using System.NetCore;

var service = CustomWindowsServices.Create(config);service.Run();

Christopher Brown

Output:

CS7036: There is no argument given t

Creating Windows Services with .NET Core

Who Am I Who Am I?Developer: Smart Data

IT Support: The Little Woodshop on Main

Former NSA Cyber Intel

What Are Windows Service?Windows ≈ Daemons

- a process that runs in the background- non interactive - no direct control terminal

Equivalent in other OS- Windows: Service- macOS: Daemon- Linux: Daemon

System Service Management- Windows: Service Control Manager- macOS: launchd- Linux: systemd

Service Control Manager[run] => services.msc

Examples of Services- Updaters- DNS Client Service- System Monitoring- Job Scheduler

- KEY LOGGERS- MALWARE- SPYWARE- VIRUSES

Vista Service HardeningSession 0 Isolation- Prevent Shatter Attacks

Running with Least Privilege

Restricted Network Access

Service Isolation- Service Identity [SID]

Session Isolation prevents malicious services obtaining elevated permissions

AD

Session 0 Isolation and Shatter Attacks

USER

SERVICE {ADMIN}

SYSTEM

ADMIN

Session 0Message

Loop Shatter Attack

Session 0 Isolation and Shatter Attacks

USER

SERVICE {SYSTEM}

SERVICE {LOCAL}

ADMIN SERVICE {NETWORK}

LOCAL

Session 1Message

Loop Shatter Attack

Def Con 12: Brett Moore – Shoot The Messenger Using Windows Messages to Exploit Local win32

Services in .net Framework

Services in .net Framework CoreWindows Compatibility Pack- provides access to framework APIs (20,000)- including Windows Services

Worker Service Template [core 3.0]- there was* no service template for core - needs some dependencies *

Rules and Best PracticesNO User Interface / Interaction

Remove Assert Statements

Run with Minimal User Rights- Do NOT CHANGE default logon security policy

Avoid reliance on USER profile settings

Do not bundle unrelated tasks in single service- SOLID – Single Responsibility Principle

Microsoft Compatibility Pack

Installing .net Core Service.net Framework Produces exe.net Core Produces .dll

Publish .dll to .exe- cmd.exe as Admin- Navigate to folder containing csproj- dotnet publish --configuration release

Install Service- cmd.exe as Admin- sc create [serviceName] binPath=“{location of exe}”- sc start [serviceName]

Uninstalling .net Core Service- sc delete [serviceName]

Presenter

Presentation Notes

PreProcessor Directives

Presenter

Presentation Notes

IsAttached is a runtime value

Other cmd Service Commands- sc start [serviceName]

- sc stop [serviceName]

- sc query [serviceName]

- sc

Topshelf

TopshelfFormerly only Framework

.net Core Compatible- v4.1- 9/19/2018

Requires Compatibility Pack

Topshelf Installer

Publish .dll to .exe- cmd.exe as Admin- Navigate to folder containing csproj- dotnet publish -r win-x64 -c release

- r: runtime win-x64- c: configuration Release

Install Service- cmd.exe as Admin- Navigate to folder containing published exe- {serviceExe} install- {serviceExe} start- {serviceExe} stop

Worker Service Template

Worker ServiceCreates ASP.NET Core Worker Service Template- uses IHostedService- need Microsoft.Extensions.Hosting.WindowsServices

- exposes OnStart() OnStop() from ServiceBase

ReviewWhat a Windows Service is

Service Control Manager

Brief History

.net Framework Template

.net Core Long Hand => Compatibility Pack

.net Core Short Hand => Topshelf

.net Core New Hotness => Worker Service Template

?

Github / LinkedIn: cdbrown0032 Email: chris.brown@smartdata.net