ASP.NET Core Sample
This sample demonstrates using Dotfuscator on ASP.NET Core applications.
The application uses a basic web service with an HTML UI and functions as a basic "echo" server and client.
Building the Sample
Before going further note that Dotfuscator installs to
Program Files (x86) by default.
Most tools won't be able to modify files here, so please copy the sample directory to somewhere convenient like the Desktop.
After doing this open the Developer Command Prompt for VS 2017 to this copied directory.
To build the project enter the commands:
dotnet restore msbuild EchoApp.csproj /t:Publish
The published app is placed in
Running the Sample
Run the sample by opening a command prompt in
bin/Release/netcoreapp1.1/publish and enter:
You should see:
dbug: Microsoft.AspNetCore.Hosting.Internal.WebHost Hosting starting dbug: Microsoft.AspNetCore.Hosting.Internal.WebHost Hosting started Hosting environment: Production Content root path: $(PathToFolder)\bin\Release\netcoreapp1.1\publish Now listening on: http://localhost:5050 Application started. Press Ctrl+C to shut down.
$(PathToFolder) is where the
asp.netcore folder is located.
Note that if the default listening address isn't available, it can be changed in the
Program.cs file by replacing
.UseUrls("http://localhost:5050") to the one of your choosing.
You will need to shut down the running sample, build again, and then start it again for the changes to be picked up.
Testing the web page
Open a web browser and navigate to the address specified by Now listening on when the app started.
This brings up a test page for the app.
Ensure the WebSocket Server URL field is set to
ws://localhost:5050/ws (or the appropriate address if you changed the listening address) and click Connect.
You should see Ready to Connect… change to Open.
Once Open is displayed, type in a message and click Send to see it displayed in the communication log.
The log shows that the client sent the message to the server and the server echoed it back to the client. Once finished press the Close Socket button to end the connection.
Once done testing the sample, shut down the service by typing Ctrl+C in the command prompt.
This sample already creates an obfuscated DLL as part of the build process.
This section goes over how you can do these steps yourself which will be applicable to your own application. If you're not interested in setting up the integration you can skip to the Running the Obfuscated Sample section.
Creating the Config File
The existing Dotfuscator config file included with the sample is named
To create your own Dotfuscator config file for protecting the sample:
- Make sure the application has been built so the DLL file exists in the project directory.
- Open the Dotfuscator GUI.
- Under the Input tab select the Add new input button.
- Browse to the location of your project's DLL.
In this case
- Click OK.
- Use File -> Save Project As... to save the new config file in your copied sample directory.
Integrating into the Build
To set up the build process to run Dotfuscator using your config file:
EchoApp.csprojin a text editor.
Note the following lines:
<UsingTask TaskName="PreEmptive.Tasks.Dotfuscate" AssemblyFile="C:\Program Files (x86)\MSBuild\PreEmptive\Dotfuscator\4\PreEmptive.Dotfuscator.Tasks.dll" /> <Target Name="Protect" AfterTargets="AfterBuild"> <Dotfuscate ConfigPath="dotconfig.xml" /> </Target>
If you are configuring your own app to use Dotfuscator, these lines are the ones you will need to add to your project file.
- To change the sample to use your Dotfuscator config file rather than the one included with the sample, replace
dotconfig.xmlwith the name of your Dotfuscator config file.
Adding Renaming Exclusions
By default, Dotfuscator treats assemblies it protects as libraries, whose public types and members must be preserved for correct behavior. You can disable Library Mode for an assembly to get more comprehensive protection. However, this may introduce problems in circumstances which require code elements to have certain names at runtime, because Dotfuscator will rename the code elements.
For instance, if you disable Library Mode for the sample app's DLL in your config file and try to run the obfuscated app, you’ll see the following exception:
Unhandled Exception: System.InvalidOperationException: A public method named 'ConfigureProduction' or 'Configure' could not be found in the 'EchoApp.Startup' type.
This is because the Configure method was renamed by Dotfuscator’s obfuscation. To prevent this while still keeping Library Mode off, you can add a renaming exclusion. To learn more about the workflow around exclusions please refer to the Identify Renaming Exclusions page of the User Guide.
You can configure renaming from the Dotfuscator GUI. To exclude the Configure method from renaming:
- Open the Dotfuscator GUI and use File -> Open Project... to open the Dotfuscator config file you created in the earlier section.
- Select the Rename tab.
- On the left tree view, expand the nodes until you see
EchoApp.Startup, then expand that node and locate
Configure: void(Microsoft.AspNetCore.Builder.IApplicationBuilder, Microsoft.AspNetCore.Hosting.IHostingEnvironment, Microsoft.Extensions.Logging.ILoggerFactory).
- Check the checkbox next to that method.
- Save the config file with File -> Save Project.
Running the Obfuscated Sample
To run the obfuscated version of the app do the following:
- Build the sample as you did earlier. This will run Dotfuscator and put the protected assembly in a new
bin/Release/netcoreapp1.1/publish, replacing the existing copy.
- Go to the
publishdirectory in your command shell and again run
- Test the application and see that it behaves exactly as it did before.
- To see how Dotfuscator obfuscated the DLL, use a .NET decompiler to open the obfuscated and unobfuscated DLLs and compare them.