[Discussion] Magisk - The Age of Zygisk.

Search This thread

ipdev

Recognized Contributor
Feb 14, 2016
1,745
1
2,946
Google Nexus 10
Nexus 7 (2013)
This is a discussion and help thread for the newer versions of Magisk.

The main goal of this thread is to help users migrate to Magisk v24+
  • SafetyNet
    Basic integrity Pass
    CTS profile match Pass
  • Play Protect certification
    Device is certified

Feel free to discuss or give links to other Magisk related issues.
Fixes for gPay, banking apps and/or other apps and games that detect a 'compromised' Android system.
Please try to restrain from discussing alternative (unofficial) Magisk builds that include changes that were removed or can not be included in the official Magisk builds. 🙃

Please read John's State of Magisk (medium.com)

Starting with the Magisk 23 (23010) canary builds.
  • MagiskHide is removed.
    MagiskHide masked the sensitive properties of the device to hide it from SafetyNet.
    Renaming (repackaging) the Magisk app is/was not part of MagiskHide.
    You still have the option to Hide the Magisk app under setting.​
  • Magisk Module online Repo is removed.
    The Magisk Module online Repo is still available and can be accessed outside of the Magisk app.​
  • Everything SafetyNet is removed.
    This includes the SafetyNet check that was incorporated into the Magisk app.​
  • Zygisk is introduced.
    Zygote + Magisk = Zygisk​
  • The Deny list replaces the Hide list.
    The Hide list (more or less) hid Magisk from the process on the list.
    The Deny list is similar but instead of hiding Magisk from the process, Magisk is unloaded so there is nothing to hide.​

Starting with the Magisk 23 (23017) canary builds.
  • Magisk supports update channels per module.
    Each module can include it's own update link.​
  • Hide Magisk offline.
    You do not need internet connection to rename (repackage) the Magisk app.​

What does this mean?
Not much.
It is just the next step in Magisk's development.
Zygisk is a big step forward. ;)

Even before these changes in Magisk, the xda family and the Android community have always been active and willing to share. :D

Jump to Post


This is post will be updated once Magisk v24 is released.
 
Last edited:

ipdev

Recognized Contributor
Feb 14, 2016
1,745
1
2,946
Google Nexus 10
Nexus 7 (2013)

ipdev

Recognized Contributor
Feb 14, 2016
1,745
1
2,946
Google Nexus 10
Nexus 7 (2013)
Modules

MagiskHide Props Config
This module allows you to add, change and adjust prop values systemlessly using Magisk.​

MagiskHide Props Config Links:

Download Links:

Credits:
Didgeridoohan
All who contribute and support this project.


Universal SafetyNet Fix
It has been a year now since kdrag0n figured out how to 'trick' SafetyNet.
This 'trick' has been implemented properly into quite a few custom roms.
For custom roms that do not include it and/or stock roms, he turned it into a module.​

Universal SafetyNet Fix Links:

Download Links:

Credits:
kdrag0n
All who contribute and support this project.
 

ipdev

Recognized Contributor
Feb 14, 2016
1,745
1
2,946
Google Nexus 10
Nexus 7 (2013)
Apps

Fox's Magisk Module Manager
This app allows you to manage and install Magisk modules.
Including from an online repo.​

Fox's Magisk Module Manager Links:

Download Links:

Credits:
Fox2Code
All who contribute and support this project.


YASNAC - Yet Another SafetyNet Attestation Checker
YASNAC (short for Yet Another SafetyNet Attestation Checker) is an Android app that demonstrates SafetyNet Attestation API.​

YASNAC Links:

Download Links:

Credits:
RikkaW
All who contribute and support this project.
 

ipdev

Recognized Contributor
Feb 14, 2016
1,745
1
2,946
Google Nexus 10
Nexus 7 (2013)
Force Basic Attestation

Newer devices are designed to support hardware attestation.
Currently there is no way to hide the sensitive device properties when checked using hardware attestation.​

To get around this, kdrag0n figured out how trick SafetyNet that the device does not support hardware attestation.
SafetyNet will then fall back to check using basic attestation.

