device-root/com.pingidentity.device.root.detector/CommandDetector

CommandDetector

abstract class CommandDetector : TamperDetector

Abstract base class for detecting device tampering by checking for the presence of specific commands.

This detector works by attempting to locate commands that are commonly available on rooted or compromised devices using the system's which command. Subclasses must provide the list of commands to check for through the getCommands method.

Common commands that might indicate tampering include:

  • su (superuser access)

  • busybox (advanced command-line tools)

  • magisk (systemless root solution)

  • Custom debugging or hacking tools

The scoring system returns a Double value:

  • 1.0 indicates at least one suspicious command was found (high confidence of tampering)

  • 0.0 indicates no suspicious commands were found

Example usage:

class RootCommandDetector : CommandDetector() {
    override fun getCommands(): Array<String> {
        return arrayOf("su", "busybox", "magisk")
    }
}
Content copied to clipboard

See also

Inheritors

Constructors

Link copied to clipboard
constructor()

Functions

Link copied to clipboard
open suspend override fun analyze(context: Context): Double

Determines if the device has been tampered with by checking for suspicious commands.

Link copied to clipboard
abstract fun getCommands(): Array<String>

Provides the list of commands to check for tampering detection.