securing / iossecuritysuite Goto Github PK
View Code? Open in Web Editor NEWiOS platform security & anti-tampering Swift library
Home Page: https://www.securing.biz/
License: Other
iOS platform security & anti-tampering Swift library
Home Page: https://www.securing.biz/
License: Other
Hello.
What I'm trying to do is to check if the FileManager.default.fileExists
function is a hooked function.
When I try with the following code
typealias FunctionType = @convention(thin) (String) -> (Bool)
func getSwiftFunctionAddr(_ function: @escaping FunctionType) -> UnsafeMutableRawPointer {
return unsafeBitCast(function, to: UnsafeMutableRawPointer.self)
}
let funcAddr = getSwiftFunctionAddr(FileManager.default.fileExists)
IOSSecuritySuite.amIMSHooked(funcAddr)
I get an error here
let funcAddr = getSwiftFunctionAddr(FileManager.default.fileExists)
INTERNAL ERROR: feature not implemented: nontrivial thin function reference
Anyone knows what is this and if there is any solution to actually check if this function is hooked?
Thanks a lot !
I am getting the below errors for both cocoa pod and manual installation. Need your expertise to resolve these issues.
Error statement:
denySymbolHook works when the app is running by XCode. The app crashed when I launch it directly without XCode. This happened on iOS 14. I can run the same app on iOS 12 without any issue.
The FrameworkClientDemo can reproduce this by adding code in viewDidAppear:
IOSSecuritySuite.denySymbolHook("dlopen")
let kernelHandle = dlopen("/usr/lib/system/libsystem_kernel.dylib", RTLD_LAZY)
The crash is not in the denySymbolHook method. When the symbol is invoked after denySymbolHook, then it crashes.
If I remove the first line code, then the app will not crash.
The crash log:
Hardware Model: iPhone10,3
Process: FrameworkClientApp [864]
Path: /private/var/containers/Bundle/Application/0D0EA6FE-4CF8-42BC-8C4E-2289508F61A1/FrameworkClientApp.app/FrameworkClientApp
Identifier: biz.securing.FrameworkClientApp.test20201120
Version: 1 (1.0)
Code Type: ARM-64 (Native)
Role: Foreground
Parent Process: launchd [1]
Coalition: biz.securing.FrameworkClientApp.test20201120 [780]
Date/Time: 2020-11-20 14:19:52.5214 +0800
Launch Time: 2020-11-20 14:19:52.3926 +0800
OS Version: iPhone OS 14.2 (18B92)
Release Type: User
Baseband Version: 6.02.01
Report Version: 104
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000000000000
VM Region Info: 0 is not in any region. Bytes before following region: 4310532096
REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL
UNUSED SPACE AT START
--->
__TEXT 100ed8000-100eec000 [ 80K] r-x/r-x SM=COW ...workClientApp
Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [864]
Triggered by Thread: 0
Thread 0 name: Dispatch queue: com.apple.main-thread
Thread 0 Crashed:
0 ??? 000000000000000000 0 + 0
1 libdyld.dylib 0x0000000192f57fc0 dyld_stub_binder + 60
2 FrameworkClientApp 0x0000000100ee55cc 0x100ed8000 + 54732
3 FrameworkClientApp 0x0000000100ee6e9c 0x100ed8000 + 61084
4 UIKitCore 0x00000001954a4e20 -[UIViewController _setViewAppearState:isAnimating:] + 832
5 UIKitCore 0x00000001954a5780 -[UIViewController __viewDidAppear:] + 168
6 UIKitCore 0x00000001954a5a80 -[UIViewController _endAppearanceTransition:] + 248
7 UIKitCore 0x000000019538eb30 __48-[UIPresentationController transitionDidFinish:]_block_invoke + 136
8 UIKitCore 0x000000019600ae40 -[_UIAfterCACommitBlock run] + 64
9 UIKitCore 0x0000000195b6fcc8 _runAfterCACommitDeferredBlocks + 296
