[Discussion] Magisk - The Age of Zygisk.

Search This thread

Vivek_z0o

Member
Sep 4, 2021
14
1
Realme 7 Pro
Edit:
Oops, if Magisk Alpha you should better ask in Magisk Alpha thread:

Alpha is proprietary fork, closed source and they manage a close Chinese Telegram support group

Not many users here

Generally some different settings than in the official TJW, but supposedly they removed the old MagiskHide and in that case you should use DenyList the same/similar way as described in the OP posts here for the official Magisk v24/v25
Magisk delta ??
 

bishoy ashraf

Senior Member
Aug 30, 2015
123
6
Screenshot_20220812-145515.jpg
no matter what i do i can't get all green (magisk deny list ,shamiko,hide my applist)
no twrp folder in (storage),all root app in the template...
 

zgfg

Senior Member
Oct 10, 2016
7,797
5,199
View attachment 5684087no matter what i do i can't get all green (magisk deny list ,shamiko,hide my applist)
no twrp folder in (storage),all root app in the template...
Hmm, I always pass all (screenshot).
Make sure that in HMA template, you list Magisk app (I don't rename/hide the Magisk app), HMA module itself and all the other LSPosed modules you may have.
If you have deleted LSPosed app and you only have its shortcut - you cannot and don't list LSPosed itself

I have even the folder TWRP (storage) but renamed to TWRP.bak
 

Attachments

  • Screenshot_2022-08-12-17-01-50-881_com.godevelopers.OprekCek.jpg
    Screenshot_2022-08-12-17-01-50-881_com.godevelopers.OprekCek.jpg
    283.6 KB · Views: 64
  • Like
Reactions: ipdev

bishoy ashraf

Senior Member
Aug 30, 2015
123
6
Hmm, I always pass all (screenshot).
Make sure that in HMA template, you list Magisk app (I don't rename/hide the Magisk app), HMA module itself and all the other LSPosed modules you may have.
If you have deleted LSPosed app and you only have its shortcut - you cannot and don't list LSPosed itself

I have even the folder TWRP (storage) but renamed to TWRP.bak
so you say I can't use lsposed as a shortcut and reinstall original magisk app and add it into denylist?!(i added magisk with it's spoofed name).
 

zgfg

Senior Member
Oct 10, 2016
7,797
5,199
so you say I can't use lsposed as a shortcut and reinstall original magisk app and add it into denylist?!(i added magisk with it's spoofed name).
I say that I don't (need to) rename/hide Magisk app, I just put it to HMA

And that if you let LSPosed to remove its app, there is no more LSPosed app and you don't put to HMA templste

If you keep LSPosed app, you must have it in HMA template

And you must have HMA itself in it's template

And I don't understand where do you have TWRP folder if not on storage. But I had simply renamed it to TWRP.bak
 

Attachments

  • IMG_20220812_171730.jpg
    IMG_20220812_171730.jpg
    170.5 KB · Views: 94
  • IMG_20220812_171757.jpg
    IMG_20220812_171757.jpg
    175.5 KB · Views: 93

bishoy ashraf

Senior Member
Aug 30, 2015
123
6
Screenshot_20220812-190620.jpg
i don't know what i'm doing wrong,oprek still find magisk module,and now when check api i get this ,i want to mask magisk and lsposed from other apps like banking .
 

Attachments

  • Screenshot_20220812-165935.jpg
    Screenshot_20220812-165935.jpg
    379.9 KB · Views: 90
  • Screenshot_20220812-145515.jpg
    Screenshot_20220812-145515.jpg
    312.9 KB · Views: 90

m0han

Senior Member
Apr 30, 2012
5,105
2,123
.... no twrp folder in (storage)...
check if twrp folder is remaining in /data/media/0/. if so, delete from there too.

 
  • Like
Reactions: ipdev and 73sydney

bishoy ashraf

Senior Member
Aug 30, 2015
123
6
check if twrp folder is remaining in /data/media/0/. if so, delete from there too.

thanks 🙏 now i have only magisk module indication red hope u have any idea
 

Tech = Spy-Biz

Account currently disabled
May 25, 2022
32
19
OMG from 2650 pages in old magisk thread to 112 pages in this new thread. Is there an option in xda to add a sticky post like in TGram that tells the visitor for example : Step1 through StepN to bypass SNet for bank apps? (sorry if I appear lazy)
 

73sydney

Senior Member
OMG from 2650 pages in old magisk thread to 112 pages in this new thread. Is there an option in xda to add a sticky post like in TGram that tells the visitor for example : Step1 through StepN to bypass SNet for bank apps? (sorry if I appear lazy)

you appear lazy

most people manage to read the first page of the thread which gets you better than 99% of the way for 99% of people. The rest, and up to date fixes for any current or emerging issue (in any thread) will always be found in the last 5-10 pages, as makes sense. Dig in
 

