[Discussion] Magisk - The Age of Zygisk.

Search This thread

pndwal

Senior Member
I did not find where it was mentioned but, basically release is the 'lite' version.
The debug version is the 'heavy' version including extra logging and more for debugging the Magisk build. 🙃

I might be wrong but..

Both canary (release) and debug are released at the same time and John does not specify a difference between the two.
They both point back to the latest commit at the time of their release.

Magisk [GitHub] - Release new canary build
magisk-files [GitHub] - Update Canary Channel: Upstream to 9183a0a6
magisk-files [GitHub] - Commit history.​

So I assume the current debug version is still just the debug version of the canary build. ;)

The current Magisk build script.
./build.py --help
Code:
usage: build.py [-h] [-r] [-v] [-c CONFIG] {all,binary,app,stub,emulator,avd_patch,clean,ndk} ...

Magisk build script


optional arguments:
  -h, --help            show this help message and exit
  -r, --release         compile in release mode
  -v, --verbose         verbose output
  -c CONFIG, --config CONFIG
                        custom config file (default: config.prop)

actions:
  {all,binary,app,stub,emulator,avd_patch,clean,ndk}
    all                 build everything
    binary              build binaries
    app                 build the Magisk app
    stub                build the stub app
    emulator            setup AVD for development
    avd_patch           patch AVD ramdisk.img
    clean               cleanup
    ndk                 setup Magisk NDK


Cheers. :cowboy:
Close, but not quite right; this is still correct:
Just a minor note: Magisk Canary is now app-release, not app-debug...

If you installed app-debug, you're either on an old Canary build, or you've installed new Debug instead of Canary...

The 'debug version of the canary build' (built with debug build flag) is not now considered 'Canary', but 'Debug', and not suitable for daily use...

The Canary designation has been re-purposed for builds built with release build flag and deemed suitable for daily use...

Previously, only workflow files built with debug build-flags were supplied to Canary ( https://github.com/topjohnwu/magisk-files/tree/canary ) repo (although likely files built with release flags were actually produced). Ie. we had:
IMG_20220705_105004.jpg

... We now have:
IMG_20220705_105233.jpg

supplied.

The change is that app-debug.apk has become the package for the new Debug channel (ie. it is no longer 'Canary' per se), and app-release.apk is now the new Canary... John clarified that 'Canary is now built as release'...

Confusion probably comes from the fact that the magisk-files canary-tree repo is still used for both, but this of course makes sense considering they are always synced builds produced in tandem so that Debug is simply the debug build of new Canary releases with a new name. (Actually the notes.md file is shared at present)...

This can also be seen by examining the JSON sets at https://github.com/topjohnwu/magisk-files
where canary.json calls app-release.apk and debug.json calls app-debug.apk, but these are the same synced builds hosted at a common URL per commit...

As mentioned, Canary can be used for daily use going forward, but 'Debug builds should only be used if you are actively developing Magisk, or if you want to submit bug reports'. Especially once proposed changes (adding symbols and maybe some sanitizers, and enabling core dumps on debug executables for better debugging and auditing) are made, Debug should not be used daily. 'These changes can be an issue on older devices, and could significantly affect performance'
www.twitter.com/topjohnwu/status/1525753967954628608

😛 PW
 
Last edited:

angelomb

Member
Jun 4, 2013
10
1

Attachments

  • Screenshot_2022-07-04-23-00-34-500_io.github.huskydg.magisk.jpg
    Screenshot_2022-07-04-23-00-34-500_io.github.huskydg.magisk.jpg
    362.5 KB · Views: 81
  • Screenshot_2022-07-04-23-00-27-314_io.github.huskydg.magisk.jpg
    Screenshot_2022-07-04-23-00-27-314_io.github.huskydg.magisk.jpg
    317.3 KB · Views: 81
  • Screenshot_2022-07-04-23-00-20-791_io.github.huskydg.magisk.jpg
    Screenshot_2022-07-04-23-00-20-791_io.github.huskydg.magisk.jpg
    379.2 KB · Views: 80

itt533

Member
Nov 12, 2020
43
4
chennai
so far i enabled app hiding feature in magisk, installed denylistunmount (and disabled "enforce denylist") and safetynetfix modules and put banking apps in denylist. Two banking apps seem to work, at least they don't complain. Not yet tried logging and everything... but gpay is showing a blank screen and seems to hang only. G-play says "device is not certified".
 

Ace_Cole

Member
Jul 5, 2022
25
1
I found out on latest update of "App cloner", I couldn't avoid it detecting root.. I updated from magisk TJW 23.0 official to fork magisk delta 25.1 if incase it will work but no way.. root still detected. Check attached snapshots.
Zygisk disabled
Magisk hide enabled
App added on denylist
 

Attachments

  • IMG_20220705_124421.jpg
    IMG_20220705_124421.jpg
    206.6 KB · Views: 69
  • IMG_20220705_124328.jpg
    IMG_20220705_124328.jpg
    412.1 KB · Views: 69
  • IMG_20220705_124255.jpg
    IMG_20220705_124255.jpg
    129.4 KB · Views: 70

huskydg

Senior Member
Feb 17, 2021
207
209
I found out on latest update of "App cloner", I couldn't avoid it detecting root.. I updated from magisk TJW 23.0 official to fork magisk delta 25.1 if incase it will work but no way.. root still detected. Check attached snapshots.
Zygisk disabled
Magisk hide enabled
App added on denylist
This is warning from your system security app, not from the app itself
 
  • Like
Reactions: J.Michael

Ace_Cole

Member
Jul 5, 2022
25
1
And if you press OK and relaunch the app?
It would launch normally and ignore root, but if I unroot my device, it open normally without that screen.. I'm only concern that it still could detect root after hiding it, and installing those other hidden modules.

Also Magisk detector still see su file exist in path and init.rc modified

Any way to know specific means those app uses in getting root? And how to block it?
 

zgfg

Senior Member
Oct 10, 2016
7,636
5,043
How to solve this? I use Xiaomi Redmi 9 android 10. Thanks 😊
Are you asking about com.miui.securitycenter

Did you add it to DenyList?
See the screenshots

You might need to enable Show System and Show OS apps to be able to see in the Magisk app, Configure DenyList

Alternatively (if it won't show in Configure DenyList), DenyList can be managed through the Terminal:
Code:
su
magisk --denylist ls
magisk --denylist add com.miui.securitycenter
magisk --denylist ls
 

Attachments

  • IMG_20220705_173339.jpg
    IMG_20220705_173339.jpg
    110 KB · Views: 30
  • IMG_20220705_173437.jpg
    IMG_20220705_173437.jpg
    467.3 KB · Views: 30
  • Like
Reactions: J.Michael

Ace_Cole

Member
Jul 5, 2022
25
1
Are you asking about com.miui.securitycenter

Did you add it to DenyList?
See the screenshots

You might need to enable Show System and Show OS apps to be able to see in the Magisk app, Configure DenyList

Alternatively (if it won't show in Configure DenyList), DenyList can be managed through the Terminal:
Code:
su
magisk --denylist ls
magisk --denylist add com.miui.securitycenter
magisk --denylist ls
Okay thanks. I'll try that and give feedback.
 

zgfg

Senior Member
Oct 10, 2016
7,636
5,043
Okay thanks. I'll try that and give feedback.
But I see now that you started by asking about App Cloner

I don't see App Cloner in the MIUI Security. If that App Cloner is a third party app, then adding Security to DenyList would have no effect/not help

Then I don't know why somebody recommended you to add MIUI Security to DenyList - my previous post was exclusively about adding Security to DenyList (since I remember that with some MIUI version and/or some Magisk version, Security was not showing in DenyList or in MagiskHide and I needed to be added through CLI in Terminal)
 
  • Like
Reactions: J.Michael

Ace_Cole

Member
Jul 5, 2022
25
1
But I see now that you started by asking about App Cloner

I don't see App Cloner in the MIUI Security. If that App Cloner is a third party app, then adding Security to DenyList would have no effect/not help

Then I don't know why somebody recommended you to add MIUI Security to DenyList - my previous post was exclusively about adding Security to DenyList (since I remember that with some MIUI version and/or some Magisk version, Security was not showing in DenyList or in MagiskHide and I needed to be added through CLI in Terminal)
Yes..

I was about to post an update because adding MIUI Security Center doesn't help either.

"App cloner" is a third party app. But I can't get it to stop detecting root since the last update. I configured everything but still can't get it to stop bringing the root detected warning before starting.. that's my issue which I hope to get solution from great developers . Thanks
 

Attachments

  • IMG_20220705_170107.jpg
    IMG_20220705_170107.jpg
    161.9 KB · Views: 23

aiamuzz

Senior Member
Dec 24, 2011
495
46
Hi,

Don't know if this is the right place ... anyways ...


Firstly I don't have a clue why my github issue got closed by a bot.

Secondly I need help to get the Banking app working ...

Any help appreciated.

thanks.
 

emyaqin

Member
Dec 14, 2016
20
5
Tangerang
Hi,

Don't know if this is the right place ... anyways ...


Firstly I don't have a clue why my github issue got closed by a bot.

Secondly I need help to get the Banking app working ...

Any help appreciated.

thanks.
Use Shamiko or DenyList Unmount, disable Enforce DenyList
 

martyfender

Senior Member
Mar 9, 2017
3,269
1,750
Indianapolis, IN
Hi,

Don't know if this is the right place ... anyways ...


Firstly I don't have a clue why my github issue got closed by a bot.

Secondly I need help to get the Banking app working ...

Any help appreciated.

thanks.
Please report issues using the latest debug Magisk build (version code: 25101)
Are you on the latest debug build of magisk? You must be to report issues.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 6
    Latest Official TJW Canary (release) & Debug (debug) Magisk builds:

    Magisk (f42c089b) (25102)​

    • [MagiskInit] Fix a potential issue when stub cpio is used
    • [MagiskInit] Fix reboot to recovery when stub cpio is used
    • [General] Better data encryption detection
    • [General] Move the whole logging infrastructure into Rust

    Diffs to v25.1​

    • [MagiskInit] Fix a potential issue when stub cpio is used
    • [MagiskInit] Fix reboot to recovery when stub cpio is used
    • [General] Better data encryption detection
    • [General] Move the whole logging infrastructure into Rust
    https://github.com/topjohnwu/magisk-files/blob/8fce25209918072f18b5bb056c43f596f771324d/notes.md

    👍 PW
    5
    How should I hide apps?
    ... its just an addon script that (attempts, as best possible) to hide whatevers in the Deny List
    Just to avoid confusion/ be clear, Shamiko does not hide apps (in denylist or otherwise)...

    It's akin to old MagiskHide, and hides traces of root from apps in the list...
    ### Introduction
    Shamiko is a Zygisk module to hide Magisk root, Zygisk itself and Zygisk modules like riru hide.

    Shamiko read the denylist from Magisk for simplicity but it requires denylist enforcement to be disabled first.
    @appleman_wp
    If you wish to hide apps detected by banks etc, try the Hide My Applist LSPosed module...
    I don't think Shamiko has a "Settings". I think you use the Magisk Manager app's deny list. If you do not "Enforce Deny List" in Magisk, then Shamiko will use Magisk's Deny List to tell it what to hide [traces of root] from.
    (Edits mine.)

