@aalzehla/capacitor-jailbreak-root-detection 0.0.8 → 0.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/ios/Plugin/UIDeviceJailBroken.swift +147 -4
  2. package/package.json +1 -1
package/ios/Plugin/UIDeviceJailBroken.swift CHANGED
@@ -8,7 +8,7 @@
8
8
 
9
9
  import Foundation
10
10
  import UIKit
11
-
11
+ import MachO
12
12
  extension UIDevice {
13
13
  var isSimulator: Bool {
14
14
  return TARGET_OS_SIMULATOR != 0
@@ -24,6 +24,9 @@ extension UIDevice {
24
24
  if JailBrokenHelper.hasCydiaInstalled() { return true }
25
25
  if JailBrokenHelper.isContainsSuspiciousApps() { return true }
26
26
  if JailBrokenHelper.isSuspiciousSystemPathsExists() { return true }
27
+ if JailBrokenHelper.isDirectoriesWriteable() { return true }
28
+ if JailBrokenHelper.checkDYLD() { return true }
29
+ if JailBrokenHelper.isFridaRunning() { return true }
27
30
  return JailBrokenHelper.canEditSystemFiles()
28
31
  }
29
32
  }
@@ -61,7 +64,27 @@ private struct JailBrokenHelper {
61
64
  return false
62
65
  }
63
66
  }
64
-
67
+
68
+ static var directories: [String] {
69
+ return [
70
+ "/",
71
+ "/root/",
72
+ "/private/",
73
+ "/jb/"
74
+ ]
75
+ }
76
+ static func isDirectoriesWriteable() -> Bool {
77
+ // Checks if the restricted directories are writeable.
78
+ for path in directories {
79
+ do{
80
+ let filePath = path + UUID().uuidString
81
+ try "i escaped the Jail".write(toFile: filePath, atomically: true, encoding: .utf8)
82
+ try FileManager.default.removeItem(atPath: filePath)
83
+ return true
84
+ }catch let error{print(error.localizedDescription)}
85
+ }
86
+ return false
87
+ }
65
88
  /**
66
89
  Add more paths here to check for jail break
67
90
  */
@@ -74,7 +97,10 @@ private struct JailBrokenHelper {
74
97
  "/Applications/MxTube.app",
75
98
  "/Applications/RockApp.app",
76
99
  "/Applications/SBSettings.app",
77
- "/Applications/WinterBoard.app"
100
+ "/Applications/WinterBoard.app",
101
+ "/Applications/VnodeBypass.app",
102
+ "/Applications/RootHide.app",
103
+ "/Applications/Dopamine.app",
78
104
  ]
79
105
  }
80
106
 
@@ -94,7 +120,124 @@ private struct JailBrokenHelper {
94
120
  "/usr/sbin/sshd",
95
121
  "/etc/apt",
96
122
  "/bin/bash",
97
- "/Library/MobileSubstrate/MobileSubstrate.dylib"
123
+ "/Library/MobileSubstrate/MobileSubstrate.dylib",
124
+ "/usr/sbin/frida-server",
125
+ "/.bootstrapped_electra",
126
+ "/usr/lib/libjailbreak.dylib",
127
+ "/jb/lzma",
128
+ "/.cydia_no_stash",
129
+ "/.installed_unc0ver",
130
+ "/jb/offsets.plist",
131
+ "/usr/share/jailbreak/injectme.plist",
132
+ "/etc/apt/undecimus/undecimus.list",
133
+ "/var/lib/dpkg/info/mobilesubstrate.md5sums",
134
+ "/jb/jailbreakd.plist",
135
+ "/jb/amfid_payload.dylib",
136
+ "/jb/libjailbreak.dylib",
137
+ "/usr/libexec/cydia/firmware.sh",
138
+ "/var/lib/cydia",
139
+ "/private/var/Users/",
140
+ "/var/log/apt",
141
+ "/Applications/Cydia.app",
142
+ "/private/var/stash",
143
+ "/private/var/lib/cydia",
144
+ "/private/var/cache/apt/",
145
+ "/private/var/log/syslog",
146
+ "/private/var/tmp/cydia.log",
147
+ "/Applications/Icy.app",
148
+ "/Applications/MxTube.app",
149
+ "/Applications/RockApp.app",
150
+ "/Applications/blackra1n.app",
151
+ "/Applications/SBSettings.app",
152
+ "/Applications/FakeCarrier.app",
153
+ "/Applications/WinterBoard.app",
154
+ "/Applications/IntelliScreen.app",
155
+ "/private/var/mobile/Library/SBSettings/Themes",
156
+ "/Library/MobileSubstrate/CydiaSubstrate.dylib",
