Record the methods for identifying regular jailbreak and regular jailbreak

Record the methods for identifying regular jailbreak and regular jailbreak

Apple attaches great importance to product security, so it designs a complex security mechanism for users. This makes freedom-loving and open-minded programmers extremely uncomfortable, so jailbreak has become a place for Apple and hackers to fight repeatedly. In general, jailbreak allows us to install and share apps at will, but it also reduces the security of devices and provides a convenient portal for some malicious applications. Sometimes our applications want to know if the installed device has been jailbroken. Obviously, Apple does not provide a solution. What should we do? Cydia is automatically installed after jailbreak, so we can start from this aspect. We can also use permission issues to read the list of applications, and read environment variables, A machine without jailbreak cannot read any content.

The following is a method:

1. Identify common jailbreak files

/Applications/Cydia. app

/Library/MobileSubstrate. dylib

/Bin/bash

/Usr/sbin/sshd

/Etc/apt

This table can be listed as much as possible, and then determined whether or not the table exists. As long as the table exists, it can be considered that the machine is jailbroken.

  #define ARRAY_SIZE(a) sizeof(a)/sizeof(a[ 0 ])   const  char * jailbreak_tool_pathes[] = {   "/Applications/Cydia.app" ,   "/Library/MobileSubstrate/MobileSubstrate.dylib" ,   "/bin/bash" ,   "/usr/sbin/sshd" ,   "/etc/apt" };   - (BOOL)isJailBreak { 　　 for  ( int  i= 0 ; i<ARRAY_SIZE(jailbreak_tool_pathes); i++) { 　　 if  ([[NSFileManager defaultManager] fileExistsAtPath:[NSString stringWithUTF8String:jailbreak_tool_pathes[i]]]) { 　　 NSLog(@ "The device is jail broken!" ); 　　 return  YES; 　　　　 } 　　 } 　　 NSLog(@ "The device is NOT jail broken!" ); 　　 return  NO; }

2. Determine the URL scheme of cydia

URL scheme is a resource path that can be used to call another application in the application (for details, see how to call another application in iOS). this method is used to determine whether the application cydia exists.

View sourceprint? 01. - (BOOL)isJailBreak 02. { 03. if  ([[UIApplication sharedApplication] canOpenURL:[NSURL URLWithString:@ "cydia://" ]]) { 04. NSLog(@ "The device is jail broken!" ); 05. return  YES; 06. } 07. NSLog(@ "The device is NOT jail broken!" ); 08. return  NO; 09. }

3. Read the names of all applications in the system.

This is determined by the fact that a machine without jailbreak does not have this permission.

  #define USER_APP_PATH                 @ "/User/Applications/" - (BOOL)isJailBreak { 　　 if  ([[NSFileManager defaultManager] fileExistsAtPath:USER_APP_PATH]) { 　　 NSLog(@ "The device is jail broken!" ); 　　 NSArray *applist = [[NSFileManager defaultManager] 　　contentsOfDirectoryAtPath:USER_APP_PATH error:nil]; 　　 NSLog(@ "applist = %@" , applist); 　　 return  YES; 　　 } 　　 NSLog(@ "The device is NOT jail broken!" ); 　　　　 return  NO; }

4. Use the stat method to determine whether cydia exists

This method uses the stat function to determine whether a dynamic library is injected.

  #define CYDIA_APP_PATH                 "/Applications/Cydia.app" int  checkInject() { 　　 int  ret; 　　 Dl_info dylib_info; 　　 int  (*func_stat)( const  char *, struct stat*) = stat;   　　 if  ((ret = dladdr(func_stat, &dylib_info)) && strncmp(dylib_info.dli_fname, dylib_name, 　　strlen(dylib_name))) { 　　 return  0 ; 　　 } 　　 return  1 ; }   int  checkCydia() { 　　 // first ,check whether library is inject 　　 struct stat stat_info;   　　 if  (!checkInject()) { 　　 if  ( 0  == stat(CYDIA_APP_PATH, &stat_info)) { 　　 return  1 ; 　　　　 } 　　 }  else  { 　　　　　　　　 return  1 ; 　　　　 } 　　 return  0 ; }   - (BOOL)isJailBreak { 　　 if  (checkCydia()) { 　　 NSLog(@ "The device is jail broken!" ); 　　 return  YES; 　　 } 　　 NSLog(@ "The device is NOT jail broken!" ); 　　 return  NO; }

5. Read Environment Variables

This DYLD_INSERT_LIBRARIES environment variable should be empty on non-jailbreaking machines, and basically there will be Library/MobileSubstrate. dylib on jailbreaking machines.

  char * printEnv( void ) { 　　 char  *env = getenv( "DYLD_INSERT_LIBRARIES" ); 　　 NSLog(@ "%s" , env); 　　 return  env; }   - (BOOL)isJailBreak { 　　 if  (printEnv()) { 　　 NSLog(@ "The device is jail broken!" ); 　　 return  YES; 　　 } 　　 NSLog(@ "The device is NOT jail broken!" ); 　　 return  NO; }

Of course, multiple methods can be used to determine whether a device is jailbreaking and to ensure accuracy. Here, I also want to say that jailbreak has a perfect jailbreak and an imperfect jailbreak, which is not officially guaranteed, so the situation is complicated and changeable. IOS7 has also improved and upgraded the sandbox mechanism. In some cases, it may be inappropriate for the new version. This requires actual processing. In addition, there is also a sub-thread fork to look at the return value and other methods. Here we will not list them one by one.

Finally, jailbreak will bring about an increase in insecurity, especially when many financial tools are installed.