search

securing / IOSSecuritySuite

iOS platform security & anti-tampering Swift library
https://www.securing.biz/
Other
2.27k stars 272 forks source link

Why some VPNs like OpenVPN are not detected by this library? #125

Closed umar5009 closed 1 month ago

umar5009 commented 1 month ago

I have recently applied this library to my iOS application to stop users to use my app when VPN is turned ON, but seems like this library is compromised by some VPNs e.g OpenVPN and some other VPNs. When I deeply analyzed the library's check amIProxied() func then I realized that its only checking two of the retainedValues "HTTPProxy" and "HTTPSProxy" as given below in the source code. Is it possible we can take a look and update that library with some more secure checks of detecting all the VPNs if not 100% then at least 95% of them should be detected.

internal class ProxyChecker { static func amIProxied() -> Bool { guard let unmanagedSettings = CFNetworkCopySystemProxySettings() else { return false }

let settingsOptional = unmanagedSettings.takeRetainedValue() as? [String: Any]

guard  let settings = settingsOptional else {
  return false
}

return (settings.keys.contains("HTTPProxy") || settings.keys.contains("HTTPSProxy"))

} }

r3ggi commented 1 month ago

Implemented in 2.1.0 🚀

let amIProxied: Bool = IOSSecuritySuite.amIProxied(considerVPNConnectionAsProxy: true)