[Discussion] Magisk Delta - Another unofficial third-party Magisk fork

Search This thread
By:
Advanced…
M

mGforCe

Senior Member
Dec 3, 2007
1,443
396
Mumbai
New Version Up!

3b9db6e6-delta

- [General] New way to recover bootloop: Rename magisk.apk to disabler.zip and flash in Recovery to installing Magisk + enable Core-only mode
- [General] Sync upstream source code to d740bbe0
 
  • Like
Reactions: xabier-bo and m0han
m0han

m0han

Senior Member
Apr 30, 2012
5,432
2,549

Attachments

  • Screenshot_20230206_100143.jpg
    Screenshot_20230206_100143.jpg
    368.4 KB · Views: 146
huongthanh8690

huongthanh8690

Senior Member
Dec 24, 2012
316
91
Ha Noi
Asus Zenfone Max Pro M2
I removed the old version 25.2, and flashed magisk delta in recovery Cdroid 9.1 .granted root permissions for apps..but when I open adaway or lucky patch app I don't have root privileges......anyone has the same problem as me. ...I have to reinstall version 25.2
Thanks
 
martyfender

martyfender

Senior Member
Mar 9, 2017
3,351
1,826
Indianapolis, IN
huongthanh8690 said:
I removed the old version 25.2, and flashed magisk delta in recovery Cdroid 9.1 .granted root permissions for apps..but when I open adaway or lucky patch app I don't have root privileges......anyone has the same problem as me. ...I have to reinstall version 25.2
Thanks
Click to expand...
Click to collapse
The mention of Lucky Patcher, a tool that can be used for piracy, among other things, is ban per xda rules, just to remind you.
 
  • Like
  • Haha
Reactions: onimorza and agraceful
Scorp123

Scorp123

Senior Member
Aug 14, 2012
456
141
Thank you for continuing this all but essential mod for android and getting my banking apps working properly again 👍
Donated
 
  • Love
Reactions: huskydg
huskydg

huskydg

Senior Member
Feb 17, 2021
407
475
Revive MagiskHide from Magisk v23.0
  • The implementation of MagiskHide is ptrace Zygote process, every forks of Zygote will be notified and traced also.
  • MagiskHide from Magisk v23.0 which monitors every thread spawn event of Zygote fork (app process is heavily a multithreads process which will spawn threads to trigger MagiskHide to check UID and cmdline)
  • There is an exception that app zygote does not spawn threads and thus it won’t trigger MagiskHide to unmount Magisk and detach. (MagiskDetector and Momo take advantages of this fact to detect MagiskHide through ptrace)
  • To fix this problem, we trace the syscalls prctl() instead of thread spawn event of Zygote fork like MagiskHide in Magisk v23.0
  • After processes has been forked from zygote, there will be atleast prctl() is called to change the process name. For normal app process and isolated process, the process name will be changed as followed:
    • zygote -> (unknown name) -> <pre-initialized> -> (process name). So the key is <pre-initialized>, after that we can guess it is target process or not.
  • For app zygote, there is only once prctl() is called to change process name: zygote -> package.name_zygote.
  • The changing process name happens before apk is being loaded so we can detach it from ptrace, do unmount all Magisk files and nearly there is no traces left after that.
 
  • Like
Reactions: Legoman6, xabier-bo, pocketrule and 4 others
H

hanschke

Senior Member
Mar 30, 2007
1,761
243
I have installed latest canary delta and enable magisk hide and disable the list wiht play store, play services and wallet for hide and the universal safeftynet fix 2.4. mod 1 but I cannot install wallet because of root detection :(
 
N

Nightf0x_007

Senior Member
Nov 5, 2012
735
81
Nightf0x_007 said:
Still failing cts test here, do u have any other modules installed ?
Click to expand...
Click to collapse
keithh77 said:
For me, applying the reset-sensitive-props.zip corrected it, after applying riru-new-loader-v2.zip.
Click to expand...
Click to collapse
Switched from riru to zygisk & installed latest usnf module 2.4.1 mod 1.1, now everything is working normally, passing safetynet & integrity tests, the good thing is magiskhide is working with zygisk & thats the most imp. Thing to me as my bank & id apps detects root with anything else apart from magiskhide
 