157
+ "/System/Library/LaunchDaemons/com.ikey.bbot.plist",
158
+ "/Library/MobileSubstrate/DynamicLibraries/Veency.plist",
159
+ "/Library/MobileSubstrate/DynamicLibraries/LiveClock.plist",
160
+ "/System/Library/LaunchDaemons/com.saurik.Cydia.Startup.plist",
161
+ "/usr/sbin/frida-server",
162
+ "/etc/apt/sources.list.d/electra.list",
163
+ "/etc/apt/sources.list.d/sileo.sources",
164
+ "/private/var/Users/",
165
+ "/var/log/apt",
166
+ "/Applications/Cydia.app",
167
+ "/private/var/stash",
168
+ "/private/var/lib/cydia",
169
+ "/private/var/cache/apt/",
170
+ "/private/var/log/syslog",
171
+ "/private/var/tmp/cydia.log",
172
+ "/Applications/Icy.app",
173
+ "/Applications/MxTube.app",
174
+ "/Applications/RockApp.app",
175
+ "/Applications/blackra1n.app",
176
+ "/Applications/SBSettings.app",
177
+ "/Applications/FakeCarrier.app",
178
+ "/Applications/WinterBoard.app",
179
+ "/Applications/IntelliScreen.app",
180
+ "/private/var/mobile/Library/SBSettings/Themes",
181
+ "/Library/MobileSubstrate/CydiaSubstrate.dylib",
182
+ "/System/Library/LaunchDaemons/com.ikey.bbot.plist",
183
+ "/Library/MobileSubstrate/DynamicLibraries/Veency.plist",
184
+ "/Library/MobileSubstrate/DynamicLibraries/LiveClock.plist",
185
+ "/System/Library/LaunchDaemons/com.saurik.Cydia.Startup.plist",
186
+ "/Applications/Cydia.app",
187
+ "/Applications/blackra1n.app",
188
+ "/Applications/FakeCarrier.app",
189
+ "/Applications/Icy.app",
190
+ "/Applications/IntelliScreen.app",
191
+ "/Applications/MxTube.app",
192
+ "/Applications/RockApp.app",
193
+ "/Applications/SBSettings.app",
194
+ "/Applications/WinterBoard.app",
195
+
196
+ "/var/.communication/launchd_to_boomerang",
197
+ "/var/.communication/boomerang_to_launchd",
198
+ "/usr/lib/systemhook.dylib"
199
+ ]
200
+ }
201
+
202
+ static func checkDYLD() -> Bool {
203
+ let suspiciousLibraries = [
204
+ "FridaGadget",
205
+ "frida",
206
+ "cynject",
207
+ "libcycript"
98
208
  ]
209
+ for libraryIndex in 0..<_dyld_image_count() {
210
+
211
+ guard let loadedLibrary = String(validatingUTF8: _dyld_get_image_name(libraryIndex)) else { continue }
212
+ for suspiciousLibrary in suspiciousLibraries {
213
+ if loadedLibrary.lowercased().contains(suspiciousLibrary.lowercased()) {
214
+ return true
215
+ }
216
+ }
217
+ }
218
+ return false
219
+ }
220
+
221
+ static func isFridaRunning() -> Bool {
222
+ func swapBytesIfNeeded(port: in_port_t) -> in_port_t {
223
+ let littleEndian = Int(OSHostByteOrder()) == OSLittleEndian
224
+ return littleEndian ? _OSSwapInt16(port) : port
225
+ }
226
+
227
+ var serverAddress = sockaddr_in()
228
+ serverAddress.sin_family = sa_family_t(AF_INET)
229
+ serverAddress.sin_addr.s_addr = inet_addr("127.0.0.1")
230
+ serverAddress.sin_port = swapBytesIfNeeded(port: in_port_t(27042))
231
+ let sock = socket(AF_INET, SOCK_STREAM, 0)
232
+
233
+ let result = withUnsafePointer(to: &serverAddress) {
234
+ $0.withMemoryRebound(to: sockaddr.self, capacity: 1) {
235
+ connect(sock, $0, socklen_t(MemoryLayout<sockaddr_in>.stride))
236
+ }
237
+ }
238
+ if result != -1 {
239
+ return true
240
+ }
241
+ return false
99
242
  }
100
243
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@aalzehla/capacitor-jailbreak-root-detection",
3
- "version": "0.0.8",
3
+ "version": "0.0.9",
4
4
  "description": "Jailbreak Root detection plugin for capacitor.",
5
5
  "main": "dist/plugin.cjs.js",
6
6
  "module": "dist/esm/index.js",