I want use function 'dlopen()' to invoke a dynamic library on iOS platform, is the function 'dlopen()' private API?
I've had success using dlopen on iOS for years. In my use case, I use dlopen to load public system frameworks on demand instead of having them loaded on app launch. Works great!
[EDIT] - as of iOS 8, extensions and shared frameworks are prohibited from using dlopen, however the application itself can still use dlopen (and is now documented as being supported for not only Apple frameworks, but custom frameworks too). See the Deploying a Containing App to Older Versions of iOS section in this Apple doc: https://developer.apple.com/library/ios/documentation/General/Conceptual/ExtensibilityPG/ExtensibilityPG.pdf
[EDIT] - contrived example
#import <dlfcn.h>
void printApplicationState()
{
Class UIApplicationClass = NSClassFromString(#"UIApplication");
if (Nil == UIApplicationClass) {
void *handle = dlopen("System/Library/Frameworks/UIKit.framework/UIKit", RTLD_NOW);
if (handle) {
UIApplicationClass = NSClassFromString(#"UIApplication");
assert(UIApplicationClass != Nil);
NSInteger applicationState = [UIApplicationClass applicationState];
printf("app state: %ti\n", applicationState);
if (0 != dlclose(handle)) {
printf("dlclose failed! %s\n", dlerror());
}
} else {
printf("dlopen failed! %s\n", dlerror());
}
} else {
printf("app state: %ti\n", [UIApplicationClass applicationState]);
}
}
Related
We are using the Facebook Unity SDK 15.1.0 in Unity 2019.4.40f1. This SDK has some serious bugs. One of them is that it won't add the required frameworks to the Unity-iPhone target. The project will build, but immediately crash on startup.
The frameworks are there, but in a Pod:
I can add them manually in the General => Frameworks, Libraries, and Embedded Content section of the target:
Everything works fine then.
However, doing this after every build is quite tedious, so I would like to automate this task via a post build script. I am scratching my head about this, since I cannot find good samples online that actually work.
So my question is: How do you add a .xcframework buried in Facebook SDK's pods so it correctly shows up in the target?
Here is how i would do it. This may not be 100% correct but good enough to modify it to make it work for you. Basically you need to use PBXProject.AddFrameworkToProject to add frameworks.
#if UNITY_IOS
[PostProcessBuild(1)]
public static void ChangeXcodePlist(BuildTarget buildTarget, string pathToBuiltProject) {
if (buildTarget == BuildTarget.iOS) {
// get pbx project path
var projPath = PBXProject.GetPBXProjectPath(pathToBuiltProject);
if (File.Exists(projPath))
{
var proj = new PBXProject();
proj.ReadFromString(File.ReadAllText(projPath));
string mainTargetGuid = null, testTargetGuid = null, frameworkTargetGuid = null;
#if UNITY_2019_4_OR_NEWER // APIs are different for getting main unity targets changes based on versions
mainTargetGuid = proj.GetUnityMainTargetGuid();
frameworkTargetGuid = proj.GetUnityFrameworkTargetGuid();
#else
mainTargetGuid =
proj.TargetGuidByName(PBXProject.GetUnityTargetName());
testTargetGuid =
proj.TargetGuidByName(PBXProject.GetUnityTestTargetName());
frameworkTargetGuid = proj.TargetGuidByName("UnityFramework");
#endif
// add your frameworks here
if (!String.IsNullOrEmpty(mainTargetGuid))
{
Debug.Log("Adding targets to mainTargetGuid")
proj.AddFrameworkToProject(mainTargetGuid, "FBSDKCoreKit.xcframework", false);
proj.AddFrameworkToProject(mainTargetGuid, "FBSDKGamingServicesKit.xcframework", false);
}
// add to test target aswell if exists
if (!String.IsNullOrEmpty(testTargetGuid))
{
Debug.Log("Adding targets to testTargetGuid")
proj.AddFrameworkToProject(mainTargetGuid, "FBSDKCoreKit.xcframework", false);
proj.AddFrameworkToProject(mainTargetGuid, "FBSDKGamingServicesKit.xcframework", false);
}
if (!String.IsNullOrEmpty(frameworkTargetGuid))
{
Debug.Log("Adding targets to frameworkTargetGuid")
proj.AddFrameworkToProject(mainTargetGuid, "FBSDKCoreKit.xcframework", false);
proj.AddFrameworkToProject(mainTargetGuid, "FBSDKGamingServicesKit.xcframework", false);
}
proj.WriteToFile(projPath);
}
}
}
#endif
You can also use PBXProject.ContainsFramework before you include the frameworks.
