The purpose of the stage payload component is to perform
whatever arbitrary task is desired, whether it be to hook the
keyboard and send key strokes to the attacker or to spawn a reverse
shell in the context of a user-mode process. The definition of the
stage component is very broad as to encompass pretty much any
end-goal an attacker might have. For that reason, this section is
relatively sparse on details and is instead left up to the reader to
decide what type of action they would like to perform. The paper
eEye has provided shows some concrete examples of kernel-mode
stages. There are also many examples of existing user-mode payloads
that could be staged to run in the context of a user-mode process.
In the future, stages will most likely be the focal point of
kernel-mode payload research.