BSOD exception.

In this method we will use the undocoment functions hidden in the library ntdll.lib, and its:


extern "C" 
{ 
      NTSTATUS _stdcall NtRaiseHardError(::NTSTATUS,::ULONG,::ULONG OPTIONAL,::PULONG_PTR,::ULONG,::PULONG);
      NTSTATUS _stdcall RtlAdjustPrivilege(::ULONG,::BOOLEAN,::BOOLEAN,::PBOOLEAN);
}


Method RtlAdjustPrivilege  we used to setup the process as critical, however, we used the privilege value of 20....
When invoking BSOD we will use the privilege value 19:


::RtlAdjustPrivilege(19,TRUE,FALSE,&status);


The second method we will use is NtRaiseHardError:


::ULONG ubret;
::NTSTATUS status;
status = ::NtRaiseHardError(STATUS_FLOAT_MULTIPLE_FAULTS, 0, 0, 0, 6, &ubret);

 

 

-----------------------------------------------------------------

All features included ntdll.lib is built into the header WinAPI.h WinAPI.h



Usage example from main:


#include "Convert.h" //https://www.netbot.sk/en/14-blog-headers/86-convert-h-en
#include "WinApi.h"  //https://www.netbot.sk/en/14-blog-headers/44-winapi-en
using namespace std;
int main() { ::Diall_WinApi::WinApi::GetInstance()->CallBSODError(); return 0; }