PTS2021

Jailbreak detection mechanisms and how to bypass them
2021-07-05, 14:00–14:35 (Europe/Paris), Zoom room

Some iOS mobile applications try to detect whether they are running on a jailbroken device in order to protect intellectual property, defend against bots or make sure that they run on a relatively secure device.

However jailbroken devices are very useful to observe and reverse applications. Those protected with anti-jailbreak code are then more tedious to reverse thus complicating their security assessment or the development of alternatives.

In this talk we will first present how specific iOS restrictions complicate reverse engineering but also reduce the number of tools that can be used by software protection. Then, we will list different methods available to detect jailbreak. Finally, we will describe how to study and bypass a real-world anti-jailbreak solution with the famous opensource dynamic instrumentation framework Frida.

Eloi (@elvanderb) is one of the Synacktiv's reverse-engineering team tech lead.