Rooted device is not detecting (Android - Flutter)

[gailindia]

I am working on flutter 3.16.5 Dart 3.2.3
Pubsec.yaml > freerasp: ^6.9.0
configuration in main.dart:
for signingCertHashes :

String base64Hash = hashConverter.fromSha256toBase64(sha256HashHex);

sha256HashHex is from >> Google Play Console > View App > Setup > App Signing > App Signing Key Certificate > SHA 256.

Future<void> _initializeTalsec(String base64Hash) async {
  final config = TalsecConfig(
    androidConfig: AndroidConfig(
      packageName: 'com.****.*****',
      signingCertHashes: [base64Hash],
      supportedStores: ['com.sec.android.app.samsungapps'],
      malwareConfig: MalwareConfig(
        blacklistedPackageNames: ['com.*****.****'],
        suspiciousPermissions: [
          ['android.permission.READ_SMS', 'android.permission.READ_CONTACTS'],
        ],
      ),
    ),
    iosConfig: IOSConfig(
      bundleIds: ['com.****.****'],
      teamId: '##########',
    ),
    watcherMail: '',
    isProd: true,
  );

  await Talsec.instance.start(config);
}

/// to check if device is rooted i am using 

 threatState.detectedThreats.contains(Threat.privilegedAccess)
          ? Container(
              child: Center(
                child: Text("You cannot access this app"),
              ),
            )
          : SplashScreen(),

but somehow app is working on Rooted device also attaching image

[tompsota]

Hi @gailindia,

Thanks for reporting the issue. We will look at it and provide an update here.

Regards,
Tomas from Talsec

[tompsota]

Hi @gailindia ,

can you send us your package name and watcher mail to [email protected], so that we can see whether the callback is ever triggered?

I recommend using the ThreatCallback class to take appropriate actions when a rooted device is detected, rather than directly inspecting the detectedThreats object. Keep in mind that threat detection takes a brief amount of time after the app starts. As a result, the audit may not be completed by the time the splash screen is displayed, so no immediate reaction might be visible. However, a callback could be triggered shortly afterward.

Additionally, in the code snippet you sent, ensure that you listen to changes to the detectedThreats object to handle future callbacks effectively. This will allow your app to respond dynamically to any new threats that are detected.

Regards,
Tomas

[github-actions]

Hello!
This issue has been marked as inactive. If there is no further activity within the next 14 days, this issue will be automatically closed.
If you believe this issue is still relevant and requires attention, please comment or provide additional information.