Would anyone be interested in a program that can remotely crash Windows Machines?

If so please mail-me at grabberslasher[at]hotmail[dot]com.

What happens is you enter the IP address of a Windows Machine and click Nuke.

The program sends a packet that crashes windows and causes it to shut down. A dialogue box pops up saying the computer has encountered a fatal process and will shut down in 50 seconds.

This is not a virus, just a programming test.

Runs on Mac OS X only and uses Java. Tested against Windows XP only. Not sure if it works over the internet - only tried it on a network.
Coded in RealBasic.

Please no spam.

Here's a screenshot from the PC end.

:D

I'm presuming you designed it yourself.
Does it target the masks and subnets of certain computers?

Or does it rely mainly on the private IP address?

I didn't code the java myself but the interface I did. It is a modern version of the old WinNuke (OS 9) that could crash Windows 95 and NT.

All you do is enter an IP address. It just sends the out of band package to the IP

Originally posted by grabberslasher
I didn't code the java myself but the interface I did. It is a modern version of the old WinNuke (OS 9) that could crash Windows 95 and NT.

All you do is enter an IP address. It just sends the out of band package to the IP

Then it probably wouldn't work on our network, each PC computer is seperate from each other so we can't connect via sharing.

They each connect directly to the switch and bypass all other IPs.

Surely they each have an external IP address..?

www.whatismyipaddress.com

Originally posted by grabberslasher
Surely they each have an external IP address..?

www.whatismyipaddress.com

Nope, it's blocked by in-built masks installed by my school.

It only works on their network, I can try, send the program to netgainz@mac.com and I'll see what happens.

Download it here

http://homepage.mac.com/grabberslasher1/FileSharing1.html

It's a trial .Mac account so won't be there forever.

Eek! It works over the internet! I just nuked my pc. My internet will be down for a few minutes.

Remember, this program is for educational purposes only.

;) :D

Hmm...

As much fun as this may be to a Mac user, I don't think this is the sorta thing we should be encouraging here on the site.

I don't think it it would be great press for someone to learn how to "nuke a pc" from Macrumors.com.

Originally posted by grabberslasher
Eek! It works over the internet! I just nuked my pc. My internet will be down for a few minutes.

Remember, this program is for educational purposes only.

;) :D

Yeah, no one here would ever dream of doing anything else with it. ;) What port does it send the packet to?

Actually it exposes a security flaw in Windows XP that Microsoft should take notice of. They learn from us - always...

It sends the packet to port 135 (NetBios I think).

If you want to see the packet just open the Nuker.app/Contents/MacOS/windows_rpc_kill file. The other file is the java version.

Originally posted by grabberslasher
Actually it exposes a security flaw in Windows XP that Microsoft should take notice of. They learn from us - always...

It sends the packet to port 135 (NetBios I think).

If you want to see the packet just open the Nuker.app/Contents/MacOS/windows_rpc_kill file. The other file is the java version.

I couldn't seem to get it to nuke my ME box. Oh well. Let's try my brother, he has a xp box. hehehehehe.:cool:

It's hardly "nuking" windows, it's just triggering the built in shutdown.exe that comes packaged with Windows. Here is the windows gui for the same exe, does exactly the same thing as your Mac OS X gui.
edit: oh dear, doesn't even work on my LAN.

So it's not going to actually kill anyone's computers then?

Hmm... I'll have to try it on my brother's computer...


This could be fun at LAN parties, as a little prank... "Hey, my computer crashed!", "Hey, Mine too!!!" then I'd be like "Should've bought a Mac..."

Oh the fun...

Come on eyelikeart, have some fun. It's not like you're going to do much damage... ;) :D :cool:

Originally posted by eyelikeart
So it's not going to actually kill anyone's computers then?
Not a chance, it will simply reboot. The shutdown.exe can trigger logoff, reboot, or shutdown, depending on how this nuke app is configured any of the previous is all it's ever going to do.

Originally posted by G4scott
Come on eyelikeart, have some fun. It's not like you're going to do much damage... ;) :D :cool:

hey...we just need to make sure this isn't something very bad being promoted at the site...

we get a lot of attention now...and for the word to get out that Macrumors.com has a link to a program that kills pc's wouldn't be a good idea... ;)

OK -LISTEN

This app sends a packet to the PC which causes the Network Interface to crash.

Windows XP can't handle this and must restart immediately.

No shutdown.exe, no logoff.exe. Just a crap Network Stack.

