[Discussion] Magisk - The Age of Zygisk.
- Thread starter ipdev
- Start date
You can check with all list bankings i left in previous comment.
Video 1, zygisk+shamiko, imobile detect rooted
Video 2, magiskhide, imobile not detect rooted
HMA is also needed for iMobile. As I said on TG, MagiskHide is still relevant, and it's great to have Magisk Delta (thanks for that!) as an alternative that has MagiskHide, but iMobile works with Zygisk + Shamiko + HMA. Some apps don't, but this one does.
I updated to Magisk stable v. 25.1 about a week ago the recommended way. Everything went smooth. Then a couple of days ago my banking app detected root. Momo (4.3.1) tells me that the environment is broken, but I pass Safetynet (both), Applist Detector finds nothing, Rootbeer shows everything is ok and my phone shows as certified in Play Store settings.
I’m on MIUI 12.5.1 stock rom. Modules USNF 2.2.1 and Shamiko 0.4.4 (v. 0.50 crashes my banking app). I don’t use LSPosed. Magisk app is hidden.
The only change I made is updating HuskyDG’s module Magisk Bootloop Protector to v. 1.8. I removed the module, but still root is detected.
I have then returned to Magisk 24.3 with an OrangeFox Recovery backup. Everything is fine. My banking app does not detect root. Momo only finds Zygisk. I have tried several times to update to Magisk 25.1 again but every time my banking app detects root and Momo tells me the environment is broken.
Can someone tell what to do next, please? Why can’t I suddenly install Magisk 25.1 without my banking app detecting root?
I’m on MIUI 12.5.1 stock rom. Modules USNF 2.2.1 and Shamiko 0.4.4 (v. 0.50 crashes my banking app). I don’t use LSPosed. Magisk app is hidden.
The only change I made is updating HuskyDG’s module Magisk Bootloop Protector to v. 1.8. I removed the module, but still root is detected.
I have then returned to Magisk 24.3 with an OrangeFox Recovery backup. Everything is fine. My banking app does not detect root. Momo only finds Zygisk. I have tried several times to update to Magisk 25.1 again but every time my banking app detects root and Momo tells me the environment is broken.
Can someone tell what to do next, please? Why can’t I suddenly install Magisk 25.1 without my banking app detecting root?
Maybe refactoring magiskinit cause this, think you should stay at v24.3
Just an FYI: I’m on crDroid v8.6 A12.1 rom. I have modules USNF 2.2.1,
Momo v4.3.1 reports that the environment is abnormal (see screenshot - init.rc is modified is new for me; Magisk Detector has been saying 'unexpected' for long), but I pass SafetyNet, Applist Detector reports 'All Clear', Rootbeer shows 'Not Rooted' and my phone shows as 'Certified' in Play Store settings. GPay worked when I last checked.
Attachments
Thanks. Don't really understand your answer so what causes this "refactoring" of magiskinit? Is it Magisk Bootloop Protector? What puzzles me is that Magisk 25.1 was working flawless for 3-4 days.
Last edited:
OK. I don't rely that much on Momo but when my banking apps detect root I listen to her
Attachments
Hi, I don't use iMobile Pay, but I just tried this app on my phone (A12, Magisk Stable 25.1, USNF, Shamiko) and it detects root if I don't disable the Magisk App (even if it's repackaged to another name). But disabling the Magisk App, the iMobile App works fine. It's pretty much the same as HSBC App that has been discussed before.
Hello Sir,@martyfender @m0han Switched from Alpha to Delta.Works perfectly fine so far. The steps are as usual:
- Unhide if hidden (restore the hidden app)
- Install delta apk
- Grant delta apk root from original Magisk / Alpha
- Flash Magisk through Delta using Delta's direct install
- Reboot
- Uninstall original Magisk / Alpha
I tried this method and now my mobile boots into TWRP, not in system. PLEASE HELP
After uninstalling original magisk from magisk.apk, mobile rebooted automatically and goes in TWRP
Tagging @huskydg sir
What hide methods do you have selected in HMA? You didn't cover that in your screen recording. Also, there's no need to repackage the Magisk app. HMA is being utilized to prevent iMobile from finding the Magisk app.
As usual so much information. Ah, you're using this phone and using those options. And you're trying to install that version of Magisk...Hello Sir,
I tried this method and now my mobile boots into TWRP, not in system. PLEASE HELP
After uninstalling original magisk from magisk.apk, mobile rebooted automatically and goes in TWRP
Tagging @huskydg sir
Sorry for being sarcastic, but if I'm already considering not to root my phone anymore, I really can't understand people rooting and modifying their phones without having any idea what they're doing.
You only need to uninstall original Magisk App after switching to any custom Magisk (alpha, cygisk, delta,...) not Fully uninstall Magisk from the app (completely removing Magisk from boot image and system)Hello Sir,
I tried this method and now my mobile boots into TWRP, not in system. PLEASE HELP
After uninstalling original magisk from magisk.apk, mobile rebooted automatically and goes in TWRP
Tagging @huskydg sir
Last edited:
As he said you didn't use Hide Magisk app option.