10 UIKitCore 0x0000000195b5f1f8 _cleanUpAfterCAFlushAndRunDeferredBlocks + 200
11 UIKitCore 0x0000000195b90790 _afterCACommitHandler + 76
12 CoreFoundation 0x000000019327c86c __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 32
13 CoreFoundation 0x0000000193276f40 __CFRunLoopDoObservers + 604
14 CoreFoundation 0x0000000193277488 __CFRunLoopRun + 960
15 CoreFoundation 0x0000000193276b90 CFRunLoopRunSpecific + 572
16 GraphicsServices 0x00000001a9599598 GSEventRunModal + 160
17 UIKitCore 0x0000000195b60638 -[UIApplication _run] + 1052
18 UIKitCore 0x0000000195b65bb8 UIApplicationMain + 164
19 FrameworkClientApp 0x0000000100ee7964 0x100ed8000 + 63844
20 libdyld.dylib 0x0000000192f55588 start + 4
Thread 1:
0 libsystem_pthread.dylib 0x00000001d990d86c start_wqthread + 0
Thread 2:
0 libsystem_pthread.dylib 0x00000001d990d86c start_wqthread + 0
Thread 3:
0 libsystem_pthread.dylib 0x00000001d990d86c start_wqthread + 0
Thread 4:
0 libsystem_pthread.dylib 0x00000001d990d86c start_wqthread + 0
Thread 5:
0 libsystem_pthread.dylib 0x00000001d990d86c start_wqthread + 0
Thread 6 name: com.apple.uikit.eventfetch-thread
Thread 6:
0 libsystem_kernel.dylib 0x00000001be3a2644 mach_msg_trap + 8
1 libsystem_kernel.dylib 0x00000001be3a1a48 mach_msg + 72
2 CoreFoundation 0x000000019327d0ec __CFRunLoopServiceMachPort + 376
3 CoreFoundation 0x0000000193277560 __CFRunLoopRun + 1176
4 CoreFoundation 0x0000000193276b90 CFRunLoopRunSpecific + 572
5 Foundation 0x00000001944947f8 -[NSRunLoop+ 30712 (NSRunLoop) runMode:beforeDate:] + 228
6 Foundation 0x00000001944946d8 -[NSRunLoop+ 30424 (NSRunLoop) runUntilDate:] + 88
7 UIKitCore 0x0000000195c0c438 -[UIEventFetcher threadMain] + 504
8 Foundation 0x00000001945f14bc __NSThread__start__ + 848
9 libsystem_pthread.dylib 0x00000001d9908b3c _pthread_start + 288
10 libsystem_pthread.dylib 0x00000001d990d880 thread_start + 8
Thread 7:
0 libsystem_pthread.dylib 0x00000001d990d86c start_wqthread + 0
Thread 8:
0 libsystem_pthread.dylib 0x00000001d990d86c start_wqthread + 0
Thread 0 crashed with ARM Thread State (64-bit):
x0: 0x0000000192f84714 x1: 0x00000001e9adb0e0 x2: 0x0000000000000000 x3: 0x00000001e9b158c0
x4: 0x00000001e9b15910 x5: 0x0000000000000008 x6: 0x00000001e9b15918 x7: 0x00000001ea238710
x8: 0x00000001e9ada000 x9: 0x0000000000000001 x10: 0xfffffffe00000000 x11: 0x0000000000000000
x12: 0x0000000000000003 x13: 0x00000001970566a0 x14: 0x0000000000020000 x15: 0x0000000000000002
x16: 0x0000000192f57f84 x17: 0x0000000100eed8b8 x18: 0x0000000000000000 x19: 0x0000000000000dc4
x20: 0x0000000100eed8b8 x21: 0x00000001e9adb0e0 x22: 0x0000000106205860 x23: 0x0000000000000001
x24: 0x0000000000000000 x25: 0x00000001dba1f000 x26: 0x0000000000000001 x27: 0x00000001dc06f000
x28: 0x00000001ea191000 fp: 0x000000016ef25d90 lr: 0x0000000192f598bc
sp: 0x000000016ef25d70 pc: 0x0000000000000000 cpsr: 0x60000000
esr: 0x82000006 (Instruction Abort) Translation fault
I'm seeing console log: -canOpenURL: failed for URL: "undecimus://" - error: "The operation couldn’t be completed. (OSStatus error -10814.)"
for all of the urls defined in LSApplicationQueriesSchemes
in the ReadMe
. Is this expected?
Hello,
I need help. I want more explanation about this script :
if let hashValue = IOSSecuritySuite.getMachOFileHashValue(.default), hashValue == "your-application-executable-hash-value" {
print("I have not been Tampered.")
}
else {
print("I have been Tampered.")
}
I generate the hash value from executable file but it's not matching with the app generated value.
Hi!
