I've been searching for 2 days to prevent my app from jailbreak device, and I got it, the problem is I still can hook my class use theOS and override the jailbreak check function.
Do you have any proven Idea maybe , framework , library or something else ?
You can use dyld for that.
_dyld_image_count returns a number of dynamic libraries loaded into your application address space. Then you can iterate over them using _dyld_get_image_name checking dynamic library path. That way you can determine whether CydiaSubstrate library or any dynamic library with unknown path been loaded into your application.
Of course with jailbreak even those functions can be hooked and I don't think you can do much about it. Arxan claims it can do something with it but even if it detects something you can always hook any function it uses for detection. CydiaSubstrate tweaks are always one step ahead because they're loaded before main is called. Thus it can hook everything it wants in constructor and you can't do anything about it.
Without jailbreak only way to load malicious library is to modify and resign your app so that it links against the library. Without jailbreak you can't hook C functions so _dyld_get_image_name will be able to detect that library.
Related
I have an app implemented in native iOS (Swift). There is a web version of the app as well. A client wants to embed my app to its own app and suggested I use an iFrame and load the web version.
I understand this is a tricky solution as Apple might reject the app for not using native implementation.
What I want to ask is if there is a way to package my app entirely as a Framework and load it that way (app size is fairly big, with several viewControllers and functionality).
I understand that I won't have access to App-load functions like the AppDelegate.
Also what happens if my app has Library dependencies ? (such as Alamofire)
Any other things I should be concerned about ?
Thank you
There are obviously a lot of options around this as far as design/approach.
I've done this multiple times (with apps live on the app store) and really it's just like developing any Framework.
First: AppDelegate. The easy way around this is to have the app's AppDelegate subclass your Framework's AppDelegate:
#UIApplicationMain class ParentAppDelegate: FrameworkAppDelegate { }
Just make sure the App calls super on all the relevant methods.
Second: Dependencies. This is probably the most annoying part since Frameworks can't embed other frameworks. But you still have a few easy options:
Have the enclosing app embed the needed framework
Add the sources of the needed framework directly to your framework.
Use a dependency manager (e.g. cocoapods) that takes care of this for you.
Other Concerns: One trap you can easily run into is working with Bundles. Anytime you dynamically load images/strings/IB references/etc. you will need to specify you're using the Framework's bundle, as at times it can default to using the app's bundle. The easiest way to do this is with this init e.g. Bundle(for: self.self)
Also keep in mind that the settings in info.plist and entitlements your framework needs will need to be added by the parent app.
General Comments on Approach: My advice (take it or leave it ☺️) would be caution around simply adding your full application to a client's application. Aside from IP and App-Review concerns, it can result in adding a lot of complexity or a fork of your current application to support it, making future maintenance a hassle.
Instead I would recommend putting only the portions of the application your client requires into a separate framework that both you and your client use for your separate applications.
Is it possible to create an iOS library or framework using libgdx (RoboVM) that can be imported into Xcode?
Background:
One of my colleagues has created a 3D visualisation app as a libgdx project for android and windows desktop. It can be compiled to run on iOS using RoboVM. However, I would like to wrap extra native user interface elements around it using Xcode. I know its possible to build the user interface programmatically via RoboVM but I would be keen to investigate if its possible to bring the existing work into Xcode. I don't need to edit the 3D visualisation component but add extra GUI elements around the 3D Vis window. I thought compiling the libgdx (RoboVM) code to a framework or library might be a solution that could be imported?!
Yes you can do it.
All you need to create a method, say initRoboVM(), This will be called by your code when you want to initialize libgdx. You'll need to pass the app path in, which you can hardcode when you're testing.
initRoboVM() will need some modifications, namely it should not call your Java app's main method, well, at least, that's what well behaving libraries should not do IMO. It should also not call rvmShutdown.
You can get further information from here
Thanks :)
I asked the RoboVM team directly. Their answer: It's not a native function, but it certainly can be done.
The complete message...
