Simple class to check if app has been cracked, being debugged or enriched with custom dylib

Overview

iOS-App-Security-Class

Simple class to check if iOS app has been cracked, being debugged or enriched with custom dylib and as well detect jailbroken environment

Usage

Just drag SecurityClass.m and SecurityClass.h to your project, then add

#import "SecurityClass.h"

If you want to just test and see how it works, clone repository, open in Xcode and compile.

SecurityClass.m allows you easily check if your iOS App:

  1. Has been cracked with tool like Clutch or manually
  2. Is being debugged with 2 different ways to check
  3. Has been treated with any custom library, for example Cycript or tweaks to crack InApp Purchases
  4. Is running on jailbroken device

Repository contains example app, feel free to test. If you want to import it in your project just copy SecurityClass.m & SecurityClass.h

This class shouldn't be used unobfuscated, and possibly should be splitted to inline code in desired function related to app security also strings used should be at least encrypted with AES. But for most attackers it will be hard at this point to crack it, even without obfuscation.

Apple FairPlay Crack Detection

Check if currently running binary is encrypted (Signed by developer and Apple) Simply check if app has been treated with tool like Clutch or manually dumped from memory

NSDictionary *resp = [SecurityClass getCurrentBinaryInfo];
NSLog(@"Binary Info:%@",resp); // <- Gives all necessary informations

"Encryption not found" or "cracked" - will appear if app has not been signed by you and/or Apple

Custom dylib injected to memory

Check if any library has been injected into app process(can be easily done on jailbroken device)

bool IfAppContainsDylib = [SecurityClass isDylibInjectedToProcessWithName:@"dylib_name"];
if (IfAppContainsDylib) {
    NSLog(@"dylib_name has been injected to app");
} else {
    NSLog(@"Not found dylib_name in app");
}

Example - Checking if our app has been attacked with Cycript which uses libcycript.dylib

bool IfAppContainsCycript = [SecurityClass isDylibInjectedToProcessWithName:@"libcycript"];
if (IfAppContainsCycript) {
    NSLog(@"libcycript has been injected to app");
} else {
    NSLog(@"Not found libcycript in app");
}

Debugger detection

Traditional way for checking if debugger is connected

bool isDebuggerConnected = [SecurityClass isDebuggerConnected];
if (isDebuggerConnected) {
    NSLog(@"App is being debugged");
} else {
    NSLog(@"Not found debugger");
}

/dev/tty way

bool isDebuggerConnected_tty = [SecurityClass ttyWayIsDebuggerConnected];
if (isDebuggerConnected_tty) {
    NSLog(@"App is being debugged /dev/tty");
} else {
    NSLog(@"Not found debugger /dev/tty");
}

Proxied Connections

Check if connections between app and server side are being proxied by tools like Charles Proxy
For example charles default listening port is 8888 but if necessary all connections can be dropped when proxy is detected.

bool isConnectionProxied = [SecurityClass isConnectionProxied];
if (isConnectionProxied) {
    NSLog(@"Connection is being proxied to %@:%@",[SecurityClass proxy_host],[SecurityClass proxy_port]);
} else {
    NSLog(@"Connection is not being proxied with http proxy");
}

Jailbroken devices detection

Detect if device is jailbroken, sometimes may detect devices which were jailbroken but no longer are.
Can be relatively easily hacked with tools on Cydia which sometimes work sometimes not work to give false result.
I suggest using this method along with checking for processes and libraries injected specific for jailbroken device to get more reliable result.
Unfortunately from iOS 9 it's not longer possible to get current list of running apps, sysctl now returns 0 for sandboxed environment and other tricks are also blocked by apple due "privacy concerns".

bool isDeviceJailbroken = [SecurityClass isDeviceJailbroken];
if (isDeviceJailbroken) {
    NSLog(@"Device is jailbroken");
} else {
    NSLog(@"Device is NOT jailbroken");
}
You might also like...
A really simple key-value wrapper for keychain.

PlainKeychain A really simple key-value wrapper for keychain. Features ✅ Key-value pairs using kSecClassGenericPassword. ❌ Internet passwords (kSecCla

Very simple swift wrapper for Biometric Authentication Services (Touch ID) on iOS.

SimpleTouch Very simple swift wrapper for Biometric Authentication Services (Touch ID) on iOS. Sample Project There is a SimpleTouchDemo target define

Simple, secure password and data management for individuals and teams

Padloc Simple, secure password and data management for individuals and teams (formerly known as Padlock). This repo is split into multiple packages: P

PGPro can encrypt and decrypt messages as well as manage all your OpenPGP keys. It is free, simple and lightweight. Everything stays on your device. PGPro is made in Switzerland.
PGPro can encrypt and decrypt messages as well as manage all your OpenPGP keys. It is free, simple and lightweight. Everything stays on your device. PGPro is made in Switzerland.

