Jailbreak Detection Megaissue #48
Comments
imnltsa
added
bug
This doesn't address the issue at hand; the problem still exists with RootHide as a whole. Removing all files doesn't fix the fact that there's something wrong with the bootstraps anti-jb detection. Plus, this is an issue for ALL apps that have jailbreak detection, you need somewhere to complain about it. This is that place. Running varClean with 'select all' is a fix for people ditching/coming to the bootstrap, but certainly not one for people that want to keep using it. |
|
follow this: 1: enable tweak for all trollstore apps 2: install roothide manager in sileo, try varClean all in roothide manager, some files may not be deleted automatically and you need to do it manually in filza. |
How does this affect people who want to still use the bootstrap? This is fine for people leaving the bootstrap but deletes pretty important stuff if you want to continue using it. |
1: Some users have installed other bootstrap with /var/jb before, and it is very easy to detect. 2: Some apps installed in the trollstore may be detected as jailbroken, not just because of URLSchemes. after enabling tweaks for them, Bootstrap will automatically hide some features for them. 3: Some tweaks and jailbreak apps (including apps installed in the trollstore) will generate some files in /var/ of the rootfs, which will also be used by the app to detect jailbreaks. they can be cleaned using roothide manager's varClean, and we strongly recommend tweaks and jailbreak apps should store their data and configuration in jbroot's /var/ rather than rootfs's /var/. |
What can people do to mitigate detection without doing a full varClean (data loss, I know a loss of preference bundles is guaranteed, along with files from TrollStore applications like Derootifier or misaka)? Yes, you should wipe previous jailbreak files, but you can't necessarily tell which files are used in the current bootstrap or utilized by your TrollStore apps. |
|
whether it is a tweak or a trollstore app/jailbreak app, data and configuration should be stored in the sandbox container or jbroot:/var/, not rootfs:/var/. the roothide manager can help users find files stored in rootfs:/var/ that may lead to the detection of jailbreak. once the future tweaks store data and configuration in the sandbox container or jbroot:/var/, then we can get rid of this is a legacy issue from history, but it will take time. In rootihde jailbreak (such as roothide dopamine), the tweak preferences will be automatically redirected to jbroot for storage by cfprefsd-hook, but in Bootstrap we are not able to achieve this yet. |
|
Question. Idk if I ask this here. If I have a phone without JB but only ts. And want to install and use roothide bootstrap for sileo can banking/gov apps detect this process and/or are there steps to avoid this issue? Essentially what I want to know is if roothide bootstrap can be detected as JB. |
any behavior beyond the scope allowed by apple may be detected as a jailbreak, including trollstore. even if you only use a developer certificate to sideload some apps (such as filza), some appstore apps may report that your device is jailbroken. the significance of roothide is that it provides a universal solution to these troubles. |
|
Hello, i have recently encountered my banking app that detect my JB, iphone 14 pro max ios 16.6.1, i have been using the app without no bypass tweaks and it was fine for almost 2 weeks until yesterday it detected as My device is unsecured Bc of jailbreak. I followed the uninstallation method from A to Z and yet i still get the window saying “Device is unsecured” https://apps.apple.com/kw/app/gulf-bank-mobile-banking/id1577206679 ^ this is the link to my banking application |
This comment was marked as off-topic.
This comment was marked as off-topic.
|
TrueMoney Wallet App update to version 5.52.0 for jailbreak detection on bootstrap previously version 5.51.0 works fine after downgrade by appstore++ PS. No Filza installed |
This comment was marked as resolved.
This comment was marked as resolved.
After doing varClean I was able to access the app. But only after opening Sileo. It can be detected Even though I didn't install any tweaks.
|
|
You may be able to use a Shortcut to open the app if you have openssh installed. SSH into 127.0.0.1, and run a command that removes You can then add this Shortcut to your homescreen and use that to open the application. Note, you will not get notification badges on that icon, and opening the application with ANY other means will trip jailbreak detection once more. |
This comment was marked as spam.
This comment was marked as spam.
|
I manage to fixed jailbreak detection, I'm using Gcash app from philippines and the app detected jailbroken even I did not enable from bootstrap. I fixed it by deleting jb shortcuts in filza from private/var/ folder you will find shortcuts with white icon |
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
|
This issue has gone off track, please only list apps and tweak solutions / report applications that still detect the presence of a jailbreak. If you need help for a specific application, please do so in the roothide Discord server linked in this repositories Please refer to the FAQ in |
|
Picky app : "NAFATH" detects Dopamine Roothide https://apps.apple.com/sa/app/%D9%86%D9%81%D8%A7%D8%B0-nafath/id1598909871 |
roothide Dopamine or roothide Bootstrap? |
|
Dopamine |
known issue, try this version: |
|
Nice works like a charm thank you |
A lot of the files are detectable. Instead of wiping everything, just delete everything that isn't related to preferences (usually named after the tweak itself and ending in |
Send a list of the files and directories and I'll tell you which ones you should keep.
No apps or tweaks are removed when doing a varClean as it's done in rootfs |
|
Try removing all files and directories BUT the following and see if it fixes your issue:
Directories in |
Just keep an eye out on when it's triggered again and do process of elimination when finding out which file/directory is specifically triggering the detection, and either remove it again or use the shortcut method I linked above to automate it. |
Majority of it was stuff iOS creates on its own. It's safe to delete. |
OpenSSH is provided by the Procursus repository and is available in the Procursus(roothide) repository. You can then SSH into |
I would not delete the folders as a whole (probably broke something, not sure) but delete the specific files/directories that trigger detection (ex. a Filza directory inside the |
Change |
|
all packages from procursus use jbroot as the default filesystem root on roothide, ref to: https://github.com/roothide/Developer/blob/main/vroot.md |
and others
This issue can be used to list off apps that have jailbreak detection advanced enough to detect WITHOUT injection with AppEnabler or even after uninstalling the bootstrap and removing
/private/var/jband/private/var/containers/Bundle/Application/.jbroot-$(jbrand)/along with application data removal.It's not necessarily helpful to link to tweaks which may bypass anything in here since this is an issue on the Bootstrap repo itself, but can narrow it down.
Before commenting, please ensure you 100% do not have anything visible like Filza's URL scheme (Remove Filza from TrollStore and install the no URL scheme version) and any other jailbreak application that may expose their URL scheme. Also, ensure your results aren't stored anywhere by clearing application data by uninstalling and reinstalling the application, assuming the results are stored there.
The text was updated successfully, but these errors were encountered: