Skip to content

Add payload/linux/x64/set_hostname module. #20334

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 10 commits into from
Jul 6, 2025
Merged

Add payload/linux/x64/set_hostname module. #20334

merged 10 commits into from
Jul 6, 2025
+75 −0

Conversation

xHector1337
Copy link
Contributor

@xHector1337 xHector1337 commented Jun 21, 2025
edited
Loading

This payload sets the hostname of a Linux x64 machine by using the sethostname syscall. It requires root privileges.

Verification

List the steps needed to make sure this thing works

  • Start msfconsole
  • use payload/linux/x64/set_hostname
  • Set the HOSTNAME option as desired.
  • Run generate to produce the payload.
  • Execute the generated payload on a Linux x64 target with root privileges.
  • Verify that the hostname has changed to the specified value.

Add payload/linux/x64/set_hostname module.
539514b 
This payload sets the hostname of a Linux x64 machine by using the sethostname syscall.
@bcoles bcoles added the payload label Jun 21, 2025
dledda-r7
dledda-r7 reviewed Jun 27, 2025
View reviewed changes
@msutovsky-r7
Copy link
Contributor

Sorry about that, can you merge this as well? We need to update specs for tests to be passing.

@xHector1337
Copy link
Contributor Author

Of course I can. I'll add the exit syscall as soon as I am home. Thanks.

msutovsky-r7
msutovsky-r7 reviewed Jul 4, 2025
View reviewed changes
modules/payloads/singles/linux/x64/set_hostname.rb Outdated
pop rdi ; rdi points to the hostname string.
xor byte [rdi+rsi], 0x41
syscall
ret ; break the loop by causing segfault.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, forgot to add exit

Suggested change
ret ; break the loop by causing segfault.
push 0x3c
pop rax
xor rdi, rdi
inc rdi
syscall

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think exit(0) is better than exit(1)

@msutovsky-r7 msutovsky-r7 merged commit bc705b8 into rapid7:master Jul 6, 2025
48 checks passed
@msutovsky-r7 msutovsky-r7 added the rn-modules release notes for new or majorly enhanced modules label Jul 6, 2025
@msutovsky-r7
Copy link
Contributor

msutovsky-r7 commented Jul 6, 2025
edited by sjanusz-r7
Loading

Release Notes

Adds a new payload module for invoking the set_hostame syscall, which changes hostname to pwned or a user-defined hostname.

@xHector1337 xHector1337 deleted the payload/linux/x64/set_hostname branch July 6, 2025 18:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bcoles bcoles bcoles left review comments

@dledda-r7 dledda-r7 dledda-r7 left review comments

@msutovsky-r7 msutovsky-r7 msutovsky-r7 approved these changes

Assignees
No one assigned
Labels
payload rn-modules release notes for new or majorly enhanced modules
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@xHector1337 @msutovsky-r7 @bcoles @dledda-r7