Get fileSize of info.plist to prevent piracy

2019-01-30 20:39发布

问题:

I'm trying to put anti-piracy code in my app. The previous answer to this (which I can't link to because of my member status - sucks) can be easily countered, since the "SignerIdentity" string can be looked for and replaced in the binary using a hex editor.

Instead, checking the fileSize of the info.plist file and comparing it to a reference value sounds more solid (since the info.plist is getting modified here and there when cracking the app). How would I do that? I tried the following but it logs 0.

NSBundle *bundle = [NSBundle mainBundle];
NSDictionary *mainDictionary = [bundle infoDictionary];
NSLog(@"%d", [mainDictionary fileSize]);

回答1:

You might prevent the noobish crackers from finding references to "SignerIdentity" in your code by applying ROT13 or a similar simple obscuring algorithm http://en.wikipedia.org/wiki/ROT13

After applying ROT13, "SignerIdentity" would become "FvtareVqragvgl".

Anyway, the answer to your question (how you get the size of the Info.plist file):

NSBundle *bundle = [NSBundle mainBundle];
NSString* bundlePath = [bundle bundlePath];

NSFileManager *fileManager = [NSFileManager defaultManager];

NSString* path = [NSString stringWithFormat:@"%@/Info.plist", bundlePath ];

NSDictionary *fileAttributes = [fileManager attributesOfItemAtPath:path 
                                                             error:NULL];

if (fileAttributes != nil) {
    NSNumber *fileSize;

    if (fileSize = [fileAttributes objectForKey:NSFileSize]) {
        NSLog(@"File size: %qi\n", [fileSize unsignedLongLongValue]);
    }           
}

Also keep in mind that the size (in bytes) of the Info.plist in your Xcode project directory and the Info.plist inside the bundle may differ. You probably want to build the game once, then look at the size of <your app bundle.app>/Info.plist and then update your antipiracy code.



回答2:

I've never programmed for the iPhone, but couldn't you just take a hash of that file and compare it to a reference, possibly salting the hash value to prevent someone just changing the reference hash to the new one?



回答3:

that code has still many giveaways:

the string Info.plist is easy to find. NSFileSize is also very suspicious....



回答4:

As said here Determining if an iPhone is Jail broken Programmatically it looks like some of the most recent cracked apps installed via install0us don't have their info.plist modified. (at least the info.plist does not contain any signeridentity key). How could we detect the crack in such a case ?