• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

Does unrooting erase your data in the phone?

Search This thread

vifzor

Senior Member
Dec 9, 2012
64
1
Hello,
Quick context : I need to use an app (itsME belgian app) to get my vaccine certificate on my phone but unfortunately the app doesn't work on rooted phone.
So if I unroot my phone will I be able to keep all my messenger app conversations and pictures for example?

Thank you
 

Didgeridoohan

Senior Moderator / Dev Committee / Dev Relations
Staff member
May 31, 2012
12,299
1
14,663
Gothenburg
Google Nexus 4
Nexus 6
I tested the app and with the Magisk app repackaged with a random name and the app on the Deny list (I'm using Canary Magisk build 23014) it started without complaining about a rooted device. That means it's at least possible to hide Magisk from it, but it might depend on your particular device/setup.

Tested on a OnePlus 5T with a custom Android 11 ROM, Magisk build 23014.
 
  • Like
Reactions: Oswald Boelcke

Timmmmaaahh!

Forum Moderator
Staff member
Sep 11, 2012
4,938
10,719
Bruges
OnePlus One
OnePlus 6T
Hey @vifzor, thanks for bringing up the itsme issue. Got the same problem on my end (OnePlus 6T here)! Something must have changed recently as I've been successfully hiding root from this app for years.

@Didgeridoohan
I don't get it...
Certified OP6T FP: freshly applied via Props Config
Play Protect certification: Device is certified
SafetyNet: pass
MagiskHide: enabled
Magisk app: hidden
Hidden Magisk app "superhidden" via SudoHide (LSPosed)
TWRP folder: removed

Yet the app is still saying "Rooted device detected" on startup, despite having cleaned its data several times. All while my banking app and other root sensitive apps are working fine.
Using stable 23000 though, should I try Canary?
 
  • Like
Reactions: Oswald Boelcke

Didgeridoohan

Senior Moderator / Dev Committee / Dev Relations
Staff member
May 31, 2012
12,299
1
14,663
Gothenburg
Google Nexus 4
Nexus 6
@Timmmmaaahh! I'm not using any Riru or Xposed style modules at all. I only have Magisk Canary (23014) with the Deny list set up and the Magisk app repackaged with a random name.

I'm seeing two discrepancies between our setups that stand out at a first glance:
  1. LSposed
  2. Stable vs Canary Magisk releases
Either LSposed is being detected (which you could test by disabling it), or the Canary Deny list is better at hiding Magisk. If you're going to try Canary keep in mind that you'll need an LSPosed version that is compatible with Zygisk rather than Riru.
 
  • Like
Reactions: Oswald Boelcke

Timmmmaaahh!

Forum Moderator
Staff member
Sep 11, 2012
4,938
10,719
Bruges
OnePlus One
OnePlus 6T
@Timmmmaaahh! I'm not using any Riru or Xposed style modules at all. I only have Magisk Canary (23014) with the Deny list set up and the Magisk app repackaged with a random name.

I'm seeing two discrepancies between our setups that stand out at a first glance:
  1. LSposed
  2. Stable vs Canary Magisk releases
Either LSposed is being detected (which you could test by disabling it), or the Canary Deny list is better at hiding Magisk. If you're going to try Canary keep in mind that you'll need an LSPosed version that is compatible with Zygisk rather than Riru.
No go for disabling Riru/LSposed, still detecting. What do you mean by Deny list? Magisk Hide?
@vifzor Can you check with Magisk Canary?
 
  • Like
Reactions: Oswald Boelcke

Didgeridoohan

Senior Moderator / Dev Committee / Dev Relations
Staff member
May 31, 2012
12,299
1
14,663
Gothenburg
Google Nexus 4
Nexus 6
No go for disabling Riru/LSposed, still detecting. What do you mean by Deny list? Magisk Hide?
@vifzor Can you check with Magisk Canary?
The Deny list is the new iteration of MagiskHide that is currently being tested on the Canary branch and will be in the next stable release of Magisk.

I'm sure you've heard talks of @topjohnwu working for Google now and as such the nature of Magisk's hiding capabilities have changed a little, although not quite as much as you'd think. Magisk can still completely get out of the way of any app that's added to the Deny list.

