[Discussion] Magisk - The Age of Zygisk.

Search This thread

pndwal

Senior Member
'Stable' Canary!
Screenshot_2022-01-28-23-42-48-137_zpogtxregv.zvot.jpg

😄 🐦 PW
 

J.Michael

Recognized Contributor
Jan 20, 2018
1,101
1,043
Samsung Galaxy Tab A series
My installation is working great so far. I noticed that my installation shows both Zygisk: Yes and Ramdisk: Yes.

Can someone explain why that is? Can you have an unmodified Ramdisk and still have a working Magisk?
"Ramdisk: Yes" means that the original, not-yet-patched-by-Magisk, boot image included a ramdisk. "Zygisk: Yes" means Zygisk has been activated within Magisk. I don't believe there is any particular connection between the two -- across many devices, I think all four combinations can occur. You can control whether Zygisk is active. The Ramdisk state depends on the original boot image, and does not change when you install Magisk, or when you change Magisk's configuration.

I don't think you can have Magisk installed without the ramdisk having been modified but, again, that display is not referring to whether the ramdisk has been modified.
 

Depressed T.Bear

Senior Member
Jun 3, 2013
898
709
Berlin
I also passed the S-pushtan root detection
with Zygisk enabled, and USNF + Shamiko module installed. The denylist option is unchecked to make sure that the Shamiko module is working fine...

I'm using a pixel-based custom ROM, with an "abnormal" environment status according to Momo apps.
Would you mind sharing the exact settings for S-pushtan in HMA?
Also, do you have LXposed installed?

The app opens for me for about 2 seconds and then opens the browser, tellin me the root stuff
 

zgfg

Senior Member
Oct 10, 2016
7,156
4,612
I just installed Fox's Magisk Module Manager and Zygisk-LSPosed doesn't appear to be available. Any idea where can I find it? Is this be a Magisk Module that would be replacing the LSPosed Xposed module?

Thanks!
Since TG links are not allowed on XDA, decipher from the screenshot
 

Attachments

  • Screenshot_2022-01-28-18-46-55-120_org.telegram.messenger.jpg
    Screenshot_2022-01-28-18-46-55-120_org.telegram.messenger.jpg
    569.5 KB · Views: 216

nacos

Senior Member
Sep 27, 2007
537
246
Here & Now
Since TG links are not allowed on XDA, decipher from the screenshot
Is not that I don't believe you, I just don't know where to get it. The screenshot doesn't help much. Could you please elaborate on download source and installation method? All Riru modules have been suspended upon reboot since I enabled Zygisk. Obviously, without Riru LSPosed, I cannot start LSPosed. Now what?

Do I need to go back and disable Zygisk in Magisk settings so I could regain access to LSPosed and then install the suggested version from within the (now available) LSPosed?

Thanks!
 

zgfg

Senior Member
Oct 10, 2016
7,156
4,612
Is not that I don't believe you, I just don't know where to get it. The screenshot doesn't help much. Could you please elaborate on download source and installation method? All Riru modules have been suspended upon reboot since I enabled Zygisk. Obviously, without Riru LSPosed, I cannot start LSPosed. Now what?

Thanks!
Screenshot is from Telegram app. On top you see the channel name - you should install TG app and search for the given channel

At the bottom you see the latest release, LSPosed Zygisk relesse zip to download ("Save to Download")
 
  • Like
Reactions: J.Michael

nacos

Senior Member
Sep 27, 2007
537
246
Here & Now
Screenshot is from Telegram app. On top you see the channel name - you should install TG app and search for the given channel

At the bottom you see the latest release, LSPosed Zygisk relesse zip to download ("Save to Download")
OK, I got it, thanks a buch! (although I just don't get this thing about forcing someone to use Telegram for downloading files. What's wrong with www?)

Now, having this checked, could you recommend the best module that's supposed to hide root since Magisk no longer does that? Thanks!
 
Last edited:

frank93

Senior Member
Oct 16, 2010
117
40
Berlin
Google Pixel 4a
I just installed Fox's Magisk Module Manager and Zygisk-LSPosed doesn't appear to be available. Any idea where can I find it? Is this be a Magisk Module that would be replacing the LSPosed Xposed module?

