[Discussion] Magisk - The Age of Zygisk.

Search This thread
By:
Advanced…
williamcll

williamcll

Senior Member
Jan 8, 2010
107
15
Hong Kong
OnePlus 6
Nintendo Switch
Anyone know what I need to get around Hang Seng bank's detection? Safteycheck is all good, but putting the app in denylist as well as closing almost all services in servicely doesn't work. Installing shamiko and turning off denylist doens't work either.

Edit: Island work
 
Last edited:
dohanin

dohanin

Senior Member
Mar 26, 2011
249
138
Sony Xperia X Compact
Xiaomi Mi Pad 4
williamcll said:
that's a bit too far fetched, I also asked on the XDA discord and they told me to use Island, which worked.
Click to expand...
Click to collapse
Well, using a work profile is more than just freezing the Magisk app, isn't it? Anyway, some people who need to reserve work profile for company use (like my case), cannot use island. And to clarify, I was suggesting to disable (i.e. freeze) the Magisk app, not Magisk itself.
 
  • Like
Reactions: J.Michael and pndwal
huskydg

huskydg

Senior Member
Feb 17, 2021
430
553
dohanin said:
Well, using a work profile is more than just freezing the Magisk app, isn't it? Anyway, some people who need to reserve work profile for company use (like my case), cannot use island. And to clarify, I was suggesting to disable (i.e. freeze) the Magisk app, not Magisk itself.
Click to expand...
Click to collapse
If you compile a custom magisk with different custom package name by yourself, you will not have to freeze magisk app
 
  • Like
Reactions: dohanin
huskydg

huskydg

Senior Member
Feb 17, 2021
430
553
Zygisk is just for hiding root???? Since i just see you guys discuss about hiding root in zygisk thread
 
  • Like
Reactions: pndwal
dohanin

dohanin

Senior Member
Mar 26, 2011
249
138
Sony Xperia X Compact
Xiaomi Mi Pad 4
pndwal said:
Not clear if you used/tried Hide the Magisk app in App settings...

Also, using HMA LSPosed module to further hide already hidden Magisk App also works for many bank apps... PW
Click to expand...
Click to collapse
I guess he did. I did as well, but hiding Magisk app with a random package name appears not enough for some banking apps. For some reasons, they can still identify Magisk app unless it's disabled (or hidden by other methods like HMA) - well, I never understand this part. Are all apps allowed to look through other apps in the device, but not for apps that are disabled?
 
P

pndwal

Senior Member
Jun 23, 2016
7,783
9,595
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
dohanin said:
I guess he did.
Click to expand...
Click to collapse
Hope so too... Not clear though...
dohanin said:
I did as well, but hiding Magisk app with a random package name appears not enough for some banking apps. For some reasons, they can still identify Magisk app unless it's disabled (or hidden by other methods like HMA) - well, I never understand this part.
Click to expand...
Click to collapse
See this:
https://xdaforums.com/t/discussion-magisk-the-age-of-zygisk.4393877/post-87078475
dohanin said:
Are all apps allowed to look through other apps in the device, but not for apps that are disabled?
Click to expand...
Click to collapse
and this:
https://xdaforums.com/t/discussion-magisk-the-age-of-zygisk.4393877/post-87078529

👀 PW
 
dohanin

dohanin

Senior Member
Mar 26, 2011
249
138
Sony Xperia X Compact
Xiaomi Mi Pad 4
pndwal said:
Hope so too... Not clear though...

See this:
https://xdaforums.com/t/discussion-magisk-the-age-of-zygisk.4393877/post-87078475

and this:
https://xdaforums.com/t/discussion-magisk-the-age-of-zygisk.4393877/post-87078529

👀 PW
Click to expand...
Click to collapse
Thank you. But I found no explanation of why disabled app can avoid detection. There are some apps that can show a lot of information of installed apps (enabled or not), e.g. https://play.google.com/store/apps/details?id=com.majeur.applicationsinfo ,without requesting any permissions.

But why some banking apps only check enabled apps? Sorry if I missed some key points in your links.
 