Current way of checking URL schemes won’t work. As doc says, queried schemes must be added to application plist - otherwise you’ll always get false
from canOpenURL
https://developer.apple.com/documentation/uikit/uiapplication/1622952-canopenurl
I tested AntiMSHook with both substrate and substitute, and I found out that the version with substrate is not working.
For substitute, case starting with ADRP instruction works really fine and all functions(detection / deny) are normal.
However, in case of substrate, it can find patterns - LDR x16 and BR x16, but fails to find original(unhooked) address from vm_regions.
My tweak is :
...
static int (*orig_ViewController_testDummy)(int) = NULL;
int hook_ViewController_testDummy() {
printf("testDummy Hooked!\n");
return 1;
}
...
%ctor {
%init(ViewController = objc_getClass("MSHookTester.ViewController"));
...
//Find Symbol
void* symbol_address = MSFindSymbol(NULL,"_$s12MSHookTester14ViewControllerC11viewDidLoadyyF9testDummyL_5valueS2i_tF");
//unsigned long address_long = (unsigned long)symbol_address;
//Hook Symbol
MSHookFunction(symbol_address,
(void *)hook_ViewController_testDummy,
(void **)&orig_ViewController_testDummy);
}
And my swift code :
func testDummy(value: Int) -> Int{
print("Test origin : \(value)")
return value
}
typealias FunctionType = @convention(thin) (Int) -> (Int)
func getSwiftFuncAddr(_ function: @escaping FunctionType) -> UnsafeMutableRawPointer {
return unsafeBitCast(function, to: UnsafeMutableRawPointer.self)
}
let funcAddrDetect = getSwiftFuncAddr(testDummy)
//Check
print(IOSSecuritySuite.amIMSHooked(funcAddrDetect)) //true
//Hook Deny : print Unhooked!
if let origin: UnsafeMutableRawPointer = IOSSecuritySuite.denyMSHook(funcAddrDetect){
print("testDummy origin exec : result (expects 15) : \(unsafeBitCast(origin, to: FunctionType.self)(15))")
} else {
print("Unhooked!")
}
I've tested a lot and found out that comparing the original address with the address AFTER ldr/br instructions in vm_region always fails.
Am I doing something wrong?
I'm trying to ver my bases and I'm just missing some way to control repackaged apps
Version 13.2.1 (13C100)
Swift 5
Cocoapods 1.11.2
Using AdjustBridge
Deleting an AdjustBridge Instance from Memory(When self.adjustBridge = nil)
The AdjustBridge instance remains in memory
self.adjustBridge = AdjustBridge()
self.adjustBridge?.loadWKWebViewBridge(webView, wkWebViewDelegate: self)
self.adjustBridge = nil
Please help
Unfortunately, I do not have suitable experience in Objective-C
I noticed the following behavior:
When an optional AdjustBridge object is initialized and deleted, it remains in memory. Judging by the debug, it is held by the "messageHandlers" dictionary objects that are created by Adjust.
Unlocking the library and applying [_base.messageHandlers removeAllObjects]; before removing gives a result. Please tell me how to fix this issue. Thank you!
Originally posted by @San4es1er in adjust/ios_sdk#585
Thanks for this project, I have a small issue.
When following the README and using the below fragment to add it as a dependency:
.package(url: "https://github.com/securing/IOSSecuritySuite.git", from: "1.4.0")
I get the following error:
Fetching https://github.com/securing/IOSSecuritySuite.git
Fetching https://github.com/apple/example-package-deckofplayingcards.git
error: the package dependency graph could not be resolved; unable to find any available tag for the following requirements:
https://github.com/securing/IOSSecuritySuite.git @ 1.4.0..<2.0.0
Looking at the actual releases I see releases with 1.4 instead of 1.4.0. However, changing it to 1.4 will trigger the error:
Invalid semantic version string '1.4'
Currently the IOSSecuritySuite.amIReverseEngineered()
method return only the Bool
value whether the app is potentially reverse engineered or not.
Could You add more information what was detected ?
static func amIReverseEngineered() -> ReverseEngineeredStatus { ... }
eg. IOSSecuritySuite.amIJailbrokenWithFailedChecks()
returns JailbreakStatus
with failMessage
Can this result in rejection from App Review?
Hello.
As I see in your code you are using FileManager.default.fileExists
to determine if there is any path that can be opened.
And you also have an array of paths that you want to check.