Hiding from SafetyNet is still perfectly possible, but takes a couple of manual tweaks (although those using the Universal SafetyNet Fix module won't notice anything since it does everything for them).
 

Timmmmaaahh!

Forum Moderator
Staff member
Sep 11, 2012
4,938
10,719
Bruges
OnePlus One
OnePlus 6T
@Didgeridoohan Just something I was wondering: does a logcat hint to what potentially is causing detection? This is the moment itsme is started:
Code:
11-22 15:33:01.645  1315  6526 I ActivityTaskManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=be.bmid.itsme/.activities.application.Main bnds=[900,1391][1080,1681]} from uid 10236 pid 3130
11-22 15:33:01.656  1315  6526 D OpQuickReply: setQuickReplyResumed focusedApp ActivityRecord{1000d6 u0 be.bmid.itsme/.activities.ErrorActivity t27659} pkgName be.bmid.itsme
11-22 15:33:01.658  1315  6526 D ActivityTrigger: ActivityTrigger activityPauseTrigger
11-22 15:33:01.668  1315  1707 D CompatibilityChangeReporter: Compat change id reported: 135634846; UID 10636; state: DISABLED
11-22 15:33:01.669  1315  1895 D CompatibilityChangeReporter: Compat change id reported: 143937733; UID 10636; state: ENABLED
11-22 15:33:01.669  3130  3130 E coilsw.launche: Invalid ID 0x0000028c.
11-22 15:33:01.672   863   863 I ZygoteServer: Get USAP proc command with pid # 23169 block_kill# true
11-22 15:33:01.673   863   863 I ZygoteServer: Get USAP proc command with pid # 23169 block_kill# false
11-22 15:33:01.674  1315  1315 V SettingsProvider: Notifying for 0: content://settings/secure/reminder_exp_learning_time_elapsed
11-22 15:33:01.676  1315  1895 I ActivityManager: Start proc 23169:be.bmid.itsme/u0a636 for pre-top-activity {be.bmid.itsme/be.bmid.itsme.activities.ErrorActivity}
11-22 15:33:01.673   863   863 I ZygoteServer: Get USAP proc command with pid # 23169 block_kill# false
11-22 15:33:01.683 23169 23169 E be.bmid.itsme: Unknown bits set in runtime_flags: 0x800000
11-22 15:33:01.684   803   820 I Magisk  : proc_monitor: [be.bmid.itsme] PID=[23169] UID=[10636]
11-22 15:33:01.684  1315  1707 D OpPowerConsumpStatsInjector: notifyPkgEvent
11-22 15:33:01.687  1315  1707 D OpRestartProcessManager: updateSelf :  be.bmid.itsme, size : 30
11-22 15:33:01.687 23169 23169 E be.bmid.itsme: Not starting debugger since process cannot load the jdwp agent.
11-22 15:33:01.692  1315  1708 D OPFD_CTRL_SVC: [2]handle Starting Window for { be.bmid.itsme }, Dark? false
11-22 15:33:01.694  3130  3130 E coilsw.launche: Invalid ID 0x0000028c.
11-22 15:33:01.694  1315  3799 D gwy     : OS Event: appuse
11-22 15:33:01.697  3130  3130 D ViewRootImpl[NovaLauncher]: windowFocusChanged hasFocus=false inTouchMode=true
11-22 15:33:01.716  1315  1708 I OPFD_Manager: Dark? false, OP Force ? false
11-22 15:33:01.745  1142  2682 D AudioFlinger: AudioFlinger::setRecordSilenced(portId:140, silenced:0)
11-22 15:33:01.746  1142 25893 D AudioFlinger: AudioFlinger::setRecordSilenced(portId:140, silenced:0)
11-22 15:33:01.746  1142 25893 D AudioFlinger: AudioFlinger::setRecordSilenced(portId:140, silenced:0)
11-22 15:33:01.746  1315  1708 D Letterbox: show it
11-22 15:33:01.753  1406  8864 E ANDR-RAMBOOST_SERVER: ramboost cmd_len = 108 cmd: iop_start -1 be.bmid.itsme /data/app/~~o94rGcBSbYjn6gtItsTtjQ==/be.bmid.itsme-wk-9G-nl_e_UlVwsQjqzsg== false
11-22 15:33:01.762  1315  6488 E HwuiBoostFrontPackageListener: Exception : file not exits :/sys/module/houston/parameters/hwui_boost_enable
