Returns the connection-described general handler type, in this case ‘tunnel’.

Returns the string representation of the handler type, in this case ‘reverse_http’.

Initializes the PassiveX HTTP tunneling handler.

Simply calls stop handler to ensure that things ar ecool.

Decrement the references to the handler that was used by this exploit. If it reaches zero, stop it.

Called when a new session is created on behalf of this handler. In this case, we extend the session so that we can track references to the handler since we need to keep the HTTP tunnel up while the session is alive.

Create an HTTP listener that will be connected to and communicated with by the payload that is injected, and possibly used for tunneling purposes.

Basically does nothing. The service is already started and listening during set up.

Stops the service and deinitializes it.

PassiveX payloads have a wait-for-session delay of 30 seconds minimum because it can take a bit of time for the OCX to get registered.

Finds a session based on the supplied sid

Flushes all existing session_channels and cleans up any resources associated with them.

Creates a new session with the supplied sid.

Processes the HTTP request from the PassiveX client. In this case, when a request is made to "/", an HTML body is sent that has an embedded object tag. This causes the passivex.dll to be downloaded and registered (since registration and downloading have been enabled prior to this point). After that, the OCX may create a tunnel or download a second stage if instructed by the server.