One of the latest features coming out in Windows is the new Windows Subsystem for Linux. This brand new system provides translations for Linux syscalls via a new kernel interface. This talk will go over the technical details of this brand new interface with a focus on it's security implications. We'll go over features that might be beneficial to be leveraged by pentesters as well as what how the new subsystem can be abused by local exploits targeting Windows.
As a member of the Research and Development team at SecureState, Spencer
McIntyre works to discover vulnerabilities within organizations systems and
understand the underlying risks. Mr. McIntyre balances his focus between
vulnerability and in-house tool development. During his time with SecureState,
Mr. McIntyre has worked with a variety of clients across multiple industries,
giving him experience in how each secures their data and the threats that they
encounter. Mr. McIntyre uses his background in software development to help him to understand and exploit the underlying logic in the software he encounters. He is active in the open source community, making multiple contributions to a
variety of projects such as the Metasploit Framework.
If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek