[Discussion] Magisk - The Age of Zygisk.

[shadowstep]

is there a new fix? new update from imobile isnt working

The same method works fine for me with the latest version.

 

[huskydg]

The same method works fine for me with the latest version.

You can check with all list bankings i left in previous comment.

Video 1, zygisk+shamiko, imobile detect rooted
Video 2, magiskhide, imobile not detect rooted

 

[shadowstep]

You can check with all list bankings i left in previous comment.

Video 1, zygisk+shamiko, imobile detect rooted
Video 2, magiskhide, imobile not detect rooted

HMA is also needed for iMobile. As I said on TG, MagiskHide is still relevant, and it's great to have Magisk Delta (thanks for that!) as an alternative that has MagiskHide, but iMobile works with Zygisk + Shamiko + HMA. Some apps don't, but this one does.

 

[svendsvin]

I updated to Magisk stable v. 25.1 about a week ago the recommended way. Everything went smooth. Then a couple of days ago my banking app detected root. Momo (4.3.1) tells me that the environment is broken, but I pass Safetynet (both), Applist Detector finds nothing, Rootbeer shows everything is ok and my phone shows as certified in Play Store settings.

I’m on MIUI 12.5.1 stock rom. Modules USNF 2.2.1 and Shamiko 0.4.4 (v. 0.50 crashes my banking app). I don’t use LSPosed. Magisk app is hidden.

The only change I made is updating HuskyDG’s module Magisk Bootloop Protector to v. 1.8. I removed the module, but still root is detected.

I have then returned to Magisk 24.3 with an OrangeFox Recovery backup. Everything is fine. My banking app does not detect root. Momo only finds Zygisk. I have tried several times to update to Magisk 25.1 again but every time my banking app detects root and Momo tells me the environment is broken.

Can someone tell what to do next, please? Why can’t I suddenly install Magisk 25.1 without my banking app detecting root?

 

[huskydg]

Can someone tell what to do next, please? Why can’t I suddenly install Magisk 25.1 without my banking app detecting root?

Maybe refactoring magiskinit cause this, think you should stay at v24.3

 

[m0han]

...Momo (4.3.1) tells me that the environment is broken, but I pass Safetynet (both), Applist Detector finds nothing, Rootbeer shows everything is ok and my phone shows as certified in Play Store settings.

I’m on MIUI 12.5.1 stock rom. Modules USNF 2.2.1 and Shamiko 0.4.4 (v. 0.50 crashes my banking app). I don’t use LSPosed. Magisk app is hidden....

Just an FYI: I’m on crDroid v8.6 A12.1 rom. I have modules USNF 2.2.1, Shamiko v0.50, DenyList Unmount v0.2, LSPosed Zygisk v1.8.3 (6552). Magisk Delta app is hidden.

Momo v4.3.1 reports that the environment is abnormal (see screenshot - init.rc is modified is new for me; Magisk Detector has been saying 'unexpected' for long), but I pass SafetyNet, Applist Detector reports 'All Clear', Rootbeer shows 'Not Rooted' and my phone shows as 'Certified' in Play Store settings. GPay worked when I last checked.

 

[svendsvin]

Maybe refactoring magiskinit cause this, think you should stay at v24.3

Thanks. Don't really understand your answer so what causes this "refactoring" of magiskinit? Is it Magisk Bootloop Protector? What puzzles me is that Magisk 25.1 was working flawless for 3-4 days.

 

[svendsvin]

Just an FYI: I’m on crDroid v8.6 A12.1 rom. I have modules USNF 2.2.1, Shamiko v0.50, DenyList Unmount v0.2, LSPosed Zygisk v1.8.3 (6552). Magisk Delta app is hidden.

Momo v4.3.1 reports that the environment is abnormal (see screenshot - init.rc is modified is new for me; Magisk Detector has been saying 'unexpected' for long), but I pass SafetyNet, Applist Detector reports 'All Clear', Rootbeer shows 'Not Rooted' and my phone shows as 'Certified' in Play Store settings. GPay worked when I last checked.

OK. I don't rely that much on Momo but when my banking apps detect root I listen to her

 

[zubies]

The same method works fine for me with the latest version.

can u help me fix it

 

[dohanin]

can u help me fix it

Hi, I don't use iMobile Pay, but I just tried this app on my phone (A12, Magisk Stable 25.1, USNF, Shamiko) and it detects root if I don't disable the Magisk App (even if it's repackaged to another name). But disabling the Magisk App, the iMobile App works fine. It's pretty much the same as HSBC App that has been discussed before.

