talsec
Bypass Every Methods
Hi,
I created a new flutter project to test freerasp capabilities and found out that jailbreak detection could be bypass using hopper and NOP region. I'm also aware that anti tampering protection and other methods are still valid (didn't test to bypass them yet) so even if someone bypass jb detection the framework should still be able to inform the app about that.
So I'm just opening this one to let you know what you probably already know.
Feel free to close this if you think that jb detection bypass is not a big deal and thanks for your amazing framework.
Hello @marcotrumpet ,
thank you for reporting the issue. The jailbreak detection bypass using Hopper and NOP region is quite advanced and will not be a problem in our businessRASP (https://github.com/orgs/talsec/discussions/5). However, we might look if we can help to prevent it in the freeRASP version as well.
Kind regards, Matúš, Talsec developer
Hi, reopening this for different reasons. The previous issue was regarding using NOP in you native talsecruntime framework (so it's a technique valid for nativa iOS and all other platform you support).
Now I want to point out that I'm able to bypass all your methods in the flutter package simply swapping hexadecimal. I used hopper but it should be possible also to do that with vim and no payed license in hopper.
Hi, I'm just wondering if this will be in the new version of the plugin.
Hello @reyesmfabian , it is not yet in the new version of the plugin.
The new version will be mainly about better developer experience, solving the debug vs release integration issues, removing HMS dependencies and enhancing root detection capabilities.