P

pndwal

Senior Member
Jun 23, 2016
7,783
9,595
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
dohanin said:
Thank you. But I found no explanation of why disabled app can avoid detection.
Click to expand...
Click to collapse
Still, you said
but hiding Magisk app with a random package name appears not enough for some banking apps. For some reasons, they can still identify Magisk app unless it's disabled (or hidden by other methods like HMA) - well, I never understand this part.
Click to expand...
Click to collapse
... the need for further hiding is explained; I went to some trouble to distil the info from that GitHub issue re. pattern matching etc...
dohanin said:
There are some apps that can show a lot of information of installed apps (enabled or not), e.g. https://play.google.com/store/apps/details?id=com.majeur.applicationsinfo
Click to expand...
Click to collapse
Good share, thanks...
dohanin said:
,without requesting any permissions.
Click to expand...
Click to collapse
This was possible in A10 but was supposed to be fixed in A11 in May 2021.

App Devs discovered an easy bypass however, using the QUERY_ALL_PACKAGES permission, and have since exploited this loophole (and others).

Google has been slow to patch /enforce their rules... Enforcement for compliance was pushed back to Nov ('for Covid-related reasons'), and it seems still not enforced till recently, but a new ultimatum gave June 1 2022 as the date apps would begin to be pulled for non-essential use of this permission or failure to issue a proper statement re. why use is 'essential'...

This is all in the link(s)...
dohanin said:
But why some banking apps only check enabled apps?
Click to expand...
Click to collapse
I think they do whatever they can... Fraud / scams / hacking / device security are becoming critical issues... With IOS ahead of the game and Google's SafetyNet API an abysmal failure*, banks are becoming as inventive as possible and Google compliance rules are also viewed as fair game / expendable...

* Read 'Totally unreliable', at least while fallback from Hardware to Basic evaluation for attestation to TEE is possible; this effectively bypasses / makes a joke of (A)ndroid (V)erified (B)oot and it's 'Chain of Trust' ...
dohanin said:
Sorry if I missed some key points in your links.
Click to expand...
Click to collapse
You did, but hopefully the summary will clarify a few things for all... PW
 
Last edited:
  • Like
Reactions: dohanin
williamcll

williamcll

Senior Member
Jan 8, 2010
107
15
Hong Kong
OnePlus 6
Nintendo Switch
dohanin said:
Well, using a work profile is more than just freezing the Magisk app, isn't it? Anyway, some people who need to reserve work profile for company use (like my case), cannot use island. And to clarify, I was suggesting to disable (i.e. freeze) the Magisk app, not Magisk itself.
Click to expand...
Click to collapse
Turning off magisk might break my other apps.
pndwal said:
Not clear if you used/tried Hide the Magisk app in App settings...

Also, using HMA LSPosed module to further hide already hidden Magisk App also works for many bank apps... PW
Click to expand...
Click to collapse
Zygisk was on as well as LSPosed and Shamiko was turned on the whole time and it didn't work.
 
zgfg

zgfg

Senior Member
Oct 10, 2016
10,740
9,333
Redmi K20 / Xiaomi Mi 9T
Xiaomi Mi 11
williamcll said:
Turning off magisk might break my other apps.

Zygisk was on as well as LSPosed and Shamiko was turned on the whole time and it didn't work.
Click to expand...
Click to collapse
Please distinguish Magisk from Magisk app = former Magisk Manager

You even uninstall Magisk APPLICATION but Magisk, all its modules, root Grants, DenyList continue working as you previously configured.
Any time you install Magisk APK back. you continue using it

App is only user interface to make you managing the Magiske more easier - otherwise, you would need to use Magisk CLI )command line interface)
 
  • Like
Reactions: beningodfrey4, J.Michael and dohanin
dohanin

dohanin

Senior Member
Mar 26, 2011
249
138
Sony Xperia X Compact
Xiaomi Mi Pad 4
williamcll said:
Turning off magisk might break my other apps.
Click to expand...
Click to collapse
As said, I meant disabling (freezing) the magisk app, not Magisk itself. The app is only needed when you grant superuser access, adding apps to denylist, managing modules and other settings.

There are a number of apps which could automate the freezing. E.g. Airfrozen, Ice Box.
 
  • Like
Reactions: J.Michael
P

pndwal

Senior Member
Jun 23, 2016
7,783
9,595
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
williamcll said:
Turning off magisk might break my other apps.
Click to expand...
Click to collapse
It won't... Even uninstalling Magisk App does not disable (or 'turn off') Magisk...

