How to detect that the app is running on a jailbro

2019-01-10 05:46发布

问题:

I have just released my app for iOS, but I'm not sure how to make my app safe from being used by jailbrakers.

Can I do something to prevent my app working on jailbroken devices?

回答1:

You can detect through code that if the app is running on a jail broken device or not. Through that way you can pop up an alert and close the app. You can do whatever you want to do. Here is a tutorial for it:

http://thwart-ipa-cracks.blogspot.com/2008/11/detection.html

and here is a Stack Overflow post:

How do I detect that an iOS app is running on a jailbroken phone?

Also, if you want a complete solution, you can see in tapjoy sdk code. They are detecting jailbroken iPhone. Here is tapjoy URL https://www.tapjoy.com/



回答2:

Check for these paths

+ (BOOL)isJailBroken {
#ifdef TARGET_IPHONE_SIMULATOR
    return NO;
#endif

    NSArray *paths = @[@"/bin/bash",
                       @"/usr/sbin/sshd",
                       @"/etc/apt",
                       @"/private/var/lib/apt/",
                       @"/Applications/Cydia.app",
                       ];

    for (NSString *path in paths) {
        if ([self fileExistsAtPath:path]) {
            return YES;
        }
    }

    return NO;
}


+ (BOOL)fileExistsAtPath:(NSString *)path {
    FILE *pFile;
    pFile = fopen([path cStringUsingEncoding:[NSString defaultCStringEncoding]], "r");
    if (pFile == NULL) {
        return NO;
    }
    else
        fclose(pFile);
    return YES;
}

Additionally, you can take a look https://github.com/OneSignal/OneSignal-iOS-SDK/blob/master/iOS_SDK/OneSignalJailbreakDettection/OneSignalJailbreakDetection.m



回答3:

Try to find a file which cydia or jailbroken device create. Or try to write in a file outside the app's blackbox. If you succeed to do that, the device is compromised/jailbroken :)

- (BOOL)jailbroken
{
    NSFileManager * fileManager = [NSFileManager defaultManager];
    return [fileManager fileExistsAtPath:@"/private/var/lib/apt/"];
}


回答4:

-(BOOL) isJailbroken
{
#if TARGET_IPHONE_SIMULATOR
return NO;
#else
FILE *f = fopen("/bin/bash", "r");
if (errno == ENOENT)
{
    // device is NOT jailbroken
    fclose(f);
    NSLog(@"no");
    return NO;
}
else {
    // device IS jailbroken
    fclose(f);
    NSLog(@"yes");
    return YES;

}
#endif
}


回答5:

Based off of @karim's answer heres a slightly modified swift version:

func hasJailbreak() -> Bool {
    #if arch(i386) || arch(x86_64)
        println("Simulator")
        return false    
    #else
        var fileManager = NSFileManager.defaultManager()
        if(fileManager.fileExistsAtPath("/private/var/lib/apt")) {
            println("Jailbroken Device")
            return true
        } else {
            println("Clean Device")
            return false
        }
    #endif
}


回答6:

You can detect if a device is jailBroken or not by checking the following

  1. Cydia is installed
  2. Verify some of the system paths
  3. Can perform a sandbox integrity check
  4. Perform symlink verification
  5. Verify whether you create and write files outside your Sandbox

There is an open source library I created from various articles and books, try it out.



回答7:

Even if your device is jailbroken , ipa applications can only access their own sand boxes, so If device is either jailbroken or not your method will return NO :) Look for another way Also if you try to access somewhere but your sandbox publishing app on the appstore may head problems



回答8:

/**
     Detect that the app is running on a jailbroken device or not

     - returns: bool value for jailbroken device or not
     */
    public class func isDeviceJailbroken() -> Bool {
        #if arch(i386) || arch(x86_64)
            return false
        #else
            let fileManager = FileManager.default

            if (fileManager.fileExists(atPath: "/bin/bash") ||
                fileManager.fileExists(atPath: "/usr/sbin/sshd") ||
                fileManager.fileExists(atPath: "/etc/apt")) ||
                fileManager.fileExists(atPath: "/private/var/lib/apt/") ||
                fileManager.fileExists(atPath: "/Applications/Cydia.app") ||
                fileManager.fileExists(atPath: "/Library/MobileSubstrate/MobileSubstrate.dylib") {
                return true
            } else {
                return false
            }
        #endif
    }


回答9:

There are many ways to find the jailbroken devices. checking cydia technic will not be work if skilled hacker changes the application path.

A good way to check for it would be to see if we can modify a file in some other location outside the application bundle.

NSError *error;
NSString *stringToBeWritten = @"This is a test.";
[stringToBeWritten writeToFile:@"/private/jailbreak.txt" atomically:YES
         encoding:NSUTF8StringEncoding error:&error];
if(error==nil){
   //Device is jailbroken
   return YES;
 } else {
   //Device is not jailbroken
   [[NSFileManager defaultManager] removeItemAtPath:@"/private/jailbreak.txt" error:nil];
 }

Find more techniques in the below url

http://highaltitudehacks.com/2013/12/17/ios-application-security-part-24-jailbreak-detection-and-evasion/



回答10:

SWIFT 3:

func hasJailbreak() -> Bool {
        #if arch(i386) || arch(x86_64)
            print("Simulator")
            return false
        #else
            return FileManager.default.fileExistsAtPath("/private/var/lib/apt")
        #endif
    }


回答11:

There is no way to detect if device is jailbroken.

Consider that even if there was, the device has already been jailbroken, meaning arbitrary code execution is possible, and the jailbreaker would just modify whatever method of detection you would use to signal that the device has not been jailbroken.

reference: https://forums.developer.apple.com/thread/43073

credits go to Apple Staff who answered this same question