Geek Answers Handbook

How to identify IAPFree and IAPCracker

I was looking for a way to detect people using IAPCracker in my application.

Recently I found this useful post How to detect "LocallAPStore" - a new iap cracker and used it to protect some of my in-app purchases.

Now I have found a new hacking source in the application ... you know. So I set up this new setting called IAPFree, which has become a new way to crack IAP. I tested it on some applications and my own application, and it worked, which is not very good!

enter image description here

I tried to detect it just like IAPCracker:

if ([[NSFileManager defaultManager] fileExistsAtPath:@"/Library/MobileSubstrate/DynamicLibraries/iap.dylib"]){ NSLog(@"IAP Cracker detected"); }

But the file name, unfortunately, was changed to "iapfree.core.dylib" (I opened IFile and found the file in the same directory).

Now I thought I could just replace the directory. However, this did not work! I used this code to somehow detect it:

 if ([[NSFileManager defaultManager] fileExistsAtPath:@"/Library/MobileSubstrate/DynamicLibraries/iapfree.core.dylib"]){ NSLog(@"IAPfree detected"); }else{ NSLog(@"No IAPFree found"); }

I thought it would be a random error, and I tried it with other files in the same directory. They really worked!

I can not understand what the problem is with this file. I think this may be caused by ".core", but I really don't know.

Do you know how to solve a problem or detect it differently?

+4
source share
2 answers

The best way (also the only way to "approve Apple") to solve this problem is to check the tricks for buying applications on an external server, and not for an attacker! There are many third-party services that make this fairly easy, and some even free.

Alternatively, you can simply check receipts locally, as shown here and here (full disclosure, this is my blog;)). It has some advantage (easier, it works even if the verification server is not available or inaccessible), but, of course, new hacking systems can trick it.

Here is some code: when you check payQueue (inApp protocol callback), you can do something like this:

 - (void)paymentQueue:(SKPaymentQueue *)queue updatedTransactions:(NSArray *)transactions { for (SKPaymentTransaction *transaction in transactions) { switch (transaction.transactionState) { case SKPaymentTransactionStatePurchased: case SKPaymentTransactionStateRestored: { [self checkReceipt:[_productIdentifierList objectAtIndex:0] transazione:transaction]; [self finishPaymentTransaction:transaction]; } break; case SKPaymentTransactionStateFailed: { [UIView msgBox:@"Transaction Error" title:@"Errore"]; [self finishPaymentTransaction:transaction]; } break; default: break; } } } - (void) checkReceipt:(SKProduct *)prodotto transazione:(SKPaymentTransaction *)transaction { NSString*ricevuta = [[NSString alloc] initWithData:transaction.transactionReceipt encoding:NSUTF8StringEncoding]; NSRange hackTest = [transaction.transactionIdentifier rangeOfString:@"com.urus.iap"]; // ok if this not found NSRange hackTest2 = [transaction.transactionIdentifier rangeOfString:@"PUT HERE YOUR INAPP ID"]; // TODO: PUT HERE YOUR INAPP ID if (hackTest.location == NSNotFound && hackTest2.location == NSNotFound) { // it pass the local test: receipt is probably good } else { // invalid receipt, fake for sure, cancel buying... } }

note that you should put your inApp code in the "hackTest2" check: so if you have several products, you can do a loop ...

+4
source

Also check "IAPFreeService.dylib"

Hope this helps.

-1
source

More articles:


All Articles