I have an iOS device with Undecimus installed. When I try to launch a non-jailbreak-specific game, Tapsonic TOP, it somehow reads my application list and says "Illegal program detected" and exits itself. I tried this with and without jailbreaking, and I did have tweaks to hide jailbreak detection, so it is not likely a jailbreak problem.
I've searched on StackOverflow to see how this is possible. One of the ways is to read the applications folder to retrieve a file list, and another way is to keep a whitelist of apps and use canOpenUrl to check the existence of each app.
Is it possible to get installed apps in ios
Is it possible to modify the system so that it returns a list of only the system app directories when reading the application folder without SU permission, and always return false when checking canOpenUrl?
After researching for a while,I have figured out what happens behind the scene.
The Truth:
The game detects "illegal" users by jailbreak-dection, rather than by retrieving the list of installed apps.
Details:
I pulled the game executable from iPhone to IDA, and searched in the function window with keyword 'jail'.The result showed that there's a method called +[PmangPlus deviceJailbroken]. Basically the method checked several files(including /Applications/Cydia.app,/Applications/RockApp.app,/Applications/Icy.app and so on),if either of these files exist,the method will return @"Y", otherwise @"N".
Then I wrote a substrate tweak to bypass this detection,and it worked.This works by hooking the method and returns @"N".
Hope this helps.