Tech = Spy-Biz

Account currently disabled
May 25, 2022
32
19
you appear lazy

most people manage to read the first page of the thread which gets you better than 99% of the way for 99% of people. The rest, and up to date fixes for any current or emerging issue (in any thread) will always be found in the last 5-10 pages, as makes sense. Dig in
:p
uhh..its been over an year since but I still haven't used the device yet, my backs turned hump now, hurts too coz been just bending over on the PC screen and flashing this and that and GSIs and ROMs then reflashing stock factory image then TWRP for the hundreth time now maybe lol but I've still not managed to get the bank app to run :cautious:. Will it even work with an unlocked bootloader on samsung? maybe one last good try then I'll give up and move to Net-Banking instead perhaps. Magisk is a great program though. Any pointers would be welcome. TIA
 

J.Michael

Recognized Contributor
Jan 20, 2018
1,314
1,246
Samsung Galaxy Tab A series
:p
uhh..its been over an year since but I still haven't used the device yet, my backs turned hump now, hurts too coz been just bending over on the PC screen and flashing this and that and GSIs and ROMs then reflashing stock factory image then TWRP for the hundreth time now maybe lol but I've still not managed to get the bank app to run :cautious:. Will it even work with an unlocked bootloader on samsung? maybe one last good try then I'll give up and move to Net-Banking instead perhaps. Magisk is a great program though. Any pointers would be welcome. TIA
Have you checked the forums for the device?
Have you searched XDA for the bank app?
 

73sydney

Senior Member
:p
uhh..its been over an year since but I still haven't used the device yet, my backs turned hump now, hurts too coz been just bending over on the PC screen and flashing this and that and GSIs and ROMs then reflashing stock factory image then TWRP for the hundreth time now maybe lol but I've still not managed to get the bank app to run :cautious:. Will it even work with an unlocked bootloader on samsung? maybe one last good try then I'll give up and move to Net-Banking instead perhaps. Magisk is a great program though. Any pointers would be welcome. TIA

No idea which device you have but as for Samsung, i run an S20+ 5G (bootloader unlocked etc) and have 0 issues with any banking app ive ever used. Just to give you hope. And giving hope goes against my central edicts....as does spoonfeeding :)

As for tips :

When in doubt, start with stock ROM....

The next could have been harvested from the last 5-10 pages...you should practice reading the last few pages of a thread, its a good habit as XDA isnt your own personal helpdesk where you only post when you have a crisis - without reading the room, because often its not just you having the issue, and we collaborate to fix issues....

You'll almost certainly need (along with reading the first page of this thread) this:


Thats currently the best option to deal with the recent (as in last few weeks) change from SafetyNet to Integrity Check, and you should bookmark that thread for any future changes.

And you'll want to check you can pass this (top 2 out of 3 green is good enough)


And thus you have reached the extent of my pity....i now return you to the normal programming from me, which is pure unadulterated indifference to the plight of man as a whole. Enjoy.
 

Tech = Spy-Biz

Account currently disabled
May 25, 2022
32
19
No idea which device you have but as for Samsung, i run an S20+ 5G (bootloader unlocked etc) and have 0 issues with any banking app ive ever used. Just to give you hope. And giving hope goes against my central edicts....as does spoonfeeding :)

As for tips :

When in doubt, start with stock ROM....

The next could have been harvested from the last 5-10 pages...you should practice reading the last few pages of a thread, its a good habit as XDA isnt your own personal helpdesk where you only post when you have a crisis - without reading the room, because often its not just you having the issue, and we collaborate to fix issues....

You'll almost certainly need (along with reading the first page of this thread) this:


Thats currently the best option to deal with the recent (as in last few weeks) change from SafetyNet to Integrity Check, and you should bookmark that thread for any future changes.

