Basically, I want to know when a user is presented the camera feed and from which app this was triggered.
I tried to hook in AVCaptureSession's -(void)startRunning;
but
SBApplication *topApp = [(SpringBoard *)[UIApplication sharedApplication] _accessibilityFrontMostApplication];
is not working. It turns out that calling sharedApplication returns null. I've also tried calling the method on %c(SpringBoard) or objc_getClass("SpringBoard") but had the same result.
Besides this, the hook works only when opening the camera in the Messages app, although I specified in the Filters dictionary several bundles like com.apple.springboard, com.facebook.Facebook etc.
What am I doing wrong? Isn't AVCaptureSession API used by other apps ?
The SpringBoard class only exists in the SpringBoard process therefore %c(SpringBoard) or objc_getClass("SpringBoard") will return nil on any other process.
To get the current bundle name of the applications you are hooking, you can use [[NSBundle mainBundle] bundleIdentifier]. You'd have to use some form of IPC/XPC to send this information as well as additional information regarding the session that you want to know about. The receiving end could be either the SpringBoard process or a personal daemon so as to not clog SpringBoard with additional tasks.
As for your question "Isn't AVCaptureSession API used by other apps ?", it is possible that some applications use other classes to capture images/video rendering this hook useless. As a jailbreak developer I have found, as many others, that Apple programmers don't adhere to a strict coding style. There can also be other lower level functions that achieve the same purpose, in which case you would have more work to do as there is no class-dump parallel to C functions.