Cobalt Strike for WSL

0. 学习版下载 下载链接

1. 启动脚本

   @echo off & setlocal enabledelayedexpansion
   echo [+] Getting Host IP Address...
   ​
   :: 获取宿主机的 IP 地址
   for /f "tokens=2 delims=:" %%b in ('ipconfig ^| find /i "IPv4 Address"') do (
       set fsip=%%b
       set fsip=!fsip:~1!  :: 去掉前面的空格
   )
   ​
   echo Host IP Address: !fsip!
   ​
   echo [+] Starting Cobalt Strike server...
   ​
   :: 获取 WSL 的 IP 地址
   for /f "delims=" %%i in ('wsl -u root -- bash -c "hostname -I"') do (
       set wslIP=%%i
       goto :done
   )
   ​
   :done
   ​
   :: 设置默认密码
   set defaultPassword=password
   ​
   :: 打印获取的 WSL IP 和密码
   echo WSL IP Address: !wslIP!
   echo Default Password: !defaultPassword!
   ​
   :: 启动 Cobalt Strike 服务器并在后台运行
   start /B wsl -u root -- bash -c "cd ./Server && ./teamserver !wslIP! !defaultPassword!"
   echo [+] Cobalt Strike server started.
   ​
   :: 等待一段时间（例如 10 秒）
   timeout /t 10 >nul
   ​
   echo [+] Starting Cobalt Strike client...
   ​
   :: 启动 Cobalt Strike 客户端并在后台运行
   start /B java -XX:ParallelGCThreads=4 -XX:+AggressiveHeap -XX:+UseParallelGC -javaagent:./Client/uHook.jar -Xms512M -Xmx1024M -jar ./Client/cobaltstrike-client.jar -connect !wslIP! -password !defaultPassword!
   ​
   :: 等待用户输入以保持窗口打开
   pause

2. 端口转发工具 WSLHostPatcher 有两种方法可以让端口转发工具自动启动：

   0. 修改 .profile 文件，添加工具路径： <path to WSLHostPatcher.exe>

   1. 修改 /etc/wsl.conf 文件：

      [boot]
      command=<path to WSLHostPatcher.exe>