Note:
This method will work for devices that support hardware attestation and devices that do not.
  • Enable Zygisk.
  • Install the USNF module.
  • Reboot

To keep posts short, the instructions are hid by spoiler tags.
If you have not installed Magisk.
Follow the installation link in the Magisk post.​

Download the Universal SafetyNet Fix module.
Download link is in the Modules post.​

  1. Enable Zygisk
    • Open the Magisk app.
    • Go to Settings.
    • Scroll down to the Magisk section.
    • Toggle Zygisk on.
    • Go back to the Magisk Home screen.
  2. Go to Modules.
    • Select Install from storage.
    • Navigate to the Universal SafetyNet Fix module zip file and select it.
  3. Reboot.

The USNF module will adjust the sensitive props that are needed to pass SafetyNet.
Depending on the device and system (ROM) configuration, you might need to adjust a few more.
See the Adjust Prop values post.​
 
Last edited:

ipdev

Recognized Contributor
Feb 14, 2016
1,745
1
2,946
Google Nexus 10
Nexus 7 (2013)
Basic Attestation
<Reserve>
Older devices that can not support hardware attestation there are other options.
  • Enable Zygisk.
  • Enable Denylist.
  • Add com.google.android.gms.unstable to the Denylist.
    • Add com.google.android.gms to the Denylist if needed.
  • Reset the sensitive prop values for the device.

Due to other modules and methods that require DenyList to be inactive, this method is more for reference.

For ease of use and compatibility, I would recommend using the USNF module instead.
See the Force Basic Attestation post.​

This post will be updated in a few days.
 
Last edited:

ipdev

Recognized Contributor
Feb 14, 2016
1,745
1
2,946
Google Nexus 10
Nexus 7 (2013)
Adjust Prop values
<Reserve>
Reset sensitive prop values.
Download the MagiskHide Props Config module.
Open the Magisk app and select the Modules option.
Select Install from storage option.
Navigate to where you saved the MHPC module and select it.
When the install is done, reboot.

Open a terminal app (or adb shell) and type props in the command line.
Make sure to grant root access

Select the Edit MagiskHide props (active) option.
(Currently option number 4)

It will show you the sensitive props that need to be adjusted.
If they all show (active) no changes needed.

If there is a prop value that shows as (enabled, not active) then you need to activate it by selecting it or a for all.
You will be prompted to set MagiskHide sensitive props?
Enter y(es), n(o) or e(xit):

If you are using a custom rom, you might also have to adjust the build fingerprint and security date.
From the MHPC main menu select Edit device fingerprint option.
(Currently option number 1)
Select Pick a certified fingerprint option.
(Currently option f)

Select the latest certified print for your device.
If your device is not listed, choose a device that is close to yours.​

This post will be updated soon.
 
Last edited:

pndwal

Senior Member
Yay! I get post no. 10!

Good to see this thread up Doc! ... How are you linking / promoting it?

Want mentions in Magisk General Discussion thread, or not for now?...

I note that this thread has the advantage of having an active OP...

So what? - Means I can post rubbish and it will be cleaned! ... Love a clean house... Hope you're a good housekeeper @ipdev! 😀 PW
 
Last edited:

pndwal

Senior Member
Hi all,
I'm on TJW's canary 23019.
Does anyone know/could explain what is/are the difference(s) with enforce denylist activated and not activated ?
denylist (which preserves some of MagiskHide infrastructure) is active, or not active...

Nb. For Zy-Shamiko hiding module solution to work, this needs to be deactivated for Shamiko to do the hiding itself; Shamiko just uses the same list for convenience / simplicity... PW

Edit: Lets kickstart things here! 😜
 
Last edited:

zputnyq

Senior Member
Apr 19, 2013
615
277
denylist (which preserves some of MagiskHide infrastructure) is active, or not active...

Nb. For Zy-Shamiko hiding module solution to work, this needs to be deactivated for Shamiko to do the hiding itself; Shamiko just uses the same list for convenience / simplicity... PW

Edit: Lets kickstart things here! 😜
Ok, I get it. Thank you.
I was confused since I use an old device which doesn't really need this part to do the hiding & on v23017 John made that part work along with the configure denylist, I mean configure denylist is greyed out when denylist part isn't active.
 
