[Discussion] Magisk - The Age of Zygisk.

[prokiller1199]

I have just recently came across shamiko since undecember, sword art online VS, TnG being detected, previously the old magisk hide and zygisk had no problem for me

I've been using shamiko for quite sometime but only TNG is breaking recently. Before that I need to use for my PBe and RHB app and had to uninstall magisk app for it to work

 

[ajlir]

Another TNG user here, I submitted a report to their developer team because I think it is app issues on latest version of TNG.

I have asked my colleagues on this and they have no problems (unrooted).

I'm not giving up yet.

 

[anubisjack]

I've been using shamiko for quite sometime but only TNG is breaking recently. Before that I need to use for my PBe and RHB app and had to uninstall magisk app for it to work

Oh, didnt know public and rhb so strict, cimb and maybank got no problem just using normal hide

 

[prokiller1199]

I have asked my colleagues on this and they have no problems (unrooted).

I'm not giving up yet.

oh ****t rip

Oh, didnt know public and rhb so strict, cimb and maybank got no problem just using normal hide

yeah damn strict, and yes my cimb and Maybank very easy bypass

 

[ajlir]

Before this version is fine (v1.7.84).

I actually tried with this version just now (apkmirror, pls don't bonk me) and it actually works. And let's just say that I'll never update this app again until it breaks.

 

[prokiller1199]

I actually tried with this version just now (apkmirror, pls don't bonk me) and it actually works. And let's just say that I'll never update this app again until it breaks.

Yes, I personally tested it and using it now. So the new one is hating root.

 

[Mr.Jlu]

Still haven't been able to do this on Xiaomi RN8T... Please say your device / OS... Thanks, PW

Hello @pndwal,

Device: Nord
Model: AC2001
Brand: OnePlus
Android: 11
ROM: [11.0.0_r46] AospExtended ROM v8.7 [OFFICIAL]

In my previous post, I mentioned that it only worked once, then stopped after a reboot.

As a result, I had a few sleepless nights over the weekend. I wanted to understand how the app could detect this. Finally this afternoon, I was able to bypass the detection.

My next post will describe the steps I followed because in this post your question was related to my device specifications.

 

[Mr.Jlu]

Hello Guys,

[UPDATE]

I was able to bypass the root detection of this app using the following magisk module but it stopped working post reboot.

Magisk Module Name: InitRcHider
Reference URL:

[MODULE] InitRcHider

Several banking and security apps discover system modifications that Magisk injects through the init.rc file. These modifications can be successfully hidden with MomoHider (https://github.com/canyie/Riru-MomoHider), however, that module requires...

forum.xda-developers.com

XDA Download Link: https://forum.xda-developers.com/attachments/initrchider-zip.5472273/

Hello Guys,

I am back again. Finally, I found a way to bypass this app detection. My day was made after achieving this .

Spoiler: Device Specifications

Device: Nord
Model: AC2001
Brand: OnePlus
Android: 12
ROM: [12.1][UNOFFICIAL] LineageOS 19.1 - microG [OnePlus Nord/avicii]

Spoiler: Steps to reproduce the result

1. Pass the device integrity test by using publicly available methods for your device.
2. The following is the list of the magisk modules installed on my device:
   • Zygisk - LSPosed [ v1.8.5(6649) ] Mandatory
   • Universal SafetyNet Fix [ v2.3.1 or any other] ~ Optional, used for passing safety net.
   • Shamiko [ v0.6 ] ~ Optional, used for passing basic root detection.
   • MagiskHide Props Config [ v6.1.2-v137 ] ~ Optional, used for passing safety net.
3. The following LSPosed module should be installed and the module should be activated.
   • Hide My Applist [ 3.0.5-Beta-367 ]

Then open Hide My Applist and perform the following steps:

1. Click on App manage
2. Select your app. In my case, it was HDFC bank [ com.snapwork.hdfc ]
3. Enable hide
4. Set Work mode as Whitelist
5. Toggle OFF the option Exclude system apps
6. Select the following apps from Template config - additional apps visible
   • The app you want to hide ( In my case the app name is HDFC Bank )
   • Any 2 standard user apps ( Eg: Whatsapp, Gmail)
7. Then click on the 3 dot menu and enable the Show system. In this section, you have to spend some time with your neurons, you have to select those apps which are a must for the App to function properly ( Eg: Phone calls, Network Manager, Key Chain, etc ) and also those apps which should normally be present in the non-rooted environment.
   • Below I have attached the list of apps I have selected in order for you to make sense of the seventh point.
8. Once the above steps are completed, restart your phone once and test.

