No Root/Jailbreak Detection

Description

Without robust root/jailbreak detection and response, attackers can run the app on compromised devices with powerful hooking frameworks, intercept traffic, and tamper with storage and runtime.

Examples

Bypass Naive Checks

Basic checks for su binaries or known package names are easily bypassed. Use Frida to patch return values:

frida -U -f com.example.app -l - --no-pause <<'JS'
Java.perform(function () {
  var Sec = Java.use('com.example.app.security.RootChecks');
  Sec.isDeviceRooted.implementation = function () { return false; };
});
JS

If the app continues to function normally on a rooted device, detection is insufficient.

Remediation

Layered detection and response
- Combine file, syscall, hook, and environment checks; degrade functionality or block sensitive flows.
Attestation
- Enforce Play Integrity/SafetyNet or App Attest to detect compromised environments.
Protect critical paths
- Gate secrets and high‑risk actions behind server checks; assume client signals can be spoofed.

Haxoris Wiki

No Root/Jailbreak Detection

Description

Examples

Bypass Naive Checks

Remediation