using System.NetCore;
var service = CustomWindowsServices.Create(config);service.Run();
Christopher Brown
Output:
CS7036: There is no argument given t
Creating Windows Services with .NET Core
Who Am I Who Am I?Developer: Smart Data
IT Support: The Little Woodshop on Main
Former NSA Cyber Intel
What Are Windows Service?Windows ≈ Daemons
- a process that runs in the background- non interactive - no direct control terminal
Equivalent in other OS- Windows: Service- macOS: Daemon- Linux: Daemon
System Service Management- Windows: Service Control Manager- macOS: launchd- Linux: systemd
Service Control Manager[run] => services.msc
Examples of Services- Updaters- DNS Client Service- System Monitoring- Job Scheduler
- KEY LOGGERS- MALWARE- SPYWARE- VIRUSES
Vista Service HardeningSession 0 Isolation- Prevent Shatter Attacks
Running with Least Privilege
Restricted Network Access
Service Isolation- Service Identity [SID]
Session Isolation prevents malicious services obtaining elevated permissions
AD
Session 0 Isolation and Shatter Attacks
USER
SERVICE {ADMIN}
SYSTEM
ADMIN
Session 0Message
Loop Shatter Attack
Session 0 Isolation and Shatter Attacks
USER
SERVICE {SYSTEM}
SERVICE {LOCAL}
ADMIN SERVICE {NETWORK}
LOCAL
Session 1Message
Loop Shatter Attack
Def Con 12: Brett Moore – Shoot The Messenger Using Windows Messages to Exploit Local win32
Services in .net Framework
Services in .net Framework CoreWindows Compatibility Pack- provides access to framework APIs (20,000)- including Windows Services
Worker Service Template [core 3.0]- there was* no service template for core - needs some dependencies *
Rules and Best PracticesNO User Interface / Interaction
Remove Assert Statements
Run with Minimal User Rights- Do NOT CHANGE default logon security policy
Avoid reliance on USER profile settings
Do not bundle unrelated tasks in single service- SOLID – Single Responsibility Principle
Microsoft Compatibility Pack
Installing .net Core Service.net Framework Produces exe.net Core Produces .dll
Publish .dll to .exe- cmd.exe as Admin- Navigate to folder containing csproj- dotnet publish --configuration release
Install Service- cmd.exe as Admin- sc create [serviceName] binPath=“{location of exe}”- sc start [serviceName]
Uninstalling .net Core Service- sc delete [serviceName]
Other cmd Service Commands- sc start [serviceName]
- sc stop [serviceName]
- sc query [serviceName]
- sc
Topshelf
TopshelfFormerly only Framework
.net Core Compatible- v4.1- 9/19/2018
Requires Compatibility Pack
Topshelf Installer
Publish .dll to .exe- cmd.exe as Admin- Navigate to folder containing csproj- dotnet publish -r win-x64 -c release
- r: runtime win-x64- c: configuration Release
Install Service- cmd.exe as Admin- Navigate to folder containing published exe- {serviceExe} install- {serviceExe} start- {serviceExe} stop
Worker Service Template
Worker ServiceCreates ASP.NET Core Worker Service Template- uses IHostedService- need Microsoft.Extensions.Hosting.WindowsServices
- exposes OnStart() OnStop() from ServiceBase
ReviewWhat a Windows Service is
Service Control Manager
Brief History
.net Framework Template
.net Core Long Hand => Compatibility Pack
.net Core Short Hand => Topshelf
.net Core New Hotness => Worker Service Template
?
Github / LinkedIn: cdbrown0032 Email: [email protected]
Top Related