21

As part of a multi-operating system challenge (testing computer integrity), I need to find the fastest way to reproduce a genuine Blue Screen of Death (BSOD) on a Windows machine. Any version that is XP or later will work.

As Shinrai puts it:

So basically you're trying to BSOD a machine as fast as humanly possible, but only once, and you can't touch the machine before the clock starts?

Yep, that's exactly what I'm trying to do.

I'm wondering if there are simple commands or actions that will cause Windows to go haywire and spit out a blue screen. Any pointers would be very helpful.

Constraints:

  • Can't write a script/program
  • Can't mess with hardware
  • Must be able to do it WITHIN windows
  • Can't be fake

I need to be able to boot cleanly into Windows, then I must reproduce a BSOD on the fly. So hardware and required-boot solutions are good but they don't conform to these rules.

CONCLUSIONS
I arrived at the competiton ready to implement Shinrai's method of BSOD. Turns out there were no specific rules about turning your computer on and off, only that you can't mess with the hardware. I checked my keyboard -- it was a USB one, so I knew which key to edit. We were told to start and I quickly found and edited the key and rebooted. Luckily these were bare bones computers and not a lot of services had to be started - resulting in a fairly quick reboot. Looking around, I saw people screwing around with the registry but no one else was restarting their computer. I did the keyboard combination and BOOM windows spewed a beautiful BSOD (something the OS is actually good for).

I ended up winning and I only had one thing to say: "I'm happy to be going home to my linux box".

Thanks to Shinrai for the winning solution!

nopcorn
  • 16,982

4 Answers4

21

There is in fact a developer tool built into most versions of Windows to generate a BSOD on command. Here's how you cause it in Windows 7 on either a USB or PS/2 keyboard (I believe it is the same for XP/Vista on USB even though this article doesn't say so, I may be mistaken though):

You must ensure the following three settings before the keyboard can cause a system crash:

If you wish a crash dump file to be written, you must enable such dump files, choose the path and file name, and select the size of the dump file. For more information, see Enabling a Kernel-Mode Dump File.

With PS/2 keyboards, you must enable the keyboard-initiated crash in the registry. In the registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\i8042prt\Parameters, create a value named CrashOnCtrlScroll, and set it equal to a REG_DWORD value of 0x01.

With USB keyboards, you must enable the keyboard-initiated crash in the registry. In the registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbdhid\Parameters, create a value named CrashOnCtrlScroll, and set it equal to a REG_DWORD value of 0x01.

You must restart the system for these settings to take effect.

After this is completed, the keyboard crash can be initiated by using the following hotkey sequence: Hold down the rightmost CTRL key, and press the SCROLL LOCK key twice.

The system then calls KeBugCheck and issues bug check 0xE2 (MANUALLY_INITIATED_CRASH). Unless crash dumps have been disabled, a crash dump file is written at this point.

If a kernel debugger is attached to the crashed machine, the machine will break into the kernel debugger after the crash dump file has been written.

Shinrai
  • 18,876
5

This is an old documented technique. Should work at least up to Vista:

Find in regedit:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters\

Create a DWORD key named CrashOnCtrlScroll and set it's value to 1.

...

To generate a BSOD, hold the right CTRL and press ScrollLock twice.

A Dwarf
  • 19,329
3

You can enable manually initiated crashes by performing these registry changes.

If your BIOS can switch your system's hard drive adapter between native SATA and legacy ATA mode (and possibly IRRT), switching to a different mode Windows was installed in will usually produce a BOOT_VOLUME_INACCESSIBLE error. I'm pretty sure disabling ACPI (if possible on your BIOS) when Windows was installed with ACPI enabled will also result in a bluescreen on boot.

Killing winlogon.exe using Sysinternal's Process Explorer produces a blue screen, but it's not the traditional "A problem has been detected and Windows has been shutdown to protect your computer..." screen.

This may also interest you - BlueScreen Screen Saver from Sysinternals.

LawrenceC
  • 75,182
0

You could do:

TASKKILL /IM svchost.exe /F

in the command prompt on Windows 10.

It will end a critical process and crash windows.

Stephen Rauch
  • 3,296
anonymous
  • 1