[Discussion] Magisk - The Age of Zygisk.

Search This thread
By:
Advanced…
7

73sydney

Account currently disabled
Jul 21, 2018
3,051
3,277
Sydney
Google Pixel 6 Pro
Samsung Galaxy Watch 4
prokiller1199 said:
Getting black screen on latest v1.7.86 of this app. Suspect is new detection mechanism. Anyone can test?
play.google.com

Touch 'n Go eWallet - Apps on Google Play

Spend, Save, Earn, and Invest conveniently - all in one app!
play.google.com play.google.com
Before this version is fine (v1.7.84). Pass safetynet, Shamiko, Added to deny list it just wont work on latest version.

Pixel 6 Pro Latest Nov patch, Magisk 25.2
Click to expand...
Click to collapse

ill have a crack, also Pixel 6 Pro, though on A13

Update:

No bueno...even with Hide My Applist

Perhaps a Magisk Delta user will test for you.....
 
  • Like
Reactions: ipdev and prokiller1199
P

pupido

Senior Member
Apr 9, 2015
146
10
A few years ago I installed Magisk v. 22 on my Note 9 (Android 10). Today I tried, using Magisk Manager, to update both the app and Magisk to the latest version (via direct installation).
However, while the app updated to v. 25.2, instead, Magisk updated to v. 23. Is this normal?
I thought Magisk would also update to v. 25.2 just like Magisk Manager.
 
zgfg

zgfg

Senior Member
Oct 10, 2016
10,740
9,333
Redmi K20 / Xiaomi Mi 9T
Xiaomi Mi 11
pupido said:
A few years ago I installed Magisk v. 22 on my Note 9 (Android 10). Today I tried, using Magisk Manager, to update both the app and Magisk to the latest version (via direct installation).
However, while the app updated to v. 25.2, instead, Magisk updated to v. 23. Is this normal?
I thought Magisk would also update to v. 25.2 just like Magisk Manager.
Click to expand...
Click to collapse
It's not normal but there are SO MANY differences in Magisk v25 (starting with v24) compared to your old v22 or v23) that I really suggest you:

- search on XDA for Magisk Zygisk thread and carefully read OP posts to be aware what has changed, and what would you need to configure manually from scratch , etc

- since you have happily lived so far with that ancient Magisk v22, maybe you don't need to jump to all the new things (Zygosk, DenyList instead of MagiskHide, no more Modules repository, optional Shamiko, USNF, Hide My Apps), and/or maybe you have an old version of Android that Magisk or important new modules (Shamiko, LSPosed) will not support
 
Last edited:
  • Like
Reactions: pupido, ipdev and J.Michael
P

pupido

Senior Member
Apr 9, 2015
146
10
zgfg said:
It's not normal but there are SO MANY differences in Magisk v25 (starting with v24) compared to your old v22 or v23) that I really suggest you:

- search on XDA for Magisk Zygisk thread and carefully read OP posts to be aware what has changed, and what would you need to configure manually from scratch , etc

- since you have happily lived so far with that ancient Magisk v22, maybe you don't need to jump to all the new things (Zygosk, DenyList instead of MagiskHide, no more Modules repository, optional Shamiko, USNF, Hide My Apps), and/or maybe you have an old version of Android that Magisk or important new modules (Shamiko, LSPosed) will not support
Click to expand...
Click to collapse
Thank you for your response.
I am interested in installing the Pixelify's module and I think with Magisk v. 23 it is not possible.
 
Mr.Jlu

Mr.Jlu

Member
Jun 2, 2016
42
25
Mr.Jlu said:
Hi Guys,

I found the checks the HDFC Bank_11.1.5 app is performing for checking the root status, most of the stuff is obfuscated but we can get a glimpse of what is going around in the background.
Any suggestion to bypass this is much appreciated.