Originally posted by edesignuk
Not a chance, it will simply reboot. The shutdown.exe can trigger logoff, reboot, or shutdown, depending on how this nuke app is configured any of the previous is all it's ever going to do.

If this is just using something built into ms, why doesn't it require some sort of password? Are you saying that you can just tell any xp box to shut down remotely without a password?

As far as I know this only works on XP (even with Service Pack 1).

I have one for OS 9 that can do the same to Win 3.11, 95 and NT4.

Originally posted by jethroted
If this is just using something built into ms, why doesn't it require some sort of password? Are you saying that you can just tell any xp box to shut down remotely without a password?
As long as you are an admin yes, you can. In that sense this does 'expose' a security flaw, in that an administrator un/pw should be required, but it will still not cause any harm to the PC, neither is it causing it to 'crash', it is simply triggering a shutdown/reboot/logoff.

This is a testing tool to see if your PC is susceptible to "Nuking". If so, do a search on Google to find a patch that you can install.

This could help you fix your PC system so that someone can't do it to you again.

It's a bug in XP, not a feature.

Originally posted by grabberslasher
OK -LISTEN

This app sends a packet to the PC which causes the Network Interface to crash.

Windows XP can't handle this and must restart immediately.

No shutdown.exe, no logoff.exe. Just a crap Network Stack.
It is very obviously not restarting immediately, it has 40secs in the screen cap above, and this shutdown dialog is the shutdown.exe in action, fair enough, maybe it is being triggered by windows as a reaction to RPC being stopped, but it is not crashing the system, it is just initiating a timed reboot to resolve the problem.

But yes, it's a neat little app anyway :)

Originally posted by grabberslasher
This is a testing tool to see if your PC is susceptible to "Nuking". If so, do a search on Google to find a patch that you can install.

This could help you fix your PC system so that someone can't do it to you again.

It's a bug in XP, not a feature.
Maybe it has been fixed, as I said, it doesn't work on my home LAN. On the PC I am running Windows XP Professional SP1 w/ all updates, you guys that have got it to work, do you have SP1 installed? Just curious.

edit: Sorry, just saw your post a few posts above this regarding SP1, so never mind :)

Actually it's not shutdown.exe. A quick look at Task Manager shows that it is winlogon.exe that is triggering the shutdown.

[Edit - Damn my spelling!]

Originally posted by grabberslasher
Actually it's not shutdown.exe. A quick look at Task Manager shows that it is login.exe that is triggering the shutdown.
Another windows application (login.exe if u say so) may be triggering it, but it is still just triggering shutdown.exe to perform a safe reboot to fix the problem of the RPC service having been stopped. Don't get me wrong, this is a fairly big flaw, and this is a clever little app to take advantage of it, all I am saying is that this is not really causing the PC to 'crash', you are not doing any damage with this, windows is rebooting itself safely with it's own shutdown.exe to correct a problem.

Yep, you're quite right. Anyone else got it to work then?

I have a PC (Win XP SP1) and a Powerbook (10.2.6) networked through a hub.

The PC has the internal IP of 192.168.0.1 (as it shares the internet out to the macs).

All I do is press Nuke and after 10 seconds the dialogue will pop up.

The people who can't get it to work, what message is Nuker coming up with?

If it says Broken Pipe then you're trying it against an incompatible OS.

If it says timeout then you don't have the bandwidth to send 120k quickly.

If it says connecting:connected then it should have worked.

Originally posted by grabberslasher

If it says Broken Pipe then you're trying it against an incompatible OS.

The error I get is:

"Connecting...connected.
IOException: Broken pipe"

On the Mac I am running 10.2.6, and the PC, XP Pro SP1, networked through Linksys switch.

It probably means that the PC has some sort of firewall or patch... I think...

I get the same when trying to do it to NT 4 in Virtual PC (although I can do it fine to Windows XP in Virtual PC)

Originally posted by grabberslasher
It probably means that the PC has some sort of firewall or patch... I think...

I get the same when trying to do it to NT 4 in Virtual PC (although I can do it fine to Windows XP in Virtual PC)
That's odd, I have no firwalls installed, I don't even have the Microsoft ICF enabled.

OK, do it another way.

Navigate to Nuker.app/Contents/MacOS IN THE TERMINAL.

"cd Nuker.app/Contents/MacOS"

Then type
"java EtherealReplay 192.168.x.x 135 < windows_rpc_kill"

Just substitute the IP address with your PCs one. Leave the port (135) alone unless you need to change it.