    Generally Shamiko is used without settings / extra configuration.
    ### Usage
    1. Install Shamiko and enable Zygisk and reboot
    1. Configure denylist to add processes for hiding
    1. *DO NOT* turn on denylist enforcement

    However it can actually be reconfigured (by those game / mavericks 😛) for whitelist mode usage. Note caveats:
    #### Whitelist
    - You can create an empty file `/data/adb/shamiko/whitelist` to turn on whitelist mode and it can be triggered without reboot
    - Whitelist has significant performance and memory consumption issue, please use it only for testing
    - Only apps that was previously granted root from Magisk can access root
    - If you need to grant a new app root access, disable whitelist first

    ... ts theoretically possible to... bootloop your device... At which point myself and the other senior members will pass around the chalice of your tears and drink heartily from it...
    Sadist! 😜 PW
    5
    :p
    uhh..its been over an year since but I still haven't used the device yet, my backs turned hump now, hurts too coz been just bending over on the PC screen and flashing this and that and GSIs and ROMs then reflashing stock factory image then TWRP for the hundreth time now maybe lol but I've still not managed to get the bank app to run :cautious:. Will it even work with an unlocked bootloader on samsung? maybe one last good try then I'll give up and move to Net-Banking instead perhaps. Magisk is a great program though. Any pointers would be welcome. TIA

    No idea which device you have but as for Samsung, i run an S20+ 5G (bootloader unlocked etc) and have 0 issues with any banking app ive ever used. Just to give you hope. And giving hope goes against my central edicts....as does spoonfeeding :)

    As for tips :

    When in doubt, start with stock ROM....

    The next could have been harvested from the last 5-10 pages...you should practice reading the last few pages of a thread, its a good habit as XDA isnt your own personal helpdesk where you only post when you have a crisis - without reading the room, because often its not just you having the issue, and we collaborate to fix issues....

    You'll almost certainly need (along with reading the first page of this thread) this:


    Thats currently the best option to deal with the recent (as in last few weeks) change from SafetyNet to Integrity Check, and you should bookmark that thread for any future changes.

    And you'll want to check you can pass this (top 2 out of 3 green is good enough)


    And thus you have reached the extent of my pity....i now return you to the normal programming from me, which is pure unadulterated indifference to the plight of man as a whole. Enjoy.
    4
    Isn't there a way to hide root from Company Intune Portal app? I tried downgrading but it doesn't work... :(
    See this thread
    People are struggling to make it work (including me). Some have manually re-installed the previous version.
    4
    I have a problem with shamiko. I tried many times to install it via magisk. Itinstalls itsuccessfully however the app is not showing in the app drawer. Could someone help why shamiko is not on my device?

    It doesnt get added to the app drawer, its a module...many/most modules do not include an app in them

    Look in your list of modules section (last menu item in bottom right) in Magisk Manager, you'll find it there
  • 120
    This is a discussion and help thread for the newer versions of Magisk.

    The main goal of this thread is to help users migrate to Magisk v24+
    • SafetyNet
      Basic integrity Pass
      CTS profile match Pass
    • Play Protect certification
      Device is certified

    Feel free to discuss or give links to other Magisk related issues.
    Fixes for gPay, banking apps and/or other apps and games that detect a 'compromised' Android system.
    Please try to restrain from discussing alternative (unofficial) Magisk builds that include changes that were removed or can not be included in the official Magisk builds. 🙃

    Please read John's State of Magisk (medium.com)

    Starting with the Magisk 23 (23010) canary builds.
    • MagiskHide is removed.
      MagiskHide masked the sensitive properties of the device to hide it from SafetyNet.
      Renaming (repackaging) the Magisk app is/was not part of MagiskHide.
      You still have the option to Hide the Magisk app under setting.​
    • Magisk Module online Repo is removed.
      The Magisk Module online Repo is still available and can be accessed outside of the Magisk app.​
    • Everything SafetyNet is removed.
      This includes the SafetyNet check that was incorporated into the Magisk app.​
    • Zygisk is introduced.
      Zygote + Magisk = Zygisk​
    • The Deny list replaces the Hide list.
      The Hide list (more or less) hid Magisk from the process on the list.
      The Deny list is similar but instead of hiding Magisk from the process, Magisk is unloaded so there is nothing to hide.​

