Menu
I am working on a project (mobile app) where I need to monitor adversary actions. So, my question is how can I make iOS app tamper-evident?
e.g.
I found solution for android like ProGuard, SafetyNet but did not found anything for iOS.
393
iOS has the following features for secure data transmission: App Transport Security (requires that all connections use HTTPS with TLS protocol) TLS pinning (restricts which certificates are considered valid for a particular website) End-to-end encryption (protects data with a key combined with the device passcode)
Use checksums, digital signatures and other validation mechanisms to help detect file tampering. When an attacker attempts to manipulate the application, the correct checksum would not be preserved and this could detect and prevent illegitimate execution.
Reverse engineering iOS mobile applications is no simple task. Compared to reverse engineering Android with tools like apktool, jadx and similar, reversing tools for iOS are scarce due to security measures implemented by Apple and iOS being less open source in general.
Tampering is the process of changing a mobile app (either the compiled app or the running process) or its environment to affect its behavior. For example, an app might refuse to run on your rooted test device, making it impossible to run some of your tests. In such cases, you'll want to alter the app's behavior.
Apart from detecting jailbroken device, and obfuscating code (as @itechnician mentioned), you can:
Anyway, all of these can be easily bypassed when on jailbroken device (even the check if it's jailbroken). The best way is to use multiple techniques including obfuscation, to make tampering as hard as possible (so it's not worth it). But I'm not sure if you could make fully tamper-proof app.
You might find these links useful:
https://www.coredump.gr/articles/ios-anti-debugging-protections-part-1/ https://www.raywenderlich.com/45645/ios-app-security-analysis-part-1 http://resources.infosecinstitute.com/ios-application-security-part-31-problem-using-third-party-libraries-securing-apps/
This book is a bit old, but still useful: http://shop.oreilly.com/product/0636920023234.do
Here are opensource ObjC obfuscators/string encryptors:
121
I've used this JailBreak detection in one of my project.
With this, you can prevent the possibility.
if ([DTTJailbreakDetection isJailbroken]) {
// your custom activity and business logic here
}
Also, In precise you can use the below snippet:
BOOL isJailbroken()
{
#if !(TARGET_IPHONE_SIMULATOR)
if ([[NSFileManager defaultManager] fileExistsAtPath:@"/Applications/Cydia.app"] ||
[[NSFileManager defaultManager] fileExistsAtPath:@"/Library/MobileSubstrate/MobileSubstrate.dylib"] ||
[[NSFileManager defaultManager] fileExistsAtPath:@"/bin/bash"] ||
[[NSFileManager defaultManager] fileExistsAtPath:@"/usr/sbin/sshd"] ||
[[NSFileManager defaultManager] fileExistsAtPath:@"/etc/apt"] ||
[[NSFileManager defaultManager] fileExistsAtPath:@"/private/var/lib/apt/"] ||
[[UIApplication sharedApplication] canOpenURL:[NSURL URLWithString:@"cydia://package/com.example.package"]]) {
return YES;
}
FILE *f = NULL ;
if ((f = fopen("/bin/bash", "r")) ||
(f = fopen("/Applications/Cydia.app", "r")) ||
(f = fopen("/Library/MobileSubstrate/MobileSubstrate.dylib", "r")) ||
(f = fopen("/usr/sbin/sshd", "r")) ||
(f = fopen("/etc/apt", "r"))) {
fclose(f);
return YES;
}
fclose(f);
NSError *error;
NSString *stringToBeWritten = @"This is a test.";
[stringToBeWritten writeToFile:@"/private/jailbreak.txt" atomically:YES encoding:NSUTF8StringEncoding error:&error];
[[NSFileManager defaultManager] removeItemAtPath:@"/private/jailbreak.txt" error:nil];
if(error == nil)
{
return YES;
}
#endif
return NO;
}
Also , Obfuscation in iOS - objective C you can use this open source-library and for Methods & Classes.
9
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
