[Discussion] Magisk - The Age of Zygisk.

Search This thread

martyfender

Senior Member
Mar 9, 2017
3,312
1,807
Indianapolis, IN
now both xposed modules and magisk are detected
in HIde My Applist, hide the the renamed magisk, by default, named settings and go into /data/adb/modules/riru_lsposed/system.prop and add # to the start of the the line:dalvik.vm.dex2oat-flags=inline-max-code-units=0. save and reboot. There may be more. in HIde My Applist that you may need to hide also.
 
Last edited:
  • Like
Reactions: Stillhard and ipdev

knasiotis

Member
Aug 21, 2016
25
5
I
in HIde My Applist, hide the the renamed magisk, by default, named settings and go into /data/adb/modules/riru_lsposed/system.prop and add # to the start of the the line:dalvik.vm.dex2oat-flags=inline-max-code-units=0. save and reboot. There may be more. in HIde My Applist that you may need to hide also.
I "enable hide" for the apps, I save. Then I go to settings and I press to hide Hide My Applist. I do not have /data/adb/modules/ path. Both are still detected

EDIT: I am on eu rom 13.0.13 android 12 for clarification with magisk+zygisk and magiskhide props config

Same thing, service is started

FINAL EDIT: I WAS DOING IT WRONG. https://android.stackexchange.com/q...sing-advanced-root-modded-framework-detection this guide helped a lot! Thanks for your help as well!
 

Attachments

  • Screenshot_2022-10-16-05-17-38-302_icu.nullptr.applistdetector.jpg
    Screenshot_2022-10-16-05-17-38-302_icu.nullptr.applistdetector.jpg
    465.2 KB · Views: 120
  • Screenshot_2022-10-16-05-20-07-019_com.tsng.hidemyapplist.jpg
    Screenshot_2022-10-16-05-20-07-019_com.tsng.hidemyapplist.jpg
    454.7 KB · Views: 117
  • Screenshot_2022-10-16-05-20-15-565_com.tsng.hidemyapplist.jpg
    Screenshot_2022-10-16-05-20-15-565_com.tsng.hidemyapplist.jpg
    308.7 KB · Views: 107
  • Screenshot_2022-10-16-05-21-13-380_com.tsng.hidemyapplist.jpg
    Screenshot_2022-10-16-05-21-13-380_com.tsng.hidemyapplist.jpg
    386.1 KB · Views: 120
Last edited:
  • Like
Reactions: Stillhard

pndwal

Senior Member
I "enable hide" for the apps, I save.
Are you using 3.0.4 beta? Or older version...

... But you're selecting the wrong apps here... See below...
Then I go to settings and I press to hide Hide My Applist.
So you mean just hiding HMA icon in launcher drawer were? - won't help hiding from Applist Detector...
I do not have /data/adb/modules/ path.
From root explorer... Do you see /data/adb?... But I doubt you really need the changes mentioned...
Both are still detected
I see you have HMA in in Effective Apps... If the other app is obfuscated Magisk, you should remove it... You don't need either of these...

Next, create a blacklist template with Magisk, XPosed modules (HMA, other) and any other app you wish to hide selected there and save it as needed...

Next, in Effective apps list select Applist Detector then enable Hide and select the template you just created for it... Also, in old HMA version I think you can select hide methods... IIRC you see 5 but need to select the first 3 only... Save the profile if old version...

You can add any Apps that detect other apps to Effective apps list and detected apps to the template, use a custom template for each app or just add detected apps as Invisible apps each app you hide them from...
EDIT: I am on eu rom 13.0.13 android 12 for clarification with magisk+zygisk and magiskhide props config
Might be better for you to simply use @Displax's forked/modded USNF w/ fix for Play Integrity as it also sets a passing fingerprint prop targeted to GSM, and disable MHPC...

🤠 PW
 
Last edited:

rubnduardo

Member
Nov 23, 2012
37
11
Maracaibio
No devices I'm aware of other than Rog Phone 3 pass this w/ unlocked B/L... (But their may be others shipped w/ busted keymaster implementations that pass...) However no banks etc require more than deviceIntegrity yet AFAIK.

Interesting... Thanks for reporting...

... gmsunsntable cache (?)

I haven't read that you put app in denylist... Did you?

If more hiding is needed you can substitute denylist for Shamiko (read Zygisk hiding(not perfect) + MagiskHide restorer (enhanced)).

You'll need to do this also before using other hiding methods that rely on injection into zygote... In thinking particularly of Hide My Applist LSPosed module. (It won't have desired effect w/ denylist active as that reverses / blocks all modifications to apps in list whereas Shamiko allows these like old MagiskHide.)

For basic hiding, wipes needed etc however, principles here:
https://forum.xda-developers.com/t/...agisk-discussion-thread.3906703/post-87481637

🤠 PW
Ok, i'm gonna follow your advice but where is gmsunstable? Can't find anything but Play Services aka gms.

Also I have not used denylist, i'm gonna completely skip it and go shamiko. I'll report later.
 

pndwal

Senior Member
Ok, i'm gonna follow your advice but where is gmsunstable? Can't find anything but Play Services aka gms.
You said
I've read about wiping play store, gms, and gmsunsntable cache, which i think im gonna try...
I said
... gmsunsntable cache (?)
I guess member means that, but hasn't clarified...

Of course if using Zy-USNF there's no need to do that, and it'll be removed on next boot anyway...

If meant clearing cache, this will be for main GMS, ie. Google Play Services... Also, clearing GMS data is more likely to have the desired effect...

😜 PW
 
Last edited:
  • Like
Reactions: 73sydney

rubnduardo

Member
Nov 23, 2012
37
11
Maracaibio
Idk how to get there, i searched for it in apps, cleared play services' cache.
You said

I said


I guess member means that, but hasn't clarified...

Of course if using Zy-USNF there's no need to do that, and it'll be removed on next boot anyway...

If meant clearing cache, this will be for main GMS, ie. Google Play Services... Also, clearing GMS data is more likely to have the desired effect...

😜 PW
Yeap, I'm doing that, following your recommendations. From what I read it's going to take a while (?).

Thanks for the help.
 
  • Like
Reactions: 73sydney

pndwal

Senior Member
Idk how to get there, i searched for it in apps, cleared play services' cache.

Yeap, I'm doing that, following your recommendations. From what I read it's going to take a while (?).

Thanks for the help.
Please say which specific recommendation... Its still not clear what you're attempting... (If you have USNF working with Zygisk you DON'T NEED to put com.google.android.gms.unstable in denylist...)

And what's going to take a while?... This? 😁 PW
 
  • Like
Reactions: 73sydney

huskydg

Senior Member
Feb 17, 2021
336
360
Momo is just a reference, don't rely on it as basic or fundamental, as said before it's always gonna find something, it happened to me on stock custom.

Not to be rude, Momo is not the strongest detection, there are plenty of apps which i discovered that do more detection, maybe livin by mandiri is the strongest banking app that hard to bypass with current hiding method (MagiskHide, MomoHider, Shamiko...). Firstly canyie said it could detect SIGCONT used by MagiskHide. But i didn't think so, because app crash with MomoHider also. After having done some tests, I found out that it could know there was someone enter mount namespace before (just guess). People use this app can only unload magisk (temp unroot) or hide/unmount magisk globally before using it. What you said is exactly what I told people here before to stop them from mental masturbating with how they make momo feel happy by using shamiko *considered* to best hiding 💁‍♂️
And i said if their app worked, simply ignored momo detection.
Am i talking right? Dear @pndwal 😉
 
Last edited:

rubnduardo

Member
Nov 23, 2012
37
11
Maracaibio
Please say which specific recommendation... Its still not clear what you're attempting... (If you have USNF working with Zygisk you DON'T NEED to put com.google.android.gms.unstable in denylist...)

And what's going to take a while?... This? 😁 PW
I'm trying to get the 'proper' app from wellsfargoapp to work, which seems to change to a lesser functionality one because of some security feature which i think relies in google services, as explained here:



I'm not using denylist as ive got zygisk and displax USNF. I'm going with your instructions:


where you state (although talking about google pay) it may take some days, but i don't know for sure about the wellsfargoapp.

Thanks for the help again.
 

pndwal

Senior Member
I'm trying to get the 'proper' app from wellsfargoapp to work, which seems to change to a lesser functionality one because of some security feature which i think relies in google services, as explained here:

https://forum.xda-developers.com/t/discussion-magisk-the-age-of-zygisk.4393877/post-87574771

I'm not using denylist as ive got zygisk and displax USNF. I'm going with your instructions:

https://forum.xda-developers.com/t/...agisk-discussion-thread.3906703/post-87481637
But you'll need your app in denylist at least to hide root from it! Same principle as for G Pay... Will likely need proper hiding module, eg Shamiko to replace denylist...