And you'll want to check you can pass this (top 2 out of 3 green is good enough)


And thus you have reached the extent of my pity....i now return you to the normal programming from me, which is pure unadulterated indifference to the plight of man as a whole. Enjoy.
I NVM...yup youre right I am a man ;)
Had done all that (safetynet-fix-v2.3.1.zip) and microG and GSI_certifier zip and spoofs & modules. I was trying 24.2 & 25.1 on Galaxy M21 2021 Edition SM-M215G Android 11 OneUI 3.1, It didn't work on Android 12 GSIs either (i mean bank apps didnt work), 25.2 bootloops so maybe I'm too tired of all this & don't want to install 5 different apps like lsposed & lua n stuff (lua & magisk together? how?) on my phone just to run a bank app when actually all these addon apps could easily spy from within my phone with root privilege on them.
I have a hunch that the bank app I'm using probably isn't even checking root rather its checking with the OEM servers on open BL devices list during device initialization , as easy as that because we have a Local Samsung Phone Manufacturing Plant in my country itself where M215G is also made, but thanks for your pity anyway I can still use 24.2 to add some modules and as for banking net-banking is available and quite secure with OTPs, enough headache with applying all this mods alrready, I can't probably give more time to android as theres other things to do. Thanks anyway. One year not entirely fruitless. I'll finally put the SIM-Card in for the first time in 14 months lol.
 
Last edited:

zgfg

Senior Member
Oct 10, 2016
7,797
5,199
I have a hunch that the bank app I'm using probably isn't even checking root rather its checking with the OEM servers on open BL devices list during device initialization
New theory. Never heard of (checking through the vendors side for users who had unlocked the Bootloaders)

Maybe they can rather use some Samsung API and check the real status of Knox on the phone
 

73sydney

Senior Member
I NVM...yup youre right I am a man ;)
Had done all that (safetynet-fix-v2.3.1.zip) and microG and GSI_certifier zip and spoofs & modules. I was trying 24.2 & 25.1 on Galaxy M21 2021 Edition SM-M215G Android 11 OneUI 3.1, It didn't work on Android 12 GSIs either (i mean bank apps didnt work), 25.2 bootloops so maybe I'm too tired of all this & don't want to install 5 different apps like lsposed & lua n stuff (lua & magisk together? how?) on my phone just to run a bank app when actually all these addon apps could easily spy from within my phone with root privilege on them.
I have a hunch that the bank app I'm using probably isn't even checking root rather its checking with the OEM servers on open BL devices list during device initialization , as easy as that because we have a Local Samsung Phone Manufacturing Plant in my country itself where M215G is also made, but thanks for your pity anyway I can still use 24.2 to add some modules and as for banking net-banking is available and quite secure with OTPs, enough headache with applying all this mods alrready, I can't probably give more time to android as theres other things to do. Thanks anyway. One year not entirely fruitless. I'll finally put the SIM-Card in for the first time in 14 months lol.

Also running MicroG is just making your life harder, i will still never get why people want to introduce another level of possible fail....
 

Tech = Spy-Biz

Account currently disabled
May 25, 2022
32
19
Also running MicroG is just making your life harder, i will still never get why people want to introduce another level of possible fail....
As far as I know (without xposed & other such modules on) It's most likely A SURE FAIL with microG on Stock OSes 9, 10, 11 if not GSIs but still people prefer to pm-uninstall built-in Gapps then install microG instead because they hope that a handful more of GSF- Dependent apps might agree to run with microG rather than not having both Gapps nor microG on the device which means GSF-Dependents won't run at all. In countries that disguise themselves as democratic but are really deeply autocratic by nature, introduction of systems like Guugle have already been devastating in many scenarios so the ones who are not in their governments good-books may even face danger or be forced to shut-shop.
 
Last edited:

Tech = Spy-Biz

Account currently disabled
May 25, 2022
32
19
New theory. Never heard of (checking through the vendors side for users who had unlocked the Bootloaders)

Maybe they can rather use some Samsung API and check the real status of Knox on the phone
Maybe they do check knox even for ROMs that have nuked-knox but the prior scenario seems to be an easier and affirmative option for the banks logically speaking, also when I had 24.2 running on an A10 older samsung with the older version of the bank app running it worked flawlessly untill a month ago when i upgraded the app and suddenly the number of services within the bank app had jumped to 390 from mere 60-70 if i remember correctly and it refused to run, a few of the new services in the upgraded version seemed to be designed just to sniff out root, so i ran the same upgraded version on two phones of the same model (SM-M215G), one with just BL unlocked and original factory stock running and the other with Magisk 24.2 /25.1 + BL obviously unlocked but the bank app INSTANTLY detected jailbreak on the one with just the BL unlocked, thats raised my suspicion that the bank app had a method to check unlocked BLs too regardless of whether magisk was present or absent. It obviously detected jailbreak on the other one with magisk instantaneously but I knew that would happen coz I didn't follow this threads instructions and install the xposed modules etc. along with magisk. I tried it on a nuked-knox OneUI ROM and the result was the same.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 18
    Mod Info:

    Dear people of this thread,
    pls stay on topic and do not engage in world-events related discussions. This thread has seen enough of it already.

