Asp.net penetration Session 0 isolation (1)

Windows Services execute various tasks in the background and support our daily desktop operations. Sometimes the Service may need to perform information or interface interaction with the user. This method is no problem in the XP era, but since Vista, you will find that this method does not seem to work.

Session 0 isolation Experiment
The following is a service named AlertService. Its function is to send a prompt dialog box to users. Let's see what happens to this service in Windows 7.

Copy codeThe Code is as follows: using System. ServiceProcess;
Using System. Windows. Forms;
Namespace AlertService
{
Public partial class Service1: ServiceBase
{
Public Service1 ()
{
InitializeComponent ();
}

Protected override void OnStart (string [] args)
{
MessageBox. Show ("A message from AlertService .");
}

Protected override void OnStop ()
{
}
}
}

After the program is compiledInstallutilLoad it to system services:

Select "Allow service to interact with desktop" in service properties to Allow AlertService to interact with desktop users.

In the Service Manager, set the AlertService service to "start". An icon will flash in the taskbar:

Click this icon to display the following window, prompting that a program (AlertService) is trying to display information, whether to browse this information:

Click "View the message" to display the interface (in fact, this interface can no longer be operated from the current desktop, but is captured through the Virtual PC, please continue to read the reason ). Note that the desktop background we can see is no longer the default desktop background of Windows 7. It means that the Session of the AlertService and the desktop system is different. This is the result of Session 0 isolation.

Session 0 isolation principle

In Windows XP, Windows Server 2003, or earlier Windows systems, services and applications run in the same Session after the first user logs on to the system. Shows Session 0:

However, this operation method increases system security risks because services run by improving user permissions, and applications run by common users who do not have the Administrator identity, the risks are obvious.

From Vista, Session 0 contains only system services. Other applications run through separate sessions to isolate services from applications to improve system security. As shown in:

In this way, Session 0 cannot interact with other sessions, and information such as information windows and UI Windows cannot be displayed to desktop users through services. That's why I just said that the graph can no longer be performed through the current desktop.

Session check

In the actual development Process, you can use Process Explorer to check which Session the service or program is in. In Services, find the previously loaded AlertService and right-click its properties to view its Session status.

You can see that AlertService is in Session 0:

Let's take a look at the Outlook application:

Obviously, in Windows 7, services and applications are in different sessions, which are separated by a protection wall, in the next article, we will introduce how to use this protection wall to allow services to interact with desktop users.

Service download

Author: Li jingran (Gnie)
(Http://www.cnblogs.com/gnielee)