11-22 15:33:01.763  1315  2063 I DisplayPowerController: useProximityForceSuspend = false
11-22 15:33:01.764  1315  2063 I DisplayPowerController: smtbrn:0.92 0.31552482 (132.72858) --> 0.2853861(121.40264)
11-22 15:33:01.764  1315  2063 I RampAnimator: target:0.2853861 rate:0.2352941 mCurrentValue:0.2853861 mTargetValue:0.2853861
11-22 15:33:01.765  1406  8870 E ANDR-RAMBOOST_SERVER: ramboost cmd_len = 111 cmd: iop_start 23169 be.bmid.itsme /data/app/~~o94rGcBSbYjn6gtItsTtjQ==/be.bmid.itsme-wk-9G-nl_e_UlVwsQjqzsg== false
11-22 15:33:01.869  1315  6488 D OpColorDisplayService: frontPackageChanged: be.bmid.itsme
11-22 15:33:01.869  1315  6488 D OpColorDisplayService: lpackageName: com.teslacoilsw.launcher
11-22 15:33:01.870  1315  6488 D OpProximityController: noteFrontPackageChanged pkg:be.bmid.itsme uid:10636 lpkg:com.teslacoilsw.launcher luid:10236
11-22 15:33:01.871  1315  6488 D OemSceneModeActivityStack: [scene] evaluateGameModes :  gameMsg.arg1=0 gameMsg.arg2=1
11-22 15:33:01.873  1315  6488 D OpQuickReply: setQuickReplyResumed focusedApp ActivityRecord{1000d6 u0 be.bmid.itsme/.activities.ErrorActivity t27659} pkgName be.bmid.itsme
11-22 15:33:01.875  1315  6488 W ActivityManager: Slow operation: 130ms so far, now at attachApplicationLocked: after mServices.attachApplicationLocked
11-22 15:33:01.877  1315  1315 W Looper  : Slow dispatch took 131ms main h=com.android.server.job.JobSchedulerService$JobHandler c=null m=7
11-22 15:33:01.877  1315  1705 W Looper  : Slow dispatch took 132ms android.ui h=com.android.server.am.ActivityManagerService$UiHandler c=null m=53
11-22 15:33:01.877  1315  1315 D xne     : Event success
11-22 15:33:01.893  3596  3596 D StatusBar: Status bar WINDOW_STATE_HIDDEN
11-22 15:33:01.893  3596  3596 D KeyguardAffordanceView: setCircleRadius: 0.0com.android.systemui.statusbar.KeyguardAffordanceView.setCircleRadiusWithoutAnimation:416 com.android.systemui.statusbar.phone.KeyguardAffordanceHelper.updateIcon:444 com.android.systemui.statusbar.phone.KeyguardAffordanceHelper.setTranslation:394 com.android.systemui.statusbar.phone.KeyguardAffordanceHelper.reset:506 com.android.systemui.statusbar.phone.NotificationPanelViewController.resetViews:1208 com.android.systemui.statusbar.phone.PanelBar.collapsePanel:268 com.android.systemui.statusbar.phone.StatusBar.setWindowState:2624
11-22 15:33:01.897  1315  1707 D OpPowerConsumpStatsInjector: notifyPkgEvent
11-22 15:33:01.898  1142  6211 D AudioFlinger: AudioFlinger::setRecordSilenced(portId:140, silenced:0)
11-22 15:33:01.898  1142  6211 D AudioFlinger: AudioFlinger::setRecordSilenced(portId:140, silenced:0)
11-22 15:33:01.900  3596  3596 D OverviewProxyService: SystemUi flags: 40000000
11-22 15:33:01.900 23169 23169 I Perf    : Connecting to perf service.
11-22 15:33:01.900  6781  6853 D TouchInteractionService: onSystemUiStateChanged# stateFlags: 0 -> 1073741824
11-22 15:33:01.901  3596  3596 D OverviewProxyService: SystemUi flags: 40000000
11-22 15:33:01.904 23169 23169 I be.bmid.itsme: [GL_OOM] ClearGrowthLimit 536870912
11-22 15:33:01.904 23169 23169 D NetworkSecurityConfig: No Network Security Config specified, using platform default
11-22 15:33:01.905 23169 23169 D NetworkSecurityConfig: No Network Security Config specified, using platform default
11-22 15:33:01.920  3596  3596 D EdgeBackGestureHandler: updateTopPackage isHomeApp false
11-22 15:33:01.920 23169  8876 W be.bmid.itsme: Class com.google.android.gms.dynamite.DynamiteModule failed lock verification and will run slower.