If you guys have any particular apps you want me to test with this method, please share the name and APK link from a trusted source (Eg: Aurora Store) in this thread. I will check it in my free time and post an update in this thread.

So long my friend, Until next time.

Hello @73sydney ,
The above steps can be included in your guide if you wish.

 

[click2abubakar]

I've a Galaxy S7 edge on latest stock firmware. Latest TWRP installed & rooted with Magisk 25.2.

Can't enable Zygisk (already tried rebooting multiple times)

Tried the latest Canary but same result, tried turning off Zygisk, re-enabling, rebooting but no luck.

Any help would be greatly appreciated in this regard.

Thanks.

 

[73sydney]

Hello Guys,

I am back again. Finally, I found a way to bypass this app detection. My day was made after achieving this .

Spoiler: Device Specifications

Device: Nord
Model: AC2001
Brand: OnePlus
Android: 12
ROM: [12.1][UNOFFICIAL] LineageOS 19.1 - microG [OnePlus Nord/avicii]

Spoiler: Steps to reproduce the result

1. Pass the device integrity test by using publicly available methods for your device.
2. The following is the list of the magisk modules installed on my device:
   • Zygisk - LSPosed [ v1.8.5(6649) ] Mandatory
   • Universal SafetyNet Fix [ v2.3.1 or any other] ~ Optional, used for passing safety net.
   • Shamiko [ v0.6 ] ~ Optional, used for passing basic root detection.
   • MagiskHide Props Config [ v6.1.2-v137 ] ~ Optional, used for passing safety net.
3. The following LSPosed module should be installed and the module should be activated.
   • Hide My Applist [ 3.0.5-Beta-367 ]

Then open Hide My Applist and perform the following steps:

1. Click on App manage
2. Select your app. In my case, it was HDFC bank [ com.snapwork.hdfc ]
3. Enable hide
4. Set Work mode as Whitelist
5. Toggle OFF the option Exclude system apps
6. Select the following apps from Template config - additional apps visible
   • The app you want to hide ( In my case the app name is HDFC Bank )
   • Any 2 standard user apps ( Eg: Whatsapp, Gmail)
7. Then click on the 3 dot menu and enable the Show system. In this section, you have to spend some time with your neurons, you have to select those apps which are a must for the App to function properly ( Eg: Phone calls, Network Manager, Key Chain, etc ) and also those apps which should normally be present in the non-rooted environment.
   • Below I have attached the list of apps I have selected in order for you to make sense of the seventh point.
8. Once the above steps are completed, restart your phone once and test.

If you guys have any particular apps you want me to test with this method, please share the name and APK link from a trusted source (Eg: Aurora Store) in this thread. I will check it in my free time and post an update in this thread.

View attachment 5782549
View attachment 5782551
So long my friend, Until next time.

Hello @73sydney ,
The above steps can be included in your guide if you wish.

I would think whitelist mode would be the longest way around the issue, its been tested and working in blacklist mode, which requires selecting just the app and applying the root template to hide it from all the root related apps

If youre unable to pass it this way, assuming you have HMA setup as the guide suggests, then by all means let me know and ill consider adding it, but id rather not start adding one off solutions using a completely opposite mode (whitelist) which might only add to confusion, if the prescribed blacklist mode works

Also is MagiskHide Props Config needed?, if using Displaxs USNF mod 2.0 generally it shouldnt be required

 

[m0han]

The following LSPosed module should be installed and the module should be activated.

