Search code examples
iosswiftiphonesecurityjailbreak

Jailbroken detection failed with liberty lite

Recently faced a issue securing iOS Application with Jailbreak detection on OS 12.1 with Liberty Lite enabled

I have jailbreak detection in AppDelegate and initial ViewController where I test following

  1. File existence for below paths

    • /Applications/Cydia.app
    • /private/var/stash
    • /private/var/stash
    • /private/var/tmr/stash
    • /private/var/lib/cydiar/stash
    • /private/var/mobile/Library/SBr/stash
    • /Library/MobileSubstratr/stash
    • /Library/MobileSubstrate/DynamicLibrr/stash
    • /Library/MobileSubstrate/DynamicLibrarr/stash
    • /System/Library/LaunchDaemonr/stash
    • /System/Library/LaunchDaemons/com.sar/stash
    • /var/car/stash
    • /var/lir/stash
    • /var/lir/stash
    • /var/lor/stash
    • /var/tmr/stash
    • /bin/bashr/stash
    • /bin/shr/stash
    • /usr/sr/stash
    • /usr/liber/stash
    • /usr/bir/stash
    • /usr/libexer/stash
    • /etc/ssr/stash
    • /etr/stash

  2. I test if application canOpenURL Schema "cydia://package/com.example.package"

  3. Write file to stringToWrite.write(toFile:"/private/photos.txt"

Liberty Lite is able to bypass all 3 checks and let run the application on a Jailbroken device, is there any other way I can detect such by passing tweaks(Liberty Lite) and stop the application from running on a Jailbroken device

Solution

  • Essentially, no.

    Any form of jailbreak check can be relatively easily worked around and a motivated user can always make another tweak for whatever check you might be using at the time. Consider it similar to attempts to prevent cracks for different software, it's just a game of whack-a-mole where the developing side is losing.

    I wrote an article about this some time ago if you're interested into details of why this can't work.