11-22 15:33:01.920 23169  8876 W be.bmid.itsme: Common causes for lock verification issues are non-optimized dex code
11-22 15:33:01.920 23169  8876 W be.bmid.itsme: and incorrect proguard optimizations.
11-22 15:33:01.926  1000  1000 D [email protected]_handler: SerialClockVote: vote for UART CLK ON
11-22 15:33:01.926  1000  1000 D [email protected]_lock: Acquire wakelock is acquired
11-22 15:33:01.926  1000  1000 I [email protected]_handler: DeviceWakeUp: Writing IBS_WAKE_IND
11-22 15:33:01.927  1000  4663 I [email protected]_handler: ProcessIbsCmd: Received IBS_WAKE_ACK: 0xFC
11-22 15:33:01.927  1000  4663 I [email protected]_handler: ProcessIbsCmd: Signal wack_cond_
11-22 15:33:01.927  1000  1000 D [email protected]_handler: DeviceWakeUp: Unblocked from waiting for FC
11-22 15:33:01.927  3570  4524 E bt_osi_wakelock: wakelock_acquire wakelock acquired
11-22 15:33:01.927  1000  4663 I [email protected]_handler: ProcessIbsCmd: Received IBS_WAKE_IND: 0xFD
11-22 15:33:01.927  1000  4663 I [email protected]_handler: ProcessIbsCmd: Writing IBS_WAKE_ACK
11-22 15:33:01.928  3570  3627 E bt_osi_wakelock: wakelock_release wakelock released
11-22 15:33:01.928 23169  8876 I be.bmid.itsme: The ClassLoaderContext is a special shared library.
11-22 15:33:01.932 23169  8876 I be.bmid.itsme: The ClassLoaderContext is a special shared library.
11-22 15:33:01.934  1863  1916 E QMI_FW  : qmi_cci_get_ref: ref count increased 2
11-22 15:33:01.943  1863  1916 E QMI_FW  : qmi_cci_get_ref: ref count increased 2
11-22 15:33:01.954 23169  8883 E sqlite3_android: [IKR-38846] ONEPLUS_NAME_PARTS_MATCH SQLITE_OK
11-22 15:33:01.964  3130  3130 E coilsw.launche: Invalid ID 0x00000012.
11-22 15:33:01.964  3130  3130 E coilsw.launche: Invalid ID 0x00000020.
11-22 15:33:01.965  3130  3130 E coilsw.launche: Invalid ID 0x00000022.
11-22 15:33:01.965  3130  3130 E coilsw.launche: Invalid ID 0x00000028.
11-22 15:33:01.965  3130  3130 E coilsw.launche: Invalid ID 0x0000006b.
11-22 15:33:01.965  3130  3130 E coilsw.launche: Invalid ID 0x00000098.
11-22 15:33:01.965  3130  3130 E coilsw.launche: Invalid ID 0x00000098.
11-22 15:33:01.966  3130  3130 E coilsw.launche: Invalid ID 0x0000027d.
11-22 15:33:01.966  3130  3130 E coilsw.launche: Invalid ID 0x00000288.
11-22 15:33:01.966  3130  3130 E coilsw.launche: Invalid ID 0x00000289.
11-22 15:33:01.966  3130  3130 E coilsw.launche: Invalid ID 0x0000028c.
11-22 15:33:01.968  1000  4663 I [email protected]_handler: ProcessIbsCmd: Received IBS_SLEEP_IND: 0xFE
11-22 15:33:01.979  1142 25893 D AudioFlinger: AudioFlinger::setRecordSilenced(portId:140, silenced:0)
11-22 15:33:01.980  3570  4512 I BtGatt.ScanManager: msg.what = 6
11-22 15:33:01.982  3304  3899 V OPConfig:ConfigProvider: Module:OnePlusFontConfig
11-22 15:33:01.983 23169 23169 E Config:Grabber:OnePlusFontConfig: Index 0 requested, with a size of 0
11-22 15:33:01.984  1315  1909 D KernelCpuUidUserSysTimeReader: Removing uids 99019-99019
11-22 15:33:01.985  1315  1900 D ExtBatteryStatsService: @@@@ awaitUninterruptibly in 87 ms
11-22 15:33:01.985  1315  1900 D MyBatteryStatsHelper: ===processSingleAppUsage===
11-22 15:33:01.988  1315  1900 D ExtBatteryStatsService: ext-flush too soon, skip
11-22 15:33:01.988  1315  1900 D MyBatteryStatsHelper: ===processSingleAppUsage===
11-22 15:33:02.058 23169 23169 E be.bmid.itsme: [frame_perf] perfboost open tb_ctl file failed, isApp[1], errno=No such file or directory
