开发者

Detect Jailbroken iOS Device by Running Unsigned Executable

开发者 https://www.devze.com 2023-04-10 11:00 出处:网络
Currently, I\'m trying to create a reusable objC security libr开发者_StackOverflow中文版ary for developers in my company to use.In this library I would like to have a API that detects if their iOS dev

Currently, I'm trying to create a reusable objC security libr开发者_StackOverflow中文版ary for developers in my company to use. In this library I would like to have a API that detects if their iOS device is jailbroken. I noticed a clever response by GregH which is similar to what iBooks is doing; you run an unsigned version of an executable (iOS does upon startup of the app via the execve sys call), if it returns you know the device is jailbroken.

Question: Is it possible to package a executable in iOS library and invoke it thru some function? If so, what might be the best way to go about it?

Thanks for your help, kc


Last I checked, sandboxed apps can't even fork(). I'm not sure if they can call execve(). If they can't do either, then simply calling execve() ought to work.

I'm not sure how much jailbreaking interferes with this. It's possible to have a jailbreak that lets you run un-signed apps from un-signed apps but behaves normally if the caller is signed.

It's obviosuly possible to "package" an executable in a library: Just have static unsigned char const data [] = { ... };, write it to a file, chmod(), and try to exec it.

At the end of the day, though, this may be a disservice to your users. A Jailbroken phone doesn't mean your app has been pirated. Unless you know someone with a jailbroken phone who's willing to do some testing (and testing with different jailbreaks), you might be setting yourself up for "It just crashes!" reviews.

(And if it does crash, then someone will come along and crack your app. It's better to be discreet and monitor the "problem" before deciding whether it needs fixing.)

Jailbreaks happen more often than you think. I've added checks for MobileSubstrate to our automated crash-report-symbolicating script because we've seen it in a significant proportion of crashes. OTOH, the proportion of crashes where the app is installed into /Applications (which used to be traditional for cracked apps; perhaps it isn't anymore) is negligible.


I have attempted to package an executable in an IOS app by adding the executable file from a project whose main() function simply returns an integer to my project. This file is copied onto the phone when deploying, but is copied without execute permissions. Attempting to chmod the file to give it execute results in an "Operation not permitted" error, despite the file owner being the same as the current user (mobile).

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号