Record the methods for identifying regular jailbreak and regular jailbreak
Apple attaches great importance to product security, so it designs a complex security mechanism for users. This makes freedom-loving and open-minded programmers extremely uncomfortable, so jailbreak has become a place for Apple and hackers to fight repeatedly. In general, jailbreak allows us to install and share apps at will, but it also reduces the security of devices and provides a convenient portal for some malicious applications. Sometimes our applications want to know if the installed device has been jailbroken. Obviously, Apple does not provide a solution. What should we do? Cydia is automatically installed after jailbreak, so we can start from this aspect. We can also use permission issues to read the list of applications, and read environment variables, A machine without jailbreak cannot read any content.
The following is a method:
1. Identify common jailbreak files
/Applications/Cydia. app
/Library/MobileSubstrate. dylib
/Bin/bash
/Usr/sbin/sshd
/Etc/apt
This table can be listed as much as possible, and then determined whether or not the table exists. As long as the table exists, it can be considered that the machine is jailbroken.
#define ARRAY_SIZE(a) sizeof(a)/sizeof(a[
0
])
const
char
* jailbreak_tool_pathes[] = {
"/Applications/Cydia.app"
,
"/Library/MobileSubstrate/MobileSubstrate.dylib"
,
"/bin/bash"
,
"/usr/sbin/sshd"
,
"/etc/apt"
};
- (BOOL)isJailBreak
{
for
(
int
i=
0
; i<ARRAY_SIZE(jailbreak_tool_pathes); i++) {
if
([[NSFileManager defaultManager] fileExistsAtPath:[NSString stringWithUTF8String:jailbreak_tool_pathes[i]]]) {
NSLog(@
"The device is jail broken!"
);
return
YES;
}
}
NSLog(@
"The device is NOT jail broken!"
);
return
NO;
}
2. Determine the URL scheme of cydia
URL scheme is a resource path that can be used to call another application in the application (for details, see how to call another application in iOS). this method is used to determine whether the application cydia exists.
View sourceprint?
01.
- (BOOL)isJailBreak
02.
{
03.
if
([[UIApplication sharedApplication] canOpenURL:[NSURL URLWithString:@
"cydia://"
]]) {
04.
NSLog(@
"The device is jail broken!"
);
05.
return
YES;
06.
}
07.
NSLog(@
"The device is NOT jail broken!"
);
08.
return
NO;
09.
}
3. Read the names of all applications in the system.
This is determined by the fact that a machine without jailbreak does not have this permission.
#define USER_APP_PATH @
"/User/Applications/"
- (BOOL)isJailBreak
{
if
([[NSFileManager defaultManager] fileExistsAtPath:USER_APP_PATH]) {
NSLog(@
"The device is jail broken!"
);
NSArray *applist = [[NSFileManager defaultManager] contentsOfDirectoryAtPath:USER_APP_PATH error:nil];
NSLog(@
"applist = %@"
, applist);
return
YES;
}
NSLog(@
"The device is NOT jail broken!"
);
return
NO;
}
4. Use the stat method to determine whether cydia exists
This method uses the stat function to determine whether a dynamic library is injected.
#define CYDIA_APP_PATH
"/Applications/Cydia.app"
int
checkInject()
{
int
ret;
Dl_info dylib_info;
int
(*func_stat)(
const
char
*, struct stat*) = stat;
if
((ret = dladdr(func_stat, &dylib_info)) && strncmp(dylib_info.dli_fname, dylib_name, strlen(dylib_name))) {
return
0
;
}
return
1
;
}
int
checkCydia()
{
// first ,check whether library is inject
struct stat stat_info;
if
(!checkInject()) {
if
(
0
== stat(CYDIA_APP_PATH, &stat_info)) {
return
1
;
}
}
else
{
return
1
;
}
return
0
;
}
- (BOOL)isJailBreak
{
if
(checkCydia()) {
NSLog(@
"The device is jail broken!"
);
return
YES;
}
NSLog(@
"The device is NOT jail broken!"
);
return
NO;
}
5. Read Environment Variables
This DYLD_INSERT_LIBRARIES environment variable should be empty on non-jailbreaking machines, and basically there will be Library/MobileSubstrate. dylib on jailbreaking machines.
char
* printEnv(
void
)
{
char
*env = getenv(
"DYLD_INSERT_LIBRARIES"
);
NSLog(@
"%s"
, env);
return
env;
}
- (BOOL)isJailBreak
{
if
(printEnv()) {
NSLog(@
"The device is jail broken!"
);
return
YES;
}
NSLog(@
"The device is NOT jail broken!"
);
return
NO;
}
Of course, multiple methods can be used to determine whether a device is jailbreaking and to ensure accuracy. Here, I also want to say that jailbreak has a perfect jailbreak and an imperfect jailbreak, which is not officially guaranteed, so the situation is complicated and changeable. IOS7 has also improved and upgraded the sandbox mechanism. In some cases, it may be inappropriate for the new version. This requires actual processing. In addition, there is also a sub-thread fork to look at the return value and other methods. Here we will not list them one by one.
Finally, jailbreak will bring about an increase in insecurity, especially when many financial tools are installed.