2006-10-16 21:40:38 +00:00
|
|
|
module Rex
|
|
|
|
|
module Payloads
|
|
|
|
|
module Win32
|
|
|
|
|
module Kernel
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Recovery stubs are responsible for ensuring that the kernel does not crash.
|
|
|
|
|
# They must 'recover' after the exploit has succeeded, either by consuming
|
|
|
|
|
# the thread or continuing it on with its normal execution. Recovery stubs
|
|
|
|
|
# will often be exploit dependent.
|
|
|
|
|
#
|
|
|
|
|
module Recovery
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# The default recovery method is to spin the thread
|
|
|
|
|
#
|
2006-10-16 23:59:14 +00:00
|
|
|
def self.default(opts = {})
|
|
|
|
|
spin(opts)
|
2006-10-16 21:40:38 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Infinite 'hlt' loop.
|
|
|
|
|
#
|
2006-10-16 23:59:14 +00:00
|
|
|
def self.spin(opts = {})
|
2006-10-16 21:40:38 +00:00
|
|
|
"\xf4\xeb\xfd"
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