C++: 
package com.backbase.android.core.security;

import android.content.Context;
import com.backbase.android.core.utils.DoNotObfuscate;
import com.backbase.p006a.C0843b;
import lxl.C6232aa;

@DoNotObfuscate
/* loaded from: classes2.dex */
public class RootVerification {
    private C0843b rootUtils;
    private boolean rooted;

    public RootVerification(Context context) {
        this.rootUtils = new C0843b(context);
    }

    public boolean isRooted() {
        return this.rooted;
    }

    public RootVerification withBinaries(String[] strArr) {
        int length = strArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            } else if (C0843b.m10159a(strArr[i])) {
                this.rooted = true;
                break;
            } else {
                i++;
            }
        }
        return this;
    }

    public RootVerification withBusyBoxBinary() {
        this.rooted = C0843b.m10159a(C6232aa.m1119a(22896));
        return this;
    }

    public RootVerification withDangerousProps() {
        this.rooted = this.rootUtils.m10156b();
        return this;
    }

    public RootVerification withDefaultCheck() {
        C0843b c0843b = this.rootUtils;
        this.rooted = c0843b.m10157a((String[]) null) || c0843b.m10155b(null) || C0843b.m10159a(C6232aa.m1119a(22897)) || c0843b.m10156b() || c0843b.m10154c() || C0843b.m10160a() || C0843b.m10152d();
        return this;
    }

    public RootVerification withPotentiallyDangerousApps(String... strArr) {
        this.rooted = this.rootUtils.m10155b(strArr);
        return this;
    }

    public RootVerification withRootCloakingApps(String... strArr) {
        this.rooted = this.rootUtils.m10153c(strArr);
        return this;
    }

    public RootVerification withRootManagementApps(String... strArr) {
        this.rooted = this.rootUtils.m10157a(strArr);
        return this;
    }

    public RootVerification withRwSystem() {
        this.rooted = this.rootUtils.m10154c();
        return this;
    }

    public RootVerification withSuBinary() {
        this.rooted = C0843b.m10159a(C6232aa.m1119a(22898));
        return this;
    }

    public RootVerification withSuExist() {
        this.rooted = C0843b.m10152d();
        return this;
    }

    public RootVerification withTestKeys() {
        this.rooted = C0843b.m10160a();
        return this;
    }
}
Click to expand...
Click to collapse

Hello Guys,

[UPDATE]

I was able to bypass the root detection of this app using the following magisk module but it stopped working post reboot.

Magisk Module Name: InitRcHider
Reference URL: XDA Download Link: https://xdaforums.com/attachments/initrchider-zip.5472273/
 
Last edited:
  • Like
Reactions: pndwal and ipdev
E

Eagleman71

Senior Member
Dec 4, 2007
101
31
FYI what to do post Android Security Update if wallet stops working (I don't know if someone else already wrote it or if it is so obvious that nobody needed to, LOL).

My Case:
Xiaomi MI 11 Ultra, Magisk 25.2 (33) installed and working. Banking apps and Wallet working.
Updates to new version with latest Android Security Patch.
Banking apps and Wallet NOT working anymore.

Just patch the new version of the boot.img, reflash and check once again the DenyList because sometimes some goolge servicer gets unflagged.
Al back to normal.
 
  • Like
Reactions: ipdev
A

anubisjack

Member
May 3, 2017
38
4
prokiller1199 said:
Thank you for your effort, at least I know that its not my problem
Click to expand...
Click to collapse
Fellow Malaysian here, and also before this new update, there are error code keep popping up, u notice? Like not even 1 second then it closed, maybe that was the detection mechanism but its not working yet, I installed the previous version of it for it to work temporary lol
 
P

prokiller1199

Senior Member
Nov 14, 2014
247
51
Johor Bahru
OnePlus 6
Google Pixel 6 Pro
anubisjack said:
Fellow Malaysian here, and also before this new update, there are error code keep popping up, u notice? Like not even 1 second then it closed, maybe that was the detection mechanism but its not working yet, I installed the previous version of it for it to work temporary lol
Click to expand...
Click to collapse
Hey, u mean the stopped working dialog that appears and gone in seconds right. I solved that one by hiding all process in denylist, if not mistaken by default it only tick the first one.
 