In additional, if you try everything (Hide Magisk App, Hide my applist, zygisk+shamiko, ...) but it doesn't work, you can try to switch to magisk delta, turn off zygisk and use only MagiskHide or downgrade to Magisk v23 official to use MagiskHide which is still guaranteed to work for almost banking apps. If you are using magisk delta, you don't need to use Hide Magisk App option because delta already came with custom package name.
zygisk itself is the problem at hiding and leaves obvious traces.
Last edited:
a new safetynet update has been released https://github.com/kdrag0n/safetynet-fix/releases
thanks to kdrag0n and osm0sis and benjibobs
thanks to kdrag0n and osm0sis and benjibobs
FWIW
This may not be applicable here at all, but it's worth noting that for some apps, incl. Sparkasse PushTAN, neither one method is enough; Magisk's Hide the Magisk app as well as HMA hiding (using the three 'safe' methods, or just Intent queries) must be employed to successfully thwart their (Promon) protection engine.
This not only looks for known app names and signatures, but uses simple pattern matching on installed apps. Magisk's Hide the app will patch the package name in AndroidManifest.xml, repack it and sign it with a random signature for obfuscation, but the classes.dex with code remains and can be / is used to identify even the stub app.
Further, at least for S PushTAN, since a recent release mileage seems to vary per device... The above method was working across the board for some time, but it seems that no Xiaomi device users now have success (with latest releases) while OnePlus and other device users can still use this method...
The above distills the basics from this (very long) issue:
https://github.com/topjohnwu/Magisk/issues/1084
PWSome very interesting news re. apps that use the QUERY_ALL_PACKAGES permission (S PushTAN & many others) FINALLY being pulled into line by Google (from former XDA Editor in chief):
Reasons / excuses for the delay:
https://www.xda-developers.com/google-play-store-query-all-packages-rule/
What it means in practice:
My guess is that it will depend a lot on Google... Here's hoping...
PW
www.twitter.com/MishaalRahman/status/1511452117214679053
Reasons / excuses for the delay:
https://www.xda-developers.com/google-play-store-query-all-packages-rule/
What it means in practice:
My guess is that it will depend a lot on Google... Here's hoping...
PW
Last edited:
Similar threads
Top Liked Posts
-
There are no posts matching your filters.
-
6
You can try the following - to avoid possibly breaking OTA
If you eg use Systemless hosts, then go to its folder (by root explorer like MixPlorer):
/data/adb/modules/hosts
And create there a file:
system.prop
containing:
ro.lineage.build.version=
Reboot, and the given prop shall be systemlessly removed (unless the ROM enforces the prop only after booting is completed)
When you want to do OTA, rename that system.prop to eg system.bak and reboot - you will again have the original ROMs prop(s)
You can similarly (miss)use any other module's folder and if it already has the system.prop, just add your lines in and reboot6
I don't know for your particular app, but if you want help you need to share more info - like did you put that app to DenyList, what is your phone, ROM, Android version...Can someone try this app and see if it works?
My set up is currently this and it still doesn't work. Magisk alpha + zygisk enabled + Denylist +lsposed
Moreover, if you use LSPosed, you probably have also one or more LSPosed modules. Which ones?
Also, to hide LSPosed modules you usually need to use HMA to hide them. So, do you do that and how (screenshots)?
If not familiar with HMA, please scroll back/search theough the older posts
Banking apps don't rely only on Pčay Integrity / Safety Net, but they usuallly apply other detection methids. To help yourself you would need to test with detectors like TBChecker, Ruru, SBCheck, even Momo and try to do your best to pass them (Momo will probably alsways detect something, at least unlocked BL).
Wjen you succeded with that, then apply sane hiding trchniques to themparticulat banking app
Unless you stumble to somebody using that exact app (Pkaystore says that app is not available worldwide to download and test) and to give you a xook-book.
You may alao tey to search for that app on XDA (if it was allready discussed)
I know, not much help from this respinse but some general guidelines5
You're GREAT!!
Thanks a lot!
It's NOT necessary to change all lineage strings!
It just ONLY looks in build.prop for the existence of "ro.lineage.build.version". If the name of this prop is changed to "ro.whateveryouwant.build.version", then Payback works again.
Thanks a lot again.
samhhmobil4
I would bet a small fortune on that is what triggers it. Many other banking and multimedia / DRM protected app is triggered simply by having "linage" in the list of props (build.prop for example). Try this: mount /system read-write and remove a single char from all prop values that contains lineage in it (ex. lineage -> lineag) then reboot and likely it won't be triggered anymore. It will break the OTA process since the updater will not detect the build properly.. many banking apps are triggered like this (when using crDroid, LineageOS, etc..) and some of these apps are triggered by simpl using Xiaomi.EU for sure (but eliminating every xiaomieu and xiaomi.eu will cause an unbootable state - at least according to my experiments.. YMMV)..3
@zgfg
Nice try, but... it doesn't work.
It creates an empty prop "ro.lineage.build.version“, but the prop itself exists.