11-22 15:33:02.058 23169 23169 E libprocessgroup: set_timerslack_ns write failed: Operation not permitted
11-22 15:33:02.064  1151  3100 W DisplayIdentification: Invalid EDID: falling back to serial number due to missing display name.
11-22 15:33:02.064  1151  3100 W DisplayIdentification: Invalid EDID: falling back to ASCII text due to missing serial number.
11-22 15:33:02.074  4676  6379 E sqlite3_android: [IKR-38846] ONEPLUS_NAME_PARTS_MATCH SQLITE_OK
11-22 15:33:02.087 23169  8911 I FA      : App measurement initialized, version: 45018
11-22 15:33:02.087 23169  8911 I FA      : To enable debug logging run: adb shell setprop log.tag.FA VERBOSE
11-22 15:33:02.087 23169  8911 I FA      : To enable faster debug mode event logging run:
11-22 15:33:02.087 23169  8911 I FA      :   adb shell setprop debug.firebase.analytics.app be.bmid.itsme
11-22 15:33:02.095 23169  8911 E sqlite3_android: [IKR-38846] ONEPLUS_NAME_PARTS_MATCH SQLITE_OK
11-22 15:33:02.099 23169 23169 E be.bmid.itsme: Invalid ID 0x00000000.
11-22 15:33:02.115  1315  1391 D CompatibilityChangeReporter: Compat change id reported: 136274596; UID 10636; state: ENABLED
11-22 15:33:02.112 23169 23169 E be.bmid.itsme: Invalid ID 0x00000000.
11-22 15:33:02.118 23169  8911 E sqlite3_android: [IKR-38846] ONEPLUS_NAME_PARTS_MATCH SQLITE_OK
11-22 15:33:02.118  5349  5349 D BoundBrokerSvc: onBind: Intent { act=com.google.android.gms.measurement.START pkg=com.google.android.gms }
11-22 15:33:02.118  5349  5349 D BoundBrokerSvc: Loading bound service for intent: Intent { act=com.google.android.gms.measurement.START pkg=com.google.android.gms }
11-22 15:33:02.125 23169 23169 E be.bmid.itsme: Invalid ID 0x00000000.
11-22 15:33:02.125 23169 23169 E be.bmid.itsme: Invalid ID 0x00000000.
11-22 15:33:02.128 23169  8911 I FA      : Tag Manager is not found and thus will not be used
11-22 15:33:02.129 23169 23169 E be.bmid.itsme: Invalid ID 0x00000000.
11-22 15:33:02.130 23169  8911 E sqlite3_android: [IKR-38846] ONEPLUS_NAME_PARTS_MATCH SQLITE_OK
11-22 15:33:02.139 23169 23169 I OPFD_Manager: Dark? false, OP Force ? false
11-22 15:33:02.139 23169 23169 V ViewRootImpl: The specified message queue synchronization  barrier token has not been posted or has already been removed
11-22 15:33:02.142 23169 23169 D ViewRootImpl: support adaptive color gamut feature!
11-22 15:33:02.143 23169  8911 E sqlite3_android: [IKR-38846] ONEPLUS_NAME_PARTS_MATCH SQLITE_OK
11-22 15:33:02.158 23169  8912 I AdrenoGLES-0: QUALCOMM build                   : 8e5405b, I57aaec3440
11-22 15:33:02.158 23169  8912 I AdrenoGLES-0: Build Date                       : 05/21/21
11-22 15:33:02.158 23169  8912 I AdrenoGLES-0: OpenGL ES Shader Compiler Version: EV031.32.02.10
11-22 15:33:02.158 23169  8912 I AdrenoGLES-0: Local Branch                     : mybranchebba1dbe-451b-f160-ac81-1458d0b52ae8
11-22 15:33:02.158 23169  8912 I AdrenoGLES-0: Remote Branch                    : quic/gfx-adreno.lnx.1.0.r135-rel
11-22 15:33:02.158 23169  8912 I AdrenoGLES-0: Remote Branch                    : NONE
11-22 15:33:02.158 23169  8912 I AdrenoGLES-0: Reconstruct Branch               : NOTHING
11-22 15:33:02.158 23169  8912 I AdrenoGLES-0: Build Config                     : S P 10.0.7 AArch64
11-22 15:33:02.158 23169  8912 I AdrenoGLES-0: Driver Path                      : /vendor/lib64/egl/libGLESv2_adreno.so
11-22 15:33:02.160 23169  8912 I AdrenoGLES-0: PFP: 0x016ee190, ME: 0x00000000