Nb. USNF is for SafetyNet or Play Integrity bypassing, not root hiding...
where you state (although talking about google pay) it may take some days, but i don't know for sure about the wellsfargoapp.

Thanks for the help again.
I believe I was talking about G Pay/Wallet resetting detection slowly if data isn't cleared... It's generally an instant fix if you clear data... PW
 

ColinHu

Member
Oct 18, 2022
13
0
how should I fix YASNAC safetynet attestation time out error. I did it once, and it worked. But I uninstall an app, then it become not working. I try to uninstall Magisk 25.2, and reinstall everything. But YASNAC still shows attestation time out. And all the app still not working. Please help!!! Thanks!!!
 

zgfg

Senior Member
Oct 10, 2016
8,199
5,831
Xiaomi Mi 11
Xiaomi Mi 11 Lite 5G
how should I fix YASNAC safetynet attestation time out error. I did it once, and it worked. But I uninstall an app, then it become not working. I try to uninstall Magisk 25.2, and reinstall everything. But YASNAC still shows attestation time out. And all the app still not working. Please help!!! Thanks!!!
Does your ROM have GApps - particularly Google Play Services?

Also, phone must be on the network - it needs to connect to Google with your G account - hence must not be blocked
 
Last edited:
  • Like
Reactions: J.Michael

ColinHu

Member
Oct 18, 2022
13
0
Does your ROM have GApps - particularly Google Play Services?
I'm not sure. How should I check that? I was just followed the thread (XDA) to root my oneplus 6t from t-mobile version to the international one. And then, unlock the boot loader, root, and download the Magisk 23.0, then update to 25.2. And follow all the steps try to make things going.
I was able to passed YASNAC safetynet before but now it says "Something went wrong. Attestation response timeout."
 

zgfg

Senior Member
Oct 10, 2016
8,199
5,831
Xiaomi Mi 11
Xiaomi Mi 11 Lite 5G
I'm not sure. How should I check that? I was just followed the thread (XDA) to root my oneplus 6t from t-mobile version to the international one. And then, unlock the boot loader, root, and download the Magisk 23.0, then update to 25.2. And follow all the steps try to make things going.
I was able to passed YASNAC safetynet before but now it says "Something went wrong. Attestation response timeout."
Stock ROMs should have GApps.

As also said above (edited), phone must be on the network to access G with your G account (account must be set, connection must not be blocked)
 

Top Liked Posts

  • 3
    I don't mind an enforcing ROM as long as I can turn off the enforcement whenever I want to, and as long it doesn't prevent me from doing the things I want with my device, and as long as I don't have to jump through crazy, convoluted, headache-producing hoops in order to do any of those things. My current enforcing ROM is OK in these regards.

    However, I probably wouldn't mind a non-enforcing ROM, either.
    Just need to understand that properly implemented ROMs, ie. enforcing, can generally be switched w/ no dramas (for those happy to take the risks)... 'non-enforcing' (permissive) ROMs are the ones you'll generally have issues with;
    they're inherently buggy for starters, and either won't boot w/ enforcing or critical functions will fail... You're usually stuck with permissive (read House with no doors) I'm afraid!...

    That's because they are 'experimental, insecure, half-baked and not fit for daily use' as I originally said, and they've generally been set to permissive simply to allow broken stuff to function...

    There's really no other good reason for a dev to set permissive... And as experts like John are pointing out, doing this simply to release ROMs is NOT good enough... It may be considered "really bad", "LITERALLY BACKDOORING YOUR USERS!", "dubious", "just shooting at your own foot", "nuking a SIGNIFICANT portion of modern Android's security"...


    🙃 PW
    1
    ... That's NOT a permissive ROM!... That's likely a perfectly stable SE enforcing ROM that you choose to disable 'enhanced security' on... And that's your business...

    Yes, I did confuse the issue. I misread the previous discussion and incorrectly came to the conclusion that it wasn't talking about SE enforcing ROMs per se, but rather, simply the ability to disable SE.

    I stand corrected.

    Thing is, it may be fine to leave your doors open while you're home and awake... But would you be happy with no doors when you go out or Sleep? 😲 ... And really, any builder should put doors on houses he builds... unless it's for the Korowai people of West Papua... or in a gated hippie commune... PW

    As for my actual domicile, I indeed prefer to have doors and windows that can be closed ... and I'm the one who makes the decisions as to when I open or close them.

    Likewise, when it comes to my Android device, I want to be the one who can decide when to open and close the doors and windows, and I'm glad and willing to take responsibility for any adverse consequences which might ensue due to faulty judgment.