  • Like
Reactions: pocketrule and optoluctor
O

optoluctor

Member
Jan 13, 2008
7
4
Google Pixel 5
Google Pixel 7
Nightf0x_007 said:
Still failing cts test here, do u have any other modules installed ?
Click to expand...
Click to collapse
(Riru 26.1.7 r530, MagiskHider 0.0.13 & UNSF 2.4.0)
CTS eventually fails for me two, as indicated by GWallet this morning. SCheck confirmed CTS fail. Whatever false positive I'm experiencing lasts for an hour or so after boot if reset-sensitive-props is running.
Nightf0x_007 said:
Switched from riru to zygisk & installed latest usnf module 2.4.1 mod 1.1, now everything is working normally, passing safetynet & integrity tests, the good thing is magiskhide is working with zygisk & thats the most imp. Thing to me as my bank & id apps detects root with anything else apart from magiskhide
Click to expand...
Click to collapse
Following your lead, switched to zygisk and UNSF 2.4.1 mod 1.1.
SCheck passed all, but banking app failed. Then, enabled new zygisk loader option and banking app passes.
All seems good now, thank you
 
  • Like
Reactions: pocketrule, Nightf0x_007 and zgfg
N

Nightf0x_007

Senior Member
Nov 5, 2012
735
81
keithh77 said:
(Riru 26.1.7 r530, MagiskHider 0.0.13 & UNSF 2.4.0)
CTS eventually fails for me two, as indicated by GWallet this morning. SCheck confirmed CTS fail. Whatever false positive I'm experiencing lasts for an hour or so after boot if reset-sensitive-props is running.

Following your lead, switched to zygisk and UNSF 2.4.1 mod 1.1.
SCheck passed all, but banking app failed. Then, enabled new zygisk loader option and banking app passes.
All seems good now, thank you
Click to expand...
Click to collapse
Use magiskhide and hide the bank apps, i turned off zygisk new loader as it causes repainter app to stop working & im using it
 
You must log in or register to reply here.

Similar threads

T
  • Sticky
Magisk General Support / Discussion
Replies
55K
Views
6M
D
dd805bb
T
  • Locked
  • Sticky
Magisk - The Magic Mask for Android
Replies
56
Views
6M
T
topjohnwu
T
  • Locked
[CLOSED][BETA][2018.7.19] Magisk v16.7 (1671)
Replies
7K
Views
3M
T
topjohnwu
yochananmarqos
  • Sticky
Collection of Magisk Modules v2
Replies
1K
Views
1M
J
jacomail95
Heisenberg
[Discussion] PokeMon Go Magisk Discussion Thread
Replies
5K
Views
635K
djkrish5610
djkrish5610

Top Liked Posts

24 Hours 30 Days All time
  • 3
    zgfg
    zgfg
    RootedLee said:
    @zgfg if I may ask: on how many of your mobile android devices do you have Magisk Delta installed? And are you in general happy with HuskyDG's fork, compared to the original?
    Click to expand...
    Click to collapse
    I have Delta on my daily and official Canary on the spare phone

    Previously I had the opposite way but since I was ok with Delta for several months, since it was ok (and since I needed better hiding), I put Delta to the daily driver
    View
    2
    m0han
    m0han
    krakout said:
    Like which one? I don't remember seeing any...
    Click to expand...
    Click to collapse
    @kevinco1, Is this one? https://github.com/pantsufan/Magisk-Ad-Blocking-Module/
    View
    2
    _litz
    _litz
    krakout said:
    Basically this showcases the problem with Magisk modules - hasn't been updated in there months, hence hosts file is rather old...
    Click to expand...
    Click to collapse
    Yes, that's why I switched to the adguard dns service, it offloads the blocking, and also since you can define lists, remains current.
    View
    2
    krakout
    krakout
    Very.
    View
    2
    kevinco1
    kevinco1
    m0han said:
    @kevinco1, Is this one? https://github.com/pantsufan/Magisk-Ad-Blocking-Module/
    Click to expand...
    Click to collapse

    Yep, you beat me to it!
    View
  • 6
    huskydg
    huskydg
    I raised new issue on safetynet fix repo, don't know if kdrag0n will take a look https://github.com/kdrag0n/safetynet-fix/issues/269
    View
    4
    A
    asripath
    From delta telegram about sulist usage
    1.
    Tips: In order to make modules more compatible with SuList, Magisk Delta supports mount module for SuList apps again after all modules file are directly unmounted from zygote process. However, it is better to enable Core-only mode before switching to SuList, add necessary apps to load modules then enable modules and reboot. If there is something wrong (SystemUI crashs), you can connect your device to adb and disable sulist by this command and reboot:

    adb shell su -c magisk --hide sulist disable


    Theme modules usually need SystemUI, Settings and Launcher to always be added to SuList to prevent crashing, there might be additional apps need to be added also

