Пропускане към основното съдържание

Run Bash on Windows 10 pro

To get started, ensure you’ve install the Windows 10 Anniversary Update. This only works on 64-bit builds of Windows 10, so it’s time to switch to the 64-bit version of Windows 10 if you’re still using the 32-bit version.

Once you’re sure you’re using the correct version of Windows 10, open the Settings app and head to Update & Security > For Developers. Activate the “Developer Mode” switch here to enable Developer Mode.

Next, open the Control Panel, click “Programs,” and click “Turn Windows Features On or Off” under Programs and Features. Enable the “Windows Subsystem for Linux (Beta)” option in the list here and click “OK.”

After you do, you’ll be prompted to reboot your computer. Click “Restart Now” to reboot your computer and Windows 10 will install the new feature.

After your computer restarts, click the Start button (or press the Windows key), type “bash”, and press “Enter.”

The first time you run the bash.exe file, you’ll be prompted to accept the terms of service. The command will then download the “Bash on Ubuntu on Windows” application from the Windows Store. You’ll be asked to create a user account and password for use in the Bash environment.

If you’d like to automate the installation of Bash instead, you can run the following command in a Command Prompt window. This will automatically agree to all prompts and set the default user to “root” with no password:
 lxrun /install /y  



Popular Posts

DVWA - Brute Force (High Level) - Anti-CSRF Tokens

This is the final "how to" guide which brute focuses Damn Vulnerable Web Application (DVWA), this time on the high security level. It is an expansion from the "low" level (which is a straightforward HTTP GET form attack). The main login screen shares similar issues (brute force-able and with anti-CSRF tokens). The only other posting is the "medium" security level post (which deals with timing issues). For the final time, let's pretend we do not know any credentials for DVWA.... Let's play dumb and brute force DVWA... once and for all! TL;DR: Quick copy/paste 1: CSRF=$(curl -s -c dvwa.cookie "" | awk -F 'value=' '/user_token/ {print $2}' | cut -d "'" -f2) 2: SESSIONID=$(grep PHPSESSID dvwa.cookie | cut -d $'\t' -f7) 3: curl -s -b dvwa.cookie -d "username=admin&password=password&user_token=${CSRF}&Login=Login" "192.168.1


Exploiting after error checking. NOTE: Especially for the curious people!

insmod_block module by nu11secur1ty * Beta