And payback does not check the value of that prop, but checks if it exists.
So, renaming it in build.prop seems to be the safe way.
samhhmobil -
145This is a discussion and help thread for the newer versions of Magisk.
The main goal of this thread is to help users migrate to Magisk v24+
- SafetyNet
Basic integrity Pass
CTS profile match Pass
- Play Protect certification
Device is certified
Feel free to discuss or give links to other Magisk related issues.
Fixes for gPay, banking apps and/or other apps and games that detect a 'compromised' Android system.
Please try to restrain from discussing alternative (unofficial) Magisk builds that include changes that were removed or can not be included in the official Magisk builds.
Please read John's State of Magisk (medium.com)
Starting with the Magisk 23 (23010) canary builds.
- MagiskHide is removed.
MagiskHide masked the sensitive properties of the device to hide it from SafetyNet.
Renaming (repackaging) the Magisk app is/was not part of MagiskHide.
You still have the option to Hide the Magisk app under setting.
- Magisk Module online Repo is removed.
The Magisk Module online Repo is still available and can be accessed outside of the Magisk app.
- Everything SafetyNet is removed.
This includes the SafetyNet check that was incorporated into the Magisk app.
- Zygisk is introduced.
Zygote + Magisk = Zygisk
- The Deny list replaces the Hide list.
The Hide list (more or less) hid Magisk from the process on the list.
The Deny list is similar but instead of hiding Magisk from the process, Magisk is unloaded so there is nothing to hide.
Starting with the Magisk 23 (23017) canary builds.
- Magisk supports update channels per module.
Each module can include it's own update link.
- Hide Magisk offline.
You do not need internet connection to rename (repackage) the Magisk app.
What does this mean?
Not much.
It is just the next step in Magisk's development.
Zygisk is a big step forward.
Even before these changes in Magisk, the xda family and the Android community have always been active and willing to share.
Jump to PostMagisk - Modules - Apps - Force Basic Attestation - Basic Attestation - Adjust Prop values - Notes - Points of Interest
This is post will be updated once Magisk v24 is released.74MagiskThe Magic Mask for Android.
Magisk Links:
GitHub
- Installation Instruction
- Frequently Asked Questions
- Magisk Documentation
- Magisk Troubleshoot Wiki (by Didgeridoohan)
Download Links:
Stable and Beta releases.
Canary
- GitHub
Thenotes.mdfile is the change log.
Theapp-debug.apkis Magisk canary.
Click onapp-debug.apkand choose View Raw or click on the Download option.
Credits:
topjohnwu
All who contribute and support this project.62Modules
MagiskHide Props Config
This module allows you to add, change and adjust prop values systemlessly using Magisk.
MagiskHide Props Config Links:
Download Links:
Credits:
Didgeridoohan
All who contribute and support this project.
Universal SafetyNet Fix
It has been a year now since kdrag0n figured out how to 'trick' SafetyNet.
This 'trick' has been implemented properly into quite a few custom roms.
For custom roms that do not include it and/or stock roms, he turned it into a module.
Universal SafetyNet Fix Links:
Download Links:
Credits:
kdrag0n
All who contribute and support this project.58Apps
Fox's Magisk Module Manager
This app allows you to manage and install Magisk modules.
Including from an online repo.
Fox's Magisk Module Manager Links:
Download Links:
Credits:
Fox2Code
All who contribute and support this project.
Play Intergrity API Checker
This app shows info about your device integrity as reported by Google Play Services.
If any of this fails could mean your device is rooted or tampered in a way (for example you have an unlocked bootloader).
Development:
Download Links:
Credits:
1nikolas
All who contribute and support this project.
YASNAC - Yet Another SafetyNet Attestation Checker
YASNAC (short for Yet Another SafetyNet Attestation Checker) is an Android app that demonstrates SafetyNet Attestation API.
YASNAC Links:
Download Links:
Credits:
RikkaW
All who contribute and support this project.49Force Basic Attestation
Newer devices are designed to support hardware attestation.
Currently there is no way to hide the sensitive device properties when checked using hardware attestation.
To get around this, kdrag0n figured out how trick SafetyNet that the device does not support hardware attestation.
SafetyNet will then fall back to check using basic attestation.
Note:
This method will work for devices that support hardware attestation and devices that do not.
- Enable Zygisk.
- Install the USNF module.
- Reboot
To keep posts short, the instructions are hid by spoiler tags.
If you have not installed Magisk.
Follow the installation link in the Magisk post.
Download the Universal SafetyNet Fix module.
Download link is in the Modules post.
- Enable Zygisk
- Open the Magisk app.
- Go to Settings.
- Scroll down to the Magisk section.
- Toggle Zygisk on.
- Go back to the Magisk Home screen.
- Go to Modules.
- Select Install from storage.
- Navigate to the Universal SafetyNet Fix module zip file and select it.
- Reboot.
The USNF module will adjust the sensitive props that are needed to pass SafetyNet.
Depending on the device and system (ROM) configuration, you might need to adjust a few more.
See the Adjust Prop values post. - SafetyNet
