I know that running an app which possess sensitive information on a rooted device is not secure at all. So developers usually do root detection in such cases and if the device is found rooted,then that app won't get installed. everything is ok.
The major techniques used by developers in root detection are checking for the superuser.apk file,check for chainfire,busybox,executing su command,etc. But an attacker can simply bypass these checks by several means like renaming the superuser.apk to superuser0.apk.
So what I am looking for is a unique solution for this issue where the root detection checks cannot be bypassed by attacker. Please share your views even if such a solution doesn't exists. Because the solutions from you guys might help in atleast hardening the code of root detection.
There is not "the single solution" as far as I know but you will need to check for the most common things. The following article is also useful:
https://blog.netspi.com/android-root-detection-techniques/
And here are some tips ... also what you should not do:
Determine if running on a rooted device
There is an opensource library called rootbeer and a sample app which performs the following checks to detect root.
- CheckRootManagementApps
- CheckPotentiallyDangerousAppss
- CheckRootCloakingApps
- CheckTestKeys
- checkForDangerousProps
- checkForBusyBoxBinary
- checkForSuBinary
- checkSuExists
- checkForRWSystem
Check out Google's SafetyNet service:
https://developer.android.com/google/play/safetynet/index.html
It will do some checks to validate the device is secure and produce a result you can validate. The result is returned as a JSON Web Signature that you can read in the app, but to provide extra assurance you can also send this result to a server you manage to have it validate the result directly with Google.
https://developer.android.com/google/play/safetynet/start.html
I don't think this will run on non-Google versions of Android (ex Cyanogen), so something to keep in mind.
