IOS witchcraft: the unkillable background & monitoring process

Implementation without jailbreak:

Startup: After the App is installed on an iOS device, the App will start as soon as the iOS device is restarted, regardless of whether the App has been opened before.

***Background running: The application enters the background state and can run in the background without being killed by the system;

Monitor process: can obtain the apps running on IOS devices other than the system (including those running in progress and in the background);

Configure the project plist file

Add to:

 <key>UIBackgroundModes</key> 
 
 <array> 
 
 <string>voip</string> 
 
 </array>

Functional class: ProccessHelper

 [objc] view plaincopy 
 
 # import <Foundation/Foundation.h> 
 
 @interface ProcessHelper : NSObject 
 
 + (NSArray *)runningProcesses; 
 
 @end   
 
 [cpp] view plaincopyprint?
 # import   "ProccessHelper.h"  
 //#include<objc/runtime.h>  
 #include <sys/sysctl.h> 
 
 #include <stdbool.h>
 #include <sys/types.h>
 #include <unistd.h>
 #include <sys/sysctl.h> 
 
 @implementation ProccessHelper 
 
 //You can determine if your app is being run under the debugger with the following code from  
 static bool AmIBeingDebugged( void )
 // Returns true if the current process is being debugged (either  
 // running under the debugger or has a debugger attached post facto).  
 {
 int junk;
 int mib[ 4 ];
 struct kinfo_proc info;
 size_t size; 
 
 // Initialize the flags so that, if sysctl fails for some bizarre  
 // reason, we get a predictable result.   
 
 info.kp_proc.p_flag = 0 ; 
 
 // Initialize mib, which tells sysctl the info we want, in this case  
 // we're looking for information about a specific process ID.   
 
 mib[ 0 ] = CTL_KERN;
 mib[ 1 ] = KERN_PROC;
 mib[ 2 ] = KERN_PROC_PID;
 mib[ 3 ] = getpid(); 
 
 // Call sysctl.   
 
 size = sizeof(info);
 junk = sysctl(mib, sizeof(mib) / sizeof(*mib), &info, &size, NULL, 0 );
 assert (junk == 0 ); 
 
 // We're being debugged if the P_TRACED flag is set.   
 
 return ( (info.kp_proc.p_flag & P_TRACED) != 0 );
 } 
 
 //Return the id, name, cpu usage, and running time of all running processes  
 //Use function int sysctl(int *, u_int, void *, size_t *, void *, size_t)  
 + (NSArray *)runningProcesses
 {
 //Specify the name parameter. The first element specifies which subsystem of the kernel this request is directed to, and the second and subsequent elements specify a part of the system in turn.  
 //CTL_KERN, KERN_PROC, KERN_PROC_ALL all running processes  
 int mib[ 4 ] = {CTL_KERN, KERN_PROC, KERN_PROC_ALL, 0 }; 
 
 
 size_t miblen = 4 ;
 //Value-result parameter: When the function is called, the value pointed to by size specifies the size of the buffer; when the function returns, the value gives the amount of data stored in the buffer by the kernel  
 //If the buffer is not large enough, the function returns ENOMEM error  
 size_t size;
 //Return 0 if successful; return -1 if failed  
 int st = sysctl(mib, miblen, NULL, &size, NULL, 0 ); 
 
 struct kinfo_proc * process = NULL;
 struct kinfo_proc * newprocess = NULL;
 do  
 {
 size += size / 10 ;
 newprocess = realloc(process, size);
 if (!newprocess)
 {
 if (process)
 {
 free(process);
 process = NULL;
 }
 return nil;
 } 
 
 process = newprocess;
 st = sysctl(mib, miblen, process, &size, NULL, 0 );
 } while (st == - 1 && errno == ENOMEM); 
 
