Research Article
Android Rooting: An Arms Race between Evasion and Detection
Table 6
Root checking in native library.
| | Package name | Library name | Root detection |
| | Finance App 1 | libXAS_jni.so | /sbin/su
/system/bin/su
/system/sbin/su
/system/xbin/su
/system/xbin/sudo
/system/app/superuser.apk
/system/app/UnRoot.apk
/system/app/Nakup.apk
/data/data/com.noshufou.android.su
/data/data/com/ajantech.app/UnRoot
/data/app/com.noshufou.android.su-2.apk |
| | Government 1 | libsmartmedic.so | Store rooting_pattern information into smartmedic1.db file |
| | Security App 1 | libEngineManager.so | native.startRootCheck |
| | Banking App 1 | libBengine.so | Check /proc/%d/cmdline for su |
| | Banking App 2 | libap1.7.8.so | Check su files
Check Telephony status
Check Wifi status (including MAC address)
Check for noshufou and supersu |
| | Finance App 2 | libap1.7.2.so | Check for noshufou and supersu |
|
|
