I'm trying to put anti-piracy code in my app. The previous answer to this (which I can't link to because of my member status - sucks) can be easily countered, since the "SignerIdentity" string can be looked for and replaced in the binary using a hex editor.
Instead, checking the fileSize of the info.plist file and comparing it to a reference value sounds more solid (since the info.plist is getting modified here and there when cracking the app). How would I do that? I tried the following but it logs 0.
NSBundle *bundle = [NSBundle mainBundle];
NSDictionary *mainDictionary = [bundle infoDictionary];
NSLog(@"%d", [mainDictionary fileSize]);
You might prevent the noobish crackers from finding references to "SignerIdentity" in your code by applying ROT13 or a similar simple obscuring algorithm
http://en.wikipedia.org/wiki/ROT13
After applying ROT13, "SignerIdentity" would become "FvtareVqragvgl".
Anyway, the answer to your question (how you get the size of the Info.plist file):
NSBundle *bundle = [NSBundle mainBundle];
NSString* bundlePath = [bundle bundlePath];
NSFileManager *fileManager = [NSFileManager defaultManager];
NSString* path = [NSString stringWithFormat:@"%@/Info.plist", bundlePath ];
NSDictionary *fileAttributes = [fileManager attributesOfItemAtPath:path
error:NULL];
if (fileAttributes != nil) {
NSNumber *fileSize;
if (fileSize = [fileAttributes objectForKey:NSFileSize]) {
NSLog(@"File size: %qi\n", [fileSize unsignedLongLongValue]);
}
}
Also keep in mind that the size (in bytes) of the Info.plist
in your Xcode project directory and the Info.plist
inside the bundle may differ. You probably want to build the game once, then look at the size of <your app bundle.app>/Info.plist
and then update your antipiracy code.
I've never programmed for the iPhone, but couldn't you just take a hash of that file and compare it to a reference, possibly salting the hash value to prevent someone just changing the reference hash to the new one?
that code has still many giveaways:
the string Info.plist is easy to find. NSFileSize is also very suspicious....
As said here Determining if an iPhone is Jail broken Programmatically it looks like some of the most recent cracked apps installed via install0us don't have their info.plist modified. (at least the info.plist does not contain any signeridentity key).
How could we detect the crack in such a case ?