2

I am looking for a way to trigger Blue Screen of Death (BSOD) on an IoT Device running Windows 10 IoT Core version.

I tried doing some googling around, but any of the guides either do not apply to Windows 10 IoT Core (e.g. forcing it through Ctrl + 2x Scroll Lock key combination), or do not work at all (like killing csrss.exe process, which returns with "Access denied" error - doesn't matter if it is killed from IoT Core builtin Shell, or remote PowerShell session).

I also know about Microsoft's tool called Not my fault, but it's an .exe file, not an UWP .appx package that I could easily run on Windows 10 IoT Core system.

Best thing I can think of is some kind of remote PowerShell command or creating an app that could be triggered somehow to produce a BSOD.

Disclaimer: This is intended only for academic purposes, I do not want a "hacky" solution. The device I intend to trigger BSOD on belongs to me and I do not intend to use the methods provided to cause any mayhem to anyone else.

Edit: As suggested by @Sunius in comments, there is also a possibility of writing my own kernel mode driver. If I were to pursue this solution, how can I trigger a BSOD on demand with such a driver? I have no prior experience with writing Windows drivers, so any general tips on achieving this may be useful.

I understand the bit about dereferencing a null pointer, but as I understand it, this would normally happen on driver installation/load, and I would rather need a way to install/load the driver first, then, when necessary, trigger the BSOD using the driver I provided. What are the options to communicate with driver? Do drivers allow to trigger any action from say C# UWP Application (since I cannot run other apps on IoT Core OS)?

Are there any guides, references I could read? The Microsoft documentation on this topic is rather scarce and not beginner friendly (I suppose writing drivers shouldn't be done by begginers, but still).

Asunez
  • 2,327
  • 1
  • 23
  • 46
  • Write a kernel mode driver and dereference a null pointer? – Sunius Aug 12 '17 at 04:08
  • @Bart GSOD is only for Windows Insiders. Production builds still throw good old BSOD since GSOD is intended only to easily distinguish between Insider and production builds. – Marian Dolinský Aug 14 '17 at 13:08
  • @Sunius I have also thought of the possibility of writing a driver that would trigger a BSOD, however I lack any experience with it. By `kernel mode driver` do you mean `KMDF`? I came by this abbreviaton reading MS docs, but I have never done driver programming and I'm pretty sure it isn't as straightforward as developing applications. Also - how can I then trigger BSOD on demand? – Asunez Aug 16 '17 at 06:17
  • @MarianDolinský So the only difference between GSOD and BSOD is the Insider build? I think I'm running Insider preview on my Raspberry, does that change anything regarding triggering BSOD? – Asunez Aug 16 '17 at 06:19
  • @Asunez Yeah, that should be the only difference. You can read more [here](https://www.theverge.com/2016/12/29/14111584/microsoft-windows-10-green-screen-of-death). – Marian Dolinský Aug 16 '17 at 17:18
  • it depends on the services available that could be stopped. i could always get a BSOD by killing the processes in the following order. `RPCSS LOCALSERVICE NETWORKSERVICE DLLHOST.exe NETSVCS ` it give 0xc000021a – VGSandz Aug 17 '17 at 13:53
  • @VGSandz I should've clarified this in my question - killing csrss.exe doesn't work because I have "Access denied" error. This occurs whenever I try to kill any system process. I will edit this into question. – Asunez Aug 17 '17 at 13:56
  • I do not have an IoT Core install to test with but you might be able to trigger a BSoD with the PowerShell command `Get-Process | Stop-Process -Force` when running as an administrator. – Persistent13 Aug 17 '17 at 21:45
  • @Persistent13 Please post this as an answer - it actually worked :) Using remote Power Shell I was able to trigger a BSOD on my IoT Device. I will mark this answer as accepted. The only thing I find strange is that I tried using the `-Force` parameter myself when trying to kill `csrss.exe`, and it refused - so I never actually tried killing any other processes as I thought the critical processes are somehow protected even against this parameter. – Asunez Aug 18 '17 at 08:09
  • @Asunez Glad to hear it worked! – Persistent13 Aug 18 '17 at 14:54
  • The only time my Win10 PC has BSODed I was trying figure out why my google drive on my PC wasn't syncing with the web version, and accidentally attempted to upload to the Google drive website a file from my local Google Drive folder instead of my desktop. I haven't attempted to recreate it because I don't just go around BSODing my personal device for funsies anymore, but maybe it would work consistently for you. – Tofystedeth Aug 18 '17 at 15:01

1 Answers1

2

You can trigger a BSoD with the command Get-Process | Stop-Process -Force.

Persistent13
  • 1,522
  • 11
  • 20