  • Like
Reactions: pndwal

pndwal

Senior Member
Ok, I get it. Thank you.
I was confused since I use an old device which doesn't really need this part to do the hiding & on v23017 John made that part work along with the configure denylist, I mean configure denylist is greyed out when denylist part isn't active.
You could do worse than read the first 5 posts here! 😉 PW
 
  • Like
Reactions: zputnyq

zgfg

Senior Member
Oct 10, 2016
7,164
4,616
Thanks @ipdev

I tried to put a short help for probably the most frequent posts/questions soon to expect.
(Sorry for cross-posting, I first put to the old and cluttered General Magisk thread but this is now better place)

===

Please carefully read Magisk Changelog and OP posts in this thread

Study the Magisk documentation from the official Magisk Github page - particularly about installing Magisk (if not familiar with patching the image in Magisk app and flashing the patched img from Fastboot- different from the old school about flashing Magisk zip through TWRP)

a) No more MagiskHide. New technology instead (for more or less the same - to help hiding root): Zygisk+DenyList

b) No more built in SafetyNet checker. Install from PlayStore e g: YASNAC to check your SN

c) Modules window does no more connect to the old Modules repository.
You must download module zip files manually and "Install from local storage".
Or search for and install Fox Magisk Module Manager (Fox Mmm) app - it will connect to the new, alternative repository and the old 'official' repo, allowing you to install from both

---

0) If upgrading Magisk and if you previously did "Hide Magisk app/Mngr" from Magisk app/mngr - always "Restore Magisk app/Mngr" before upgrading Magisk

1) Make sure that both Magisk app and Magisk are installed and updated to the new version v24 version. Inspect version numbers on the main Magisk window/page

2) Make sure to uninstall all Riru modules (Riru is not compatible with Zygisk that comes with Magisk v24)

3) Settings, Enable Zygisk and reboot.
Then check on the main window does it show Zygisk Yes

4) Settings, enable Enforce DenyList.
Configure DenyList, enable filters to Show OS and System apps.
Find Google Play Services and check-in only the two processes ending with gms and gms.unstable.
You will have to check in all your banking apps and so as you used with MagiskHide.
Always reboot upon reconfiguring DenyList

5) If SafetyNet does not pass, install USNF 2.2.1 and test again.
Always reboot upon installing a module, also if/when you enable Systemless Hosts

Note: Once you install/enable USNF 2.2.1, it will remove Google Play Services from your DenyList - but don't worry, USNF takes care of GMS

6) If you are on non-certified custom ROM and you still don't pass SN - then you will need Magisk Hide Props Config module - check for and consult the MHCP thread

---

If you want to hide Zygisk, then instal Shamiko module - and you must disable Enforce DenyList (although DenyList must stay configured).

But Shamiko is really not essential (might help for some banking apps but it's irrelevant for SafetyNet)

---

Banking apps - out of scope for this post (also, this thread is about the Magisk v24 itself, not abkut the particular banking apps)

Go to Magisk Github documentation, read Wiki, there is a section with tips you should try first

If putting your banking app to DenyList (now, instead of the old Magisk Hide) and hiding Magisk app does not help, and the other tips from Wiki do not help (like renaming TWRP folder and so), search in this thread how to use Hide My Applist (Zygisk-LSPosed module)

Every time you apply another tip to your troublesome banking app - go to Settings, Apps, and delete Cache and Data for that banking app before you try to open it again (some apps will cache that they previously found the phone was rooted)

Even with HMA, there are certain banking apps that cannot be tricked (on some phones like Xiami, etc)

---

Momo - absolutely not essential for your life

When you pass SN, Momo might still detect that your Bootloader is unlocked - you cannot hide it from Momo on e.g. Xiaomi phones

Generally, treat Momo as 'banking' apps (add to DenyList and reboot)

Momo does not look for apps (Magisk app, LSPosed mngr, LSPosed modules), hence for Momo you don't need to bother with HMA

