In the first chapter of Cybersecurity Ops with bash we go over some of the ways you can leverage the power of the Linux command line directly from the Windows environment.
One of my favorite ways of doing this is by using the Windows Subsystem for Linux or WSL.
WSL was introduced as part of Windows 10, and it allows you to run an emulated or virtualized version of Linux natively within Windows.
There are several Linux distributions to choose from including Ubuntu and Kali.
In order to use WSL you will need to enable it, which you can do by following Microsoft's instructions.
Once the Windows Subsystem for Linux is enabled and you have installed a Linux distribution you can start it by using the command wsl. While inside the WSL Linux distribution you can do things you normally would such as run commands and install packages.
You can also run Linux commands directly from the Windows command prompt by using the wsl command and providing the Linux command as an argument. The command will execute in the WSL Linux distribution and the results will be returned back to the Windows command prompt. In the example below you can see the Linux cowsay command run directly from the Windows prompt.
Piping and Redirection
You can also use input/output piping and redirection when using the wsl command, but you need to be careful how you do it to ensure it occurs within the correct operating system environment. Let's see what happens if you run the following command pipeline from the Windows command prompt:
C:\>wsl ps -e | grep ps 'grep' is not recognized as an internal or external command, operable program or batch file.
Note that the output states that the grep command is not recognized. That is because Windows executes the ps -e command from within the WSL environment, but then returns the result back to the Windows environment. Windows then tries to pipe that output into the grep command, which of course does not exist in the Windows environment. To overcome this, simply add the wsl command again after the pipe so the grep command runs in the Linux environment.
C:\>wsl ps -e | wsl grep ps 7 tty1 00:00:00 ps
I/O redirection works the same way. Here is an example:
C:\>wsl ps -e > ps.txt
Here the ps -e command is executed in the Linux environment using wsl and the results are returned to the Windows environment. Windows then redirects the output to the file ps.txt.
WSL and Windows PowerShell
Running WSL works exactly the same way from the Windows PowerShell. That means you are able to access your favorite Linux commands, bash scripts, and programs from directly within PowerShell scripts!
In mid-2020 Microsoft released WSL version 2. WSL 2 provides a more full-featured virtualized environment allowing for complete access to system calls. That means you can now install the complete array of Linux applications including Docker and similar programs.