Windows Subsystem For Linux (new techonology in Win10) uses LxssUserSession service. This service is undocumented, but it is used as API for WSL (bash.exe uses this service to run ELFs). As i can see, it is part of COM: There is CLSID record in registry that has AppID. And AppID has LocalService record: LxssUserSession.
I am not familiar with COM, but if I understand it correctly, there should be COM component backed by this service. I am not able to create instance of this COM from script since there is no ProgID, but I tried to instantiate it using OleView. How ever, it reports that CoCreateInstance returned error. How to debug this error? Could it be that COM component can't be created and used for something different (i.e. there is some other interface). Is it generally possible to work with undocumented COM component? Can I trace bash.exe calls to this service (something like logger.exe or ltrace but for COM?)
Some background: Here is error I am getting: http://s32.postimg.org/wpthro5kl/error.png
bash.exe != /bin/bash. bash.exe is PE (Win64 bin app) that connects to LxssUserSession and asks it to run /bin/bash (which is ELF (linux app!). bash.exe is better be called "WLS.exe", but for some reason they called it bash.exe.
Please see here: https://msdnshared.blob.core.windows.net/media/2016/04/LXSS-diagram-1024x472.jpg and here is its headers http://s32.postimg.org/khjjf81th/bash.png .
So, I am sure bash.exe uses COM to connect to LxssUserSession and LxssUserSession uses Pico (Psp..) functions to launch ELF as "pico process" (See here https://blogs.msdn.microsoft.com/wsl/2016/04/22/windows-subsystem-for-linux-overview/).
Both are undocumented, but I believe I can use COM some how, but I am getting error which I provided as first link:(
I was able to instantiate object using OleView by setting default impersonation level to "Impersonate" in component services config (you may need to reboot). I can see ILxssSession interface now. But since there is not IDispatch and no TLB, there is nothing I can do: methods are unknown to me(