Hi,
Sorry for the late reply. This use case is not something we're going
to do now. It is possible though if you're prepared to do some
patching of RoboVM. Search the RoboVM Google Group and you should find
others who have managed to get this working.
We get this request every know and then so we will add support for
this eventually.
Regards, Niklas
I'm trying to figure out how I can switch a current call to output audio via the loudspeaker (as if the person was to press "speaker" on the phone app. Ideally, I want to accept the call on loudspeaker; but one step at a time!
I have searched through various headers, both private and non-private frameworks but I can't find the appropriate method to call in order to switch to loudspeaker.
Originally, I expected it would be present in CTCall.h but nothing useful (in this respect) is in there..
Does anyone know where the appropriate method is found?
Many thanks :)
Several ideas:
1) Look at system wide event generation.
You can click programmatically on required button ("speaker" or "Answer" button).
Here are couple of questions regarding this:
Simulating System Wide Touch Events on iOS
Simulating System Wide Touch Events in iOS without jailbreaking the device
How to send a touch event to iPhone OS?
You may be interested to google more on GSEvent which is the key for even simulation.
2) Go to Simulator folder (/Application/XCode/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator6.1.sdk
and do something like this
grep -R "Speaker" ./
The idea is to search speaker in binaries (vs header files). Most of private API's aren't documented in header files (that's part of the reason why they are private).
I believe couple of interesting hits are:
TelephoneUI private framework
AudioToolbox framework (BTW. It even has in .h files following thing: kAudioSessionOverrrideAudioRoute_Speaker)
AVFoundation framewokr
IOKit* framework (it has kIOAudioOutputPortSubTypeExternalSpeaker in .h files)
and so on.
Next step would be to disassemble them. Most of these frameworks has A LOT of interesting API's which aren't defined in .h files. It's useful to browser through them to check whether you will find anything interesting on this subject.
If you don't want to bother with disassembling, you can get extracted headers from here:
https://github.com/nst/iOS-Runtime-Headers/tree/master/PrivateFrameworks
How can I find out how much memory my App is using from inside the app itself, using MonoTouch?
I basically want this:
Watching memory usage in iOS
which calls things like "task_info"
but for MonoTouch (it's OK if works only on iOS). I don't want a memory tool, like Instruments, etc, I just want to know the memory used from inside the App itself, so I can display it and be able to check it isn't too much in various field trials, etc.
I see at least two options:
Copy the "task_info" code into a new Xcode project and create a static library out of it. Then you link with that static library in your MonoTouch project, and use a P/Invoke to call logMemUsage.
Translate all the "task_info" code into C# (using P/Invokes to call native methods whenever required).
I would likely go for the first option, I believe it's somewhat less error prone.
I have been given a Shared Object file (.so) and the functions inside of it, but I don't have a clue as to how to use it, or alter it for use in an iOS application. Could someone point me in the right direction?
I know the .so came from an Android application, but I was told I could get it to work in an iOS application as well.
Actually and technically, yes, you can, but not in a way you would ever think.
If it came from Android, it is probably compiled for ARM. So it should be binary-compatible with the ARM CPU in iOS devices. However, iOS doesn't use the usual format of shared objects (that is, the ELF format), but iOS' and OS X's own Mach-O format.
This means that you cannot directly link against this shared object file nor are you able pass it directly to dlopen() and dlsym(). You have to get into serious hacking (something that you probably don't know). This involves loading and relocating the file properly.
An example of this can be found in iOS jailbreak developer and hacker, Comex's GitHub repository Frash, a Flash player for jailbroken iOS devices. Comex essentially wrote an ELF loader module (dubbed "food") for iOS and used it to make Android's libflashplayer.so work on iOS. Pretty neat, huh?
Also note that this is not going to be possible for AppStore apps as it needs dynamic loading and various alterations in the OS.
while technically possible (see h2co3's answer) for anything practical the answer is no
so files arent in the correct binary format
even if they were, dynamic loading is not allowed by appstore