Perhaps these are a hint?
"W DisplayIdentification: Invalid EDID: falling back to serial number due to missing display name.
W DisplayIdentification: Invalid EDID: falling back to ASCII text due to missing serial number."

It's also showing "E be.bmid.itsme: Invalid ID 0x00000000."

Wild guess really 😬
 
  • Like
Reactions: Oswald Boelcke

Timmmmaaahh!

Forum Moderator
Staff member
Sep 11, 2012
4,938
10,719
Bruges
OnePlus One
OnePlus 6T
Hey again @Didgeridoohan!

I finally got to upgrading to Magisk Canary (23015), yay.

Funny thing happend: now itsme starts but my banking app (Keytrade, discussed in your thread here) picked up detection again! Not a major surprise as you've already hinted this would happen because LSPosed is broken by Zygisk. I'm not entirely sure how to proceed though. I've looked into AirFrozen but might not be ideal as it's never been updated after its release in 2016. As far as I can see a fix for Riru is in the works but not just there yet. Fixed Universal SafetyNet Fix works so that's great! I guess I need something that freezes Magisk whenever I start my banking app (and unfreezes when I close it) but can't seem to find anything that does that. Maybe with Tasker and SecureTask, I'll do more digging.

@vifzor This'll be good news for you if your only issue was with itsme, of course. Just fetch latest canary manager here, make sure canary update channel is selected in settings and update Magisk, then enable Zygisk and Enforce DenyList in settings after reboot and enable itsme in the DenyList. One more reboot and you'll be fooling our government again in no time ^_^
 
  • Like
Reactions: Oswald Boelcke

Timmmmaaahh!

Forum Moderator
Staff member
Sep 11, 2012
4,938
10,719
Bruges
OnePlus One
OnePlus 6T
What is Google? I'd have to Duck that. Anyway, performed some Telegram magic (remember kids, TG is bad for your teeth!) and found it: LSPosed-v1.6.3-62**-zygisk-release.zip

So LSPosed works again, which generates a pretty big question: why did I need Riru in the first place if LSPosed works standalone? Oh right, it's riding Zygisk now instead – nevermind. So I guess Zygisk is some sort of Riru? These are frameworks? This totally exceeds my intelligence. For now! *evil laughter*

It took me ridiculously long to figure this out but it was eventually Hide My Applist that did the trick. Probably combined with SudoHide or whatever but I don't want to do any more testing. Basically: create a template in HMA containing anything related to root and apply this to the 'effective app' one wants to open.