Thanks!
as far as i know, a stable (non-"nightly") version of zygisk-lsposed will be released next week. just in case you don’t wanna deal with telegram-repositories especially for that, or may wanna wait a few days until the stable release is out (like i am, for example). :)
 
  • Like
Reactions: heinhuiz

nacos

Senior Member
Sep 27, 2007
537
246
Here & Now
as far as i know, a stable (non-"nightly") version of zygisk-lsposed will be released next week. just in case you don’t wanna deal with telegram-repositories especially for that, or may wanna wait a few days until the stable release is out (like i am, for example). :)
Cool, thanks, although I just installed the latest suggested version 1.6.5 (6337) and everything seems to be working fine. It's a pain having to go through all associations again (especially for XPrivacy Lua) but it is what is.

I've also noticed that apps in the deny list can NOT be added to XPrivacy Lua, (or any other module for that matter) which is quite an issue, since, in the case of XPrivacy Lua, having the ability to deny certain access to an app is definitely much more important than preventing the app from sensing root, as long as the app works just fine. For the time being it seem to be quite a compromise: hide root (deny list) with no ability to control privacy, or privacy with no ability to hide root. That's something we'll have to further look into.
 
Last edited:
  • Like
  • Sad
Reactions: Fif_ and heinhuiz

zgfg

Senior Member
Oct 10, 2016
7,156
4,612
OK, I got it, thanks a buch! (although I just don't get this think about forcing someone to use Telegram for downloading files. What's wrong with www?)

Now, having this checked, could you recommend the best module that's supposed to hide root since Magisk no longer does that? Thanks!
Did you setup DenyList?
Check if SafetyNet passes.
You may need to use USNF 2.2.1 - read e g. post #14 in this thread

To hide Zygisk itself, use Shamiko - once installed, you need to disable Enforce DenyList since Shamiko will take over

Shamiko must be also downloaded from TG, but thanks to the new module auto-updating scheme (properly implemented for Shamiko but not for LSPosed), its URL can be obtained:
 
Last edited:
  • Like
Reactions: Fif_

androx17

Member
Nov 21, 2013
26
5
Redmi Note 8
Redmi Note 10 Pro
Thank you for putting this thread. From the OP, once I read all instructions, all is working fine and it is easy to follow and understand.

Redmi note 8 ginkgo ArrowOS.

Updated stable channel via app
Enable zygisk, configure denylist
Installed Fox mmm
Installed USNF
Pass safetynet
Banking apps working

I will be reporting again in the coming days if something came up ony device. Thank you again.
 

Top Liked Posts

  • 7
    I am just curious why you don't want to install telegram. About a year ago, or so, I uninstalled telegram because I got tired of the juvenile, posts on an android app dev forum, lspeed. I feel now that telegram is better moderated, but that is mostly based on the magisk alpha, lsposed. etc that I am now on. Is there some other security issues with it that I am not aware? I have most notification in it turned off so it doesn't constantly annoy me.
    Nah just the childishness nonsense you mention. I was on a few Android groups at one point and they were all pretty obnoxious. That and when I tried having a public profile getting random "Hey are you THE osm0sis from xda? Cool! Just checking." roughly every couple days was ridiculous. Made me fairly certain I'm doing just fine with xda, Twitter, email, GitHub, Slack and TWRP's Zulip. 😜
    4
    Seems not, but Canyie has fixed her GitHub link to Momo from MomoHider page https://github.com/canyie/Riru-MomoHider ('depreciation notice' introduces Shamiko - MomoHider may not be a 'thing' anymore...) however (Link to momo apk is dead #22 / Fix #22, 54d76a6), so at least we can link to that on XDA since we can't post TG links as file source...

    Momo is linked under 'Test':
    https://github.com/canyie/Riru-MomoHider#test

    👀 PW
    Sigh.. guess I'll secretly install Telegram just to download things. 🤷‍♂️🙄🥲
    2
    You don't need to install Telegram. You can do it in using your browser.
    Follow canyie's link. And then, if you strip off the last level from the URL, you can see all the posts, including the latest version of Shamiko.
    Couldn't get the actual download to work in Chrome on my phone or laptop, even with Desktop mode and Incognito, not without a Telegram app installed. 🤷‍♂️
    1
    Sigh.. guess I'll secretly install Telegram just to download things. 🤷‍♂️🙄🥲
    You don't need to install Telegram. You can do it in using your browser.
    Follow canyie's link. And then, if you strip off the last level from the URL, you can see all the posts, including the latest version of Shamiko.
    1
    Sigh.. guess I'll secretly install Telegram just to download things. 🤷‍♂️🙄🥲
    I am just curious why you don't want to install telegram. About a year ago, or so, I uninstalled telegram because I got tired of the juvenile, posts on an android app dev forum, lspeed. I feel now that telegram is better moderated, but that is mostly based on the magisk alpha, lsposed. etc that I am now on. Is there some other security issues with it that I am not aware? I have most notification in it turned off so it doesn't constantly annoy me.
  • 11
    Bank apps are typically notorious in going out of way to detect root.