    And in any case, I'm generally more similar to an outdoor camping enthusiast when it comes to my device's security.
  • 5
    I found out the way how to detect magiskhide and safetynet fix, ... which is used by poinku 🙂
    4
    Yes, but android 13 doesn't have stock rom. Android 12 has stock rom. I want to use Android 13. Is it okay to have a different stock rom or do I need a stock rom of Android 13?
    To install Magisk, you need to patch the boot image of the ROM you are running. The most reliable way to get a copy of the boot image is to extract it from a complete system image.

    If you are running Android 13, find a complete ROM matching what you have installed. If you can't find such a thing, I think you should not be trying to install Magisk.
    4
    Good morning,

    so I just rooted this phone and then proceeded forward top geht SafetyNet and Google Play protection.

    Some Banking Apps still detected root and I couldnt usw it, but after hiding Magick, installing Zygisk, checked then in this Block list, and installed Shamiko, everything worked, bypassed all.

    Then I installed other root Apps, modules like LSPposed (hid it), uninstalled System-Apps and wanted to usw Banking again.

    Some still work, Apps like Netflix also, but the three hardest detecting Banking Apps Font anymore.
    I uninstalled the modules, root Apps etc. again, unhid and hid again Magisk, de- and rechecked them in this blocking list but they still detect root now.

    What to so?
    If you reverted to the exact point where the app(s) previously did not detect root but now they do, make sure that you wipe both the cache and data for those app(s), restart the phone and then try again

    Some apps remember that they detected root at some point and even when you revert or improve hiding they just repeat that the phone is (still) unsafe/rooted

    For that reason it is important before each new test to erase their data - otherwise even if you properly hide the root, they will continue complaining...
    3
    Yes, but android 13 doesn't have stock rom. Android 12 has stock rom. I want to use Android 13. Is it okay to have a different stock rom or do I need a stock rom of Android 13?
    I do not have an 8/8Pro so I can not test myself.

    Can you boot twrp on Android 13?
    fastboot boot twrp-3.7.0_11-0-instantnoodle.img

    If so, you can use dd to dump the installed boot (or any partition) into an image file. ;)
    Then use the dumped a13 boot image for Magisk patching.

    Cheers. :cowboy:

    Edit:
    PS.
    A few years ago, I used to dump my Poco F1 twice a week.
    Long story...

    Found the script I used. 🙃
    For an example of how I used to do it.
    GitHub - Link
    Note: The block mount is device dependent.
    /dev/block/sde45 is boot on Poco F1.
    You can find which partition is what by looking in the by-name directory in dev/block.
    3
    I don't mind an enforcing ROM as long as I can turn off the enforcement whenever I want to, and as long it doesn't prevent me from doing the things I want with my device, and as long as I don't have to jump through crazy, convoluted, headache-producing hoops in order to do any of those things. My current enforcing ROM is OK in these regards.

    However, I probably wouldn't mind a non-enforcing ROM, either.
    Just need to understand that properly implemented ROMs, ie. enforcing, can generally be switched w/ no dramas (for those happy to take the risks)... 'non-enforcing' (permissive) ROMs are the ones you'll generally have issues with;
    they're inherently buggy for starters, and either won't boot w/ enforcing or critical functions will fail... You're usually stuck with permissive (read House with no doors) I'm afraid!...

    That's because they are 'experimental, insecure, half-baked and not fit for daily use' as I originally said, and they've generally been set to permissive simply to allow broken stuff to function...

    There's really no other good reason for a dev to set permissive... And as experts like John are pointing out, doing this simply to release ROMs is NOT good enough... It may be considered "really bad", "LITERALLY BACKDOORING YOUR USERS!", "dubious", "just shooting at your own foot", "nuking a SIGNIFICANT portion of modern Android's security"...


    🙃 PW
  • 130
    This is a discussion and help thread for the newer versions of Magisk.