Isn't it really easy for the most common AntiJB detection tweaks to overwrite this function and return false when something like this list of text appears?
How do you approach these cases?
Hello Team,
Can this library get bypassed by LibertyLite and Shadow tool?
https://yalujailbreak.net/liberty-lite/
https://github.com/jjolano/shadow
Hi!
Unfortunately on M1 Mac the app with this library implemented now reports a jailbroken device. Is this something that came up before? Is there a fix or at least a workaround?
Thank you 🙇
All non jailbroken devices got jailbreak message because of ExistenceOfSuspiciousFiles
of this path "/usr/sbin/".
kindly check it
if #available(iOS 14.0, *), ProcessInfo.processInfo.isiOSAppOnMac { ... }
not sure if this would be helpfull. but i thought why not :D
( too lazy to create a PR though ^^ sry )
Hi,
We're using IOSSecuritySuite in our app and suddenly a lot of our clients started to get our App blocked ( which is our default behavior when a jailbreak is detected ) after the iOS 14.4 update. I really don't know if the update is the cause but we've managed to reproduce the detection in a "pure" iOS 14.4 ( bought from an oficial Apple reseller store ) and it indeed happens.
Using the method:
let jailbreakStatus = IOSSecuritySuite.amIJailbrokenWithFailMessage()
if jailbreakStatus.jailbroken {
print("This device is jailbroken")
print("Because: \(jailbreakStatus.failMessage)")
} else {
print("This device is not jailbroken")
}
The message is: "Cydia:// URL scheme detected". Does anyone reported this? Is there something we can do?
Thanks!
Hey guys,
I am currently playing around with this and found out that calling the denyDebugger()
does only partially solve the issue. Of course this can be bypassed by writing into memory, but still, whenever I run debugserver *:1234 -waitfor MyApp
I am still able to run the app because the wait option interrupts directly on the launch screen, even before the init call of the AppDelegate.swift.
Whenever I attach the debugger and run continue
, the app crashes thanks to the denied debugger access inside of the init call of AppDelegate. However this opens up vulnerabilities, since I am still able to interact the debugger as long as I don't let the app run the denyDebugger() function.
Is this something I will just have to live with? Seems to make the function suite ineffective in my eyes, but I'm ready to be proven wrong. :)
Cheers,
bob_mosh
Hi,
I'm noticing that the last release (1.5.0) doesn't contain the last commits. For example, it's not present the zbra
URL scheme check. Is it possible to release a new version of the library?
Thanks,
Giorgio
Please add the "apt-repo://" url scheme as the Saily Package Manager uses this scheme, this is another Cydia alternative just like Zebra, Installer 5, and Sileo.
Hi,
First of all, I love this project. Thanks for all you do.
I'm sure you've heard the latest news about NSO/Pegasus exploits and the forensic investigation by Amnesty International and Citizen Labs.
Would it be possible to add some of the IOCs they uncovered, like for example scanning for any process that's been associated with Pegasus? https://github.com/AmnestyTech/investigations/blob/master/2021-07-18_nso/processes.txt
I think adding that functionality would make ISS even better.
Cheers
Issue: Calling this function on an Emulated Device returns two "False Positives"
IOSSecuritySuite.amIJailbrokenWithFailMessage()
Suspicious file exists: /bin/bash, Suspicious file can be opened: /bin/bash
Fork was able to create a new process (sandbox violation)
Proposal: Maybe skip those two Checks if its run on an Emulated Device ?
IOSSecuritySuite.amIRunInEmulator()
Tested via: iPhoneXS iOS 12.2 Simulator | XCode 11.3.1
First of all, thanks for the lib and I'm a beginner when it comes to iOS security. I found some methods, amIRuntimeHook
, denySymbolHook
in the doc but both ask for parameters. I don't know what to pass to these parameters. What I want is to detect any hooking. Is it even possible? The goal to detect hooking and stop the app from functioning. Thanks.
With the new versions of shadow jailbreak it's possible to bypass jailbreak devices - https://github.com/jjolano/shadow
A-Bypass, the tweak for jailbreak bypass, seems to be unable to detect current jailbroken status.
Will there be any solution to find out whether this tweak is enabled?
Repo : https://repo.co.kr
I wanted to use the Anti MSHook capability and decided to test out its effectiveness by writing a Theos Tweak using MSHook to hook a swift function that I wrote in an iOS application. I followed the implementation details in the README. However it seems that the Anti MSHook functions, amIMSHooked and denyMSHook both do not work as my tweak is still able to modify the function. Am I doing something wrong?
