Getting Started
Understanding Protection
Understanding Obfuscation
Understanding Checks
Understanding Instrumentation
Using the GUI
References
This sample demonstrates using Dotfuscator on ASP.NET Core applications.
The application uses a basic web service with an HTML UI and functions as a basic "echo" server and client.
Before going further note that Dotfuscator installs to Program Files (x86)
by default.
Most tools won't be able to modify files here, so please copy the sample directory to somewhere convenient like the Desktop.
After doing this open the Developer Command Prompt for VS 2017 to this copied directory.
To build the project enter the commands:
dotnet restore
msbuild EchoApp.csproj /t:Publish
The published app is placed in bin\Release\netcoreapp1.1\publish
.
Run the sample by opening a command prompt in bin/Release/netcoreapp1.1/publish
and enter:
dotnet EchoApp.dll
You should see:
dbug: Microsoft.AspNetCore.Hosting.Internal.WebHost[3]
Hosting starting
dbug: Microsoft.AspNetCore.Hosting.Internal.WebHost[4]
Hosting started
Hosting environment: Production
Content root path: $(PathToFolder)\bin\Release\netcoreapp1.1\publish
Now listening on: http://localhost:5050
Application started. Press Ctrl+C to shut down.
Where $(PathToFolder)
is where the asp.netcore
folder is located.
Note that if the default listening address isn't available, it can be changed in the Program.cs
file by replacing .UseUrls("http://localhost:5050")
to the one of your choosing.
You will need to shut down the running sample, build again, and then start it again for the changes to be picked up.
Open a web browser and navigate to the address specified by Now listening on when the app started.
This brings up a test page for the app.
Ensure the WebSocket Server URL field is set to ws://localhost:5050/ws
(or the appropriate address if you changed the listening address) and click Connect.
You should see Ready to Connect… change to Open.
Once Open is displayed, type in a message and click Send to see it displayed in the communication log.
The log shows that the client sent the message to the server and the server echoed it back to the client.
Once finished press the Close Socket button to end the connection.
Once done testing the sample, shut down the service by typing Ctrl+C in the command prompt.
This sample already creates an obfuscated DLL as part of the build process.
This section goes over how you can do these steps yourself which will be applicable to your own application.
If you're not interested in setting up the integration you can skip to the Running the Obfuscated Sample section.
The existing Dotfuscator config file included with the sample is named dotconfig.xml
.
To create your own Dotfuscator config file for protecting the sample:
bin\Release\netcoreapp1.1\EchoApp.dll
.To set up the build process to run Dotfuscator using your config file:
EchoApp.csproj
in a text editor.Note the following lines:
<UsingTask TaskName="PreEmptive.Tasks.Dotfuscate" AssemblyFile="C:\Program Files (x86)\MSBuild\PreEmptive\Dotfuscator\4\PreEmptive.Dotfuscator.Tasks.dll" />
<Target Name="Protect" AfterTargets="AfterBuild">
<Dotfuscate ConfigPath="dotconfig.xml" />
</Target>
If you are configuring your own app to use Dotfuscator, these lines are the ones you will need to add to your project file.
dotconfig.xml
with the name of your Dotfuscator config file.By default, Dotfuscator treats assemblies it protects as libraries, whose public types and members must be preserved for correct behavior. You can disable Library Mode for an assembly to get more comprehensive protection. However, this may introduce problems in circumstances which require code elements to have certain names at runtime, because Dotfuscator will rename the code elements.
For instance, if you disable Library Mode for the sample app's DLL in your config file and try to run the obfuscated app, you’ll see the following exception:
Unhandled Exception: System.InvalidOperationException: A public method named 'ConfigureProduction' or 'Configure' could not be found in the 'EchoApp.Startup' type.
This is because the Configure method was renamed by Dotfuscator’s obfuscation. To prevent this while still keeping Library Mode off, you can add a renaming exclusion. To learn more about the workflow around exclusions please refer to the Identify Renaming Exclusions page of the User Guide.
You can configure renaming from the Dotfuscator GUI. To exclude the Configure method from renaming:
EchoApp.Startup
, then expand that node and locate Configure: void(Microsoft.AspNetCore.Builder.IApplicationBuilder, Microsoft.AspNetCore.Hosting.IHostingEnvironment, Microsoft.Extensions.Logging.ILoggerFactory)
.To run the obfuscated version of the app do the following:
Dotfuscated
directory. EchoApp.dll
from Dotfuscated
to bin/Release/netcoreapp1.1/publish
, replacing the existing copy.publish
directory in your command shell and again run dotnet EchoApp.dll
.Dotfuscator Version 4.33.0.6680. Copyright © 2017 PreEmptive Solutions, LLC