search

WSL

Windows Subsystem for Linux

hashtag
Enumeration

Search for bash.exe:

where /R c:\Windows bash.exe

If bash.exe exists on the machine, then WSL is installed.

hashtag
Exploitation

Search for admin password on the system, for example, using the history command. If we get a SMB password, we can get a shell with impacket-smbexec:

impacket-smbexec '<username>:<password>'@<target_ip>

hashtag
Lab: Hack The Box - SecNotes

https://www.ctfwriteup.com/tryhackme/tcm-windows-privilege-escalation-course/hack-the-box-secnotes-mediumwww.ctfwriteup.comchevron-right
Hack The Box - SecNotes
PreviousPasswords and Port ForwardingNextToken Impersonation and Potato Attacks

Last updated