The code in the previous answer is not working. Freimworks are not added like that.
Correct code for adding facebook's frameworks (working):
[PostProcessBuild(1000)]
public static void OnPostprocessBuild(BuildTarget buildTarget, string pathToBuiltProject) {
if (buildTarget != BuildTarget.iOS) return;
string projectPath = PBXProject.GetPBXProjectPath(pathToBuiltProject);
PBXProject project = new PBXProject();
project.ReadFromFile(projectPath);
string mainTargetGuid = project.GetUnityMainTargetGuid();
List<string> frameworks = new List<string> {
"FBSDKCoreKit",
"FBSDKGamingServicesKit"
};
foreach (string framework in frameworks) {
string frameworkName = framework + ".xcframework";
var src = Path.Combine("Pods", framework, "XCFrameworks", frameworkName);
var frameworkPath = project.AddFile(src, src);
project.AddFileToBuild(mainTargetGuid, frameworkPath);
project.AddFileToEmbedFrameworks(mainTargetGuid, frameworkPath);
}
// Write.
project.WriteToFile(projectPath);
}
Given the plugins that are available in the Nativescript community, your Nativescript app may or may not be sufficient to pass security penetration testing.
Below are two plugins to list a few.
https://www.npmjs.com/package/#nstudio/root-detection
https://www.npmjs.com/package/nativescript-jailbreak-detector
In some scenarios, you could achieve better results by manually writing your own checks against a jailbreak and dynamic instrumentation (e.g. Frida), since there are so many tools to bypass jailbreak detection (e.g. HideJB) nowadays.
What are some ways we can detect jailbreak and protect against dynamic instrumentation on iOS Nativescript?
Detection can be carried out on multi-levels:
Check if URLs are openable via illegal URL schemes
Check if files are openable on illegal directories
Check if illegal files exist (incl. Cydia, Sileo, HideJB, etc.)
Check if files are writable on restricted directories
Code
public amIJailbroken(): boolean {
let urlSchemes: Array<string> = ['undecimus://', 'cydia://', 'sileo://', 'zbra://', 'filza://', 'activator://'];
// List of suspicious files associated with jailbreak
let paths: Array<string> = [
'/.bootstrapped_electra',
'/.cydia_no_stash',
'/.installed_unc0ver',
'/Applications/blackra1n.app',
'/Applications/Cydia.app',
'/Applications/FakeCarrier.app',
'/Applications/HideJB.app',
'/Applications/Icy.app',
'/Applications/IntelliScreen.app',
'/Applications/MxTube.app',
'/Applications/RockApp.app',
'/Applications/SBSettings.app',
'/Applications/SBSetttings.app',
'/Applications/Sileo.app',
'/Applications/Snoop-itConfig.app',
'/Applications/WinterBoard.app',
'/bin.sh',
'/bin/bash',
'/bin/sh',
'/etc/apt',
'/etc/apt/sources.list.d/electra.list',
'/etc/apt/sources.list.d/sileo.sources',
'/etc/apt/undecimus/undecimus.list',
'/etc/ssh/sshd_config',
'/jb/amfid_payload.dylib',
'/jb/jailbreakd.plist',
'/jb/libjailbreak.dylib',
'/jb/lzma',
'/jb/offsets.plist',
'/Library/dpkg/info/re.frida.server.list',
'/Library/LaunchDaemons/re.frida.server.plist',
'/Library/MobileSubstrate/CydiaSubstrate.dylib',
'/Library/MobileSubstrate/DynamicLibraries/LiveClock.plist',
'/Library/MobileSubstrate/DynamicLibraries/Veency.plist',
'/Library/MobileSubstrate/HideJB.dylib',
'/Library/MobileSubstrate/MobileSubstrate.dylib',
'/Library/PreferenceBundles/ABypassPrefs.bundle',
'/Library/PreferenceBundles/FlyJBPrefs.bundle',
'/Library/PreferenceBundles/HideJBPrefs.bundle',
'/Library/PreferenceBundles/LibertyPref.bundle',
'/Library/PreferenceBundles/ShadowPreferences.bundle',
'/private/etc/apt',
'/private/etc/dpkg/origins/debian',
'/private/etc/ssh/sshd_config',
'/private/var/cache/apt/',
'/private/var/lib/apt',
'/private/var/lib/apt/',
'/private/var/lib/cydia',
'/private/var/log/syslog',
'/private/var/mobile/Library/SBSettings/Themes',
'/private/var/mobileLibrary/SBSettingsThemes/',
'/private/var/stash',
'/private/var/tmp/cydia.log',
'/private/var/Users/',