• Hide My Applist [ 3.0.5-Beta-367 ]

v3.0.6 is released

https://forum.xda-developers.com/t/hide-my-applist-a-brief-guide.4519731/post-87847359

Says: No longer need the Magisk module, make sure to uninstall it, or you will bootloop

 

[pndwal]

I've a Galaxy S7 edge on latest stock firmware. Latest TWRP installed & rooted with Magisk 25.2.

Can't enable Zygisk (already tried rebooting multiple times)

Tried the latest Canary but same result, tried turning off Zygisk, re-enabling, rebooting but no luck.

Any help would be greatly appreciated in this regard.

Thanks.

Re. Galaxy S7 Edge:

So you'll need custom, ported, fixed or newer Kernel; please check kernel version in use and read this pinned issue:
[Wontfix] Zygisk cannot activate on some old Samsung devices with old kernel (3.19-) #5395

Basically, Zygisk was not turning in for S8 and earlier Sammy phones:
https://github.com/topjohnwu/Magisk/issues/5353

The issue was fixed here (by Shana) for most:
https://github.com/topjohnwu/Magisk/pull/5372
Merged:
https://github.com/topjohnwu/Magisk/commit/ff7ac582f013dbc27b27e4194424044ee79c3980

This fix worked around broken system calls (due to kernel restriction / exec limitation), but requires fexecve, and unfortunately this doesn't exist in 3.19- kernels.

Nb. Some devices w/ 3.19- kernels successfully load Zygisk without fexecve workaround. As Canyie said there:

It depends on was Samsung added their stupid exec limitation in the kernel of your device, or not. If Zygisk works on your device, just enjoy it. This is just a notice which points out Zygisk bug reports from Samsung devices using old kernels will be ignored.

Nb. I see this was fixed in LOS 18.1+ using 3.18.140 kernel... Could be a good choice...
- https://github.com/topjohnwu/Magisk/issues/5395#issuecomment-1073746347

PW

 

[click2abubakar]

Re. Galaxy S7 Edge:

So you'll need custom, ported, fixed or newer Kernel; please check kernel version in use and read this pinned issue:
[Wontfix] Zygisk cannot activate on some old Samsung devices with old kernel (3.19-) #5395

Basically, Zygisk was not turning in for S8 and earlier Sammy phones:
https://github.com/topjohnwu/Magisk/issues/5353

The issue was fixed here (by Shana) for most:
https://github.com/topjohnwu/Magisk/pull/5372
Merged:
https://github.com/topjohnwu/Magisk/commit/ff7ac582f013dbc27b27e4194424044ee79c3980

This fix worked around broken system calls (due to kernel restriction / exec limitation), but requires fexecve, and unfortunately this doesn't exist in 3.19- kernels.

Nb. Some devices w/ 3.19- kernels successfully load Zygisk without fexecve workaround. As Canyie said there:


Nb. I see this was fixed in LOS 18.1+ using 3.18.140 kernel... Could be a good choice...
- https://github.com/topjohnwu/Magisk/issues/5395#issuecomment-1073746347

PW

Thank you very much for the respons & confirmation. I pretty much figured out the same after googling for some time.

I have to use the Stock firmware, the only working solution I got to is to use the last Magisk released witout Zygisk.

Magisk 23 working fine for me, & am able to do hide root from banking & other apps.

Thanks once again.

 

[pndwal]

Thank you very much for the respons & confirmation. I pretty much figured out the same after googling for some time.

I have to use the Stock firmware, the only working solution I got to is to use the last Magisk released witout Zygisk.

Magisk 23 working fine for me, & am able to do hide root from banking & other apps.

Thanks once again.

Why can't you use current Magisk w/o Zygisk?... And please say why you need stock ROM... PW

 

[click2abubakar]

Why can't you use current Magisk w/o Zygisk?... And please say why you need stock ROM... PW

I would need to hide Magisk from certain banking apps.

Can that be done without Zygisk in the current version?