    Within Indian Banks' android app ecosystem, two most notorious ones are SBI Yono and Axis Bank.

    This post is for Axis Bank app which has been detecting root/jailbreak on my android phones since end of 2021. When I checked on internet, found that same issue was also reported by few users on github, reddit etc since mid 2021

    Thanks to initial post of user Drishal (Reddit) I got this tip which over the course of time have been testing/tweaking and using.

    My configuration to make Axis Bank app run without detecting root

    Firstly the usuals:
    Get Magisk - Zygisk mode, LSposed Zygisk, Universal Safety Net Fix, Shamiko,
    Axis Bank app should be selected in "Configure DenyList",
    "Enforce Denylist" to remain disabled, for Shamiko to work

    Try checking Axis Bank, post these steps.. for me it never worked and always greeted with "can't run on rooted phone"

    Also a parallel check with be using app like
    RootBeer Sample to check and be sure that root is hidden well till this step.

    Now comes specifics to make Axis Bank work
    Install Xprivacylua. Go to LSposed, select Axis Bank for Xprivacylua module
    In Xprivacylua app, go to Axis Bank app and tick following (super important):

    Determine activity,​
    Applications,​
    Sensors,​
    Identifiers,​
    Analytics, and​
    Tracking​

    And now we are good to go and use Axis Bank app. If here you face issues, erase app data once and you should have success.

    I tested this method for opening Axis Bank app on 4 phones and mileage varied across ROMs and version.

    Nokia 6 – 2018, with Rooted Stock ROM A9 – Solution works
    Redmi Note 7 Pro, with Custom ROM A11 – Solution works
    Redmi Note 9 Pro, with Custom ROM A11– Solution works
    Asus Zenfone Max Pro M1, with Custom ROM A10 – Solution doesn’t works. But then here even Rootbeer Sample detects busybox binary when it is not there. So seems to be a ROM issue

    Just before someone ask, I had tried HideMyApplist too, but it didn't help here at all.

    Hope this helps fellow users of Magisk and Axis Bank!

    indian bank axis bank magisk root detect not working crashing xda
    7
    I am just curious why you don't want to install telegram. About a year ago, or so, I uninstalled telegram because I got tired of the juvenile, posts on an android app dev forum, lspeed. I feel now that telegram is better moderated, but that is mostly based on the magisk alpha, lsposed. etc that I am now on. Is there some other security issues with it that I am not aware? I have most notification in it turned off so it doesn't constantly annoy me.
    Nah just the childishness nonsense you mention. I was on a few Android groups at one point and they were all pretty obnoxious. That and when I tried having a public profile getting random "Hey are you THE osm0sis from xda? Cool! Just checking." roughly every couple days was ridiculous. Made me fairly certain I'm doing just fine with xda, Twitter, email, GitHub, Slack and TWRP's Zulip. 😜
    6
    But we can attach the file itself, can't we @pndwal ?
    4
    Seems not, but Canyie has fixed her GitHub link to Momo from MomoHider page https://github.com/canyie/Riru-MomoHider ('depreciation notice' introduces Shamiko - MomoHider may not be a 'thing' anymore...) however (Link to momo apk is dead #22 / Fix #22, 54d76a6), so at least we can link to that on XDA since we can't post TG links as file source...

    Momo is linked under 'Test':
    https://github.com/canyie/Riru-MomoHider#test

    👀 PW
    Sigh.. guess I'll secretly install Telegram just to download things. 🤷‍♂️🙄🥲
    4
    Does anyone know why I am not play store certified and thus cannot install apps like netflix after passing both integrity check and CTS.

    I have lineage-18.1-20220425-nightly-cheeseburger-signed installed on my oneplus 5. I have rooted using magisk and used a combination of Universal safetynet fix together with changing the fingerprint of my device to pass the CTS.

    I also registered my device on the google certification site using the GSF ID.

    Any help would be highly appreciated.
    After passing SafetyNet, you need to clear cache and data for PlayStore and (not always) for PlayServices.
    This will clear data and updates.

    Then wait for them to update again.

    Play will scan your device again and mark it as certified.

    ---

    Registering your current install does not certify the device.

    You are telling Google that you are using a non-certified rom. ;)


    Cheers. :cowboy:
  • 111
    This is a discussion and help thread for the newer versions of Magisk.