[rant] I'm a bit surprised my bank is going through all this trouble for root detection, especially with Magisk's new DenyList. The way I understand the new method works, is that selected apps are completely excluded from root abilities so it's not just hiding that root is there, it actually makes it virtually impossible to apply any manipulations to the applications in that list.
Though I enjoy some cat and mouse play from time to time, if my bank keeps this up I will switch to another bank. I'm no fan of overzealous safety measures. Takes me back to a whole bunch of DRM fails back in the 90's. Besides, apps that are so important should not rely on local safety anyway. If I log into my bank account via Windows XP I expect my bank to create a nicely secured connection using that nifty little calculator they provide us with. [/rant]
Sorry to hijack this @vifzor but as you haven't been online in the past 10 days I'm sure you don't mind. And we found a solution for you :cowboy:

Thanks once again for your assistance @Didgeridoohan
 

Top Liked Posts

  • There are no posts matching your filters.
  • 2
    No go for disabling Riru/LSposed, still detecting. What do you mean by Deny list? Magisk Hide?
    @vifzor Can you check with Magisk Canary?
    The Deny list is the new iteration of MagiskHide that is currently being tested on the Canary branch and will be in the next stable release of Magisk.

    I'm sure you've heard talks of @topjohnwu working for Google now and as such the nature of Magisk's hiding capabilities have changed a little, although not quite as much as you'd think. Magisk can still completely get out of the way of any app that's added to the Deny list.

    Hiding from SafetyNet is still perfectly possible, but takes a couple of manual tweaks (although those using the Universal SafetyNet Fix module won't notice anything since it does everything for them).
    2
    @Timmmmaaahh! I'm not seeing anything obvious. But then again, that behind-the-scenes stuff isn't my forté.
    1
    I tested the app and with the Magisk app repackaged with a random name and the app on the Deny list (I'm using Canary Magisk build 23014) it started without complaining about a rooted device. That means it's at least possible to hide Magisk from it, but it might depend on your particular device/setup.

    Tested on a OnePlus 5T with a custom Android 11 ROM, Magisk build 23014.
    1
    Hey @vifzor, thanks for bringing up the itsme issue. Got the same problem on my end (OnePlus 6T here)! Something must have changed recently as I've been successfully hiding root from this app for years.

    @Didgeridoohan
    I don't get it...
    Certified OP6T FP: freshly applied via Props Config
    Play Protect certification: Device is certified
    SafetyNet: pass
    MagiskHide: enabled
    Magisk app: hidden
    Hidden Magisk app "superhidden" via SudoHide (LSPosed)
    TWRP folder: removed

    Yet the app is still saying "Rooted device detected" on startup, despite having cleaned its data several times. All while my banking app and other root sensitive apps are working fine.
    Using stable 23000 though, should I try Canary?
    1
    Hey again @Didgeridoohan!

    I finally got to upgrading to Magisk Canary (23015), yay.

    Funny thing happend: now itsme starts but my banking app (Keytrade, discussed in your thread here) picked up detection again! Not a major surprise as you've already hinted this would happen because LSPosed is broken by Zygisk. I'm not entirely sure how to proceed though. I've looked into AirFrozen but might not be ideal as it's never been updated after its release in 2016. As far as I can see a fix for Riru is in the works but not just there yet. Fixed Universal SafetyNet Fix works so that's great! I guess I need something that freezes Magisk whenever I start my banking app (and unfreezes when I close it) but can't seem to find anything that does that. Maybe with Tasker and SecureTask, I'll do more digging.

    @vifzor This'll be good news for you if your only issue was with itsme, of course. Just fetch latest canary manager here, make sure canary update channel is selected in settings and update Magisk, then enable Zygisk and Enforce DenyList in settings after reboot and enable itsme in the DenyList. One more reboot and you'll be fooling our government again in no time ^_^