How to detect a cracked iPhone App and a jailbroken device (different methods) [duplicate]

Asked 18/1, 2011 at 19:8 Answered 15/9, 2011 at 3:13

iphone detection cracking piracy-protection

I'm building a blacklisting service for cracked iPhone apps and I am curious if I missed a method for detecting cracked apps.

In the moment following app crack detection methods are available for the service:

checking plist size
checking signer identity
checking if binary is crypted (not sure if this is working correctly since no cracked app got detected this way)
checking modified date of info.plist against modified date of package (not sure if this is working - used code like: http://snippie.net/snip/f7530ff2 to do that)

I also wonder if it is possible to check if the device is jailbroken? This would help, too, because the service will work much like a spam blacklist and jailbreak could be used to increase the score.

I have also included a honeypot, which shows me that the tools used by the crackers eliminate some of the checks I do. For instance the plist check for size or signer identity.

My question is now:

Are there more "good" checks I should use?

and

Is there a way to detect Jailbreak?

Manslaughter answered 18/1, 2011 at 19:8 Comment(1)

Many techniques are discussed in this question for detecting cracked applications: Reducing piracy of iPhone applications. When it comes to jailbreak detection, see here: How do I detect that an SDK app is running on a jailbroken phone? – Eleanor 18/1, 2011 at 20:40

NEVER try and block jailbroken devices from using your app, just cracked ones. If you block jailbroken devices they'll be forced to use a patched version with all the checks removed.
Also ALL my devices are jailbroken so if a developer blocks jailbroken devices I would have to ignore their apps. Over 10% of all iDevices are jailbroken so this is a very bad idea.

EDIT: As I'm getting lots of down votes for this I'll post some methods to detect a jailbreak.

- (BOOL)fileExistsAtPath:(NSString *)path{
    NSLog(@"Check if file '%@' exists", path);

    struct stat buffer;   
    return stat([path UTF8String], &buffer) == 0;
}

- (BOOL)jailbroken{
    return ([self fileExistsAtPath:@"/Applications/Cydia.app"]);
}

Tolan answered 18/1, 2011 at 21:42 Comment(6)

Or they will be forced to remove the jailbreak, disable network, and stop using apps from App Store. 9% of this 10% are jailbroken because of piracy... – Manslaughter 20/1, 2011 at 9:18

I don't understand those down voting you. Myself, I jailbroke in order to test my app for piracy protection. Will those down voting guys send me to Guantanamo now? – Simulated 24/7, 2011 at 6:49

I know a lot of people who Jailbreak just to add tweaks and specific apps that aren't allowed in the App Store. These people still choose to purchase apps from the App Store. – Deport 15/9, 2011 at 3:46

@Freerunnering It's not a bad Idea. From a legal standing point of view, you give the responsibility to the end-user to use a secure application on an insecure device. JailBroken devices are very insecure, because CodeSigning is the only defence available on mibile devices. – Smote 9/12, 2011 at 11:42

@Nodef not true. Actually Jailbroken devices can be and generally are more secure then normal devices. For instance the PDF hack used to Jailbreak 4.0 & 4.3.0 with jailbreakme.com was patched by the person that found the hack and the patch was released on Cydia. – Tolan 9/12, 2011 at 20:8

@Nodef if you don't know something, at least don't pretend you do. Have you heard about changing the default password through SSH? I also don't see the point of the law-freak downvoters. – Ingate 14/8, 2012 at 16:53

-(IBAction)rootCheck:(id)sender {

    NSArray *jailbrokenPath = [NSArray arrayWithObjects:
                               @"/Applications/Cydia.app",
                               @"/Applications/RockApp.app",
                               @"/Applications/Icy.app",
                               @"/usr/sbin/sshd",
                               @"/usr/bin/sshd",
                               @"/usr/libexec/sftp-server",
                               @"/Applications/WinterBoard.app",
                               @"/Applications/SBSettings.app",
                               @"/Applications/MxTube.app",
                               @"/Applications/IntelliScreen.app",
                               @"/Library/MobileSubstrate/DynamicLibraries/Veency.plist",
                               @"/Applications/FakeCarrier.app",
                               @"/Library/MobileSubstrate/DynamicLibraries/LiveClock.plist",
                               @"/private/var/lib/apt",
                               @"/Applications/blackra1n.app",
                               @"/private/var/stash",
                               @"/private/var/mobile/Library/SBSettings/Themes",
                               @"/System/Library/LaunchDaemons/com.ikey.bbot.plist",
                               @"/System/Library/LaunchDaemons/com.saurik.Cydia.Startup.plist",
                               @"/private/var/tmp/cydia.log",
                               @"/private/var/lib/cydia", nil];

    NSString *rooted;
    for(NSString *string in jailbrokenPath)
        if ([[NSFileManager defaultManager] fileExistsAtPath:string])
            rooted=@"y";
        else
            rooted=@"n";

    NSLog(@"%@", rooted);
}

sample code: http://www.evernote.com/shard/s13/sh/e45f27ee-3dd5-4eb1-9f56-1981cdd3286b/bc156eb773315647c13c2c7ee4191866

Shedevil answered 15/9, 2011 at 3:13 Comment(2)

Nice. But wow that must be old code! RockApp was bought by cydia over a year ago & icy has been abandoned for far longer (+ blackra1n was the jailbreak for 3.1). – Tolan 23/9, 2011 at 11:48

Also, when rooted is printed out, you will only ever see the result of [[NSFileManager defaultManager] fileExistsAtPath:@"/private/var/lib/cydia"] ? @"y" : @"n";, i.e. the last element in the array. All other results are ignored/overwritten/discarded by this code. – Flatfish 29/7, 2013 at 16:51

Recommended topics

Hot tags