Windows Subsystem for Linux

WSL is a feature of Windows 10, Windows 11 and Server 2019. WSL allows for execution of linux ELF files within Windows via am embedded linux distribution. Thus it is worth adding to your enumeration checklist as it may provide escalation paths. Testing for WSL can be done by typing “wsl” or searching windows for bash.exe:  where /R c:\ bash.exe. Executing bash.exe should drop you into wsl. An example of privilege escalation via wsl can be seen on HTB box “Secnotes“. I have a writeup of Secnotes here: https://swepstopia.com/secnotes/

Installation

WSL can be installed using the chocolatey package manager for windows:

powershell -ep bypass
Set-ExecutionPolicy Bypass -Scope Process -Force;
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
choco upgrade chocolatey -y
choco install wsl2

Once wsl is installed a Linux Distribution can be installed from Microsoft. Yes, Kali on Windows is a thing and it is available from Microsoft. Irony…

Linux distributions supported for WSL are:

Ubuntu 16.04 LTS, 18.04 LTS, and 20.04 LTS
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP5 and 15 SP1
Kali Linux
Debian GNU/Linux
Fedora Remix for WSL
Pengwin and Pengwin Enterprise
Alpine WSL

Once a distribution has been installed it can be accessed via command line by typing the distribution name or opening it from the start menu. 

For a default Kali install, once the distribution is installed as per the link above, run it by typing “kali” in the command prompt and install the default desktop metapackage with:

sudo apt install -y kali-linux-default

You should now have a kali install residing in WSL. Dont forget to exclude the install path from your anti virus: \\wsl$\kali-linux