Awesome
:blue_square: KmdfMandelcheck
This is a simple 200 LOC driver that displays a bitmap on screen after a BSOD occurs.
It uses a modified merge of ReactOS's display.h and bootvid.h to be able to work with bootvid.dll properly.
:thinking: Examples
:package: Building
Here are instructions on how to build this driver.
:link: Building BOOTVID.lib
Open up the Visual Studio developer prompt, cd
to KmdfMandelcheck's root directory, and then run the following command.
lib /def:BOOTVID.def /machine:x64 /out:BOOTVID.lib
:gear: Building Mandelcheck.sys
Open Visual Studio 2022 and select "Debug x64" or "Release x64". Build the solution, and you will have Mandelcheck.sys
in the output folder.
:runner: How To Run
Drop Mandelcheck.sys
in your VM and in an elevated command prompt run the following command.
sc create Mandelcheck binPath=C:\Where\The\File\Is\Mandelcheck.sys type=kernel start=auto
[!IMPORTANT]
This driver will not work under UEFI systems. You must use a VM booted into Legacy BIOS mode.
:framed_picture: Building A Valid Bitmap
Open your bitmap file in GIMP, scale/crop it down to 640x480, and make it a 16 color indexed image. Export it as .bmp, and now open it in Paint. Save the image as target.bmp
and place it in C:\KmdfMandelcheck\
for the driver to work.
[!IMPORTANT]
The driver will display a black screen if the bitmap is not 16 color, 4bpp.
:drum: And Now...
Run sc start Mandelcheck
in an elevated command prompt and create a BSOD. You can use BSODMachine for an easy way, or you can break and execute .crash
in WinDBG. If you are using WinDBG, once a bugcheck occurs, you must enter g
to continue execution, otherwise the system will be completely halted.
:balance_scale: License
Licensed under the GPL version 3.0.