'/System/Library/LaunchDaemons/com.ikey.bbot.plist',
'/System/Library/LaunchDaemons/com.saurik.Cydia.Startup.plist',
'/usr/bin/cycript',
'/usr/bin/ssh',
'/usr/bin/sshd',
'/usr/lib/libcycript.dylib',
'/usr/lib/libhooker.dylib',
'/usr/lib/libjailbreak.dylib',
'/usr/lib/libsubstitute.dylib',
'/usr/lib/substrate',
'/usr/lib/TweakInject',
'/usr/libexec/cydia/',
'/usr/libexec/cydia/firmware.sh',
'/usr/libexec/sftp-server',
'/usr/libexec/ssh-keysign',
'/usr/local/bin/cycript',
'/usr/sbin/frida-server',
'/usr/sbin/sshd',
'/usr/share/jailbreak/injectme.plist',
'/var/binpack',
'/var/cache/apt',
'/var/checkra1n.dmg',
'/var/lib/apt',
'/var/lib/cydia',
'/var/lib/dpkg/info/mobilesubstrate.md5sums',
'/var/log/apt',
'/var/log/syslog',
'/var/tmp/cydia.log',
];
// Check if target is not an iOS simulator
if (!isIOS || !this.isTarget()) return false;
else {
// Check URL schemes
for (const url of urlSchemes) {
if (this.canOpenIllegalURL(url)) return true;
}
// Check files and directories associated with jailbreaks
for (const path of paths) {
if (this.canOpenIllegalFile(path)) return true;
}
// Check file permissions outside device sandbox, if writtable = jailbroken
if (this.canWriteToRestrictedDirectories()) return true;
return false;
}
}
/*
********** Helper Methods **********
*/
/* Check if environment is being run as a RELEASE build */
private isTarget() {
return process.env.RELEASE_ENV;
}
/* Check if we can open illegal URL schemes */
private canOpenIllegalURL(url): boolean {
return UIApplication.sharedApplication.canOpenURL(NSURL.URLWithString(url + 'package/com.example.app'));
}
/* Check if file is openable */
private canOpenIllegalFile(path): boolean {
const file = fopen(path, 'r');
if (!file) {
fclose(file);
return this.fileExists(path) || this.directoryExists(path);
}
fclose(file);
return true;
}
/* Check if file exists at path */
private fileExists(path): boolean {
return NSFileManager.defaultManager.fileExistsAtPath(path);
}
/* Check if directory exists at path */
private directoryExists(path): boolean {
return NSFileManager.defaultManager.fileExistsAtPathIsDirectory(path, new interop.Reference());
}
/* Check if file is writtable to illegal directory */
private canWriteToRestrictedDirectories(): boolean {
let error;
try {
const stringToBeWritten = NSString.stringWithString('I am evil.');
stringToBeWritten.writeToFileAtomicallyEncodingError('/private/jailbreak.txt', true, NSUTF8StringEncoding);
stringToBeWritten.writeToFileAtomicallyEncodingError('/root/jailbreak.txt', true, NSUTF8StringEncoding);
NSFileManager.defaultManager.removeItemAtPathError('/private/jailbreak.txt');
NSFileManager.defaultManager.removeItemAtPathError('/root/jailbreak.txt');
} catch (e) {
error = e;
}
return !error ? true : false;
}
References
The research comes from a consolidation of the following ideas:
https://stackoverflow.com/a/26712383/2192332
https://mobile-security.gitbook.io/mobile-security-testing-guide/ios-testing-guide/0x06j-testing-resiliency-against-reverse-engineering
https://github.com/securing/IOSSecuritySuite/blob/master/IOSSecuritySuite/JailbreakChecker.swift
https://github.com/avltree9798/isJailbroken/blob/master/isJailbroken/JB.m
Improvements
Please feel free to suggest!
E.g. Checking for illegal dynamic libraries in memory using _dyld_get_image_name
I followed the steps mention under section "Location Client" on https://developer.xamarin.com/guides/android/platform_features/maps_and_location/location/
There in the example it implements IGooglePlayServicesClientConnectionCallbacks, IGooglePlayServicesClientOnConnectionFailedListenerinterfaces in the activity class.
From where this interface coming from? i can't resolve them in my code. What nuget package should I add and what should I import ?
From where this interface coming from? i can't resolve them in my code. What nuget package should I add and what should I import ?
