Link Search Menu Expand Document

Lack of Jailbreak/Root Check in Android

Play SecureFlag Play Android Labs on this vulnerability with SecureFlag!

Prevention

For this reason, developers might consider augmenting applications destined for Android devices with a root status detection function that, in the event of a root identification, either shuts down the application or at the very least notifies the user.

Checking whether a device is rooted or not is not easy due to the vast variability of devices. Thus, developers are advised against implementing their own in-house root detection mechanism; instead, a third-party library stocked with (hopefully) an extensive list of checks should be used.

RootBeer is one of such libraries. As you can see, its usage is quite straightforward:

RootBeer rootBeer = new RootBeer(context);
if (rootBeer.isRooted()) {
    // TODO notify the user or shutdown
}

Keep in mind, however, that this is a best-effort endeavor, so much so that it is perhaps more apt to switch terms and adopt “root indication” instead of “root detection”.

Also note that in a real world application any root detection approach should be paired with a strong anti-tampering protection to avoid that the used could patch the application and remove the root check.

References

OWASP - Code Tampering

Secure an Android Device