Closed PoomSmart closed 5 years ago
I haven't exactly documented my methods fully, but querying /Applications
(by itself) is actually allowed - as evident on line 2493 on Tweak.xm: [shadow addPath:@"/Applications" restricted:YES hidden:NO];
(hidden:NO
is the option that allows exact path queries)
Subpaths of /Applications
are restricted, while /Applications
itself is allowed. Additionally, there are hardcoded whitelisted apps under /Applications
with restricted:NO
(also seen in the next lines).
I believe K PLUS is an application on the App Store that checks for system applications that normally exist, such as AppStore.app
. Other jailbreak detection bypasses actually restrict /Applications
outright and trigger this detection mechanism.
Thanks for clarification. Other than that, restrict /bin/cp
and /bin/su
also
Thanks for clarification. Other than that, restrict
/bin/cp
and/bin/su
also
[shadow addPath:@"/bin" restricted:YES hidden:NO];
[shadow addPath:@"/bin/df" restricted:NO];
[shadow addPath:@"/bin/ps" restricted:NO];
Implicit restriction - df and ps seem to appear on stock rootfs so those are not restricted 😄
Restricting
/Applications/
is incorrect. There are apps that check exactly if this path exists. When it returns NO, this is rather suspicious and therefore caused by a jailbreak tweak.