    The main goal of this thread is to help users migrate to Magisk v24+
    • SafetyNet
      Basic integrity Pass
      CTS profile match Pass
    • Play Protect certification
      Device is certified

    Feel free to discuss or give links to other Magisk related issues.
    Fixes for gPay, banking apps and/or other apps and games that detect a 'compromised' Android system.
    Please try to restrain from discussing alternative (unofficial) Magisk builds that include changes that were removed or can not be included in the official Magisk builds. 🙃

    Please read John's State of Magisk (medium.com)

    Starting with the Magisk 23 (23010) canary builds.
    • MagiskHide is removed.
      MagiskHide masked the sensitive properties of the device to hide it from SafetyNet.
      Renaming (repackaging) the Magisk app is/was not part of MagiskHide.
      You still have the option to Hide the Magisk app under setting.​
    • Magisk Module online Repo is removed.
      The Magisk Module online Repo is still available and can be accessed outside of the Magisk app.​
    • Everything SafetyNet is removed.
      This includes the SafetyNet check that was incorporated into the Magisk app.​
    • Zygisk is introduced.
      Zygote + Magisk = Zygisk​
    • The Deny list replaces the Hide list.
      The Hide list (more or less) hid Magisk from the process on the list.
      The Deny list is similar but instead of hiding Magisk from the process, Magisk is unloaded so there is nothing to hide.​

    Starting with the Magisk 23 (23017) canary builds.
    • Magisk supports update channels per module.
      Each module can include it's own update link.​
    • Hide Magisk offline.
      You do not need internet connection to rename (repackage) the Magisk app.​

    What does this mean?
    Not much.
    It is just the next step in Magisk's development.
    Zygisk is a big step forward. ;)

    Even before these changes in Magisk, the xda family and the Android community have always been active and willing to share. :D

    Jump to Post


    This is post will be updated once Magisk v24 is released.
    61
    Magisk
    The Magic Mask for Android.

    Magisk Links:
    GitHub
    Release Notes

    Download Links:
    Stable and Beta releases.
    Canary
    • GitHub
      The notes.md file is the change log.
      The app-debug.apk is Magisk canary.
      Click on app-debug.apk and choose View Raw or click on the Download option.​

    Credits:
    topjohnwu
    All who contribute and support this project.
    55
    Modules

    MagiskHide Props Config
    This module allows you to add, change and adjust prop values systemlessly using Magisk.​

    MagiskHide Props Config Links:

    Download Links:

    Credits:
    Didgeridoohan
    All who contribute and support this project.


    Universal SafetyNet Fix
    It has been a year now since kdrag0n figured out how to 'trick' SafetyNet.
    This 'trick' has been implemented properly into quite a few custom roms.
    For custom roms that do not include it and/or stock roms, he turned it into a module.​

    Universal SafetyNet Fix Links:

    Download Links:

    Credits:
    kdrag0n
    All who contribute and support this project.
    51
    Apps

    Fox's Magisk Module Manager
    This app allows you to manage and install Magisk modules.
    Including from an online repo.​

    Fox's Magisk Module Manager Links:

    Download Links:

    Credits:
    Fox2Code
    All who contribute and support this project.


    YASNAC - Yet Another SafetyNet Attestation Checker
    YASNAC (short for Yet Another SafetyNet Attestation Checker) is an Android app that demonstrates SafetyNet Attestation API.​

    YASNAC Links:

    Download Links:

    Credits:
    RikkaW
    All who contribute and support this project.
    43
    Force Basic Attestation

    Newer devices are designed to support hardware attestation.
    Currently there is no way to hide the sensitive device properties when checked using hardware attestation.​

    To get around this, kdrag0n figured out how trick SafetyNet that the device does not support hardware attestation.
    SafetyNet will then fall back to check using basic attestation.

    Note:
    This method will work for devices that support hardware attestation and devices that do not.
    • Enable Zygisk.
    • Install the USNF module.
    • Reboot

    To keep posts short, the instructions are hid by spoiler tags.
    If you have not installed Magisk.
    Follow the installation link in the Magisk post.​

    Download the Universal SafetyNet Fix module.
    Download link is in the Modules post.​

    1. Enable Zygisk
      • Open the Magisk app.
      • Go to Settings.
      • Scroll down to the Magisk section.
      • Toggle Zygisk on.
      • Go back to the Magisk Home screen.
    2. Go to Modules.
      • Select Install from storage.
      • Navigate to the Universal SafetyNet Fix module zip file and select it.
    3. Reboot.

    The USNF module will adjust the sensitive props that are needed to pass SafetyNet.
    Depending on the device and system (ROM) configuration, you might need to adjust a few more.
    See the Adjust Prop values post.​