First: I do not take credit for this. This is information that I read in an article, But I feel it is a nice bug, and should be spread around so that microsoft might one day decide to fix their bugs!
The Bug:
CSRSS.EXE is a windows critical process. Make it crash and your whole system will follow. This affects all versions of windows NT (from source, My own test was only on win2k)
But how do you make it crash? The point to remember is that CSRSS.EXE controls the output of console apps.
Also, CSRSS has a bug on how it handles the backspace character while printing.
So the followin print statement will cause a small bug to appear:
printf("Crashing Your PC byte by byte ")
This bug is that CSRSS has now backspaced one character to many! In efect, it has now backspaced through it's video buffer memory. If the problem repeats itself too many times, CSRSS will cause a memory violation. Which will then make Windows kill the CSRSS.EXE process which in itself makes windows kill itself.
Now, this affects all outputs to the console, so you can either put that code into a while loop, compile in the language of your choice (that produces console apps) OR simply replece the printf statement with a fprintf and have the user dump the contents of the file on his screen ('type file' in the shell)
Now, This is not a very serious thing. It will not cause hard disk corruption (unless the reboot causes it), will not delete files, etc... But it can make an interesting DoS attack by implanting it into some program run on startup.
Hope this doesn't help ;)
No comments:
Post a Comment