• IOS private Api detection
  • Recently submittedAPPThe audit was abused by apple’s audit personnel do not do not have, has always said that the use of privateAPI
  • But I tried my best and couldn’t figure out where I was using private in my codeAPI, finally found some online detection privateAPIOnly found in the SDK involved in the method
  • So let’s check for privateAPIA brief introduction to the method of

Specify the privateAPI

  • This is the most obvious and most convenient solution to the possible occurrence of private ownershipAPIIn the case
  • Of course, the first thing you need to know about this method is which ones are privateAPI, and then global search in the code, modify, this method is not described here
  • With these methods, I can basically locate third-party libraries using private apis when I look them up

Terminal command

CD to the project directory first

cdTo the project directoryCopy the code

Global search command (note the dot), where prefs is the private API you are searching for

grep -r prefs .
Copy the code

If private API belong to similar GraphicsServices. Framework, etc. The framework of the third party libraries, then the global search and found impossible to detect the existence of the library, should be a private library, you can also use

grep -r GraphicsServices .
Copy the code

Here, to solve the problem of the private API of the third party library mentioned above, is to directly replace the new SDK. Of course, if the new third party library also has private API, then it can only be discarded, otherwise there is basically no solution

stringsdetection

This method uses the ipA package detection that has been packaged

  • First you have one that you can submit for reviewipaIs a package that needs to be submitted to Apple for review, not for testingrelease
  • williparenamezipFormat, you can also use the decompression tool directly to decompress, if there are two foldersPayload,Symbols, it is OK
  • cdtoPayloadThe inside of theapp
cd /Users/xxx/Downloads/xxx\ 2018-07-16\ 15-00-36/zcmlc/Payload/xxx.app
Copy the code

Then execute, where test is the name of the app you are searching for, and API is the private API you are searching for

strings - -a -arch armv7 "test" | grep api
Copy the code

In addition to the above command, there is a second command search, generate a file, you can go to find

strings - -a -arch armv7 "test" > test.txt
Copy the code

Proprietary API detection tools

This section describes how to use ios-private-api-checker. For details, see ios-private-api-checker