I'd have loved to be on newer custom ROMs, but unfortunately after water damage, board (or something similar) had to be changed in my mobile phone. Although it shows my IMEI same as on my box, but IMEI has to be patched for the SIM to work.
The IMEI patch doesn't seem to work with custom ROMs. That's why I believe am stuck with stock firmware on this mobile.

 

[zgfg]

I would need to hide Magisk from certain banking apps.

Can that be done without Zygisk in the current version?

I'd have loved to be on newer custom ROMs, but unfortunately after water damage, board (or something similar) had to be changed in my mobile phone. Although it shows my IMEI same as on my box, but IMEI has to be patched for the SIM to work.
The IMEI patch doesn't seem to work with custom ROMs. That's why I believe am stuck with stock firmware on this mobile.

There are zillions of posts how to attempt hiding the 'root', and it works for most of the banking and similar apps

In very short (I will not guide further bcs all that was really covered in so many posts - who is really interested should have search and read, even before asking), Zygisk, DenyList (not enforced), Shamiko, USNF mode, LSPosed + Hide My Apps

However, there is NO generic way that works for ALL banking apps. But one must try with this - and/or search in the posts for the particular app, does it require something more (like using Magisk Delta instead of TJW Magisk).or even something less complicated, or currently it's not broken yet

 

[J.Michael]

I would need to hide Magisk from certain banking apps.

Can that be done without Zygisk in the current version?

I'd have loved to be on newer custom ROMs, but unfortunately after water damage, board (or something similar) had to be changed in my mobile phone. Although it shows my IMEI same as on my box, but IMEI has to be patched for the SIM to work.
The IMEI patch doesn't seem to work with custom ROMs. That's why I believe am stuck with stock firmware on this mobile.

Can you try installing the OS @pndwal suggested? And just return to stock if it doesn't work?

If you are not in a position to restore the current, working, system when a modification attempt fails, then you should not be trying to install Magisk.

 

[pndwal]

I would need to hide Magisk from certain banking apps.

Can that be done without Zygisk in the current version?

Well you've got a point... w/o Zygisk-USNF you'd generally need Google Play Services droidguard process (aka SafetyNet process), com.google.android.gms.unstable, in denylist, and this requires working Zygisk too, as does using denylist as hidelist w/ Shamiko or DenylistUnmount modules... So we're gonna need something unusual...

Seems this module may be the answer:
https://github.com/HuskyDG/safetynet-integrity-fix

You don't need most of this modules functionality (fallback to basic attestation trigger and hardware verdict enforcement bypass triggers) as you don't have have a Hardware KA capable device... You do need an alternative to gms droidguard (SafetyNet) process in denylist however, and it seems this fork of USNF does/can hide root from this process itself (just like official zy-USNF) using Riru framework...

I'm guessing it should run (assuming you have Android 8) and fix SafetyNet and Play Integrity deviceIntegrity w/ Riru module installed for framework...

So the long answer is Yes, it probably can be done...

I'd have loved to be on newer custom ROMs, but unfortunately after water damage, board (or something similar) had to be changed in my mobile phone. Although it shows my IMEI same as on my box, but IMEI has to be patched for the SIM to work.
The IMEI patch doesn't seem to work with custom ROMs. That's why I believe am stuck with stock firmware on this mobile.

That's interesting... W/ new main board you'd have new IMEI number(s), S/N, and several other unique numbers, and these should simply work... I'm not understanding something here....

Do you mean no. on box for part, or for original phone?... Are you trying to use your original IMEI no. (numbers plural if dual SIM) for some reason?...

Can you give more info on what this patch does?... Can you link documentation for it?

Ta... PW

 

[click2abubakar]

Well you've got a point... w/o Zygisk-USNF you'd generally need Google Play Services droidguard process (aka SafetyNet process), com.google.android.gms.unstable, in denylist, and this requires working Zygisk too, as does using denylist as hidelist w/ Shamiko or DenylistUnmount modules... So we're gonna need something unusual...