Some actually resort to uninstalling it during bank app use / when not needed... Works well enough for them...
williamcll said:
Zygisk was on as well as LSPosed and Shamiko was turned on the whole time and it didn't work.
Click to expand...
Click to collapse
Still not clear if you used/tried Hide the Magisk app in App settings, or used HMA LSPosed module to further hide the already hidden Magisk App... PW
 
  • Like
Reactions: J.Michael
m0han

m0han

Senior Member
Apr 30, 2012
6,020
3,068
Asus ZenFone Max Pro M1
Xiaomi Poco X3 NFC

Attachments

  • Screenshot_20220702_232538.jpg
    Screenshot_20220702_232538.jpg
    178 KB · Views: 49
  • Like
Reactions: belair56, wugga3, samhhmobil and 2 others
doniedogawa

doniedogawa

Member
Oct 29, 2021
48
4
Indonesia
I just installed Magisk v25.1 on my LG V20 H990DS with stock oreo and success without having kernel issues, but the app itself can't be opened (stuck on logo).
 
A

angelomb

Member
Jun 4, 2013
11
1
williamcll said:
Anyone know what I need to get around Hang Seng bank's detection? Safteycheck is all good, but putting the app in denylist as well as closing almost all services in servicely doesn't work. Installing shamiko and turning off denylist doens't work either.

Edit: Island work
Click to expand...
Click to collapse
what is island ? how does it work? I have the same problem with an app , if yu have a link with a tutorial I would appreciate
 
dohanin

dohanin

Senior Member
Mar 26, 2011
249
138
Sony Xperia X Compact
Xiaomi Mi Pad 4
angelomb said:
what is island ? how does it work? I have the same problem with an app , if yu have a link with a tutorial I would appreciate
Click to expand...
Click to collapse
Just search Island (from Oasis Feng) in Google Play. It sets up work profile, in which you can install your apps, and avoid root app detection.

But I still think it's too much work just to hide the Magisk app. I suggested simply freezing your Magisk app. It works for HSBC and some other bank apps too. Of course, you still need to add those bank apps to the denylist.
 
  • Like
Reactions: angelomb
A

angelomb

Member
Jun 4, 2013
11
1
dohanin said:
Just search Island (from Oasis Feng) in Google Play. It sets up work profile, in which you can install your apps, and avoid root app detection.

But I still think it's too much work just to hide the Magisk app. I suggested simply freezing your Magisk app. It works for HSBC and some other bank apps too. Of course, you still need to add those bank apps to the denylist.
Click to expand...
Click to collapse
freeze it and it doesn't work either. It works in all banks except one. My mobile has Android 12 (Miui 13), when I had Andorid 11 (Miui 12) I had the same problem but solved it using the magisk 23. Magisk 23 does not work on Android 12 , I read that some block URLs with Adaway but there is not much information about it
 
You must log in or register to reply here.

Similar threads

T
  • Sticky
Magisk General Support / Discussion
Replies
58K
Views
6M
W
wei34
T
  • Locked
  • Sticky
Magisk - The Magic Mask for Android
Replies
56
Views
6M
T
topjohnwu
T
  • Locked
[CLOSED][BETA][2018.7.19] Magisk v16.7 (1671)
Replies
7K
Views
3M
T
topjohnwu
yochananmarqos
Collection of Magisk Modules v2
Replies
1K
Views
1M
あなたの
あなたの
Heisenberg
[Discussion] PokeMon Go Magisk Discussion Thread
Replies
5K
Views
649K
beneditodragon
beneditodragon

Top Liked Posts

24 Hours 30 Days All time
  • 1
    E
    elicoth
    Warzenfinger said:
    Hello,

    I hope this is the right place for my question

    I updated LineageOS from lineage-21.0-20240320-nightly to lineage-21.0-20240417-nightly-gts4lvwifi on my Galaxy Tab S5e and now Zygisk won't start.

    View attachment 6093418

    View attachment 6093425

    What can I do?

    Best regards
    Click to expand...
    Click to collapse

    Try removing or disabling LSposed if you have it enabled.
    View
    1
    W
    Warzenfinger
    Thank you. With LSposed disabled Zygisk runs, but it's LSposed why I need Zygisk :-(
    View
    1
    P
    pndwal
    Warzenfinger said:
    Thank you. With LSposed disabled Zygisk runs, but it's LSposed why I need Zygisk :-(
    Click to expand...
    Click to collapse
    Does LSPosed+ Zygisk work if all LSPosed modules are disabled? PW
    View
  • 2
    xcl1pse
    xcl1pse
    jimger said:
    Could someone check with

    Santander Pilot - Apps on Google Play

    Santander mobile banking pilot
    play.google.com play.google.com

    Crashes for me. Other bank apps work OK.
    Magisk alpha latest, lsposed latest, zygisk of magisk alpha, hma latest and shamiko
    Click to expand...
    Click to collapse
    Bruh
    View
    2
    samhhmobil
    samhhmobil
    buebue#8888 said:
    It seems like the Zygote Injection is detectable now. For me the "Payback" app wont work anymore.