Swift Code under ViewController Class :
func CoolBeans(value: Int) -> Int{ return value }
typealias FunctionType = @convention(c) (Int) -> (Int)
func getSwiftFuncAddr(_ function: @escaping FunctionType) -> UnsafeMutableRawPointer { return unsafeBitCast(function, to: UnsafeMutableRawPointer.self)}
let funcAddrDetect = getSwiftFuncAddr(CoolBeans)
print(IOSSecuritySuite.amIMSHooked(funcAddrDetect))
Theos Tweak :
static int (*orig_ViewController_CoolBeans)(int) = NULL;
int hook_ViewController_CoolBeans() { // Do Something Different from Original Function }
%ctor {
%init(ViewController = objc_getClass("mshook.ViewController"));
MSHookFunction(MSFindSymbol(NULL,"_$s6mshook14ViewControllerC11viewDidLoadyyF9CoolBeansL_5valueS2i_tF"),
(void *)hook_ViewController_CoolBeans,
(void **)&orig_ViewController_CoolBeans);
}
Not sure whether the following is relevant but, logging the loading of my tweak and when the getSwiftFuncAddr() is called, I found out that the tweak loads first which means that the function has already been tampered with by the time I call getSwiftFuncAddr(). I also logged the "CoolBeans" function address from both my tweak and the the output of getSwiftFuncAddr() and there is a difference in both addresses.
Dear Developers,
I'm enquiring on this line:
Could you shed some light on the full path of a suspiciousLibrary? I'm interested to know in the case of the "/.file" for detection against HideJB.
Appreciate it.
Thank you!
I can get a machOFileHashValue of main executable from code. But how do I get the value to store in server which will be later retrieved from app? Because every build generates new mach-o value.
Please add here following code to clean up all opened files.
defer {
close(sock)
}
According to my local tests, iOS deployment target can be safely downgraded from 10.0 to 9.0.
This is important for me because I would like to add [IOSSecuritySuite](https://github.com/securing/IOSSecuritySuite)
as a dependency to an SDK (which has deployment target 9.0). Probably it may be useful for someone else.
*I can help with PR and GHA CI if need
Hi Team,
We have been using your SDK from past 2 years and recently our customers have complained regarding jailbreak issue.
They complained that they are getting "Jailbreak error: cydia://" on their app, even their device is also not jailbroken.
We have tested on our end as well. There is one app on Appstore which is causing this error.
App link: https://apps.apple.com/ng/app/realconnect-dhre/id1346538794
When we are installing the above application into our device, its giving "cydia://" is installed as its checking for "cydia://" url scheme.
Please help us to know the root cause as we are loosing customers.
Regards,
Himanshu Jindal
Hi there, this is possibly a dumb question but I'm new with iOS security and I'm having some doubts about using the library.
I created a dumb app to test some knowledge and imported the iOSSecuritySuite library via Swift Package Manager. In my test app, I created a class with two functions as shown below (I'm trying to understand the difference between RuntimeHookChecker and MSHookChecker)
import Foundation
typealias FunctionType = @convention(thin) (OtherClass) -> () -> (Bool)
class OtherClass {
init() { }
func hookThisFunctionToTestMSHookDetection() -> Bool {
return false
}
@objc dynamic func hookThisFunctionToTestRuntimeHookDetection() -> Bool {
return false
}
}
So, on my ViewController, I has two buttons that call
func getSwiftFunctionAddr(_ function: @escaping FunctionType) -> UnsafeMutableRawPointer {
return unsafeBitCast(function, to: UnsafeMutableRawPointer.self)
}
@IBAction func callMSHook(_ sender: Any) {
let funcAddr = getSwiftFunctionAddr(OtherClass.hookThisFunctionToTestMSHookDetection)
let amIMSHooked = IOSSecuritySuite.amIMSHooked(funcAddr)
self.textView.text = "MSHook = \(amIMSHooked)\notherClass = \(otherClass.hookThisFunctionToTestMSHookDetection())"
}
@IBAction func callRuntime(_ sender: Any) {
let amIRuntimeHooked: Bool = IOSSecuritySuite.amIRuntimeHooked(dyldWhiteList: [], detectionClass: OtherClass.self, selector: #selector(OtherClass.hookThisFunctionToTestRuntimeHookDetection), isClassMethod: false)
self.textView.text = "RuntimeHook = \(amIRuntimeHooked)\notherClass = \(otherClass.hookThisFunctionToTestRuntimeHookDetection())"
}
I installed this app in my jailbroken iPhone and used Frida to change the return of OtherClass' functions with the script bellow
var targetModule = 'HookDetectionPoC';
var addr = ptr(0x9530);
var moduleBase = Module.getBaseAddress(targetModule);
var targetAddress = moduleBase.add(addr);
Interceptor.attach(targetAddress, {
onEnter: function(args) {
this.context.x0=0x01
},
});
addr = ptr(0x9514);
moduleBase = Module.getBaseAddress(targetModule);
targetAddress = moduleBase.add(addr);
Interceptor.attach(targetAddress, {
onEnter: function(args) {
this.context.x0=0x01
},
});
This was able to modify the result of the functions and now they are returning true
instead of false
. Unfortunately, the hook detections not working and are returning false
always.
