ios read sms and call logs as mspy does - ios

I went though lot of questions about tracking sms and call logs in non-jailbroken ios device. I came to conclusion that it is not possible.
But then I came across this
So I wonder how mspy does this. I am looking to built this functionality for enterprise app, so no problem of itunes rejection.
Can some one please help.
Thanks.

Please check these features description notes:
mSpy runs on jailbroken/non-jailbroken iOS devices. In the former
case, you need physical access for installation. In the latter case,
you need no access if you have iCloud credentials, but you get fewer
monitoring features. Still, the access may become necessary if iCloud
backup isn’t activated on the device.
I guess they are getting info from iCloud account but not the device itself. Moreover they have said fewer monitoring features , i dont know what they exactly mean by fewer and what info do they actually gets in that case. But they are sure getting info from already synced data over iCloud.

Related

How does Yubo previously known as Yello remember users after reinstall?

Okay, I have asked Reddit 3x and Apple once and no one could answer this so I am coming to you guys. Please be the ones to answer this validly. Okay, details. Yubo remembers my phone after reinstall and I do not know how. I have tried the following:
Changed my IP Address using a VPN
Change my IDFA through reset identifier which I now know is pointless as since I had “limit ad tracking” on the output would have been an output value of numerous 0’s (though this some how got me unbanned from the “Instagram” app, idk how tho)
Changed my IDFV by...well reinstalling the app (Yubo is there only app so don’t ask about other apps from the vendor)
Change my iPhones name multiple times
Prevented the app from being backed up on Icloud then reinstalling
I also logged out of the Icloud prior to using the app for the first time after reinstall
And that’s about it. I am aware the app may recognize: my phone, ios version and hardware. However, none of that is exclusive to my phone. I have read people having the exact same model and phone so i doubt Yubo is remembering me through that. I have never met an app so smart before, but I know some of you have probably been screaming this entire time one thing I have missed so please tell me what i missed and a way to change it without resetting my phone.
My device: Iphone6s and IOS 11

iOS - Security concerns installing a self-signed 3rd party app via Cydia Impactor

Pretty much what the title says.
I would like to install a 3rd party app on my iOS 11 device, but the only way to do so is by self-signing the .ipa and installing it via Cydia Impactor.
What are the possible security concerns in doing so?
How much control and access would said app have over my device once trusted?
There's no way of saying for certain.
Private APIs
iOS 11 fixed a number of vulnerabilities that allowed access to personal info such as SMS messages without user knowing. There might be other vulnerabilities but it looks like iOS 11 is pretty good in regards to private API access. Pretty much every known personal info leak was fixed.
The problem here is you can't do anything about it. Only way is to disassemble the application and see for yourself.
Permissions
Of course, there're many ways third-party app can steal your personal info if you give it the access. For example, contacts, calendar, call history (without phone number but still), microphone, photo library - once given permission to access, can be accessed at any point even when running in the background without you knowing it. Application can run in the background indefinitely, it's still not fixed by Apple.
Accessing location will always display an icon in the status bar so that's fine. But there're ways you can fool iOS to access location once and not display the icon. It's not reliable but it works.
If application is running in the foreground then it can access camera, microphone, location and iOS will not tell you anything about it. Recently there was an article about camera specifically. You can't tell when it's recording and that's a real problem.
Solution here is simple - don't give the permission.
Jailbreak
Jailbreaking relies on a number of vulnerabilities to modify kernel to disable security measures. No one is stopping you from using these exploits to be executed from a third-party app not meant for jailbreaking. In fact, all recent jailbreaks are done by installing an application using Cydia Impactor. And there's an actual example of that - Filza. It's a file manager that can access root file system. It does that by executing exploits used in jailbreak.
Solution here is to make sure your iOS is up to date and has no jailbreak for it. Of course there's a possibility of unknown exploits. Serious vulnerabilities found regularly in iOS. You can disassemble the application to see what it's actually doing but I don't think you would asking this question if you knew how do that.

How do I accurately detect the presence and/or absence of a jailbreak in iOS?