    S20U, Android 13 latest security patch, Magisk Delta (Kitsune 26400), Magisk Hide, Zygisk, lsposed, HMA.
    Click to expand...
    Click to collapse
    Welcome on board!

    At first: If you use lsposed, zygisk may be detectable again.

    Without(!) lsposed the following are my results:

    Payback is not detecting zygisk!

    (1) Payback IS(!) working with unlocked bootloader, StockRom(!), no root, but due to the unlocked bootloader no Device-Integrity.

    (2) Payback IS(!) working with unlocked bootloader, StockRom(!), Magisk 27(hidden), active zygisk, Shamiko 1.0.1 (Google GMS, Payback — and other apps — on denylist, denylist not enforced), PlayIntegrityFix 15.9.7 by Chiteroman.

    In THESE two configurations Payback works!

    But...
    (3) Same device: unlocked bootloader, CustomRom (LineageOS 17/18/19 or 20), NOT rooted, nothing else installed, and: Payback does NOT work.

    (4) Changed to the second (rooted) scenario, but only changed from StockRom to CustomRom, and: Payback does NOT work.

    So... Payback does not check the status of the bootloader.

    Payback even does NOT check Device-Integrity (It works with StockRom and unlocked bootloader without root and without Device-Integrity).

    With the usual way (hidden-magisk, active zygisk, denylist, shamiko, playintegrityfix, but NO lsposed) Payback CANNOT detect root or zygisk (tested with use of a StockRom).

    But: Payback detects the existence of a CustomRom, even without root, and refuses to work.

    So, if you (or somebody else) have a solution to hide the use of a CustomRom, feel free to post the solution here. (Even Momo detects the CustomRom... and... BTW, Momo detects zygisk again, when I use lsposed.)

    samhhmobil
    View
    2
    xcl1pse
    xcl1pse
    KennethYoon91 said:
    Anyone updated/installed RHB Mobile Banking Ver, 2.15.1? does it work with HMA and denylist enabled?
    Click to expand...
    Click to collapse
    View
    2
    xcl1pse
    xcl1pse
    buebue#8888 said:
    It seems like the Zygote Injection is detectable now. For me the "Payback" app wont work anymore.

    PAYBACK - Karte und Coupons - Apps on Google Play

    Even more points, exclusive coupons and...
    play.google.com play.google.com

    S20U, Android 13 latest security patch, Magisk Delta (Kitsune 26400), Magisk Hide, Zygisk, lsposed, HMA.

    Source:
    https://www.reddit.com/r/Magisk/comments/198c0hz
    Click to expand...
    Click to collapse
    Well goodluck fixing your environment then..
    View
    2
    xcl1pse
    xcl1pse
    prokiller1199 said:
    Can anyone try Singpass app again?
    Not working for me on Magisk alpha latest, app in denylist, shamiko, passed device integrity, latest lsposed.
    Click to expand...
    Click to collapse
    View
  • 145
    ipdev
    ipdev
    This is a discussion and help thread for the newer versions of Magisk.

    The main goal of this thread is to help users migrate to Magisk v24+
    • SafetyNet
      Basic integrity Pass
      CTS profile match Pass
    • Play Protect certification
      Device is certified

    Feel free to discuss or give links to other Magisk related issues.
    Fixes for gPay, banking apps and/or other apps and games that detect a 'compromised' Android system.
    Please try to restrain from discussing alternative (unofficial) Magisk builds that include changes that were removed or can not be included in the official Magisk builds. 🙃

    Please read John's State of Magisk (medium.com)