A

anubisjack

Member
May 3, 2017
38
4
prokiller1199 said:
Hey, u mean the stopped working dialog that appears and gone in seconds right. I solved that one by hiding all process in denylist, if not mistaken by default it only tick the first one.
Click to expand...
Click to collapse
My one still popping out even tho I alredi deny all the processes lol, even game like undecember still detected the root even I hide it also
 
P

prokiller1199

Senior Member
Nov 14, 2014
247
51
Johor Bahru
OnePlus 6
Google Pixel 6 Pro

Attachments

  • Screenshot_20221208-012612.png
    Screenshot_20221208-012612.png
    2.1 MB · Views: 65
P

pndwal

Senior Member
Jun 23, 2016
7,783
9,595
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
A

ajlir

Member
Dec 20, 2014
29
5
Model: Xiaomi Mi A1 (tissot)
OS: Lineage (19-20221206-NIGHTLY-tissot)
Magisk version: 25.2
Magisk Modules:
  • Advanced Charging Controller (ACC)
  • Shamiko
  • Systemless Hosts
  • Universal SafetyNet Fix (Displax)
  • Zygisk - LSPosed
LSPosed Module: Hide My Applist

Tested with Ruru and Momo (attached)

Not working with TnG ewallet (stuck at logo)

Will find resolution on Momo's findings and update here.

After reading through last 4-5 pages, I do not see anyone with my issues with Momo detection.

I'll keep looking in the meantime but can I get someone to help me on this, please?
 

Attachments

  • Screenshot_20221208-122532_Trebuchet.png
    Screenshot_20221208-122532_Trebuchet.png
    98.2 KB · Views: 183
  • Screenshot_20221208-125107_Trebuchet[1].png
    Screenshot_20221208-125107_Trebuchet[1].png
    151.7 KB · Views: 183
Last edited:
P

prokiller1199

Senior Member
Nov 14, 2014
247
51
Johor Bahru
OnePlus 6
Google Pixel 6 Pro
ajlir said:
Model: Xiaomi Mi A1 (tissot)
OS: Lineage (19-20221206-NIGHTLY-tissot)
Magisk version: 25.2
Magisk Modules:
  • Advanced Charging Controller (ACC)
  • Shamiko
  • Systemless Hosts
  • Universal SafetyNet Fix (Displax)
  • Zygisk - LSPosed
LSPosed Module: Hide My Applist

Tested with Ruru and Momo (attached)

Not working with TnG ewallet (stuck at logo)

Will find resolution on Momo's findings and update here.
Click to expand...
Click to collapse
Another TNG user here, I submitted a report to their developer team because I think it is app issues on latest version of TNG.
 
You must log in or register to reply here.

Similar threads

T
  • Sticky
Magisk General Support / Discussion
Replies
58K
Views
6M
W
wei34
T
  • Locked
  • Sticky
Magisk - The Magic Mask for Android
Replies
56
Views
6M
T
topjohnwu
T
  • Locked
[CLOSED][BETA][2018.7.19] Magisk v16.7 (1671)
Replies
7K
Views
3M
T
topjohnwu
yochananmarqos
Collection of Magisk Modules v2
Replies
1K
Views
1M
あなたの
あなたの
Heisenberg
[Discussion] PokeMon Go Magisk Discussion Thread
Replies
5K
Views
649K
beneditodragon
beneditodragon

Top Liked Posts

24 Hours 30 Days All time
  • 1
    E
    elicoth
    Warzenfinger said:
    Hello,

    I hope this is the right place for my question

    I updated LineageOS from lineage-21.0-20240320-nightly to lineage-21.0-20240417-nightly-gts4lvwifi on my Galaxy Tab S5e and now Zygisk won't start.

    View attachment 6093418

    View attachment 6093425

    What can I do?

    Best regards
    Click to expand...
    Click to collapse

    Try removing or disabling LSposed if you have it enabled.
    View
    1
    W
    Warzenfinger
    Thank you. With LSposed disabled Zygisk runs, but it's LSposed why I need Zygisk :-(
    View
    1
    P
    pndwal
    Warzenfinger said:
    Thank you. With LSposed disabled Zygisk runs, but it's LSposed why I need Zygisk :-(
    Click to expand...
    Click to collapse
    Does LSPosed+ Zygisk work if all LSPosed modules are disabled? PW
    View
  • 2
    xcl1pse
    xcl1pse
    jimger said:
    Could someone check with

    Santander Pilot - Apps on Google Play

    Santander mobile banking pilot
    play.google.com play.google.com

    Crashes for me. Other bank apps work OK.
    Magisk alpha latest, lsposed latest, zygisk of magisk alpha, hma latest and shamiko
    Click to expand...
    Click to collapse
    Bruh
    View
    2
    samhhmobil
    samhhmobil
    buebue#8888 said:
    It seems like the Zygote Injection is detectable now. For me the "Payback" app wont work anymore.