 if (st == 0 )
 {
 if (size % sizeof(struct kinfo_proc) == 0 )
 {
 int nprocess = size / sizeof(struct kinfo_proc);
 if (nprocess)
 {
 NSMutableArray * array = [[NSMutableArray alloc] init];
 for ( int i = nprocess - 1 ; i >= 0 ; i--)
 {
 NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init];
 NSString * processID = [[NSString alloc] initWithFormat:@ "%d" , process[i].kp_proc.p_pid];
 NSString * processName = [[NSString alloc] initWithFormat:@ "%s" , process[i].kp_proc.p_comm];
 NSString * proc_CPU = [[NSString alloc] initWithFormat:@ "%d" , process[i].kp_proc.p_estcpu];
 double t = [[NSDate date] timeIntervalSince1970] - process[i].kp_proc.p_un.__p_starttime.tv_sec;
 NSString * proc_useTiem = [[NSString alloc] initWithFormat:@ "%f" ,t];
 NSString *startTime = [[NSString alloc] initWithFormat:@ "%ld" , process[i].kp_proc.p_un.__p_starttime.tv_sec];
 NSString * status = [[NSString alloc] initWithFormat:@ "%d" ,process[i].kp_proc.p_flag]; 
 
 NSMutableDictionary *dic = [[NSMutableDictionary alloc] init];
 [dic setValue:processID forKey:@ "ProcessID" ];
 [dic setValue:processName forKey:@ "ProcessName" ];
 [dic setValue:proc_CPU forKey:@ "ProcessCPU" ];
 [dic setValue:proc_useTiem forKey:@ "ProcessUseTime" ];
 [dic setValue:proc_useTiem forKey:@ "ProcessUseTime" ];
 [dic setValue:startTime forKey:@ "startTime" ]; 
 
 // 18432 is the currently running application  
 // 16384 is background  
 [dic setValue:status forKey:@ "status" ]; 
 
 [processID release];
 [processName release];
 [proc_CPU release];
 [proc_useTiem release];
 [array addObject:dic];
 [startTime release];
 [status release];
 [dic release]; 
 
 [pool release];
 } 
 
 free(process);
 process = NULL;
 //NSLog(@"array = %@",array);   
 
 return array;
 }
 }
 } 
 
 return nil;
 } 
 
 @end   

Implementation code:

 [objc] view plaincopy 
 
 systemprocessArray = [[NSMutableArray arrayWithObjects:
 @ "kernel_task" ,
 @ "launchd" ,
 @ "UserEventAgent" ,
 @ "wifid" ,
 @ "syslogd" ,
 @ "powerd" ,
 @ "lockdownd" ,
 @ "mediaserverd" ,
 @ "mediaremoted" ,
 @ "mDNSResponder" ,
 @ "locationd" ,
 @ "imagent" ,
 @ "iapd" ,
 @ "fseventsd" ,
 @ "fairplayd.N81" ,
 @ "configd" ,
 @ "apsd" ,
 @ "aggregated" ,
 @ "SpringBoard" ,
 @ "CommCenterClassi" ,
 @ "BTServer" ,
 @ "notifyd" ,
 @ "MobilePhone" ,
 @ "ptpd" ,
 @ "afcd" ,
 @ "notification_pro" ,
 @ "notification_pro" ,
 @ "syslog_relay" ,
 @ "notification_pro" ,
 @ "springboardservi" ,
 @ "atc" ,
 @ "sandboxd" ,
 @ "networkd" ,
 @ "lsd" ,
 @ "securityd" ,
 @ "lockbot" ,
 @ "installd" ,
 @ "debugserver" ,
 @ "amfid" ,
 @ "AppleIDAuthAgent" ,
 @ "BootLaunch" ,
 @ "MobileMail" ,
 @ "BlueTool" ,
 nil nil] retain]; 
 
 
 [objc] view plaincopy 
 
 - ( void )applicationDidEnterBackground:(UIApplication *)application
 {
 while ( 1 ) {
 sleep( 5 );
 [self postMsg];
 } 
 
 [cpp] view plaincopyprint?
 [[UIApplication sharedApplication] setKeepAliveTimeout: 600 handler:^{
 NSLog(@ "KeepAlive" );
 }];
 } 
 
 - ( void )applicationWillResignActive:(UIApplication *)application
 {
 }
 - ( void )applicationWillEnterForeground:(UIApplication *)application
 {
 }
 - ( void )applicationDidBecomeActive:(UIApplication *)application
 {
 }
 - ( void )applicationWillTerminate:(UIApplication *)application
 {
 } 
 
