Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[DETECTION] flutter security plugin rules #428

Open
AbhiTheModder opened this issue Dec 13, 2024 · 0 comments
Open

[DETECTION] flutter security plugin rules #428

AbhiTheModder opened this issue Dec 13, 2024 · 0 comments
Labels
detection-issue Bad detection or no detection

Comments

@AbhiTheModder
Copy link
Contributor

AbhiTheModder commented Dec 13, 2024
edited
Loading

Sample: com.swisssign.swissid.mobile
Version: 5.2.9
VersionCode: 541210657

flutter_jailbreak_detection:
https://pub.dev/packages/flutter_jailbreak_detection

flutter_security_checker:
https://pub.dev/packages/flutter_security_checker

Possible Detection points:
Dex:
flutter_jailbreak_detection:
Lappmire/be/flutterjailbreakdetection/FlutterJailbreakDetectionPlugin
flutter_security_checker: Lcom/pravera/flutter_security_checker/FlutterSecurityCheckerPlugin

Also rootbear (libtoolChecker.so/Lcom/scottyab/rootbeer/RootBeer;) seems to be undetected.

APKiD current results...

[+] APKiD 2.1.5 :: from RedNaga :: rednaga.io
[*] SwissID_5.2.9_apks.apk
 |-> anti_vm : emulator file check, possible VM check
[*] SwissID_5.2.9_apks.apk!classes.dex
 |-> anti_vm : Build.FINGERPRINT check, Build.MANUFACTURER check
 |-> compiler : unknown (please file detection issue!)
 |-> yara_issue : yara issue - dex file recognized by apkid but not yara module
[*] SwissID_5.2.9_apks.apk!classes2.dex
 |-> anti_debug : Debug.isDebuggerConnected() check
 |-> anti_vm : Build.FINGERPRINT check, Build.HARDWARE check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, Build.TAGS check, possible VM check
 |-> compiler : unknown (please file detection issue!)
 |-> yara_issue : yara issue - dex file recognized by apkid but not yara module
[*] SwissID_5.2.9_apks.apk!classes3.dex
 |-> anti_debug : Debug.isDebuggerConnected() check
 |-> anti_vm : Build.FINGERPRINT check, Build.MANUFACTURER check, Build.TAGS check, SIM operator check
 |-> compiler : unknown (please file detection issue!)
 |-> yara_issue : yara issue - dex file recognized by apkid but not yara module
[*] SwissID_5.2.9_apks.apk!classes4.dex
 |-> compiler : unknown (please file detection issue!)
 |-> yara_issue : yara issue - dex file recognized by apkid but not yara module
[*] SwissID_5.2.9_apks.apk!classes5.dex
 |-> anti_vm : Build.BOARD check, Build.FINGERPRINT check, Build.HARDWARE check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, Build.TAGS check, emulator file check, possible VM check, possible ro.secure check, ro.kernel.qemu check
 |-> compiler : unknown (please file detection issue!)
 |-> yara_issue : yara issue - dex file recognized by apkid but not yara module
[*] SwissID_5.2.9_apks.apk!classes6.dex
 |-> compiler : unknown (please file detection issue!)
 |-> yara_issue : yara issue - dex file recognized by apkid but not yara module
@AbhiTheModder AbhiTheModder added the detection-issue Bad detection or no detection label Dec 13, 2024
@AbhiTheModder AbhiTheModder changed the title [DETECTION] Add FlutterJailbreakDetectionPlugin rule [DETECTION] FlutterJailbreakDetectionPlugin rule Dec 13, 2024
@AbhiTheModder AbhiTheModder changed the title [DETECTION] FlutterJailbreakDetectionPlugin rule [DETECTION] flutter security plugin rules Dec 13, 2024
@AbhiTheModder AbhiTheModder closed this as not planned Won't fix, can't repro, duplicate, stale Dec 14, 2024
@enovella enovella reopened this Dec 16, 2024
AbhiTheModder added a commit to AbhiTheModder/APKiD that referenced this issue Dec 17, 2024
@AbhiTheModder
Anti-Root & Flutter Sec. Plugins rednaga#428
fd8a1e2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
detection-issue Bad detection or no detection
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@enovella @AbhiTheModder