    Starting with the Magisk 23 (23017) canary builds.
    • Magisk supports update channels per module.
      Each module can include it's own update link.​
    • Hide Magisk offline.
      You do not need internet connection to rename (repackage) the Magisk app.​

    What does this mean?
    Not much.
    It is just the next step in Magisk's development.
    Zygisk is a big step forward. ;)

    Even before these changes in Magisk, the xda family and the Android community have always been active and willing to share. :D

    Jump to Post


    This is post will be updated once Magisk v24 is released.
    63
    Magisk
    The Magic Mask for Android.

    Magisk Links:
    GitHub
    Release Notes

    Download Links:
    Stable and Beta releases.
    Canary
    • GitHub
      The notes.md file is the change log.
      The app-debug.apk is Magisk canary.
      Click on app-debug.apk and choose View Raw or click on the Download option.​

    Credits:
    topjohnwu
    All who contribute and support this project.
    57
    Modules

    MagiskHide Props Config
    This module allows you to add, change and adjust prop values systemlessly using Magisk.​

    MagiskHide Props Config Links:

    Download Links:

    Credits:
    Didgeridoohan
    All who contribute and support this project.


    Universal SafetyNet Fix
    It has been a year now since kdrag0n figured out how to 'trick' SafetyNet.
    This 'trick' has been implemented properly into quite a few custom roms.
    For custom roms that do not include it and/or stock roms, he turned it into a module.​

    Universal SafetyNet Fix Links:

    Download Links:

    Credits:
    kdrag0n
    All who contribute and support this project.
    53
    Apps

    Fox's Magisk Module Manager
    This app allows you to manage and install Magisk modules.
    Including from an online repo.​

    Fox's Magisk Module Manager Links:

    Download Links:

    Credits:
    Fox2Code
    All who contribute and support this project.

    Play Intergrity API Checker
    This app shows info about your device integrity as reported by Google Play Services.
    If any of this fails could mean your device is rooted or tampered in a way (for example you have an unlocked bootloader).​

    Development:

    Download Links:

    Credits:
    1nikolas
    All who contribute and support this project.

    YASNAC - Yet Another SafetyNet Attestation Checker
    YASNAC (short for Yet Another SafetyNet Attestation Checker) is an Android app that demonstrates SafetyNet Attestation API.​

    YASNAC Links:

    Download Links:

    Credits:
    RikkaW
    All who contribute and support this project.
    44
    Force Basic Attestation

    Newer devices are designed to support hardware attestation.
    Currently there is no way to hide the sensitive device properties when checked using hardware attestation.​

    To get around this, kdrag0n figured out how trick SafetyNet that the device does not support hardware attestation.
    SafetyNet will then fall back to check using basic attestation.

    Note:
    This method will work for devices that support hardware attestation and devices that do not.
    • Enable Zygisk.
    • Install the USNF module.
    • Reboot

    To keep posts short, the instructions are hid by spoiler tags.
    If you have not installed Magisk.
    Follow the installation link in the Magisk post.​

    Download the Universal SafetyNet Fix module.
    Download link is in the Modules post.​

    1. Enable Zygisk
      • Open the Magisk app.
      • Go to Settings.
      • Scroll down to the Magisk section.
      • Toggle Zygisk on.
      • Go back to the Magisk Home screen.
    2. Go to Modules.
      • Select Install from storage.
      • Navigate to the Universal SafetyNet Fix module zip file and select it.
    3. Reboot.

    The USNF module will adjust the sensitive props that are needed to pass SafetyNet.
    Depending on the device and system (ROM) configuration, you might need to adjust a few more.
    See the Adjust Prop values post.​