    S20U, Android 13 latest security patch, Magisk Delta (Kitsune 26400), Magisk Hide, Zygisk, lsposed, HMA.
    Click to expand...
    Click to collapse
    Welcome on board!

    At first: If you use lsposed, zygisk may be detectable again.

    Without(!) lsposed the following are my results:

    Payback is not detecting zygisk!

    (1) Payback IS(!) working with unlocked bootloader, StockRom(!), no root, but due to the unlocked bootloader no Device-Integrity.

    (2) Payback IS(!) working with unlocked bootloader, StockRom(!), Magisk 27(hidden), active zygisk, Shamiko 1.0.1 (Google GMS, Payback — and other apps — on denylist, denylist not enforced), PlayIntegrityFix 15.9.7 by Chiteroman.

    In THESE two configurations Payback works!

    But...
    (3) Same device: unlocked bootloader, CustomRom (LineageOS 17/18/19 or 20), NOT rooted, nothing else installed, and: Payback does NOT work.

    (4) Changed to the second (rooted) scenario, but only changed from StockRom to CustomRom, and: Payback does NOT work.

    So... Payback does not check the status of the bootloader.

    Payback even does NOT check Device-Integrity (It works with StockRom and unlocked bootloader without root and without Device-Integrity).

    With the usual way (hidden-magisk, active zygisk, denylist, shamiko, playintegrityfix, but NO lsposed) Payback CANNOT detect root or zygisk (tested with use of a StockRom).

    But: Payback detects the existence of a CustomRom, even without root, and refuses to work.

    So, if you (or somebody else) have a solution to hide the use of a CustomRom, feel free to post the solution here. (Even Momo detects the CustomRom... and... BTW, Momo detects zygisk again, when I use lsposed.)

    samhhmobil
    View
    2
    xcl1pse
    xcl1pse
    KennethYoon91 said:
    Anyone updated/installed RHB Mobile Banking Ver, 2.15.1? does it work with HMA and denylist enabled?
    Click to expand...
    Click to collapse
    View
    2
    xcl1pse
    xcl1pse
    buebue#8888 said:
    It seems like the Zygote Injection is detectable now. For me the "Payback" app wont work anymore.

    PAYBACK - Karte und Coupons - Apps on Google Play

    Even more points, exclusive coupons and...
    play.google.com play.google.com

    S20U, Android 13 latest security patch, Magisk Delta (Kitsune 26400), Magisk Hide, Zygisk, lsposed, HMA.

    Source:
    https://www.reddit.com/r/Magisk/comments/198c0hz
    Click to expand...
    Click to collapse
    Well goodluck fixing your environment then..
    View
    2
    xcl1pse
    xcl1pse
    prokiller1199 said:
    Can anyone try Singpass app again?
    Not working for me on Magisk alpha latest, app in denylist, shamiko, passed device integrity, latest lsposed.
    Click to expand...
    Click to collapse
    View
  • 145
    ipdev
    ipdev
    This is a discussion and help thread for the newer versions of Magisk.

    The main goal of this thread is to help users migrate to Magisk v24+
    • SafetyNet
      Basic integrity Pass
      CTS profile match Pass
    • Play Protect certification
      Device is certified

    Feel free to discuss or give links to other Magisk related issues.
    Fixes for gPay, banking apps and/or other apps and games that detect a 'compromised' Android system.
    Please try to restrain from discussing alternative (unofficial) Magisk builds that include changes that were removed or can not be included in the official Magisk builds. 🙃

    Please read John's State of Magisk (medium.com)

