Open NewDwarf opened 4 years ago
/private/var/tmp/cydia.log is also not hidden, and some apps use this for detection. Found this website that lists what they use to detect a JB. https://tune.docs.branch.io/sdk/detecting-ios-jailbroken-devices/ It is pretty outdated, but some file checks are not hidden with KernBypass.
I tried to link one-by-one the path under /private/var except for lock and lib but so far no luck.
Someone made a modified version at https://repo.misty.moe, it’s not the best solution but it works.
Hardlinking of the /private/var folder into the /private/var/MobileSoftwareUpdate/mnt1/private/var mirrors all files. It makes impossible to hide, say Cydia metafiles, package management system (apt, dpkg). /private/var/lib/cydia/ -> /private/var/MobileSoftwareUpdate/mnt1/private/var/lib/cydia/
The JB detection based on checking /private/var/lib/cydia/ will still be able to detect jailbroken device.