react-native-device-defense 1.0.6 → 1.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -7,10 +7,7 @@
|
|
|
7
7
|
#include <unistd.h>
|
|
8
8
|
#include <android/log.h>
|
|
9
9
|
#include <stdexcept>
|
|
10
|
-
|
|
11
|
-
#include <openssl/x509.h>
|
|
12
|
-
#include <openssl/pem.h>
|
|
13
|
-
#include <openssl/err.h>
|
|
10
|
+
|
|
14
11
|
|
|
15
12
|
#define LOG_TAG "DeviceSecurityNative"
|
|
16
13
|
#define LOGD(...) __android_log_print(ANDROID_LOG_DEBUG, LOG_TAG, __VA_ARGS__)
|
|
@@ -488,15 +485,9 @@ static bool performRootDetection() {
|
|
|
488
485
|
return true;
|
|
489
486
|
}
|
|
490
487
|
|
|
491
|
-
// Check system properties
|
|
492
|
-
|
|
493
|
-
|
|
494
|
-
}
|
|
495
|
-
|
|
496
|
-
// Check mount points
|
|
497
|
-
if (checkMountPoints()) {
|
|
498
|
-
return true;
|
|
499
|
-
}
|
|
488
|
+
// Check system properties and mount points are skipped here as they
|
|
489
|
+
// frequently cause false positives on unrooted userdebug/developer devices
|
|
490
|
+
// (e.g., when USB debugging is enabled).
|
|
500
491
|
|
|
501
492
|
return false;
|
|
502
493
|
}
|
|
@@ -28,7 +28,15 @@ class RootDetection(private val context: Context) {
|
|
|
28
28
|
*/
|
|
29
29
|
fun performDetection(): RootDetectionResult {
|
|
30
30
|
val rootBeer = RootBeer(context)
|
|
31
|
-
|
|
31
|
+
// Only use reliable RootBeer checks to avoid false positives (like checkForDangerousProps or checkForRWPaths)
|
|
32
|
+
val hasRootBeerDetected = rootBeer.detectRootManagementApps() ||
|
|
33
|
+
rootBeer.detectPotentiallyDangerousApps() ||
|
|
34
|
+
rootBeer.checkForSuBinary() ||
|
|
35
|
+
rootBeer.checkForBusyBoxBinary() ||
|
|
36
|
+
rootBeer.detectTestKeys() ||
|
|
37
|
+
rootBeer.checkSuExists() ||
|
|
38
|
+
rootBeer.checkForRootNative() ||
|
|
39
|
+
rootBeer.checkForMagiskBinary()
|
|
32
40
|
|
|
33
41
|
// Native detection (JNI)
|
|
34
42
|
val hasNativeRootDetected = NativeSecurityCheck.isRooted()
|
|
@@ -39,7 +47,7 @@ class RootDetection(private val context: Context) {
|
|
|
39
47
|
// Check for root management apps
|
|
40
48
|
val hasRootApps = checkRootApps()
|
|
41
49
|
|
|
42
|
-
// Check system properties
|
|
50
|
+
// Check system properties (keep for details, but don't use for blocking)
|
|
43
51
|
val hasSystemPropsModified = checkSystemProperties()
|
|
44
52
|
|
|
45
53
|
val details = mapOf(
|
|
@@ -54,11 +62,11 @@ class RootDetection(private val context: Context) {
|
|
|
54
62
|
"dangerous_props" to checkDangerousSystemProperties()
|
|
55
63
|
)
|
|
56
64
|
|
|
65
|
+
// Exclude system properties from the final isRooted flag to avoid false positives on userdebug/developer devices
|
|
57
66
|
val isRooted = hasRootBeerDetected ||
|
|
58
67
|
hasNativeRootDetected ||
|
|
59
68
|
hasDangerousBins ||
|
|
60
|
-
hasRootApps
|
|
61
|
-
hasSystemPropsModified
|
|
69
|
+
hasRootApps
|
|
62
70
|
|
|
63
71
|
return RootDetectionResult(
|
|
64
72
|
isRooted = isRooted,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "react-native-device-defense",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.9",
|
|
4
4
|
"description": "Multi-layer device security detection for React Native (root, hook, debugger, emulator detection)",
|
|
5
5
|
"main": "lib/commonjs/index.js",
|
|
6
6
|
"module": "lib/module/index.js",
|