    2.
    This module will help you to add all module apps to sulist to prevent crashing. It uses aapt binary to parse the package name of apk (I forgot the source) As it is heavy to add code that automatically add module files to Magisk Delta, I won't add it.
    sulist-auto-whitelist.zip
    View
    4
    zgfg
    zgfg
    uschipower said:
    I am just switched from official magisk to Delta magisk because many of my banking apps detect root/modification on my device
    just some questions:

    - do I have to uninstall official magisk after installation of delta magisk; or should I uninstall official magisk?
    - I have alread installed bootloop-protect module from huskydg in official magisk. Do I have remove it before enabling it in delta magisk?
    - regarding Hide-my-Apps from Dr-TSNG, is Xpsosed-module compatible with Delta Magisk?
    - Is HMA still neccessary in Delta Magsik? I suppose Magisk doesnt only hide root and magisk, but not other apps, right?

    - I als read this about SUlist:
    Are Xposed-modules like HMA modules which I should enable in Core-only mode before switching to SuList?

    Thanks for your help
    Click to expand...
    Click to collapse
    About switching to SuList, read the discussion here, above, from Saturday

    LSPosed modules, incl HMA are compatible with Delta and SuList, but for Enforce SuList, all their apps like HMA apk must be checked in the Configure SuList - again, see the posts above

    Btw, MagiskHide (the concept, and the need for) is different than HMA. By MagiskHide you hide the Magisk itself - by HMA you hide applications that may give a clue that you have Magisk installed (like, why would you have Magisk app installed if you don't have Magisk, hence you have to hide Magisk app by HMA from some 'banking' app that look if the Magisk app is installed, etc)

    And SuList is just MagiskHide - but applied through the whitelist SuList. Ie, Magisk is hidden from all apps except those (few) specifically listed in the SuList

    'Normal' MagiskHide (by default in Delta) means the blacklist - it hides only from those apps specifically listed in the MagiskHide list

    And MagiskHide is the old concept from Magisk v23-, better for hiding than the (new) DenyList in the official Magisk (actually, DenyList is not for hiding, that's why you additionally need Shamiko for the official Magisk)

    But for modules it's the same - just don't use Shamiko in Delta since it's not compatible with MagiskHide (Shamiko is for DenyList).
    And some modules like Bootloop protection are built-in - in the Delta app settings you have an option to enable Bootloop protection or not
    View
    3
    huskydg
    huskydg
    Cristiano Lira said:
    What? So rude. The bank app was working on the same rom before, so the most probable was that it was detecting magisk.
    Click to expand...
    Click to collapse
    Rude? You don't even say what it is (your bankinh app)
    View
    3
    P
    pndwal
    Moved from @Displax USNF fork thread...
    crypticc said:
    Hello

    @huskydg module from this thread helped me find how my Citibank uk app was detecting root... Portable MagiskHide: https://github.com/HuskyDG/magiskhide/tree/v1.6

    This module doesn't need Zygist. Installing module and with Zygist disabled instead of Shamiko then banking app works.

    I take it to mean app is looking for either Zygote or Shamiko.

    The problem was that @Displax USNF mod fix needs zygist and on reboot without that I fail PlayStore certification and Wallet "device does not meet security requirements", even though banking app still worked.

    Enabling zygist to turn on USNF, while leaving Shamiko disabled then allows PlayStore and wallet to work, but Banking app detects root (zygist) again.

    So I think my issue is zygist which (HuskyDG) magiskhide module doesn't need, but USNF does.

    Any ideas how I can have my cake and eat it? USNF and MagiskHide module from the Delta without triggering Zygist?

    Thanks,
    Chris

    P.s. I'd already tried fully paid Storage Isolator / AppOps etc. and had already ruled out file access.
    Click to expand...
    Click to collapse
    Is there a reason you link v1.6?... Latest here:
    https://github.com/HuskyDG/magiskhide

    Others have used it in combination with Riru hooking framework and Riru USNF... @huskydg solution is here:
    https://github.com/HuskyDG/safetynet-fix

    Apparently banks may now be detecting even Riru again... @huskydg has a fork of Riru that alters loading... it is experimental, but may be better able to hide itself... Here:
    https://github.com/HuskyDG/Riru

    Other @huskydg forked modules that may or may not help:
    https://github.com/HuskyDG/riru-momohider
    and
    https://github.com/HuskyDG/riru-unshare

    Nb. MomoHider module was an improvement over Unshared...

