Code used to determine whether the iOS device is jailbroken

Code used to determine whether the iOS device is jailbroken

Apple attaches great importance to product security, so it designs a complex security mechanism for users. This makes freedom-loving and open-minded programmers extremely uncomfortable, so jailbreak has become a place for Apple and hackers to fight repeatedly. In general, jailbreak allows us to install and share apps at will, but it also reduces the security of devices and provides a convenient portal for some malicious applications.

Sometimes our applications want to know if the installed device has been jailbroken. Obviously, Apple does not provide a solution. What should we do? Cydia is automatically installed after jailbreak, so we can start from this aspect. We can also use permission issues to read the list of applications, and read environment variables, A machine without jailbreak cannot read any content.

The following is a method:

1. Identify common jailbreak files

/Applications/Cydia. app
/Library/MobileSubstrate. dylib
/Bin/bash
/Usr/sbin/sshd
/Etc/apt

This table can be listed as much as possible, and then determined whether or not the table exists. As long as the table exists, it can be considered that the machine is jailbroken.

#define ARRAY_SIZE(a) sizeof(a)/sizeof(a[0])    const char* jailbreak_tool_pathes[] = {      "/Applications/Cydia.app",      "/Library/MobileSubstrate/MobileSubstrate.dylib",      "/bin/bash",      "/usr/sbin/sshd",      "/etc/apt"  };    - (BOOL)isJailBreak  {      for (int i=0; i

2. Determine the URL scheme of cydia

URL scheme can be used to call out another application in the application, is a resource path (see the http://t.cn/RzUn7DF), this method is to determine whether the application cydia exists.

- (BOOL)isJailBreak  {      if ([[UIApplication sharedApplication] canOpenURL:[NSURL URLWithString:@"cydia://"]]) {          NSLog(@"The device is jail broken!");          return YES;      }      NSLog(@"The device is NOT jail broken!");      return NO;  }  

3. Read the names of all applications in the system.

This is determined by the fact that a machine without jailbreak does not have this permission.

#define USER_APP_PATH                 @"/User/Applications/"  - (BOOL)isJailBreak  {      if ([[NSFileManager defaultManager] fileExistsAtPath:USER_APP_PATH]) {          NSLog(@"The device is jail broken!");          NSArray *applist = [[NSFileManager defaultManager] contentsOfDirectoryAtPath:USER_APP_PATH error:nil];          NSLog(@"applist = %@", applist);          return YES;      }      NSLog(@"The device is NOT jail broken!");      return NO;  }  

4. Use the stat method to determine whether cydia exists

This method uses the stat function to determine whether a dynamic library is injected.

#define CYDIA_APP_PATH                "/Applications/Cydia.app"  int checkInject()  {      int ret;      Dl_info dylib_info;      int (*func_stat)(const char*, struct stat*) = stat;            if ((ret = dladdr(func_stat, &dylib_info)) && strncmp(dylib_info.dli_fname, dylib_name, strlen(dylib_name))) {          return 0;      }      return 1;  }    int checkCydia()  {      // first ,check whether library is inject      struct stat stat_info;            if (!checkInject()) {          if (0 == stat(CYDIA_APP_PATH, &stat_info)) {              return 1;          }      } else {          return 1;      }      return 0;  }    - (BOOL)isJailBreak  {      if (checkCydia()) {          NSLog(@"The device is jail broken!");          return YES;      }      NSLog(@"The device is NOT jail broken!");      return NO;  }  

5. Read Environment Variables

This DYLD_INSERT_LIBRARIES environment variable should be empty on non-jailbreaking machines, and basically there will be Library/MobileSubstrate. dylib on jailbreaking machines.

char* printEnv(void)  {      charchar *env = getenv("DYLD_INSERT_LIBRARIES");      NSLog(@"%s", env);      return env;  }    - (BOOL)isJailBreak  {      if (printEnv()) {          NSLog(@"The device is jail broken!");          return YES;      }      NSLog(@"The device is NOT jail broken!");      return NO;  }  

Of course, multiple methods can be used to determine whether a device is jailbreaking and to ensure accuracy. Here, I also want to say that jailbreak has a perfect jailbreak and an imperfect jailbreak, which is not officially guaranteed, so the situation is complicated and changeable. IOS7 has also improved and upgraded the sandbox mechanism. In some cases, it may be inappropriate for the new version. This requires actual processing. In addition, there is also a sub-thread fork to look at the return value and other methods. Here we will not list them one by one.

Finally, jailbreak will bring about an increase in insecurity, especially when many financial tools are installed.