See if that comes up with the same error.
Do you have the Java Update from Apple installed?

Yup, I get the exact same error, and yes, I have all updates.

want to crash a pc on site...install any versions of windows not with nt technology

Originally posted by jefhatfield
want to crash a pc on site...install any versions of windows not with nt technology
LMAO! True, true...;)

Originally posted by edesignuk
LMAO! True, true...;)

if macs were that unstable, i could be a mac tech but i don't know of any mac techs who actually make a living at it besides the two indie apple stores in my area...and they have to fix pcs to keep the work load up to justify their jobs

but where i live, there are no full time mac techs

i know of this one company where the mac techs, and paid as such, go to offices in the building and do two hour defrags and just sit and talk to the secretaries...and since the machines are rented and on contract, they are not allowed to do much anything else...if the cio, who is a pc person, ever got wind of how stable macs are, he would banish the mac side of the IT department and make them floor sweepers:p

So I guess they are kind of like the Maytag Man? ;)

P-Worm

Man, I'll find a use for this in college.

i would do it but my pc runs 98SE, xp was not very fast, even with 512ram, now 384 on 98SE.

Ugh, hasn't been working on IRC...

Originally posted by Schiffi
Ugh, hasn't been working on IRC...
:confused:

Using /whois nick you find out ppl's IP addresses. It has said connecting:connected several times, but those ppl still stay connected in IRC.

let's try not to bother me with this nonsense ;).

Cool proggy, I can think of a million fun things to do with it. :D

scem0

I tested it out and nothing happened, IP doesn't "exist" if you catch my drift.

Oh well, I can dream :)

Originally posted by P-Worm
So I guess they are kind of like the Maytag Man? ;)

P-Worm

the maytag company had so much time on their hands that they actually used some of the time and energy to produce a killer cheese called the "maytag blue"

maybe idle apple repairmen can get together and make their own blue cheese

I think designing something that will disconnect their internet connection would be just as good, if not better.

I think every PC user already has a program that can crash PCs....

its made by Microsoft.

:D
:D
:D

It only seems to work against Windows XP, un-firewalled. It won't work on anything lower (AFAIK). Haven't tried it with Windows .Net Server 2003 yet.

? If you want one that can do the same to 95 or NT 4 just search for WinNuke or TrumpetTestTool in Google.

They have nothing to do with me though.

Thanks for this great little app, I will have endless fun shutting down someones PC I am playing a game with, if I am losing. :) :D :) :D

How many people have got it working so far?

New version! Nuker Enchanced.

Can now nuke Windows 3.11, 95, NT and XP. Be careful when testing your NT machine with this, you get an instant blue-screen with no chance to save your work.

:p

http://homepage.mac.com/grabberslasher1/

I tried downloading the program, but it doesn't decode properly.

What's going on?

That, and you'll note this seems to abuse the same problem that the MSBlaster worm did. Is there any control over what you can make the computer do, or does it just break the RPC service, which causes Windows (by default) to reboot?

i think it's a bad idea to be talking about this program. some of the users here have obviously downloaded it with malicious intent. if someone did this to my system, i'd be pissed all to hell. doing this will only cause anger and grief. i don't care if it is a microsoft bug, you're still screwing around with someone elses computer.

I can't decompress it either.

you don't need to nuke a PC anyway. windows is constantly suffering from other worms and bugs. :D

Originally posted by couch potato
you don't need to nuke a PC anyway. windows is constantly suffering from other worms and bugs. :D

Yeah really, wait 5 minutes before the next work or virus comes out and poof your system goes to hell.

I'd love to see this program work, but I haven't got it to decompress... anyone?

is it just me, or is the link broken? Anyone have a new one or can send it to me? grapes911@aol.com

Close the topic.

Exploiting a bug like that on others computer is illegal btw and IS a crime. Of course, you are probably never going to get caugth but still, its illegal and badly reflect on MacRumors.com.

Thanks to the superb legal system in the USA, you could probably get sued for 100,000,000$ if you used the software to crash someones PC. And MacRumurs would be liable to this because they helped to distribute the information...

And yes, this is a very old bug and I cant believe they havent fixed it yet, stupid microsoft...

really it doesn't matter if the topic is closed. the .mac account has expired, so no one is going to be able to download the program from a link off this site, anyway.

it would be great if someone could send this to me..

heh...

just saw this thread. I don't think MacRumors would be held liable... but I also dont' think it's a great thing to distribute.

arn