PGPro can encrypt and decrypt messages as well as manage all your OpenPGP keys. It is free, simple and lightweight. Everything stays on your device. P

TouchEncryptedJson - Simple project that accepts an input and encrypts it with the TouchID on a Mac

TouchEncryptedJson Simple project that accepts an input and encrypts it with the

Cybr/Secure - A simple but powerful secure password generator
Cybr/Secure - A simple but powerful secure password generator

A simple but powerful secure password generator. You get the option of password length (10 to 20 characters) and whether you include numbers, symbols, uppercase and/or lowercase letters. Simply tap the lock icon to generate a secure password and then tap to copy the password.

A simple way of doing both symmetric and asymmetric crypto without the headache

Simple Swift Crypto I needed a simple way of doing both symmetric and asymmetric

Swift HybridCrypto is simple customizable implementation of hybrid cryptography (AES+RSA+Hash) recommended by OWASP.

HybridCrypto (Swift) HybridCrypto is simple implementation of hybrid cryptography following recommendations by OWASP. Prerequisites: Minimum iOS SDK:

Oversecured Vulnerable iOS App is an iOS app that aggregates all the platform's known and popular security vulnerabilities.

Description Oversecured Vulnerable iOS App is an iOS app that aggregates all the platform's known and popular security vulnerabilities. List of vulner

Comments
  • Installation Section

    Installation Section

    Hey, your library is really interesting.

    The only problem I found was the README.md, which lacks an Installation Section I created this iOS Open source Readme Template so you can take a look on how to easily create an Installation Section If you want, I can help you to organize the lib.

    What are your thoughts? 😄

    enhancement 
    opened by lfarah 3
  • have a error!!!

    have a error!!!

    thanks so much for show the code! when i run the project in xcode7.2 and open with simulator。it didnt work。 at SecurityClass.m line 147 and line 164 have the same error:kCFNetworkProxiesSOCKSProxy is unavailable :not available on iOS. how can i slove this error ? Looking forward to your reply

    opened by kent-william007 1
  • added support for TSProtector and same tweaks

    added support for TSProtector and same tweaks

    This update can help this class to find TSProtector that locks the app to find jailbreak. It will check the existence of setting and safari and if it can't find them returns true

    opened by shaibow 1
  • 'sys/conf.h' file not found

    'sys/conf.h' file not found

    1. How to fix 'sys/conf.h' file not found issue?
    2. kCFNetworkProxiesSOCKSProxy & kCFNetworkProxiesSOCKSPort -> is unavailable: not available on iOS

    How to fix above issues

    opened by Ghousepasha-ios 1
Owner
Unhandled Exception
Unhandled Exception
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Cossack Labs 1.6k Dec 30, 2022
A tiny and easy to use Swift class to encrypt strings using HMAC algorithms.

#Sweet HMAC SweetHMAC is a tiny and easy to use Swift class to encrypt strings using HMAC algorithms. A special thanks to jernejstrasner for shared HM

Jan Cássio 37 Jul 27, 2022
Wrapper class for handling all tasks related to RSA cryptography

RSAWrapper Wrapper class for handling all tasks related to RSA cryptography USAG

null 1 Dec 24, 2021
Demotivator: A simple app for practice

Demotivator This is a simple app for practice. Programmatically Quick recap: .Ph

Dmitry Yatsyuk 0 Dec 17, 2021
Simple and secure hashing in Swift with the SipHash algorithm

SipHash ⚠️ WARNING This package has been obsoleted by the Hasher type and the Hashable.hash(into:) requirement introduced in Swift 4.2. Using this pac

null 262 Dec 19, 2022
Simple Swift wrapper for Keychain that works on iOS, watchOS, tvOS and macOS.

KeychainAccess KeychainAccess is a simple Swift wrapper for Keychain that works on iOS and OS X. Makes using Keychain APIs extremely easy and much mor

Kishikawa Katsumi 7.2k Dec 30, 2022
A simple Swift Keychain Wrapper for iOS, watchOS, and OS X.

Latch A simple Swift 2.0 Keychain Wrapper for iOS, watchOS 2, and OS X. Usage A proper example of how to use Latch can be seen in the tests. import La

Danielle 56 Oct 25, 2022
A simple wrapper for the iOS Keychain to allow you to use it in a similar fashion to User Defaults. Written in Swift.

SwiftKeychainWrapper A simple wrapper for the iOS / tvOS Keychain to allow you to use it in a similar fashion to User Defaults. Written in Swift. Prov

Jason 1.5k Dec 30, 2022
Simple Objective-C wrapper for the keychain that works on Mac and iOS

SAMKeychain SAMKeychain is a simple wrapper for accessing accounts, getting passwords, setting passwords, and deleting passwords using the system Keyc

Sam Soffes 5.4k Dec 29, 2022
Simple command line to generate random password.

pwgen Simple command line to generate random password. ➜ Bootstrap pwgen n5aR[[email protected]@fj ➜ Bootstrap pwgen 32 f0)th54[wpX.Zf99nj

Lakr Aream 2 Dec 19, 2022