Basic tips for Momo: Remove/rename TWRP folder, disable USB Debugging - for the rest, search for Momo posts in this thread - but still, there will be findings you could not hide from Momo (not encrypted Data, custom ROM, etc)

===

PS: Magisk Alpha v24.1 (vvb2060 and her team) has departed their way (different package name, revival of MagiskHide?), hence this post is now (mainly) for the official TJW Magisk Stable and Canary v24

(Some parts do apply also to Alpha but use Alpha on your own risk and ask the other Alpha users about the Alpha status and practices)

===

Last but not the list - there night be specifics for certain phones (like flashing with Odin for Samsung, end so on)

This post is generic, for your specific practices read/search through this thread and also on your phone/model subforuns on XDA
 
Last edited:

crypticc

Senior Member
Aug 22, 2009
1,164
139
London
Hello - sorry if obvious but I'm having issues getting some apps checking for root to pass. I think the issue might well be the statement related to "Google Play Services and check-in only the two processes ending with gms and gms.unstable."

Regardless of whether I tick just these two, or if I tick the whole of Google Play Services, once I reboot and if I go back into Magisk the app reports that these services are no longer hidden.

This is Pixel6Pro Stock, January update, Magisk canary (but 24001 that synced with the public build) + Zygisk + USNF 2.2.1

Thank you
Chris
 
  • Like
Reactions: kurtn

pndwal

Senior Member
Hello - sorry if obvious but I'm having issues getting some apps checking for root to pass. I think the issue might well be the statement related to "Google Play Services and check-in only the two processes ending with gms and gms.unstable."

Regardless of whether I tick just these two, or if I tick the whole of Google Play Services, once I reboot and if I go back into Magisk the app reports that these services are no longer hidden.

This is Pixel6Pro Stock, January update, Magisk canary (but 24001 that synced with the public build) + Zygisk + USNF 2.2.1

Thank you
Chris
No, you don't need to add Play Services processes w/ Zy-USNF as I explained here:
https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-86321879

Download YASNAC and check if you pass SafetyNet, then that you have Play Protect Device is certified in Play Store settings... If you have these, Bank app is using its own custom detection methods... PW
 

crypticc

Senior Member
Aug 22, 2009
1,164
139
London
No, you don't need to add Play Services processes w/ Zy-USNF as I explained here:
https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-86321879

Download YASNAC and check if you pass SafetyNet, then that you have Play Protect Device is certified in Play Store settings... If you have these, Bank app is using its own custom detection methods... PW
Yes I appreciate that. I guess my question was if it is correct that after reboot USNF deselects the gms and gms.unstable

Thanks for the explanation.

FYI found what was triggering the app and got it working. Before I had just renamed Magisk (I renamed to MagicApp if that matters) but that didn't work. Also "pausing" the app wasn't enough.
I needed to actually uninstall the Magisk Manager app itself.

So the mechanism being used by the other app wasn't looking for Magisk/SU, but the app iself.
The App failing doesn't have any local file permissions so must've been something else.


Actually I found two apps failing root check and both were resolved by uninstalling the (renamed) Magisk APK.

So I wondered if the app was simply listening to debug messages.
So I reinstalled and then reproduced the failure looking into ADB logcat.

I could see during opening and just before the protection was triggered logcat events against the ".Magisk" app related to denying access. Uninstalling Magisk app stopped those messages and then the app was able to start.

Should Magisk "hiding" the magisk manager app by renaming it from ".Magisk" also have relabelled all of the messages and such related to the app?
 
Last edited:

Top Liked Posts

  • 4
    Maybe I'm being dense, but please can you tell me how Momo can be downloaded from here without registering an account (giving phone number etc) for Telegram? - I always get "Download Gailey" when trying this from a browser...

    Thanks, PW
    I thought I had downloaded the APK using the browser, but it seems that I used the Telegram app to download it.

    Sorry for the misdirection.

    Edit: but I didn't need to join the group. I just had to install Telegram, click on the link I posted and then select Download from the 3dot menu on the post.
    2
    Could be worse, my S20+ looks like this, yet all still works....

    My S20+ does indeed have decrypted /data, debugging mode on and unlocked bootloader.
    Wish zygisk wasnt found, but thats its.