Someone can help me to test the hook detection?
Hi All,
Recently I updated library from 1.7.1 to 1.9.1 and submitted to AppStore review on Nov 19, 2021.
It detected jail broken device from AppStore review team causing App was rejected due to showing error screen (we implemented it to present suspicious device detection)
Here is device info
Podflie.lock
- IOSSecuritySuite (1.9.1)
Here is code snippet
var isSuspiciouDevice: Bool {
let amIDebugged = IOSSecuritySuite.amIDebugged() ? true : false
let amIReverseEngineered = IOSSecuritySuite.amIReverseEngineered() ? true : false
let jailbreakStatus = IOSSecuritySuite.amIJailbrokenWithFailMessage()
return (jailbreakStatus.jailbroken || amIReverseEngineered || amIDebugged)
}
Unfortunately, we do not track jailbreakStatus.failMessage
from user's device. So now I would like to ask everyone has this issue or not.
We submitted v.1.9.1 before (around Nov 5, 2021) but had no issue. So it might be some changes from AppStore Review team ?
thanks for the SDK first and foremost, doesn this detect jjolano/shadow tool?
thanks for the SDK first and foremost, does this detect jjolano/shadow tool?
Hi, One of our customers devices is returning the message that it is jailbroken but according to him the device is not jailbroken
I have checked his device with one other library DVIA and it is showing that the device is not jailbroken
Hi,
I was just testing the new feature since Frida 12.7.12, where the Frida Gadget can be installed in a running iOS app on a non-jailbroken device that is running in debug mode (repackaing with the Frida-gadget is not needed anymore):
Changes in 12.7.12: Full-featured iOS lockdown integration and unified devices, so Frida-based tools don’t need to worry as much about jailed vs jailbroken. When interacting with a jailed iOS device, Gadget is now injected automatically and there is no need to repackage the app, it only has to be debuggable. (https://frida.re/news/2019/09/18/frida-12-7-released/)
See also: https://www.nowsecure.com/blog/2020/01/02/how-to-conduct-jailed-testing-with-frida/
I was testing this with the sample app that I created (https://github.com/sushi2k/SwiftSecurity). There was no Frida server running on the iOS device, the app was not re-packaged with Frida and just in debug mode. When I was attaching Frida to the running process the frida-gadget was injecting and I got the Frida CLI:
$ frida -U "SwiftSecurity"
____
/ _ | Frida 12.8.5 - A world-class dynamic instrumentation toolkit
| (_| |
> _ | Commands:
/_/ |_| help -> Displays the help system
. . . . object? -> Display information about 'object'
. . . . exit/quit -> Exit
. . . .
. . . . More info at https://www.frida.re/docs/home/
[iPhone::SwiftSecurity]-> Frida.version
"12.8.5"
But in the app when I press the button "Check for RE Tools" it's not detecting Frida, and it looks like this https://github.com/sushi2k/SwiftSecurity/blob/master/swiftsecurity.png?raw=true
If I start the Frida-server on the jailbroken phone, the button turn's red. As the frida-gadget is injected into the app the library should be able to detect it (see https://github.com/securing/IOSSecuritySuite/blob/master/IOSSecuritySuite/ReverseEngineeringToolsChecker.swift#L18).
Any idea why your library is not detecting this "new" injection mechanism in Frida?
Sorry if this post became a bit too long and complicated...
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.