 #pragma mark -
 #pragma mark - User Method 
 
 - ( void ) postMsg
 {
 //Upload to the server  
 NSURL *url = [self getURL];
 NSURLRequest *request = [[NSURLRequest alloc]initWithURL:url cachePolicy:NSURLRequestUseProtocolCachePolicy timeoutInterval: 10 ];
 NSError *error = nil;
 NSData *received = [NSURLConnection sendSynchronousRequest:request returningResponse:nil error:&error]; 
 
 if (error) {
 NSLog(@ "error:%@" , [error localizedDescription]);
 } 
 
 NSString *str = [[NSString alloc]initWithData:received encoding:NSUTF8StringEncoding];
 NSLog(@ "%@" ,str);
 } 
 
 - (NSURL *) getURL
 {
 UIDevice *device = [UIDevice currentDevice]; 
 
 NSString* uuid = @ "TESTUUID" ;
 NSString* manufacturer = @ "apple" ;
 NSString* model = [device model];
 NSString* mobile = [device systemVersion]; 
 
 NSString *msg = [NSString stringWithFormat:@ "Msg:%@ Time:%@" , [self processMsg], [self getTime]];
 CFShow(msg); 
 
 / Omit some code / 
 
 NSString *urlStr = [strUrl stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding];
 NSURL *url = [NSURL URLWithString:urlStr]; 
 
 return url;
 } 
 
 - (BOOL) checkSystemProccess:(NSString *) proName
 {
 if ([systemprocessArray containsObject:proName]) {
 return YES;
 }
 return NO;
 } 
 
 - (BOOL) checkFirst:(NSString *) string
 {
 NSString *str = [string substringToIndex: 1 ];
 NSRange r = [@ "ABCDEFGHIJKLMNOPQRSTUVWXWZ" rangeOfString:str]; 
 
 if (r.length > 0 ) {
 return YES;
 }
 return NO;
 } 
 
 - (NSString *) processMsg
 {
 NSArray *proMsg = [ProccessHelper runningProcesses]; 
 
 if (proMsg == nil) {
 return nil;
 } 
 
 NSMutableArray *proState = [NSMutableArray array];
 for (NSDictionary *dic in proMsg) { 
 
 NSString *proName = [dic objectForKey:@ "ProcessName" ];
 if (![self checkSystemProccess:proName] && [self checkFirst:proName]) {
 NSString *proID = [dic objectForKey:@ "ProcessID" ];
 NSString *proStartTime = [dic objectForKey:@ "startTime" ]; 
 
 if ([[dic objectForKey:@ "status" ] isEqualToString:@ "18432" ]) {
 NSString *msg = [NSString stringWithFormat:@ "ProcessName:%@ - ProcessID:%@ - StartTime:%@ Running:YES" , proName, proID, proStartTime];
 [proState addObject:msg];
 } else {
 NSString *msg = [NSString stringWithFormat:@ "ProcessName:%@ - ProcessID:%@ - StartTime:%@ Running:NO" , proName, proID, proStartTime];
 [proState addObject:msg];
 }
 }
 } 
 
 NSString *msg = [proState componentsJoinedByString:@ "______" ];
 return msg;
 } 
 
 // Get the time  
 - (NSString *) getTime
 {
 NSDateFormatter *formatter =[[[NSDateFormatter alloc] init] autorelease];
 formatter.dateStyle = NSDateFormatterMediumStyle;
 formatter.timeStyle = NSDateFormatterMediumStyle;
 formatter.locale = [NSLocale currentLocale]; 
 
 NSDate *date = [NSDate date]; 
 
 [formatter setTimeStyle:NSDateFormatterMediumStyle];
 NSCalendar *calendar = [[[NSCalendar alloc] initWithCalendarIdentifier:NSGregorianCalendar] autorelease];
 NSDateComponents *comps = [[[NSDateComponents alloc] init] autorelease];
 NSInteger unitFlags = NSYearCalendarUnit |
 NSMonthCalendarUnit |
 NSDayCalendarUnit |
 NSWeekdayCalendarUnit |
 NSHourCalendarUnit |
 NSMinuteCalendarUnit |
 NSSecondCalendarUnit;
 comps = [calendar components:unitFlags fromDate:date];
 int year = [comps year];
 int month = [comps month];
 int day = [comps day];
 int hour = [comps hour];
 int min = [comps minute];
 int sec = [comps second]; 
 
 NSString *time = [NSString stringWithFormat:@ "%d-%d-%d %d:%d:%d" , year, month, day, hour, min, sec]; 
 
 return time;
 } 
 
 @end