Is that a penguin in my Windows?

Presented at BSidesLV 2016, Aug. 3, 2016, 3 p.m. (60 minutes).

One of the latest features coming out in Windows is the new Windows Subsystem for Linux. This brand new system provides translations for Linux syscalls via a new kernel interface. This talk will go over the technical details of this brand new interface with a focus on it's security implications. We'll go over features that might be beneficial to be leveraged by pentesters as well as what how the new subsystem can be abused by local exploits targeting Windows.

Presenters:

• Spencer McIntyre / ZeroSteiner - SecureState   as Spencer McIntyre
  As a member of the Research and Development team at SecureState, Spencer McIntyre works to discover vulnerabilities within organizations systems and understand the underlying risks. Mr. McIntyre balances his focus between vulnerability and in-house tool development. During his time with SecureState, Mr. McIntyre has worked with a variety of clients across multiple industries, giving him experience in how each secures their data and the threats that they encounter. Mr. McIntyre uses his background in software development to help him to understand and exploit the underlying logic in the software he encounters. He is active in the open source community, making multiple contributions to a variety of projects such as the Metasploit Framework.

Links:

• Con Page
• YouTube Video

Similar Presentations:

• REcon Brussels 2018 / Linux Vulnerabilities, Windows Exploits: Escalating Privileges with WSL
• Black Hat USA 2016 / The Linux Kernel Hidden Inside Windows 10
• DerbyCon 6.0 Recharge (2016) / Is that a penguin in my Windows?