    Starting with the Magisk 23 (23010) canary builds.
    • MagiskHide is removed.
      MagiskHide masked the sensitive properties of the device to hide it from SafetyNet.
      Renaming (repackaging) the Magisk app is/was not part of MagiskHide.
      You still have the option to Hide the Magisk app under setting.​
    • Magisk Module online Repo is removed.
      The Magisk Module online Repo is still available and can be accessed outside of the Magisk app.​
    • Everything SafetyNet is removed.
      This includes the SafetyNet check that was incorporated into the Magisk app.​
    • Zygisk is introduced.
      Zygote + Magisk = Zygisk​
    • The Deny list replaces the Hide list.
      The Hide list (more or less) hid Magisk from the process on the list.
      The Deny list is similar but instead of hiding Magisk from the process, Magisk is unloaded so there is nothing to hide.​

    Starting with the Magisk 23 (23017) canary builds.
    • Magisk supports update channels per module.
      Each module can include it's own update link.​
    • Hide Magisk offline.
      You do not need internet connection to rename (repackage) the Magisk app.​

    What does this mean?
    Not much.
    It is just the next step in Magisk's development.
    Zygisk is a big step forward. ;)

    Even before these changes in Magisk, the xda family and the Android community have always been active and willing to share. :D

    Jump to Post


    This is post will be updated once Magisk v24 is released.
    View
    74
    ipdev
    ipdev
    Magisk
    The Magic Mask for Android.

    Magisk Links:
    GitHub
    Release Notes

    Download Links:
    Stable and Beta releases.
    Canary
    • GitHub
      The notes.md file is the change log.
      The app-debug.apk is Magisk canary.
      Click on app-debug.apk and choose View Raw or click on the Download option.​

    Credits:
    topjohnwu
    All who contribute and support this project.
    View
    62
    ipdev
    ipdev
    Modules

    MagiskHide Props Config
    This module allows you to add, change and adjust prop values systemlessly using Magisk.​

    MagiskHide Props Config Links:

    Download Links:

    Credits:
    Didgeridoohan
    All who contribute and support this project.


    Universal SafetyNet Fix
    It has been a year now since kdrag0n figured out how to 'trick' SafetyNet.
    This 'trick' has been implemented properly into quite a few custom roms.
    For custom roms that do not include it and/or stock roms, he turned it into a module.​

    Universal SafetyNet Fix Links:

    Download Links:

    Credits:
    kdrag0n
    All who contribute and support this project.
    View
    58
    ipdev
    ipdev
    Apps

    Fox's Magisk Module Manager
    This app allows you to manage and install Magisk modules.
    Including from an online repo.​

    Fox's Magisk Module Manager Links:

    Download Links:

    Credits:
    Fox2Code
    All who contribute and support this project.

    Play Intergrity API Checker
    This app shows info about your device integrity as reported by Google Play Services.
    If any of this fails could mean your device is rooted or tampered in a way (for example you have an unlocked bootloader).​

    Development:

    Download Links:

    Credits:
    1nikolas
    All who contribute and support this project.

    YASNAC - Yet Another SafetyNet Attestation Checker
    YASNAC (short for Yet Another SafetyNet Attestation Checker) is an Android app that demonstrates SafetyNet Attestation API.​

    YASNAC Links:

    Download Links:

    Credits:
    RikkaW
    All who contribute and support this project.
    View
    49
    ipdev
    ipdev
    Force Basic Attestation

    Newer devices are designed to support hardware attestation.
    Currently there is no way to hide the sensitive device properties when checked using hardware attestation.​

    To get around this, kdrag0n figured out how trick SafetyNet that the device does not support hardware attestation.
    SafetyNet will then fall back to check using basic attestation.

    Note:
    This method will work for devices that support hardware attestation and devices that do not.
    • Enable Zygisk.
    • Install the USNF module.
    • Reboot

    To keep posts short, the instructions are hid by spoiler tags.
    If you have not installed Magisk.
    Follow the installation link in the Magisk post.​

    Download the Universal SafetyNet Fix module.
    Download link is in the Modules post.​

    1. Enable Zygisk
      • Open the Magisk app.
      • Go to Settings.
      • Scroll down to the Magisk section.
      • Toggle Zygisk on.
      • Go back to the Magisk Home screen.
    2. Go to Modules.
      • Select Install from storage.
      • Navigate to the Universal SafetyNet Fix module zip file and select it.
    3. Reboot.

    The USNF module will adjust the sensitive props that are needed to pass SafetyNet.
    Depending on the device and system (ROM) configuration, you might need to adjust a few more.
    See the Adjust Prop values post.​
    View

New posts