    View attachment 5617005

    update:

    Actually this trick seems to have solved the Zygisk detection


    01010000011011110110111001101011011011000110010101110011
    Be careful with enabling Momo in HMA

    I never enabled Momo in HMA because (as the name says), Hide My Applist hides applications (like Magisk APP - not the Magisk itself), and as Momo says, Momo does not look for applications

    Nevertheless I tested now by enabling Momo in HMA (Effective apps, Enable Hide):

    1) enabling File detections or All hide methods does not help to hide TWRP folder.
    Simply renaming TWRP folder to TWRP.bak works perfectly for me (without Momo in HMA)

    2) Without Momo in HMA, my Momo v4.1.1 does not detect Zygisk.
    When I configured Momo in HMA by using All Hide Methods (saved and rebooted) - Momo did complain that Zygisk was found !!!
    Hence I disabled Momo in HMA, saved, rebooted and it was fine again - Momo did not find Zygisk.
    I tested once again with Momo in HMA (Enable Hide, All hide methods), saved in HMA, rebooted and Momo again wrote Zygisk found

    All together, I don't see a use/need for enabling Momo in HMA, Select Effective Apps - without, I have no problem with Zygisk found

    And with Momo in HMA, All hide methods - then my Momo finds Zygisk?! (and it does not help to prevent finding TWRP folder)

    Xiaomi 11 Lite 5G NE, A11
    2
    Woo hoo!
    Thanks for clarifying this.

    So the link to Momo 4.1.1 is https://t.me/magiskalpha/492?single
    Maybe I'm being dense, but please can you tell me how Momo can be downloaded from here without registering an account (giving phone number etc) for Telegram? - I always get "Download failed" when trying this from a browser...

    Thanks, PW
    2
    I thought I had downloaded the APK using the browser, but it seems that I used the Telegram app to download it.

    Sorry for the misdirection.
    👍
    Edit: but I didn't need to join the group. I just had to install Telegram, click on the link I posted and then select Download from the 3dot menu on the post.
    But if I'm not wrong, you needed to register to use Telegram (and give a phone number etc), and apparently that's the clincher...

    I believe links to files not actually hosted on TG can work, but Momo links seem to be to TG hosted files... PW
    1
    01010000011011110110111001101011011011000110010101110011
    Code:
    def what_is_it(thing):
        item = int(thing, 2)
        print(item.to_bytes((item.bit_length() + 7) // 8, 'big').decode())
    
    what_is_it('01010000011011110110111001101011011011000110010101110011')

    101010001100001011010110110010100100000011000010010000001101000011010010111000001110000011011110111000001101111011101000110000101101101011101010111001100100000011101000110111100100000011011000111010101101110011000110110100000100000011101000110111101100100011000010111100100101110


    1001001001000000111011101101111011011100110010001100101011100100010000001101000011011110111011100100000011011000110111101101110011001110010000001110100011010000110100101110011001000000111000001101111011100110111010000100000011101110110100101101100011011000010000001101100011000010111001101110100001000000110001001100101011001100110111101110010011001010010000001101001011101000010000001100111011001010111010001110011001000000110110001101001011100010111010101101001011001000110000101110100011001010110010000101110
  • 11
    Bank apps are typically notorious in going out of way to detect root.

    Within Indian Banks' android app ecosystem, two most notorious ones are SBI Yono and Axis Bank.

    This post is for Axis Bank app which has been detecting root/jailbreak on my android phones since end of 2021. When I checked on internet, found that same issue was also reported by few users on github, reddit etc since mid 2021

    Thanks to initial post of user Drishal (Reddit) I got this tip which over the course of time have been testing/tweaking and using.

    My configuration to make Axis Bank app run without detecting root

    Firstly the usuals:
    Get Magisk - Zygisk mode, LSposed Zygisk, Universal Safety Net Fix, Shamiko,
    Axis Bank app should be selected in "Configure DenyList",
    "Enforce Denylist" to remain disabled, for Shamiko to work

    Try checking Axis Bank, post these steps.. for me it never worked and always greeted with "can't run on rooted phone"

    Also a parallel check with be using app like
    RootBeer Sample to check and be sure that root is hidden well till this step.