    The main goal of this thread is to help users migrate to Magisk v24+
    • SafetyNet
      Basic integrity Pass
      CTS profile match Pass
    • Play Protect certification
      Device is certified

    Feel free to discuss or give links to other Magisk related issues.
    Fixes for gPay, banking apps and/or other apps and games that detect a 'compromised' Android system.
    Please try to restrain from discussing alternative (unofficial) Magisk builds that include changes that were removed or can not be included in the official Magisk builds. 🙃

    Please read John's State of Magisk (medium.com)

    Starting with the Magisk 23 (23010) canary builds.
    • MagiskHide is removed.
      MagiskHide masked the sensitive properties of the device to hide it from SafetyNet.
      Renaming (repackaging) the Magisk app is/was not part of MagiskHide.
      You still have the option to Hide the Magisk app under setting.​
    • Magisk Module online Repo is removed.
      The Magisk Module online Repo is still available and can be accessed outside of the Magisk app.​
    • Everything SafetyNet is removed.
      This includes the SafetyNet check that was incorporated into the Magisk app.​
    • Zygisk is introduced.
      Zygote + Magisk = Zygisk​
    • The Deny list replaces the Hide list.
      The Hide list (more or less) hid Magisk from the process on the list.
      The Deny list is similar but instead of hiding Magisk from the process, Magisk is unloaded so there is nothing to hide.​

    Starting with the Magisk 23 (23017) canary builds.
    • Magisk supports update channels per module.
      Each module can include it's own update link.​
    • Hide Magisk offline.
      You do not need internet connection to rename (repackage) the Magisk app.​

    What does this mean?
    Not much.
    It is just the next step in Magisk's development.
    Zygisk is a big step forward. ;)

    Even before these changes in Magisk, the xda family and the Android community have always been active and willing to share. :D

    Jump to Post


    This is post will be updated once Magisk v24 is released.
    68
    Magisk
    The Magic Mask for Android.

    Magisk Links:
    GitHub
    Release Notes

    Download Links:
    Stable and Beta releases.
    Canary
    • GitHub
      The notes.md file is the change log.
      The app-debug.apk is Magisk canary.
      Click on app-debug.apk and choose View Raw or click on the Download option.​

    Credits:
    topjohnwu
    All who contribute and support this project.
    59
    Modules

    MagiskHide Props Config
    This module allows you to add, change and adjust prop values systemlessly using Magisk.​

    MagiskHide Props Config Links:

    Download Links:

    Credits:
    Didgeridoohan
    All who contribute and support this project.


    Universal SafetyNet Fix
    It has been a year now since kdrag0n figured out how to 'trick' SafetyNet.
    This 'trick' has been implemented properly into quite a few custom roms.
    For custom roms that do not include it and/or stock roms, he turned it into a module.​

    Universal SafetyNet Fix Links:

    Download Links:

    Credits:
    kdrag0n
    All who contribute and support this project.
    55
    Apps

    Fox's Magisk Module Manager
    This app allows you to manage and install Magisk modules.
    Including from an online repo.​

    Fox's Magisk Module Manager Links:

    Download Links:

    Credits:
    Fox2Code
    All who contribute and support this project.

    Play Intergrity API Checker
    This app shows info about your device integrity as reported by Google Play Services.
    If any of this fails could mean your device is rooted or tampered in a way (for example you have an unlocked bootloader).​

    Development:

    Download Links:

    Credits:
    1nikolas
    All who contribute and support this project.

    YASNAC - Yet Another SafetyNet Attestation Checker
    YASNAC (short for Yet Another SafetyNet Attestation Checker) is an Android app that demonstrates SafetyNet Attestation API.​

    YASNAC Links:

    Download Links:

    Credits:
    RikkaW
    All who contribute and support this project.
    46
    Force Basic Attestation

    Newer devices are designed to support hardware attestation.
    Currently there is no way to hide the sensitive device properties when checked using hardware attestation.​

    To get around this, kdrag0n figured out how trick SafetyNet that the device does not support hardware attestation.
    SafetyNet will then fall back to check using basic attestation.

    Note:
    This method will work for devices that support hardware attestation and devices that do not.
    • Enable Zygisk.
    • Install the USNF module.
    • Reboot

    To keep posts short, the instructions are hid by spoiler tags.
    If you have not installed Magisk.
    Follow the installation link in the Magisk post.​

    Download the Universal SafetyNet Fix module.
    Download link is in the Modules post.​

    1. Enable Zygisk
      • Open the Magisk app.
      • Go to Settings.
      • Scroll down to the Magisk section.
      • Toggle Zygisk on.
      • Go back to the Magisk Home screen.
    2. Go to Modules.
      • Select Install from storage.
      • Navigate to the Universal SafetyNet Fix module zip file and select it.
    3. Reboot.

    The USNF module will adjust the sensitive props that are needed to pass SafetyNet.
    Depending on the device and system (ROM) configuration, you might need to adjust a few more.
    See the Adjust Prop values post.​