Whether the iOS device escapes the code of Judgment

Apple attaches great importance to the safety of the product, so the user has designed a complex set of security mechanisms. This makes the love of freedom, advocating all the open-minded handlers extremely uncomfortable, so the jailbreak became the Apple and hackers repeatedly wits place. In general, Jailbreak allows us to install and share applications at will, but it does reduce the security of the device, providing a convenient means for some malicious applications.

Sometimes our app wants to know if the installed device is out of prison, and obviously Apple doesn't have a solution, so what do we do? Because the jailbreak will automatically install Cydia, so we can start from this aspect, you can also use permissions issues to read the list of applications, but also to read the environment variables, not to jailbreak the machine should be read nothing.

Here's one way to do this:

1. Determine common Jailbreak files

/applications/cydia.app
/library/mobilesubstrate/mobilesubstrate.dylib
/bin/bash
/usr/sbin/sshd
/etc/apt

This table can be listed as much as possible, and then determine if there is, as long as there is a machine can be considered jailbreak.

<span style= "FONT-SIZE:14PX;" > #define ARRAY_SIZE (a) sizeof (a)/sizeof (a[0])    const char* jailbreak_tool_pathes[] = {      "/applications/ Cydia.app ",      "/library/mobilesubstrate/mobilesubstrate.dylib ",      "/bin/bash ",      "/usr/sbin/sshd ",      " /etc/apt "  };    -(BOOL) isjailbreak  {for      (int i=0; i<array_size (jailbreak_tool_pathes); i++) {          if ([[Nsfilemanager Defaultmanager] fileexistsatpath:[nsstring Stringwithutf8string:jailbreak_tool_pathes[i]]) {              NSLog (@ "the Device is jail broken! ");              return YES;          }      }      NSLog (@ "The device is not jail broken!");      return NO;  }  </span>

2. Determine the URL scheme for Cydia

URL scheme can be used to call out another application in the application, is a resource path (see Http://t.cn/RzUn7DF), this method is to determine the existence of Cydia this application.

<span style= "FONT-SIZE:14PX;" >-(BOOL) isjailbreak  {      if ([[[UIApplication sharedapplication] Canopenurl:[nsurl urlwithstring:@ "cydia:// "]) {          NSLog (@" The device is jail broken! ");          return YES;      }      NSLog (@ "The device is not jail broken!");      return NO;  }  </span>

3. Read the name of all apps in the system

This is the use of non-jailbroken machines do not have this permission to determine.

<span style= "FONT-SIZE:14PX;" > #define User_app_path                 @ "/user/applications/"  -(BOOL) isjailbreak  {      if ([[Nsfilemanager Defaultmanager] Fileexistsatpath:user_app_path]) {          NSLog (@ "The device is jail broken!");          Nsarray *applist = [[Nsfilemanager Defaultmanager] Contentsofdirectoryatpath:user_app_path Error:nil];          NSLog (@ "applist =%@", applist);          return YES;      }      NSLog (@ "The device is not jail broken!");      return NO;  }  </span>

4. Use the Stat method to determine whether the Cydia exists

The method itself is judged by the Cydia application, but the method is the stat function, and it also determines whether there is an injected dynamic library.

<span style= "FONT-SIZE:14PX;"      > #define CYDIA_APP_PATH "/applications/cydia.app" int checkinject () {int ret;      Dl_info Dylib_info;            Int (*func_stat) (const char*, struct stat*) = stat; if (ret = DLADDR (Func_stat, &dylib_info)) && strncmp (Dylib_info.dli_fname, Dylib_name, strlen (dylib_name)      ) {return 0;  } return 1;            } int Checkcydia () {//First, check whether library is inject struct stat stat_info;          if (!checkinject ()) {if (0 = = Stat (Cydia_app_path, &stat_info)) {return 1;      }} else {return 1;  } return 0;          }-(BOOL) Isjailbreak {if (Checkcydia ()) {NSLog (@ "The device is jail broken!");      return YES;      } NSLog (@ "The device is not jail broken!");  return NO; } </span> 

5. Read environment variables

This dyld_insert_libraries environment variable, on the non-jailbroken machine should be empty, jailbreak the machine basically will have library/mobilesubstrate/mobilesubstrate.dylib

<span style= "FONT-SIZE:14PX;" >char* printenv (void)  {      Charchar *env = getenv ("dyld_insert_libraries");      NSLog (@ "%s", env);      return env;  }    -(BOOL) isjailbreak  {      if (printenv ()) {          NSLog (@ "The device is jail broken!");          return YES;      }      NSLog (@ "The device is not jail broken!");      return NO;  }  </span>

Of course, when deciding whether a device is jailbroken, you can use multiple methods to ensure accuracy. What I would like to say here is that the jailbreak has a perfect escape and a non-perfect escape, which in itself is not officially guaranteed, so the situation is also complex and changeable. The IOS7 also has an improved upgrade for the sandbox mechanism, some of which may not be appropriate for the new version, which needs to be handled in real-world situations. In addition, there are some ways to fork a sub-thread, look at the return value and so on, which is not listed here.

Finally, the jailbreak will lead to an increase in insecurity, especially in the case of more financial instruments installed, strongly not recommended jailbreak.

Whether the iOS device escapes the code of Judgment