    OP may have better configuration information, and you may find technical details in his TG discussions... 🤠 PW
    View
  • 50
    huskydg
    huskydg
    This is not an officially supported topjohnwu project.
    If you are looking for official Magisk source, please go to this page


    Introduction

    Custom Magisk fork by HuskyDG. Sync with official Magisk adding back MagiskHide.
    http://huskydg.github.io/magisk-files

    REPORT BUG IS STILL ACCEPTED ON XDA THREAD BUT PLEASE INCLUDE ADDITIONAL INFORMATION SUCH AS LOGCAT AND MAGISK LOG
    View
    7
    huskydg
    huskydg
    .
    View
    7
    huskydg
    huskydg
    Revive MagiskHide from Magisk v23.0
    • The implementation of MagiskHide is ptrace Zygote process, every forks of Zygote will be notified and traced also.
    • MagiskHide from Magisk v23.0 which monitors every thread spawn event of Zygote fork (app process is heavily a multithreads process which will spawn threads to trigger MagiskHide to check UID and cmdline)
    • There is an exception that app zygote does not spawn threads and thus it won’t trigger MagiskHide to unmount Magisk and detach. (MagiskDetector and Momo take advantages of this fact to detect MagiskHide through ptrace)
    • To fix this problem, we trace the syscalls prctl() instead of thread spawn event of Zygote fork like MagiskHide in Magisk v23.0
    • After processes has been forked from zygote, there will be atleast prctl() is called to change the process name. For normal app process and isolated process, the process name will be changed as followed:
      • zygote -> (unknown name) -> <pre-initialized> -> (process name). So the key is <pre-initialized>, after that we can guess it is target process or not.
    • For app zygote, there is only once prctl() is called to change process name: zygote -> package.name_zygote.
    • The changing process name happens before apk is being loaded so we can detach it from ptrace, do unmount all Magisk files and nearly there is no traces left after that.
    View
    6
    huskydg
    huskydg
    Thread re-opened
    View
    6
    P
    pndwal
    zgfg said:
    And now Bingo, with today's Magisk-017cca27-delta(25205), Momo does no more detect Zygisk

    - Zygisk and MagiskHide enabled, Shamiko disabled
    Click to expand...
    Click to collapse
    👍
    zgfg said:
    Btw, maybe I should start thinking of Livin' by Mandiri 😁
    Click to expand...
    Click to collapse
    Interesting analysis from @5ec1cff here:
    https://github.com/5ec1cff/my-notes/blob/master/analyse-livin.md

    Seems Livin / others may use smap for detection... This study discusses TJW's sanitize environment commit not working properly and LSP fixes in Shamiko as well as efforts needed to hide zygisk hooks, esp for functions of libandroid_runtime.so:
    https://github.com/5ec1cff/my-notes/blob/master/new-idea-detect-zygisk.md
    ... I note dev refers to @canye's (Magisk Bravo) analysis of environment variables too...

    This article analyses more recent Zygisk changes and Dev's attempts to hide zygisk /proc/self/attr/current exposure etc:
    https://github.com/5ec1cff/my-notes/blob/master/zygisk-new-start-mode.md
    ... it ends with this conjecture:
    "Maybe it's time to consider loading zygisk with native bridge?"
    More on this and comparison w/ riru hiding / methods and plans for hiding Zygisk here:
    https://github.com/5ec1cff/my-notes/blob/master/maru.md

    Many of the ideas revealed in Dev's notes above are implemented in Magisk Maru fork (and adopted for now in Delta)... See top 4 commits here:
    https://github.com/5ec1cff/Magisk/commits/maru
    ... use of complete native/src/zygisk/elf_util.cpp file from LSPosed in inject with native bridge Is interesting...

    ... Many other interesting notes here:
    https://github.com/5ec1cff/my-notes
    incl. "build-magisk-on-windows" etc...

    ... I've only taken a cursory glance at notes I mentioned...

    Very credible Zygisk hiding efforts for a fork like Delta however... 👍 👀 PW
    View

New posts