WSL

Windows Subsystem for Linux

Enumeration

Search for bash.exe:

where /R c:\Windows bash.exe

If bash.exe exists on the machine, then WSL is installed.

Search for admin password on the system, for example, using the history command. If we get a SMB password, we can get a shell with impacket-smbexec:

impacket-smbexec '<username>:<password>'@<target_ip>

Last updated 2 years ago