Record the judgment method of conventional jailbreak

Record the judgment method of conventional jailbreak

Apple attaches great importance to the security of its products, so it has designed a complex security mechanism for users. This makes programmers who love freedom and advocate openness extremely unhappy, so jailbreaking has become a place where Apple and hackers fight each other repeatedly. In general, jailbreaking allows us to install and share applications at will, but it does reduce the security of the device and provides a convenient door for some malicious applications. Sometimes our application wants to know whether the installed device has been jailbroken. Obviously, Apple officials will not provide a solution, so what should we do? Because cydia will be automatically installed after jailbreaking, we can start from this aspect; we can also use the permission issue to read the list of applications; we can also read environment variables, and machines that are not jailbroken should not be able to read anything.

Let's talk about them one by one:

1. Determine common jailbreak files

/Applications/Cydia.app

/Library/MobileSubstrate/MobileSubstrate.dylib

/bin/bash

/usr/sbin/sshd

/etc/apt

This table can be listed as much as possible, and then it can be determined whether it exists. As long as it exists, it can be considered that the machine is jailbroken.

  1.  #define ARRAY_SIZE(a) sizeof(a)/sizeof(a[ 0 ]) 
  2.  
  3.  const   char * jailbreak_tool_pathes[] = {
  4.  "/Applications/Cydia.app" ,
  5.  "/Library/MobileSubstrate/MobileSubstrate.dylib" ,
  6.  "/bin/bash" ,
  7.  "/usr/sbin/sshd" ,
  8.  "/etc/apt"  
  9.  }; 
  10.  
  11.  - (BOOL)isJailBreak
  12.  {
  13.  for ( int i= 0 ; i<ARRAY_SIZE(jailbreak_tool_pathes); i++) {
  14.  if ([[NSFileManager defaultManager] fileExistsAtPath:[NSString stringWithUTF8String:jailbreak_tool_pathes[i]]]) {
  15.   NSLog(@ "The device is jail broken!" );
  16.  return YES;
  17.  }
  18.  }
  19.   NSLog(@ "The device is NOT jail broken!" );
  20.  return NO;
  21.  }

2. Determine the URL scheme of Cydia

The URL scheme can be used to call out another application in an application. It is a path to a resource (see "How to Call Out Another Application in iOS" for details). This method is used to determine whether the Cydia application exists.

  1.  01.- (BOOL)isJailBreak
  2.  02.
  3.  03. if ([[UIApplication sharedApplication] canOpenURL:[NSURL URLWithString:@ "cydia://" ]]) {
  4.  04.NSLog(@ "The device is jail broken!" );
  5.  05. return YES;
  6.  06.}
  7.  07.NSLog(@ "The device is NOT jail broken!" );
  8.  08. return NO;
  9.  09.}

3. Read the names of all applications in the system

This is determined by taking advantage of the fact that non-jailbroken machines do not have this permission.

  1.  #define USER_APP_PATH @"/User/Applications/"  
  2.  - ( BOOL )isJailBreak
  3.  {
  4.  if ([[NSFileManager defaultManager] fileExistsAtPath:USER_APP_PATH]) {
  5.   NSLog(@ "The device is jail broken!" );
  6.   NSArray *applist = [[NSFileManager defaultManager] contentsOfDirectoryAtPath:USER_APP_PATH error:nil];
  7.   NSLog(@ "applist = %@" , applist);
  8.  return YES;
  9.  }
  10.   NSLog(@ "The device is NOT jail broken!" );
  11.  return NO;
  12.  }

4. Use the stat method to determine whether cydia exists

The idea of ​​this method is to determine the cydia application, but the method uses the stat function and also determines whether there is a dynamic library injected.