    In the name of peace and prosperity,
    Happy Zygisk-related posting,
    Cheers everyone
    8
    ... Needless inconvenience from banks ... its none of the banks business to stop their clients from using rooted devices. Theyre just adding another hindrance to smooth banking operations thereby possibly hampering their own business by wasting both their and their clients time. Thats Stupidity!
    Bank Devs did you hear? Pls discuss this with your bosses. Its like going backwards instead of forward.
    I totally agree!

    And as I've mentioned here before, every desktop computer is a rooted device, and of course we don't see the banks trying to hinder us from accessing their services from our computers.

    And banks gladly issue us debit cards which we keep in our wallets that are just as easy to steal as mobile devices.

    Rooted Android devices are just low-hanging fruit. And the amount of fraud that's prevented by trying to fight against Android root is minuscule, given the extremely small percentage of mobile device users who want to use rooted Android devices. I wouldn't be surprised if the amount of money that banks spend for anti-Android-modding software development exceeds the maximum amount of money that could be lost via the hacking of modded Android devices.
    4
    Currently, I have no info about Device Certified or not in Google Play Settings (screenshot)

    I observed that yesterday night when I upgraded my Xiaomi 11 Lite 5G NE from the previous week Xiaomi.eu weekly (MIUI 13/A12) to the current.
    I thought it would become Certified over the day, but it's still in limbo

    Frankly, last week when I installed Xiaomi.eu Weekly (first time) I forgot to check

    Everything else is ok, SafetyNet (with Basic CTS), Play Integrity (Basic Integrity), Play Protect is ok, Netflix eg running with L1, etc

    I'm kind of worried to wipe Google Play Data - not knowing would it become Certified or Not

    I'm pretty sure I did have similar cases in the past with previous devices, ROMs, Magisk setup, but they used to settle down by itself in
    After wiping only the Cache for Playstore and waiting few more hours, now Certified
    3
    Now 2 bank apps are working out of 3 after the recent update to the bank apps.
    I used A11 GSI, PhhTreble App Signature Spoofing, TWRP, Magisk 24.3 & a couple of important modules like Hide-User-Debug, USNF Moded, Hide-Props-Config, microG Gapps module safety net : All passed, Installed the bank apps through Aurora.
    For the 3rd bank app Dev Options need to be OFF & Only PlayStore Install allowed not PackageInstaller.
    Needless inconvenience from banks, they can just add more steps of verifications instead like Voice Recognition IVR AI (Voice Recognition IVR AI Bots are already functional in these banks helplline numbers) so they can just use that for bank app login verifications on top of other verifications. Its none of the banks business to stop their clients from using rooted devices. Theyre just adding another hindrance to smooth banking operations thereby possibly hampering their own business by wasting both their and their clients time. Thats Stupidity!
    Bank Devs did you hear? Pls discuss this with your bosses. Its like going backwards instead of forward.
    3
    Why kdragon doesn't update it, or there are no good solution for that?
    As you know, he's aware and thanked @Displax for his fix / PR... And he does clearly want to improve the solution and scope the method
    to Play Integrity code by identifying methods it calls near the beginning and end of integrity checks, and adding hooks to set and restore the fingerprint ...
    https://github.com/kdrag0n/safetynet-fix/pull/207#issuecomment-1195452147

    He has already suggested an idea for adding an end hook, but said:
    Of course, this is all theoretical as it depends on the exact order of steps in the integrity checking process. Worst case scenario, we could just sleep for 1 second or so and revert the fingerprint change in a background thread. Not sure when I'll have time to look into it myself, but feel free to try implementing this idea: ...
    https://github.com/kdrag0n/safetynet-fix/pull/207#issuecomment-1200437447
    - So it seems he's in no rush himself, and he's happy for other Devs to test / contribute (although none appear to have tried adding hooks etc yet)...

    I guess he'll do more on this PR as time allows... If other Dev's haven't had time to test even proposed
    • Set the fingerprint in the key attestation hook
    • Spawn a thread to revert it after 3 seconds:
    thread(daemon = true) {
    Thread.sleep(3000)
    /* revert */
    }
    idea, then he may think 'why should I rush?'... He probably has a ton of more important maintenance on his plethora of apps, utilities, Proton ROM / kernel builds, etc to do...

    Meanwhile, @Displax solution seems a pretty good one to tide us over, for most devices... PW
  • 126
    This is a discussion and help thread for the newer versions of Magisk.