    Now comes specifics to make Axis Bank work
    Install Xprivacylua. Go to LSposed, select Axis Bank for Xprivacylua module
    In Xprivacylua app, go to Axis Bank app and tick following (super important):

    Determine activity,​
    Applications,​
    Sensors,​
    Identifiers,​
    Analytics, and​
    Tracking​

    And now we are good to go and use Axis Bank app. If here you face issues, erase app data once and you should have success.

    I tested this method for opening Axis Bank app on 4 phones and mileage varied across ROMs and version.

    Nokia 6 – 2018, with Rooted Stock ROM A9 – Solution works
    Redmi Note 7 Pro, with Custom ROM A11 – Solution works
    Redmi Note 9 Pro, with Custom ROM A11– Solution works
    Asus Zenfone Max Pro M1, with Custom ROM A10 – Solution doesn’t works. But then here even Rootbeer Sample detects busybox binary when it is not there. So seems to be a ROM issue

    Just before someone ask, I had tried HideMyApplist too, but it didn't help here at all.

    Hope this helps fellow users of Magisk and Axis Bank!

    indian bank axis bank magisk root detect not working crashing xda
    8
    I am just curious why you don't want to install telegram. About a year ago, or so, I uninstalled telegram because I got tired of the juvenile, posts on an android app dev forum, lspeed. I feel now that telegram is better moderated, but that is mostly based on the magisk alpha, lsposed. etc that I am now on. Is there some other security issues with it that I am not aware? I have most notification in it turned off so it doesn't constantly annoy me.
    Nah just the childishness nonsense you mention. I was on a few Android groups at one point and they were all pretty obnoxious. That and when I tried having a public profile getting random "Hey are you THE osm0sis from xda? Cool! Just checking." roughly every couple days was ridiculous. Made me fairly certain I'm doing just fine with xda, Twitter, email, GitHub, Slack and TWRP's Zulip. 😜
    6
    But we can attach the file itself, can't we @pndwal ?
    5
    Seems not, but Canyie has fixed her GitHub link to Momo from MomoHider page https://github.com/canyie/Riru-MomoHider ('depreciation notice' introduces Shamiko - MomoHider may not be a 'thing' anymore...) however (Link to momo apk is dead #22 / Fix #22, 54d76a6), so at least we can link to that on XDA since we can't post TG links as file source...

    Momo is linked under 'Test':
    https://github.com/canyie/Riru-MomoHider#test

    👀 PW
    Sigh.. guess I'll secretly install Telegram just to download things. 🤷‍♂️🙄🥲
    4
    Does anyone know why I am not play store certified and thus cannot install apps like netflix after passing both integrity check and CTS.

    I have lineage-18.1-20220425-nightly-cheeseburger-signed installed on my oneplus 5. I have rooted using magisk and used a combination of Universal safetynet fix together with changing the fingerprint of my device to pass the CTS.

    I also registered my device on the google certification site using the GSF ID.

    Any help would be highly appreciated.
    After passing SafetyNet, you need to clear cache and data for PlayStore and (not always) for PlayServices.
    This will clear data and updates.

    Then wait for them to update again.

    Play will scan your device again and mark it as certified.

    ---

    Registering your current install does not certify the device.

    You are telling Google that you are using a non-certified rom. ;)


    Cheers. :cowboy:
  • 111
    This is a discussion and help thread for the newer versions of Magisk.

