检测到Android root?立即卸载应用程序

时间:2016-09-19 11:37:38

标签: android security encryption root

我正在开发一个包含不应泄漏的敏感数据(加密密钥)的应用。该应用程序应该能够在任何时候脱机工作,因此我无法将密钥存储在云中。

当用户拥有root设备时,他可以提取apk并获取密钥。我想阻止这一点。

有没有办法在没有用户确认的情况下立即强制卸载我的应用,一旦检测到root权限?

(或者是否有其他方法来防止密钥泄漏?)

我看了三星Knox,它对数据进行加密并使用硬件位来检测root访问权限,并在设备被篡改后使应用程序和数据无法访问。它工作得很好,但我正在寻找适用于更广泛设备(不仅仅是三星设备)的解决方案。

2 个答案:

答案 0 :(得分:0)

编辑:你想要实现的目标(为加密密钥保存存储,......)并不是那么容易。你应该read this,它可能对你有所帮助。

要卸载您的应用,您可以试试这个(未经过测试!):

Uri packageURI = Uri.parse("package:"+MyMainActivity.class.getPackage().getName());
Intent uninstallIntent = new Intent(Intent.ACTION_DELETE, packageURI);
startActivity(uninstallIntent);

在根检测方面,不仅有“最佳”解决方案。有多种方法可以帮助您入门:

/** @author Kevin Kowalewski */
public class RootUtil {
    public static boolean isDeviceRooted() {
        return checkRootMethod1() || checkRootMethod2() || checkRootMethod3();
    }

    private static boolean checkRootMethod1() {
        String buildTags = android.os.Build.TAGS;
        return buildTags != null && buildTags.contains("test-keys");
    }

    private static boolean checkRootMethod2() {
        String[] paths = { "/system/app/Superuser.apk", "/sbin/su", "/system/bin/su", "/system/xbin/su", "/data/local/xbin/su", "/data/local/bin/su", "/system/sd/xbin/su",
                "/system/bin/failsafe/su", "/data/local/su", "/su/bin/su"};
        for (String path : paths) {
            if (new File(path).exists()) return true;
        }
        return false;
    }

    private static boolean checkRootMethod3() {
        Process process = null;
        try {
            process = Runtime.getRuntime().exec(new String[] { "/system/xbin/which", "su" });
            BufferedReader in = new BufferedReader(new InputStreamReader(process.getInputStream()));
            if (in.readLine() != null) return true;
            return false;
        } catch (Throwable t) {
            return false;
        } finally {
            if (process != null) process.destroy();
        }
    }
}

答案 1 :(得分:0)

我认为立即卸载应用程序不是解决方案,您必须找出根目录在哪里,并提防magisk manager应用程序,否则可以绕开根目录检测 您可以尝试使用Rootbeer,roottools进行根检测或创建根类。 使用Rootbeer作为魔法管理器 

//root example you can call this class.
public static boolean findBinary(String binaryName) {
    boolean found = false;
    if (!found) {
        String[] places = { "/sbin/", "/system/bin/", "/system/xbin/",
                "/data/local/xbin/", "/data/local/bin/",
                "/system/sd/xbin/", "/system/bin/failsafe/", "/data/local/",
                "/system/app/Superuser.apk", "/sbin/su", "/sbin/su/", "/system/bin/su","/system/bin/su/",
                "/system/xbin/su", "/system/xbin/su/", "/data/local/xbin/su", "/data/local/bin/su", "/system/sd/xbin/su",
                "/system/bin/failsafe/su", "/data/local/su", "/su/bin/su", "/su/",
                "/data/local/xbin/",
                "/system/bin/.ext/",
                "/system/bin/failsafe/",
                "/system/sd/xbin/",
                "/su/xbin/",
                "/su/bin/",
                "/magisk/.core/bin/",
                "/system/usr/we-need-root/",
                "/system/xbin/",
                "/system/su","/system/bin/.ext/.su","/system/usr/we-need-root/su-backup",
                "/system/xbin/mu",
                "/system/su/","/system/bin/.ext/.su/","/system/usr/we-need-root/su-backup/",
                "/system/xbin/mu/"};
        for (String where : places) {
            if (new File(where + binaryName).exists()) {
                found = true;
                break;
            }
        }
    }
    return found;
}
private static boolean isRooted() {
    return findBinary("su");
}

将其用于卸载应用程序(已测试)

Intent intent=new Intent(Intent.ACTION_DELETE);
String packageName = "yourpackagename";
intent.setData(Uri.parse("package:"+packageName));
startActivity(intent);
相关问题
最新问题