    Starting with the Magisk 23 (23010) canary builds.
    • MagiskHide is removed.
      MagiskHide masked the sensitive properties of the device to hide it from SafetyNet.
      Renaming (repackaging) the Magisk app is/was not part of MagiskHide.
      You still have the option to Hide the Magisk app under setting.​
    • Magisk Module online Repo is removed.
      The Magisk Module online Repo is still available and can be accessed outside of the Magisk app.​
    • Everything SafetyNet is removed.
      This includes the SafetyNet check that was incorporated into the Magisk app.​
    • Zygisk is introduced.
      Zygote + Magisk = Zygisk​
    • The Deny list replaces the Hide list.
      The Hide list (more or less) hid Magisk from the process on the list.
      The Deny list is similar but instead of hiding Magisk from the process, Magisk is unloaded so there is nothing to hide.​

    Starting with the Magisk 23 (23017) canary builds.
    • Magisk supports update channels per module.
      Each module can include it's own update link.​
    • Hide Magisk offline.
      You do not need internet connection to rename (repackage) the Magisk app.​

    What does this mean?
    Not much.
    It is just the next step in Magisk's development.
    Zygisk is a big step forward. ;)

    Even before these changes in Magisk, the xda family and the Android community have always been active and willing to share. :D

    Jump to Post


    This is post will be updated once Magisk v24 is released.
    View
    74
    ipdev
    ipdev
    Magisk
    The Magic Mask for Android.

    Magisk Links:
    GitHub
    Release Notes

    Download Links:
    Stable and Beta releases.
    Canary
    • GitHub
      The notes.md file is the change log.
      The app-debug.apk is Magisk canary.
      Click on app-debug.apk and choose View Raw or click on the Download option.​

    Credits:
    topjohnwu
    All who contribute and support this project.
    View
    62
    ipdev
    ipdev
    Modules

    MagiskHide Props Config
    This module allows you to add, change and adjust prop values systemlessly using Magisk.​

    MagiskHide Props Config Links:

    Download Links:

    Credits:
    Didgeridoohan
    All who contribute and support this project.


    Universal SafetyNet Fix
    It has been a year now since kdrag0n figured out how to 'trick' SafetyNet.
    This 'trick' has been implemented properly into quite a few custom roms.
    For custom roms that do not include it and/or stock roms, he turned it into a module.​

    Universal SafetyNet Fix Links:

    Download Links:

    Credits:
    kdrag0n
    All who contribute and support this project.
    View
    58
    ipdev
    ipdev
    Apps

    Fox's Magisk Module Manager
    This app allows you to manage and install Magisk modules.
    Including from an online repo.​

    Fox's Magisk Module Manager Links:

    Download Links:

    Credits:
    Fox2Code
    All who contribute and support this project.

    Play Intergrity API Checker
    This app shows info about your device integrity as reported by Google Play Services.
    If any of this fails could mean your device is rooted or tampered in a way (for example you have an unlocked bootloader).​

    Development:

    Download Links:

    Credits:
    1nikolas
    All who contribute and support this project.

    YASNAC - Yet Another SafetyNet Attestation Checker
    YASNAC (short for Yet Another SafetyNet Attestation Checker) is an Android app that demonstrates SafetyNet Attestation API.​

    YASNAC Links:

    Download Links:

    Credits:
    RikkaW
    All who contribute and support this project.
    View
    49
    ipdev
    ipdev
    Force Basic Attestation

    Newer devices are designed to support hardware attestation.
    Currently there is no way to hide the sensitive device properties when checked using hardware attestation.​

    To get around this, kdrag0n figured out how trick SafetyNet that the device does not support hardware attestation.
    SafetyNet will then fall back to check using basic attestation.

    Note:
    This method will work for devices that support hardware attestation and devices that do not.
    • Enable Zygisk.
    • Install the USNF module.
    • Reboot

    To keep posts short, the instructions are hid by spoiler tags.
    If you have not installed Magisk.
    Follow the installation link in the Magisk post.​

    Download the Universal SafetyNet Fix module.
    Download link is in the Modules post.​

    1. Enable Zygisk
      • Open the Magisk app.
      • Go to Settings.
      • Scroll down to the Magisk section.
      • Toggle Zygisk on.
      • Go back to the Magisk Home screen.
    2. Go to Modules.
      • Select Install from storage.
      • Navigate to the Universal SafetyNet Fix module zip file and select it.
    3. Reboot.

    The USNF module will adjust the sensitive props that are needed to pass SafetyNet.
    Depending on the device and system (ROM) configuration, you might need to adjust a few more.
    See the Adjust Prop values post.​
    View

New posts