    The main goal of this thread is to help users migrate to Magisk v24+
    • SafetyNet
      Basic integrity Pass
      CTS profile match Pass
    • Play Protect certification
      Device is certified

    Feel free to discuss or give links to other Magisk related issues.
    Fixes for gPay, banking apps and/or other apps and games that detect a 'compromised' Android system.
    Please try to restrain from discussing alternative (unofficial) Magisk builds that include changes that were removed or can not be included in the official Magisk builds. 🙃

    Please read John's State of Magisk (medium.com)

    Starting with the Magisk 23 (23010) canary builds.
    • MagiskHide is removed.
      MagiskHide masked the sensitive properties of the device to hide it from SafetyNet.
      Renaming (repackaging) the Magisk app is/was not part of MagiskHide.
      You still have the option to Hide the Magisk app under setting.​
    • Magisk Module online Repo is removed.
      The Magisk Module online Repo is still available and can be accessed outside of the Magisk app.​
    • Everything SafetyNet is removed.
      This includes the SafetyNet check that was incorporated into the Magisk app.​
    • Zygisk is introduced.
      Zygote + Magisk = Zygisk​
    • The Deny list replaces the Hide list.
      The Hide list (more or less) hid Magisk from the process on the list.
      The Deny list is similar but instead of hiding Magisk from the process, Magisk is unloaded so there is nothing to hide.​

    Starting with the Magisk 23 (23017) canary builds.
    • Magisk supports update channels per module.
      Each module can include it's own update link.​
    • Hide Magisk offline.
      You do not need internet connection to rename (repackage) the Magisk app.​

    What does this mean?
    Not much.
    It is just the next step in Magisk's development.
    Zygisk is a big step forward. ;)

    Even before these changes in Magisk, the xda family and the Android community have always been active and willing to share. :D

    Jump to Post


    This is post will be updated once Magisk v24 is released.
    66
    Magisk
    The Magic Mask for Android.

    Magisk Links:
    GitHub
    Release Notes

    Download Links:
    Stable and Beta releases.
    Canary
    • GitHub
      The notes.md file is the change log.
      The app-debug.apk is Magisk canary.
      Click on app-debug.apk and choose View Raw or click on the Download option.​

    Credits:
    topjohnwu
    All who contribute and support this project.
    58
    Modules

    MagiskHide Props Config
    This module allows you to add, change and adjust prop values systemlessly using Magisk.​

    MagiskHide Props Config Links:

    Download Links:

    Credits:
    Didgeridoohan
    All who contribute and support this project.


    Universal SafetyNet Fix
    It has been a year now since kdrag0n figured out how to 'trick' SafetyNet.
    This 'trick' has been implemented properly into quite a few custom roms.
    For custom roms that do not include it and/or stock roms, he turned it into a module.​

    Universal SafetyNet Fix Links:

    Download Links:

    Credits:
    kdrag0n
    All who contribute and support this project.
    54
    Apps

    Fox's Magisk Module Manager
    This app allows you to manage and install Magisk modules.
    Including from an online repo.​

    Fox's Magisk Module Manager Links:

    Download Links:

    Credits:
    Fox2Code
    All who contribute and support this project.

    Play Intergrity API Checker
    This app shows info about your device integrity as reported by Google Play Services.
    If any of this fails could mean your device is rooted or tampered in a way (for example you have an unlocked bootloader).​

    Development:

    Download Links:

    Credits:
    1nikolas
    All who contribute and support this project.

    YASNAC - Yet Another SafetyNet Attestation Checker
    YASNAC (short for Yet Another SafetyNet Attestation Checker) is an Android app that demonstrates SafetyNet Attestation API.​

    YASNAC Links:

    Download Links:

    Credits:
    RikkaW
    All who contribute and support this project.
    46
    Force Basic Attestation

    Newer devices are designed to support hardware attestation.
    Currently there is no way to hide the sensitive device properties when checked using hardware attestation.​

    To get around this, kdrag0n figured out how trick SafetyNet that the device does not support hardware attestation.
    SafetyNet will then fall back to check using basic attestation.

    Note:
    This method will work for devices that support hardware attestation and devices that do not.
    • Enable Zygisk.
    • Install the USNF module.
    • Reboot

    To keep posts short, the instructions are hid by spoiler tags.
    If you have not installed Magisk.
    Follow the installation link in the Magisk post.​

    Download the Universal SafetyNet Fix module.
    Download link is in the Modules post.​

    1. Enable Zygisk
      • Open the Magisk app.
      • Go to Settings.
      • Scroll down to the Magisk section.
      • Toggle Zygisk on.
      • Go back to the Magisk Home screen.
    2. Go to Modules.
      • Select Install from storage.
      • Navigate to the Universal SafetyNet Fix module zip file and select it.
    3. Reboot.

    The USNF module will adjust the sensitive props that are needed to pass SafetyNet.
    Depending on the device and system (ROM) configuration, you might need to adjust a few more.
    See the Adjust Prop values post.​