You need download the Xamarin.GooglePlayServices.Base package :
And you need Check for Google Play Services when you use these api :
public bool IsPlayServicesAvailable()
{
int resultCode = GoogleApiAvailability.Instance.IsGooglePlayServicesAvailable(this);
if (resultCode != ConnectionResult.Success)
{
if (GoogleApiAvailability.Instance.IsUserResolvableError(resultCode))
msgText.Text = GoogleApiAvailability.Instance.GetErrorString(resultCode);
else
{
msgText.Text = "Sorry, this device is not supported";
Finish();
}
return false;
}
else
{
msgText.Text = "Google Play Services is available.";
return true;
}
}
I have an issue with Notification Service Extension.
I have followed step by step documentation
https://developer.xamarin.com/guides/ios/platform_features/introduction-to-ios10/user-notifications/enhanced-user-notifications/#Working_with_Service_Extensions
To implement, I have done in that way.
Added Notification Service Extension with same prefix of my app (adding a suffix, ex: APP: com.testapp.main - EXT: com.testapp.main.notificationextension)
Created APPID identifier com.testapp.main.notificationextension into Member Center of Apple
Created certificate and provisioning profile to send push notification for APP ID com.testapp.main.notificationextension
Imported into Xcode and Xamarin certificate and provisioning
Build my app with reference to Notification Extension reference.
Created archive to upload to TestFlight
Signed app with its Distribution Certificate and Provisioning Profile
Signed extension with its Distribution Certificate and Provisioning Profile
Uploaded to TestFlight
Download and allowed push notification for my app
Sent rich push notification with Localytics Dashboard for messaging
- Device receive push notification but not pass for NotificationService.cs code of Notification Service Extension!
This is my NotificationService code:
using System;
using Foundation;
using UserNotifications;
namespace NotificationServiceExtension
{
[Register("NotificationService")]
public class NotificationService : UNNotificationServiceExtension
{
Action<UNNotificationContent> ContentHandler { get; set; }
UNMutableNotificationContent BestAttemptContent { get; set; }
const string ATTACHMENT_IMAGE_KEY = "ll_attachment_url";
const string ATTACHMENT_TYPE_KEY = "ll_attachment_type";
const string ATTACHMENT_FILE_NAME = "-localytics-rich-push-attachment.";
protected NotificationService(IntPtr handle) : base(handle)
{
// Note: this .ctor should not contain any initialization logic.
}
public override void DidReceiveNotificationRequest(UNNotificationRequest request, Action<UNNotificationContent> contentHandler)
{
System.Diagnostics.Debug.WriteLine("Notification Service DidReceiveNotificationRequest");
ContentHandler = contentHandler;
BestAttemptContent = (UNMutableNotificationContent)request.Content.MutableCopy();
if (BestAttemptContent != null)
{
string imageURL = null;
string imageType = null;
if (BestAttemptContent.UserInfo.ContainsKey(new NSString(ATTACHMENT_IMAGE_KEY)))
{
imageURL = BestAttemptContent.UserInfo.ValueForKey(new NSString(ATTACHMENT_IMAGE_KEY)).ToString();
}
if (BestAttemptContent.UserInfo.ContainsKey(new NSString(ATTACHMENT_TYPE_KEY)))
{
imageType = BestAttemptContent.UserInfo.ValueForKey(new NSString(ATTACHMENT_TYPE_KEY)).ToString();
}
if (imageURL == null || imageType == null)
{
ContentHandler(BestAttemptContent);
return;
}
var url = NSUrl.FromString(imageURL);
var task = NSUrlSession.SharedSession.CreateDownloadTask(url, (tempFile, response, error) =>
{
if (error != null)
{
ContentHandler(BestAttemptContent);
return;
}
if (tempFile == null)
{
ContentHandler(BestAttemptContent);
return;
}
var cache = NSSearchPath.GetDirectories(NSSearchPathDirectory.CachesDirectory, NSSearchPathDomain.User, true);
var cachesFolder = cache[0];
var guid = NSProcessInfo.ProcessInfo.GloballyUniqueString;
var fileName = guid + ATTACHMENT_FILE_NAME + imageType;
var cacheFile = cachesFolder + fileName;
var attachmentURL = NSUrl.CreateFileUrl(cacheFile, false, null);
NSError err = null;
NSFileManager.DefaultManager.Move(tempFile, attachmentURL, out err);
if (err != null)
{
ContentHandler(BestAttemptContent);
return;
}
UNNotificationAttachmentOptions options = null;
var attachment = UNNotificationAttachment.FromIdentifier("localytics-rich-push-attachment", attachmentURL, options, out err);
if (attachment != null)
{
BestAttemptContent.Attachments = new UNNotificationAttachment[] { attachment };
}
ContentHandler(BestAttemptContent);
return;
});
task.Resume();
}
else {
ContentHandler(BestAttemptContent);
}
}
public override void TimeWillExpire()
{
// Called just before the extension will be terminated by the system.
