A C program to crash the system

Question

A few days back I had an interview, and I was asked to write a program in C which crashes the system/which shuts down the system. Needless to say I felt pretty dumb having no clue on how to even approach :(

Still I gave it a try, writing programs which use a lot of memory. But my interviewer was not satisfied with any of my techniques.

`void main(void) { system("shutdown -s"); }` Be careful with that slash. — Michael Petrotta, Oct 03 '11 at 05:48
Which platform (OS)? Are you running the program as root or an Administrator, or just as yourself? — Jonathan Leffler, Oct 03 '11 at 05:51
Thanks for the answers guys. @MichaelPetrotta : Hey Is there anyway to do the same without using a system call? — Venugopal Madathil, Oct 03 '11 at 06:00
A *sane* operating system will *kill user-space programs* before it will allow user-space programs to kill it. With *kernel-space* -- and any interaction with such or with *hardware* -- all-bets are off. Of course, just ask the OS nicely and... — , Oct 03 '11 at 06:02
@VenugopalMadathil: On my GNU/Linux system, `shutdown -s` prints "shutdown: invalid option: -s". With a valid option, it prints "shutdown: Need to be root". — Keith Thompson, Oct 03 '11 at 06:28
If you want to avoid `system()` you'll need to find an actual system call to do this instead. It will similarly require root ptivileges. http://linux.die.net/man/2/reboot — tripleee, Oct 03 '11 at 06:36
... but the orderly, documented way was apparently not what the interviewer was seeking. — tripleee, Oct 03 '11 at 06:39
@tripleee Yeah..I think he just wanted me to think of it, and give my way of doing it. — Venugopal Madathil, Oct 03 '11 at 06:46

score 9 · Accepted Answer · answered Oct 03 '11 at 06:02

9

It's easy to write a program that invokes undefined or implementation-defined behavior. Some of those programs could potentially crash the system.

But by definition, this is inconsistent. And modern OSes take pains (though not 100% successfully) to prevent a rogue app from crashing the system.

answered Oct 03 '11 at 06:02

Matthew Flaschen

278,309
50
514
539

Thanks for the reply. What did you mean by "undefined or implementation-defined behavior" ? Could you please explain. – Venugopal Madathil Oct 03 '11 at 06:05
@Venugopal, see [this question](http://stackoverflow.com/questions/2397984/undefined-unspecified-and-implementation-defined-behavior). – Matthew Flaschen Oct 03 '11 at 06:09

score 4 · Answer 2 · answered Oct 03 '11 at 06:37

There is no portable way to write a C program that crashes the system.

A fork bomb might or might not bog down a system. Of course fork is not portable -- and a system can defend itself against such attacks by limiting the number of processes a given account can create.

Of course there's always this:

#include <stdio.h>
int main(void) {
    puts("HEY YOU, PULL THE PLUG!!");
    return 0;
}

score 2 · Answer 3 · edited Nov 19 '12 at 09:09

2

Well, Have you tried following ?

void main(void) {
    system("shutdown -P 0");
}

To execute this program on Linux you must log in as root.

edited Nov 19 '12 at 09:09

Stephan

41,764
65
238
329

answered Nov 19 '12 at 08:49

openstk

137
9

score 2 · Answer 4 · answered Oct 03 '11 at 06:32

2

I would try writing garbage to /dev/kmem. There is a good chance that would cause an irrecoverable system crash.

answered Oct 03 '11 at 06:32

makes

6,438
3
40
58

There's also a good chance that a normal user will be unable to write to `/dev/kmem`; indeed, the system is very badly setup indeed if that is successful (as a normal user). As root, all bets are off: `dd if=/dev/random of=/dev/kmem` will probably do the trick quite nicely. – Jonathan Leffler Oct 03 '11 at 06:45

score 1 · Answer 5 · answered Oct 05 '11 at 19:09

One way to do that is by exploiting "Privilege Escalation" vulnerabilities of the current system.

Based on current configuration, you can search for vulnerabilities that impact the system. E.g. based on Kernel version. And then escalate privileges to root.

Once the process is "root", it can shutdown the system in various ways. Sending SIGPWR to "init" process is one clean way of doing that.

A C program to crash the system

5 Answers5

Linked

Related