 

[silentuser143]

@martyfender @m0han Switched from Alpha to Delta. Works perfectly fine so far. The steps are as usual:
- Unhide if hidden (restore the hidden app)
- Install delta apk
- Grant delta apk root from original Magisk / Alpha
- Flash Magisk through Delta using Delta's direct install
- Reboot
- Uninstall original Magisk / Alpha

Hello Sir,

I tried this method and now my mobile boots into TWRP, not in system. PLEASE HELP

After uninstalling original magisk from magisk.apk, mobile rebooted automatically and goes in TWRP

Tagging @huskydg sir

 

[shadowstep]

can u help me fix it

What hide methods do you have selected in HMA? You didn't cover that in your screen recording. Also, there's no need to repackage the Magisk app. HMA is being utilized to prevent iMobile from finding the Magisk app.

 

[dr4go]

Hello Sir,

I tried this method and now my mobile boots into TWRP, not in system. PLEASE HELP

After uninstalling original magisk from magisk.apk, mobile rebooted automatically and goes in TWRP

Tagging @huskydg sir

As usual so much information. Ah, you're using this phone and using those options. And you're trying to install that version of Magisk...

Sorry for being sarcastic, but if I'm already considering not to root my phone anymore, I really can't understand people rooting and modifying their phones without having any idea what they're doing.

 

[zubies]

What hide methods do you have selected in HMA? You didn't cover that in your screen recording. Also, there's no need to repackage the Magisk app. HMA is being utilized to prevent iMobile from finding the Magisk app.

here it is. i did exactly

 

[huskydg]

Hello Sir,

I tried this method and now my mobile boots into TWRP, not in system. PLEASE HELP

After uninstalling original magisk from magisk.apk, mobile rebooted automatically and goes in TWRP

Tagging @huskydg sir

You only need to uninstall original Magisk App after switching to any custom Magisk (alpha, cygisk, delta,...) not Fully uninstall Magisk from the app (completely removing Magisk from boot image and system)

 

[huskydg]

here it is. i did exactly

As he said you didn't use Hide Magisk app option.
In additional, if you try everything (Hide Magisk App, Hide my applist, zygisk+shamiko, ...) but it doesn't work, you can try to switch to magisk delta, turn off zygisk and use only MagiskHide or downgrade to Magisk v23 official to use MagiskHide which is still guaranteed to work for almost banking apps. If you are using magisk delta, you don't need to use Hide Magisk App option because delta already came with custom package name.
zygisk itself is the problem at hiding and leaves obvious traces.

 

[jons99]

a new safetynet update has been released https://github.com/kdrag0n/safetynet-fix/releases
thanks to kdrag0n and osm0sis and benjibobs

 

[pndwal]

can u help me fix it

What hide methods do you have selected in HMA? You didn't cover that in your screen recording. Also, there's no need to repackage the Magisk app. HMA is being utilized to prevent iMobile from finding the Magisk app.

FWIW

This may not be applicable here at all, but it's worth noting that for some apps, incl. Sparkasse PushTAN, neither one method is enough; Magisk's Hide the Magisk app as well as HMA hiding (using the three 'safe' methods, or just Intent queries) must be employed to successfully thwart their (Promon) protection engine.

This not only looks for known app names and signatures, but uses simple pattern matching on installed apps. Magisk's Hide the app will patch the package name in AndroidManifest.xml, repack it and sign it with a random signature for obfuscation, but the classes.dex with code remains and can be / is used to identify even the stub app.

Further, at least for S PushTAN, since a recent release mileage seems to vary per device... The above method was working across the board for some time, but it seems that no Xiaomi device users now have success (with latest releases) while OnePlus and other device users can still use this method...

The above distills the basics from this (very long) issue:
https://github.com/topjohnwu/Magisk/issues/1084

PW

 

[pndwal]

Some very interesting news re. apps that use the QUERY_ALL_PACKAGES permission (S PushTAN & many others) FINALLY being pulled into line by Google (from former XDA Editor in chief):

Mishaal Rahman, Apr 6
...
Apps that declare the QUERY_ALL_PACKAGES permission but haven't filled out the relevant permission declaration may be removed from Google Play starting June 1, 2022.

www.twitter.com/MishaalRahman/status/1511452117214679053

Reasons / excuses for the delay:
https://www.xda-developers.com/google-play-store-query-all-packages-rule/

What it means in practice:
My guess is that it will depend a lot on Google... Here's hoping... PW

 

[zubies]

As he said you didn't use Hide Magisk app option.
In additional, if you try everything (Hide Magisk App, Hide my applist, zygisk+shamiko, ...) but it doesn't work, you can try to switch to magisk delta, turn off zygisk and use only MagiskHide or downgrade to Magisk v23 official to use MagiskHide which is still guaranteed to work for almost banking apps. If you are using magisk delta, you don't need to use Hide Magisk App option because delta already came with custom package name.
zygisk itself is the problem at hiding and leaves obvious traces.

no luck still