using System.NetCore; var service = CustomWindowsServices.Create(config); service.Run();
Output: Creating Windows Services with .NET Core
CS7036: There is no argument given t Christopher Brown Who Am I Who Am I?
Developer: Smart Data
IT Support: The Little Woodshop on Main
Former NSA Cyber Intel What Are Windows Service?
Windows ≈ Daemons - a process that runs in the background - non interactive - no direct control terminal Equivalent in other OS - Windows: Service - macOS: Daemon - Linux: Daemon System Service Management - Windows: Service Control Manager - macOS: launchd - Linux: systemd Service Control Manager
[run] => services.msc Examples of Services
- Updaters - DNS Client Service - System Monitoring - Job Scheduler
- KEY LOGGERS - MALWARE - SPYWARE - VIRUSES Vista Service Hardening
Session 0 Isolation - Prevent Shatter Attacks
Running with Least Privilege
Restricted Network Access
Service Isolation - Service Identity [SID]
Session Isolation prevents malicious services obtaining elevated permissions Session 0 Isolation and Shatter Attacks
SYSTEMAD
USER Session 0
Message Loop Shatter Attack ADMIN
SERVICE {ADMIN} Session 0 Isolation and Shatter Attacks
USER Session 1
Message Loop Shatter Attack LOCAL
SERVICE {LOCAL}
ADMIN SERVICE {NETWORK} Def Con 12: Brett Moore – Shoot The Messenger Using Windows Messages to Exploit Local win32
SERVICE {SYSTEM} Services in .net Framework
Services in .net Framework Core
Windows Compatibility Pack - provides access to framework APIs (20,000) - including Windows Services
Worker Service Template [core 3.0] - there was* no service template for core - needs some dependencies * Rules and Best Practices
NO User Interface / Interaction Remove Assert Statements Run with Minimal User Rights - Do NOT CHANGE default logon security policy Avoid reliance on USER profile settings
Do not bundle unrelated tasks in single service - SOLID – Single Responsibility Principle Microsoft Compatibility Pack
Installing .net Core Service
.net Framework Produces exe .net Core Produces .dll
Publish .dll to .exe - cmd.exe as Admin - Navigate to folder containing csproj - dotnet publish --configuration release Install Service - cmd.exe as Admin - sc create [serviceName] binPath=“{location of exe}” - sc start [serviceName]
Uninstalling .net Core Service
- sc delete [serviceName]
Other cmd Service Commands
- sc start [serviceName]
- sc stop [serviceName]
- sc query [serviceName]
- sc
Topshelf Topshelf
Formerly only Framework
.net Core Compatible - v4.1 - 9/19/2018
Requires Compatibility Pack
Topshelf Installer
Publish .dll to .exe - cmd.exe as Admin - Navigate to folder containing csproj - dotnet publish -r win-x64 -c release - r: runtime win-x64 - c: configuration Release
Install Service - cmd.exe as Admin - Navigate to folder containing published exe - {serviceExe} install - {serviceExe} start - {serviceExe} stop Worker Service Template Worker Service
Creates ASP.NET Core Worker Service Template - uses IHostedService - need Microsoft.Extensions.Hosting.WindowsServices - exposes OnStart() OnStop() from ServiceBase
Review
What a Windows Service is
Service Control Manager Brief History .net Framework Template .net Core Long Hand => Compatibility Pack .net Core Short Hand => Topshelf .net Core New Hotness => Worker Service Template ?
Github / LinkedIn: cdbrown0032 Email: [email protected]