ASP.NET Core Sample
This sample demonstrates using Dotfuscator on ASP.NET Core applications.
The application uses a basic web service with an HTML UI and functions as a basic "echo" server and client.
Building the Sample
Before going further note that Dotfuscator installs to Program Files (x86)
by default.
Most tools won't be able to modify files here, so please copy the sample directory to somewhere convenient like the Desktop.
After doing this open the Developer Command Prompt for VS 2017 to this copied directory.
To build the project enter the commands:
dotnet restore
msbuild EchoApp.csproj /t:Publish
The published app is placed in bin\Release\netcoreapp1.1\publish
.
Running the Sample
Run the sample by opening a command prompt in bin/Release/netcoreapp1.1/publish
and enter:
dotnet EchoApp.dll
You should see:
dbug: Microsoft.AspNetCore.Hosting.Internal.WebHost[3]
Hosting starting
dbug: Microsoft.AspNetCore.Hosting.Internal.WebHost[4]
Hosting started
Hosting environment: Production
Content root path: $(PathToFolder)\bin\Release\netcoreapp1.1\publish
Now listening on: http://localhost:5050
Application started. Press Ctrl+C to shut down.
Where $(PathToFolder)
is where the asp.netcore
folder is located.
Note that if the default listening address isn't available, it can be changed in the Program.cs
file by replacing .UseUrls("http://localhost:5050")
to the one of your choosing.
You will need to shut down the running sample, build again, and then start it again for the changes to be picked up.
Testing the web page
Open a web browser and navigate to the address specified by Now listening on when the app started.
This brings up a test page for the app.
Ensure the WebSocket Server URL field is set to ws://localhost:5050/ws
(or the appropriate address if you changed the listening address) and click Connect.
You should see Ready to Connect… change to Open.
Once Open is displayed, type in a message and click Send to see it displayed in the communication log.
The log shows that the client sent the message to the server and the server echoed it back to the client.
Once finished press the Close Socket button to end the connection.
Once done testing the sample, shut down the service by typing Ctrl+C in the command prompt.
Configuring Obfuscation
This sample already creates an obfuscated DLL as part of the build process.
This section goes over how you can do these steps yourself which will be applicable to your own application.
If you're not interested in setting up the integration you can skip to the Running the Obfuscated Sample section.
Creating the Config File
The existing Dotfuscator config file included with the sample is named dotconfig.xml
.
To create your own Dotfuscator config file for protecting the sample:
- Make sure the application has been built so the DLL file exists in the project bin directory.
- Open the Dotfuscator Config Editor.
- Under the Input tab select the Add new input button.
- Browse to the location of your project's DLL.
In this casebin\Release\netcoreapp1.1\EchoApp.dll
. - Click OK.
- Use File -> Save As... to save the new config file in your copied sample directory.
Integrating into the Build
To set up the build process to run Dotfuscator using your config file:
- Open
EchoApp.csproj
in a text editor. Note the following lines:
<UsingTask TaskName="PreEmptive.Tasks.Dotfuscate" AssemblyFile="C:\Program Files (x86)\MSBuild\PreEmptive\Dotfuscator\4\PreEmptive.Dotfuscator.Tasks.dll" /> <Target Name="Protect" AfterTargets="AfterBuild"> <Dotfuscate ConfigPath="dotconfig.xml" /> </Target>
If you are configuring your own app to use Dotfuscator, these lines are the ones you will need to add to your project file.
- To change the sample to use your Dotfuscator config file rather than the one included with the sample, replace
dotconfig.xml
with the name of your Dotfuscator config file.
Adding Renaming Exclusions
By default, Dotfuscator treats assemblies it protects as libraries, whose public types and members must be preserved for correct behavior. You can disable Library Mode for an assembly to get more comprehensive protection. However, this may introduce problems in circumstances which require code elements to have certain names at runtime, because Dotfuscator will rename the code elements.
For instance, if you disable Library Mode for the sample app's DLL in your config file and try to run the obfuscated app, you’ll see the following exception:
Unhandled Exception: System.InvalidOperationException: A public method named 'ConfigureProduction' or 'Configure' could not be found in the 'EchoApp.Startup' type.
This is because the Configure method was renamed by Dotfuscator’s obfuscation. To prevent this while still keeping Library Mode off, you can add a renaming exclusion. To learn more about the workflow around exclusions please refer to the Identify Renaming Exclusions page of the User Guide.
You can configure renaming from the Dotfuscator Config Editor. To exclude the Configure method from renaming:
- Open the Dotfuscator Config Editor and use File -> Open... to open the Dotfuscator config file you created in the earlier section.
- Select the Rename tab.
- On the left tree view, expand the nodes until you see
EchoApp.Startup
, then expand that node and locateConfigure: void(Microsoft.AspNetCore.Builder.IApplicationBuilder, Microsoft.AspNetCore.Hosting.IHostingEnvironment, Microsoft.Extensions.Logging.ILoggerFactory)
. - Check the checkbox next to that method.
- Save the config file with File -> Save.
Running the Obfuscated Sample
To run the obfuscated version of the app do the following:
- Build the sample as you did earlier. This will run Dotfuscator and put the protected assembly in a new
Dotfuscated
directory. - Copy
EchoApp.dll
fromDotfuscated
tobin/Release/netcoreapp1.1/publish
, replacing the existing copy. - Go to the
publish
directory in your command shell and again rundotnet EchoApp.dll
. - Test the application and see that it behaves exactly as it did before.
- To see how Dotfuscator obfuscated the DLL, use a .NET decompiler to open the obfuscated and unobfuscated DLLs and compare them.