  1.  #define CYDIA_APP_PATH "/Applications/Cydia.app"
  2.  int checkInject()
  3.  {
  4.  int ret;
  5.  Dl_info dylib_info;
  6.   int (*func_stat)(const char*, struct stat*) = stat; 
  7.  
  8.   if (( ret = dladdr (func_stat, &dylib_info)) && strncmp(dylib_info.dli_fname, dylib_name, strlen(dylib_name))) {
  9.  return 0;
  10.  }
  11.  return 1;
  12.  } 
  13.  
  14.  int checkCydia()
  15.  {
  16.   // first, check whether library is inject
  17.  struct stat stat_info; 
  18.  
  19.  if (!checkInject()) {
  20.   if ( 0 == stat(CYDIA_APP_PATH, &stat_info)) {
  21.  return 1;
  22.  }
  23.  } else {
  24.  return 1;
  25.  }
  26.  return 0;
  27.  } 
  28.  
  29.  - (BOOL)isJailBreak
  30.  {
  31.  if (checkCydia()) {
  32.   NSLog(@"The device is jail broken!");
  33.  return YES;
  34.  }
  35.   NSLog(@"The device is NOT jail broken!");
  36.  return NO;
  37.  }

5. Read environment variables

  1.  The DYLD_INSERT_LIBRARIES environment variable should be empty on a non-jailbroken machine. A jailbroken machine will basically have Library/MobileSubstrate/MobileSubstrate.dylib
  2.  char * printEnv( void )
  3.  {
  4.  char *env = getenv( "DYLD_INSERT_LIBRARIES" );
  5.  NSLog(@ "%s" , env);
  6.  return env;
  7.  } 
  8.  
  9.  - (BOOL)isJailBreak
  10.  {
  11.  if (printEnv()) {
  12.   NSLog(@ "The device is jail broken!" );
  13.  return YES;
  14.  }
  15.   NSLog(@ "The device is NOT jail broken!" );
  16.  return NO;
  17.  }

Of course, when determining whether a device is jailbroken, you can use multiple methods to ensure accuracy. Here I would also like to say that there are official jailbreaks and non-official jailbreaks, which are not officially guaranteed, so the situation is also complicated and changeable. iOS7 has also improved and upgraded the sandbox mechanism. Some situations may not be suitable for the new version, which still needs to be handled according to the actual situation. In addition, there are some methods such as forking a child thread and looking at the return value, which are not listed here one by one.

***, jailbreaking will increase unsafe factors after all, especially when there are many financial instruments installed, jailbreaking is strongly not recommended.

<<:  Programmer, how serious are you about your work other than writing code?

>>:  Write your own Bayesian classifier to classify books

Recommend

Talking about IP operation from the perspective of Perfect Diary’s marketing

Nowadays, with the continuous development of bran...

Top 3 machine learning libraries for Python

【51CTO.com Quick Translation】It turns out that we...

The basics of game growth cycle design: use a "ruler" to measure

[[150854]] Text/Chen Han Talk about the basis of ...

The points system has raised questions about the high energy consumption of new energy vehicles, and the pure electric route may be revised

After the introduction period and entering the gr...

Fuse Clip: Do you know these pseudo-original techniques for SEO?

As an SEOer, how to make the website better inclu...

About modern CPU, programmers should update their knowledge

Someone talked about his understanding of CPU on ...

Is the traffic of mini programs counted in WeChat? Who owns the traffic of WeChat mini programs?

Q: Is the traffic of mini programs counted in WeC...

Bull Demon King - Trading Strategies of Large Institutions

Bull Demon King - Introduction to the resources o...

Octopus has parasites?! Octopus: That's my partner's penis...

In 1829, Georges Cuvier, a leading figure in the ...

Not wanting to go to work is not really because of laziness! West China Psychological Expert: 5 tips to get back on track!

It’s time to go to work again! How sad, confused,...

How to make users believe in your product?

Before users buy a product, their biggest concern...

Academician Ouyang Ziyuan: The moon is already "dead", why do we still need to explore it?

Have you ever thought about this question: Will a...

Alipay is now open for the Five Blessings! Here's how to start collecting the Five Blessings right now

Alipay’s “collecting five blessings” has become a...

I once dreamed of traveling around the world with a sword, but I found that I forgot my phone at home... Why are some people "difficult to navigate"?

Produced by: Science Popularization China Author:...

Foshan takeaway platform mini program development, what are the advantages of catering takeaway mini program?

Soon after the beginning of the year, epidemics b...