    The main goal of this thread is to help users migrate to Magisk v24+
    • SafetyNet
      Basic integrity Pass
      CTS profile match Pass
    • Play Protect certification
      Device is certified

    Feel free to discuss or give links to other Magisk related issues.
    Fixes for gPay, banking apps and/or other apps and games that detect a 'compromised' Android system.
    Please try to restrain from discussing alternative (unofficial) Magisk builds that include changes that were removed or can not be included in the official Magisk builds. 🙃

    Please read John's State of Magisk (medium.com)

    Starting with the Magisk 23 (23010) canary builds.
    • MagiskHide is removed.
      MagiskHide masked the sensitive properties of the device to hide it from SafetyNet.
      Renaming (repackaging) the Magisk app is/was not part of MagiskHide.
      You still have the option to Hide the Magisk app under setting.​
    • Magisk Module online Repo is removed.
      The Magisk Module online Repo is still available and can be accessed outside of the Magisk app.​
    • Everything SafetyNet is removed.
      This includes the SafetyNet check that was incorporated into the Magisk app.​
    • Zygisk is introduced.
      Zygote + Magisk = Zygisk​
    • The Deny list replaces the Hide list.
      The Hide list (more or less) hid Magisk from the process on the list.
      The Deny list is similar but instead of hiding Magisk from the process, Magisk is unloaded so there is nothing to hide.​

    Starting with the Magisk 23 (23017) canary builds.
    • Magisk supports update channels per module.
      Each module can include it's own update link.​
    • Hide Magisk offline.
      You do not need internet connection to rename (repackage) the Magisk app.​

    What does this mean?
    Not much.
    It is just the next step in Magisk's development.
    Zygisk is a big step forward. ;)

    Even before these changes in Magisk, the xda family and the Android community have always been active and willing to share. :D

    Jump to Post


    This is post will be updated once Magisk v24 is released.
    61
    Magisk
    The Magic Mask for Android.

    Magisk Links:
    GitHub
    Release Notes

    Download Links:
    Stable and Beta releases.
    Canary
    • GitHub
      The notes.md file is the change log.
      The app-debug.apk is Magisk canary.
      Click on app-debug.apk and choose View Raw or click on the Download option.​

    Credits:
    topjohnwu
    All who contribute and support this project.
    55
    Modules

    MagiskHide Props Config
    This module allows you to add, change and adjust prop values systemlessly using Magisk.​

    MagiskHide Props Config Links:

    Download Links:

    Credits:
    Didgeridoohan
    All who contribute and support this project.


    Universal SafetyNet Fix
    It has been a year now since kdrag0n figured out how to 'trick' SafetyNet.
    This 'trick' has been implemented properly into quite a few custom roms.
    For custom roms that do not include it and/or stock roms, he turned it into a module.​

    Universal SafetyNet Fix Links:

    Download Links:

    Credits:
    kdrag0n
    All who contribute and support this project.
    51
    Apps

    Fox's Magisk Module Manager
    This app allows you to manage and install Magisk modules.
    Including from an online repo.​

    Fox's Magisk Module Manager Links:

    Download Links:

    Credits:
    Fox2Code
    All who contribute and support this project.


    YASNAC - Yet Another SafetyNet Attestation Checker
    YASNAC (short for Yet Another SafetyNet Attestation Checker) is an Android app that demonstrates SafetyNet Attestation API.​

    YASNAC Links:

    Download Links:

    Credits:
    RikkaW
    All who contribute and support this project.
    43
    Force Basic Attestation

    Newer devices are designed to support hardware attestation.
    Currently there is no way to hide the sensitive device properties when checked using hardware attestation.​

    To get around this, kdrag0n figured out how trick SafetyNet that the device does not support hardware attestation.
    SafetyNet will then fall back to check using basic attestation.

    Note:
    This method will work for devices that support hardware attestation and devices that do not.
    • Enable Zygisk.
    • Install the USNF module.
    • Reboot

    To keep posts short, the instructions are hid by spoiler tags.
    If you have not installed Magisk.
    Follow the installation link in the Magisk post.​

    Download the Universal SafetyNet Fix module.
    Download link is in the Modules post.​

    1. Enable Zygisk
      • Open the Magisk app.
      • Go to Settings.
      • Scroll down to the Magisk section.
      • Toggle Zygisk on.
      • Go back to the Magisk Home screen.
    2. Go to Modules.
      • Select Install from storage.
      • Navigate to the Universal SafetyNet Fix module zip file and select it.
    3. Reboot.

    The USNF module will adjust the sensitive props that are needed to pass SafetyNet.
    Depending on the device and system (ROM) configuration, you might need to adjust a few more.
    See the Adjust Prop values post.​