Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Using HalDisplayString For Custom Blue Screen Of Death

Tags:

bsod

I was reading a while ago somewhere online that you could make a custom BSOD. I don't remember where but I know it had something to with calling HalDisplayString which would switch to the bluescreen and print a message. I tried calling HalDisplayString from a simple driver but nothing happens. I was wondering if anyone could point me in the right direction. Here is the code to the driver.

#include "ntddk.h"
#include "wdm.h"
NTSYSAPI VOID NTAPI HalDisplayString( PCHAR String );
NTSYSAPI VOID NTAPI NtDisplayString( PCHAR String );
DRIVER_INITIALIZE DriverEntry;
NTSTATUS DriverEntry( 
    __in struct _DRIVER_OBJECT  *DriverObject,
    __in PUNICODE_STRING  RegistryPath 
    )
  {

   HalDisplayString("Hello world!");
return 0;  
}

Thanks in advance!

like image 822
user37875 Avatar asked Aug 12 '09 19:08

user37875


2 Answers

ZippyV, you were right, and also wrong. Calling HalDisplayString won't cause the computer to switch to a bluescreen and print the text, but it will print text after the initial bluescreen on a custom bluescreen. Here is some code that once compiled by the ddk and run as a driver will create a bluescreen and print text using HalDisplayString.

#include "ntddk.h"
#include "wdm.h"
VOID HalDisplayString(PSZ text); 
VOID InbvAcquireDisplayOwnership(VOID);
VOID InbvResetDisplay(VOID);
INT InbvSetTextColor(INT color); //IRBG
VOID InbvDisplayString(PSZ text);
VOID InbvSolidColorFill(ULONG left,ULONG top,ULONG width,ULONG height,ULONG color);
VOID InbvSetScrollRegion(ULONG left,ULONG top,ULONG width,ULONG height);
VOID InbvInstallDisplayStringFilter(ULONG b);
VOID InbvEnableDisplayString(ULONG b);
DRIVER_INITIALIZE DriverEntry;
NTSTATUS DriverEntry( 
    __in struct _DRIVER_OBJECT  *DriverObject,
    __in PUNICODE_STRING  RegistryPath 
    )
  {

InbvAcquireDisplayOwnership(); //Takes control of screen
InbvResetDisplay(); //Clears screen
InbvSolidColorFill(0,0,639,479,4); //Colors the screen blue
InbvSetTextColor(15); //Sets text color to white
InbvInstallDisplayStringFilter(0); //Not sure but nessecary
InbvEnableDisplayString(1); //Enables printing text to screen
InbvSetScrollRegion(0,0,639,475); //Not sure, would recommend keeping
InbvDisplayString("I print text!\n"); //Prints text
HalDisplayString("And so do I!!!"); //Prints text

return 0;  
}

All of these functions used here are undocumented and I had to figure them out myself (and look 2 of them up in the reactos source code) so be careful calling them. You can compile this code with the windows DDK and load the driver with any old driver loader. You can change the background and text color by changing the color function parameters(Green screen of death anyone?). I think that they use an IRBG(Intensity Red Green Blue) system. Also remember this is like a real bluescreen and the only way I know how to get rid of it is by restarting the computer, so be careful and have fun!

like image 158
user37875 Avatar answered Sep 17 '22 06:09

user37875


You can't show a BSOD with that function, it only displays text during bootup before the login screen appears. This link should give you some information.

like image 30
ZippyV Avatar answered Sep 19 '22 06:09

ZippyV