Repackaging detection
View product
v1.0.2
Repackaging detection is a security feature that detects if the application was modified and re-signed with a different signing certificate.
iOS Setup
To properly configure the repackage detection, you need to get the Base64 encoded string of your signing certificate:
- Open the
Keychain Access
application. - Find a certificate that will be used to sign your application, for example, “Apple Development: Jan Tester (c)”.
- Right-click on the item and click “Export…”.
- Export the certificate in the
.cer
format. - Open up the terminal and
cd
into the folder with your exported certificate. - Encode the certificate in Base64 with
cat your_exported.cer | base64
. - Copy the output of the command and use it as a parameter for the repackage detection configuration:
const configuration = {
apple: {
rasp: {
repackage: {
action: "NOTIFY",
trustedCertificates: [ "BASE64" ]
}
}
}
}
Android Setup
The same feature can be configured also for Android platform. At first, follow the steps from Obtaining Signature Hash document available from the Malwarelytics for Android SDK.
Once you have the signature hash, then alter your configuration:
const configuration = {
android: {
rasp: {
repackage: {
action: 'NOTIFY',
signatureHash: [ "HEXADECIMAL-HASH" ]
}
}
}
}
Last updated on May 09, 2023 (12:32)
View product