After I attended a programming class, one of my friends showed me an app that would not allow him get past the first screen due to his jailbroken iPhone.
Since then I have been intrigued as to how the app was able to detect the jailbreak without being blocked by apple and, being the anti-jailbreak advocate that I am, I kept fruitlessly trying to find a reliable way to detect a jailbroken iOS device to prevent people from cheating if I ever decided to release a game on the App Store.
Does anyone know of a reliable method(s) to detect a device's jailbreak status that cannot be easily bypassed by said jailbroken device?
EDIT: based on recent comments, I would just like to clarify that the intention of this post is to share the knowledge I gained from finding that article, and to provide a place where other users can contribute their methods of jailbreak detection.
The other day I stumbled across an article containing the exact answer I was looking for.
From https://www.theiphonewiki.com/wiki/Bypassing_Jailbreak_Detection
While there are countless ways apps can implement checks for jailbroken devices, they typically boil down to the following:
Existence of directories - Check your file system for paths like /Applications/Cydia.app/ and /private/var/stash, amongst a handful of others. Most often, these are checked using the -(BOOL)fileExistsAtPath:(NSString*)path method in NSFileManager, but more sneaky apps like to use lower-level C functions like fopen(), stat(), or access().
Directory permissions - Check the Unix file permissions of specific files and directories using NSFileManager methods as well as C functions like statfs(). Far more directories have write access on a jailbroken device than on one still in jail.
Process forking - sandboxd does not deny App Store applications the ability to use fork(), popen(), or any other C functions to create child processes on non-jailbroken devices. sandboxd explicitly denies process forking on devices in jail. if you check the returned pid on fork(), your app can tell if it has successfully forked or not, at which point it can determine a device's jailbreak status.
SSH loopback connections* - Due to the large portion of jailbroken devices that have OpenSSH installed, some apps will attempt to connect to 127.0.0.1 on port 22. If the connection succeeds, it means OpenSSH is installed and running on the device, therefore it is jailbroken.
system() - Calling the system() function with a NULL argument on a device in jail will return 0; doing the same on a jailbroken device will return 1. This is since the function will check whether /bin/sh exists, and this is only the case on jailbroken devices.[1]
dyld functions - By far the hardest to get around. Calling functions like _dyld_image_count() and _dyld_get_image_name() to see which dylibs are currently loaded. Very difficult to patch, as patches are themselves part of dylibs.
*Only a very small number of applications implement this (as it is not nearly as effective as the others)
the above passage was edited for brevity
I figured I'd post this here as a knowledge-share for those app developers wondering how that one app was able to successfully implement jailbreak detection when all other attempts at detecting jailbreak get rejected by Apple.
Blocking all jailbroken users probably wouldn't help you fight app piracy if you released a game on the App Store because it would force them to get a pirated version of the game to be able to play (instead of giving them the possibility to pay to play the game).
What you'd want is to check if the game is a legit version off the App Store. But even that could be potentially patched by the guys who crack games to release them...
You can check if the currently running executable is encrypted, which is a good way to know if the app has been pirated by looking at this answer.
Otherwise if it's a free game with in-app purchase, doing receipt validation helps block out most tweaks that get around paying for in-app purchases.
But there's definitely no way to absolutely block out app piracy.
You could always mention how had you worked on that game within the game... That could convince a few persons to pay for the legit version of the game.

How to get crash logs of Testflight external testers on Xcode or iTunes connect?

Is there any ways to know what's wrong with someone's app. It is working on everyone else's device but this person.
The person tried removing the previous version and installing the new one, but it still does not work. I suspect that one of the files that I place in the documents folder might still be there... but the format of this file has changed since...
Apple has a technote about this named Debugging Deployed iOS Apps.
Also, if your tester syncs up their iPhone with a Macintosh or PC, iTunes also helpfully moves logs into predictable places where they can be retrieved from.
I am attempting to solve this logging of execution in TestFlight with the following simple approach...
In in-App Billing you really have to use TestFlight, so the problem is serious.
The "print("text") statements can be replaced in the code to calls to a func printTestFlight(text: String) which writes the strings to a database along with some identifier so you know the user.
This is quite simple and obvious, and to an extent it works.
If there are events which are logged by the os rather than teh user, then this approach misses those, notably the interesting ones around a crash. I'd be happy to hear from anyone who knows how to do thiso

Launching an iOS app on device reboot

I want to write an iOS sample application which can launch itself whenever device is rebooted. Please share your thoughts and any pointers will be really helpful.
Setting VOIP in background modes seems to be one option.
I am NOT looking for a Jail break solution.
There is a way if you have access to MDM tools or the Apple Configurator, and are able to control the device and its' profile. For example, if you are the curator at a museum or you or a teacher and hand out iPads to students, you'll most certainly have this level of control; and since you're writing a sample application, I suppose this level of control is possible as well.
There is a feature known as Single App Mode (see page 17) that locks a device into a single app. According to the documentation, if the device is powered down, the specified app will launch at boot. (I don't have the setup to confirm this.)
Note that Single App Mode is not the same as guided access mode, though people do tend to get them confused.
So should you have access to the right tools your original intent may be possible.
There is really not much you can do to achieve such functionality. The most you can do is to provide background fetching to prepare your app for when user launches it explicitly.
I have never seen a single app that could launch itself for no reason.
Hope this can be useful.
Can't be done unless the device is jailbroken, and I can't help you with that.
To my knowledge, this is not possible. Your app does not have access to this level of system information.
What you could do is periodically send push-notifications with a payload that temporary allows you to access app functionality.

Resources