// Use this as an opportunity to deliver your "best attempt" at modified content, otherwise the original push payload will be used.
ContentHandler(BestAttemptContent);
return;
}
}
}
You are doing everything correctly, this is an issue raised by a few other xamarin developers. From what I can tell, as soon as you run the NSURLSession to download something, even if it's super super small, you go above the memory limit allowed for this type of extension. This is most probably very specific to xamarin.
Here is the link to the bugzilla.
https://bugzilla.xamarin.com/show_bug.cgi?id=43985
The work-around/hack I found is far from ideal. I rewrote this app extension in xcode in objective-c (you could use swift too I suppose). It is a fairly small (1 class) extension. Then built it in xcode using the same code signature certificate / provisioning profile and then found the .appex file in the xcode's output.
From then, you can take the "cheap way", and swap this .appex file in your .ipa folder manually just before resigning and submitting the app. If that's good enough for you, you can stop here.
Or you can automate this process, to to so, place the appex file in the csproj's extension and set the build-action as "content". Then in this csproj's file (you'll need to edit directly) you can add something like this. (In this case, the file is called Notifications.appex and is placed in a folder called NativeExtension)
<Target Name="BeforeCodeSign">
<ItemGroup>
<NativeExtensionDirectory Include="NativeExtension\Debug\**\*.*" />
</ItemGroup>
<!-- cleanup the application extension built with Xamarin (too heavy in memory)-->
<RemoveDir SessionId="$(BuildSessionId)"
Directories="bin\iPhone\Debug\Notifications.appex"/>
<!-- copy the native one, built in obj-c -->
<Copy
SessionId="$(BuildSessionId)"
SourceFiles="#(NativeExtensionDirectory)"
DestinationFolder="bin\iPhone\Debug\Notifications.appex"
SkipUnchangedFiles="true"
OverwriteReadOnlyFiles="true"
Retries="3"
RetryDelayMilliseconds="300"/>
</Target>
This gives you the general idea, but obviously if you want to support ad-hoc distribution signature, iOS app-store distribution signature you will need to add a bit more code into this (and possibly add in the csproj a native appex file for each different signature), I would suggest putting such xml code in separate ".targets" file and use conditional calltargets in the csproj. Like this:
<Target Name="BeforeCodeSign">
<CallTarget Targets="ImportExtension_Debug" Condition=" '$(Configuration)|$(Platform)' == 'Debug|iPhone' " />
<CallTarget Targets="ImportExtension" Condition=" '$(Configuration)|$(Platform)' == 'Release|iPhone' " />
</Target>
If anyone else comes here, the code by original poster works for me and the bug mention is now marked as fixed. If I have one tip, do not try to do this on Windows. You will be in for a whole world of pain and will get nowhere (actually, it did work for me, once!). Also expect Visual Studio on Mac to crash, a lot, if you try to debug!
I am using Cordova 2.9.0 with phonegap to build an iOS app.
With iOS 8, I am getting error messages of
Deprecated attempt to access property 'geolocation' on a non-Navigator object.
Deprecated attempt to access property 'userAgent' on a non-Navigator object
I tried EddyVerbruggen's solution
https://gist.github.com/EddyVerbruggen/cd02c73162180793513e
But, I am getting those error messages from Cordova
Also, when my application loads completely, I have no problem using
window.navigator.userAgent
Fist of all, it seems just a warning and the apps work fine.
They have been fixed this and I suposse it will be available soon, but for people using cordova 2.9.X, we have to change the replaceNavigator function to be like this on the cordova.js file (the whole else is new)
function replaceNavigator(origNavigator) {
var CordovaNavigator = function() {};
CordovaNavigator.prototype = origNavigator;
var newNavigator = new CordovaNavigator();
// This work-around really only applies to new APIs that are newer than Function.bind.
// Without it, APIs such as getGamepads() break.
if (CordovaNavigator.bind) {
for (var key in origNavigator) {
if (typeof origNavigator[key] == 'function') {
newNavigator[key] = origNavigator[key].bind(origNavigator);
} else {
(function(k) {
Object.defineProperty(newNavigator, k, {
get: function() {
return origNavigator[k];
},
configurable: true,
enumerable: true
});
})(key);
}
}
}
return newNavigator;
}