25-3/18/1

ios/Runner/SecurityChecks.m

@@ -12,6 +12,7 @@
 #import "SecurityChecks.h"
 #import <sys/stat.h>
 #include <dlfcn.h>
+#import <sys/sysctl.h>
 #include <mach-o/dyld.h> // For _dyld_image_count and _dyld_get_image_name
 #include <unistd.h> // for fork()
 #include <sys/socket.h> //for socket, connect
@@ -89,7 +90,20 @@
 
     return NO; // No jailbreak indicators found
 }
-
++ (BOOL)isDebuggerAttached {
+    int mib[4];
+    struct kinfo_proc info;
+    size_t size = sizeof(info);
+    
+    mib[0] = CTL_KERN;
+    mib[1] = KERN_PROC;
+    mib[2] = KERN_PROC_PID;
+    mib[3] = getpid();
+    
+    sysctl(mib, 4, &info, &size, NULL, 0);
+    
+    return (info.kp_proc.p_flag & P_TRACED) != 0;
+}
 
 // Check for Frida's default port
 + (BOOL)isFridaListeningOnDefaultPort {
@@ -114,6 +128,26 @@
     return NO;
 }
 
+
++ (BOOL)isFridaDetected {
+    int name[] = { CTL_KERN, KERN_PROC, KERN_PROC_ALL, 0 };
+    size_t length;
+    struct kinfo_proc *procs, *proc;
+
+    sysctl(name, 3, NULL, &length, NULL, 0);
+    procs = malloc(length);
+    sysctl(name, 3, procs, &length, NULL, 0);
+
+    for (proc = procs; (char *)proc < (char *)procs + length; proc++) {
+        if (strstr(proc->kp_proc.p_comm, "frida") != NULL) {
+            free(procs);
+            return YES;
+        }
+    }
+
+    free(procs);
+    return NO;
+}
 // Check for loaded dylibs that indicate Frida
 +(BOOL) checkForFridaDylib{
     uint32_t count = _dyld_image_count();
@@ -150,6 +184,12 @@
     if([SecurityChecks checkProcessName]){
         return YES;
     }
+//    if ([SecurityChecks isDebuggerAttached]) {
+//    return YES;
+//    }
+//    if ([SecurityChecks isFridaDetected]) {
+//    return YES;
+//    }
 
     return NO;
 }