Seems this module may be the answer:
https://github.com/HuskyDG/safetynet-integrity-fix

You don't need most of this modules functionality (fallback to basic attestation trigger and hardware verdict enforcement bypass triggers) as you don't have have a Hardware KA capable device... You do need an alternative to gms droidguard (SafetyNet) process in denylist however, and it seems this fork of USNF does/can hide root from this process itself (just like official zy-USNF) using Riru framework...

I'm guessing it should run (assuming you have Android 8) and fix SafetyNet and Play Integrity deviceIntegrity w/ Riru module installed for framework...

So the long answer is Yes, it probably can be done...

That's interesting... W/ new main board you'd have new IMEI number(s), S/N, and several other unique numbers, and these should simply work... I'm not understanding something here....

Do you mean no. on box for part, or for original phone?... Are you trying to use your original IMEI no. (numbers plural if dual SIM) for some reason?...

Can you give more info on what this patch does?... Can you link documentation for it?

Ta... PW

For now I have everything woring fine with Magisk 23 installed.
It's a fairly old device, & so I believe that shouldn't be an issue though.

And as for the IMEI Patch, I'm not really sure what had to be changed in my mobile phone to get it working again.
I had a dual SIM Galaxy S7 edge (SM-G935FD), but after the repair work I've a Single SIM mobile (SM-G935F). The IMEI no. was the same as it was for the SIM Slot 1.
I've done a clean install using Odin, with NAND Erase & re-partitioning using the PIT file. The IMEI no. shows up fine when checked through *#06# or the Settings.
But the IMEI status is "NG" if checked using the code *#0011#. For the SIM to be working I've to root my phone & have a "IMEI Patch" done using a box/dongle (Z3X I believe).

Now I don't have that & for every time I've to get the IMEI patch I've to pay up a small amount. I've already got that done 4 times now
Once with the original FW, then with LOS 19.1 (which didn't work), & then I reverted back to stock & rooted using the latest Magisk, but as with that the root hide didn't seem to be working, I had to go for Magisk 23 & then get it patched one last time.

And as of now this config. is working fine. I'm a little disappointed that I won't be able to flash my phone with a newer Custom ROM as then my SIM slot stops working. I couldn't find any info for such a case where such IMEI Patch has to be done & Custom ROM installation.

 

[pndwal]

For now I have everything woring fine with Magisk 23 installed.
It's a fairly old device, & so I believe that shouldn't be an issue though.

And as for the IMEI Patch, I'm not really sure what had to be changed in my mobile phone to get it working again.
I had a dual SIM Galaxy S7 edge (SM-G935FD), but after the repair work I've a Single SIM mobile (SM-G935F). The IMEI no. was the same as it was for the SIM Slot 1.
I've done a clean install using Odin, with NAND Erase & re-partitioning using the PIT file. The IMEI no. shows up fine when checked through *#06# or the Settings.
But the IMEI status is "NG"

Do you mean N/A?

if checked using the code *#0011#. For the SIM to be working I've to root my phone & have a "IMEI Patch" done using a box/dongle (Z3X I believe).

Now I don't have that & for every time I've to get the IMEI patch I've to pay up a small amount. I've already got that done 4 times now
Once with the original FW, then with LOS 19.1 (which didn't work), & then I reverted back to stock & rooted using the latest Magisk, but as with that the root hide didn't seem to be working, I had to go for Magisk 23 & then get it patched one last time.

And as of now this config. is working fine. I'm a little disappointed that I won't be able to flash my phone with a newer Custom ROM as then my SIM slot stops working. I couldn't find any info for such a case where such IMEI Patch has to be done & Custom ROM installation.

Thanks for clarifying... Very interesting repair, especially as Sim can't work with stock setup or without root... Take it it's done by a non-official repair techie...

Seems it's not a full repair and he/she had to work around damaged hardware; guess patch is to bypass bad Sim slot & spoof SM-G935F model (using an IMEI modification) to allow remaining slot to work... Could be more to it too...

I'd be looking to upgrade to newer device, but I understand you've invested a lot in that one... PW