[Pie/10/11] [System-as-root] Multidisabler: disables encryption, Vaultkeeper, auto-flash of stock recovery, proca, wsm, cass, etc.

Search This thread

Mowca

Senior Member
Mar 31, 2018
70
9
probably only through twrp, because immediately after flashing you have to do format data
 

gorthon

Senior Member
Oct 13, 2012
148
17
the only way I know to re enable encryption is to do a full wipe (data format) of your phone.
You would have to backup everything, format phone and then re install magisk and twrp without encryption.
There could be another way but I haven't tried before.

Well, you could re-flash with Odin and then flash the multidisabler mod that keeps encryption. Shouldn't that work?

I am trying to get Island to work, which won't install once encrypted, but installs fine with unencrypted phone. With this method phone doesn't boot up, though. But I think it's because of island and not because of encryption.
 

elinajafi

New member
Dec 24, 2021
2
0
The multi-disabler started life on the Exynos S10 range, the first Samsung devices to launch with Android 9 (Pie). Since then, it has grown to support a great many Samsung devices running either Android 9, 10 or 11, and with either an Exynos or a Qualcomm SoC at their core. This includes the S10 and S20 series, the N10 and N20 series, the A10 - A70 series, the Tab A and Tab S series, Z Flip and (Z) Fold devices, and many more.

When flashed onto a compatible device, the multi-disabler will semi-permanently disable a number of device protection features and services that become problematic on a rooted device. Some pose a threat to the rooted state of the device, while others become dysfunctional and generate a flood of log messages. Semi-permanently in this context means that the disablement will persist until re-enabled by the user, for example as a side-effect of flashing new firmware with Odin. You will therefore need to reflash the multi-disabler every time you perform a system-wide firmware update.

The methodology of the multi-disabler is the path of least intervention. This means that for any given device, only those services that must be disabled to ensure the smooth operation of the device will be tackled.

The following is a list of features disabled by the multi-disabler on Samsung devices launched in 2019:

  • FBE (file-based encryption): Until this is disabled, most versions of TWRP — all for Exynos devices and many for Qualcomm — cannot read files on /data (the userdata partition). You must format /data to actually remove FBE after disabling it. Back up your data first!
  • Vaultkeeper: Magisk now dynamically disables this during boot, but if you boot outside of Magisk, it will return with a vengeance on some devices.
  • Process authentication (a.k.a. proca): This service must be disabled on some devices in order to use a custom kernel without problems. Note that all 2019 devices with TWRP utilise a custom kernel for Android, because the same kernel is shared by Magisk to boot the system. This does not apply to devices lauched in 2020 and later.
  • Stock recovery auto-restoration: In certain circumstances, your device will automatically restore its stock recovery partition, overwriting your custom recovery (TWRP). Magisk now also provides dynamic protection against this, but again, this will not save you if you boot outside of Magisk.
  • wsm: On Android 10 and 11, this service prevents Samsung smartwatches from connecting to the Galaxy Wearable app.
  • Extra services are disabled as needed per device.

Furthermore, when the ZIP file is renamed to contain the string _btfix somewhere in the name and the file is then flashed on a supported Android 10 device, the system's libbluetooth.so library will be patched in situ to prevent the loss of Bluetooth pairings across reboots. This is a recurring issue with many rooted Samsung devices manufactured before 2020 and updated to Android 10. Devices launched in 2020 and later do not need this patch.

The multi-disabler's support for this solution is limited to a relatively small number of Samsung devices and is deprecated as of v3.0. It will be removed in a future release.

If you find that patching fails on your device, please refer to Arthur Trouillot's superior libbluetooth patcher, which supports a much wider variety of devices.

The multi-disabler is written in Bourne shell, so you can — and ideally should — audit the code yourself to ensure its safe operation. It's performing open-heart surgery on the software of your device, so you should not simply trust it. Apart from anything else, bugs can creep in from time to time, despite or sometimes even because of my refactoring of the code.

The multi-disabler is idempotent, which means you can safely flash it multiple times without incurring unintended side-effects.

The package is attached to this posting and the code is available on GitHub.
Hi sir
How can I edit this file? and usage maniual for this file? please
multi-disabler .
 

Techguy777

Senior Member
Does this work on one ui 4.0? Thanks
If anyone is wondering I believe this works on the S10 lite one UI 4.0 but I can't confirm other devices but it should be fine. If you bought a new device that just came out it might not work if they changed something but if it's an old device that has been updated from Android 11 this should work
 
  • Like
Reactions: Philnicolls89

BillTheCat

Senior Member
Jun 17, 2008
1,872
673
Milford, PA
I would assume so, unlikely that samsung has disabled those security features for Android 12. Although I'm still running A11 so can't confirm.
There was nothing about it in the Magisk instructions, in fact they even warn about using 'unofficial' versions. So I'm not sure where to go from here. Been using Android 9 on my S10 for three years, but damaged the phone and want to flash a new one. Things seem to have 'changed' in that time.
 

Philnicolls89

Senior Member
Jun 28, 2019
715
322
33
A.C.T
Samsung Galaxy S10+
There was nothing about it in the Magisk instructions, in fact they even warn about using 'unofficial' versions. So I'm not sure where to go from here. Been using Android 9 on my S10 for three years, but damaged the phone and want to flash a new one. Things seem to have 'changed' in that time.
In my experience going from A9 to A10 then A11, not much has changed in terms of actually rooting the phone. The big changes are things like how to hide root from certain apps, and if the apps or mods you like are still compatible with a certain Android version. Multidisabler won't cause any serious harm to your device. The worst that it can do is cause a soft brick and require reflashing of firmware through Odin (very unlikely though). So worth a try at least!
I'm guessing in the magisk instructions they are warning about using unofficial versions of magisk. Multidisabler is not like magisk, it's just a program to disable certain pesky samsung security features. Such as replacing the twrp you have installed back with the stock recovery that comes with phone.
 

BillTheCat

Senior Member
Jun 17, 2008
1,872
673
Milford, PA
In my experience going from A9 to A10 then A11, not much has changed in terms of actually rooting the phone. The big changes are things like how to hide root from certain apps, and if the apps or mods you like are still compatible with a certain Android version. Multidisabler won't cause any serious harm to your device. The worst that it can do is cause a soft brick and require reflashing of firmware through Odin (very unlikely though). So worth a try at least!
I'm guessing in the magisk instructions they are warning about using unofficial versions of magisk. Multidisabler is not like magisk, it's just a program to disable certain pesky samsung security features. Such as replacing the twrp you have installed back with the stock recovery that comes with phone.
Thanks for responding!

Correct, but if we're not supposed to use an unofficial version, I'm stuck trying to understand how we flash .zip files like the disabler? Is a .zip install utility included in this new version of Magisk?

I also just noticed the keypress sequence (pwr/Vol+/Bixby) for recovery in A12 isn't working for me.
 

Zainullahk1234

Senior Member
Oct 26, 2021
395
1
108
Lenovo Phab 2
Samsung Galaxy A30s
The multi-disabler started life on the Exynos S10 range, the first Samsung devices to launch with Android 9 (Pie). Since then, it has grown to support a great many Samsung devices running either Android 9, 10 or 11, and with either an Exynos or a Qualcomm SoC at their core. This includes the S10 and S20 series, the N10 and N20 series, the A10 - A70 series, the Tab A and Tab S series, Z Flip and (Z) Fold devices, and many more.

When flashed onto a compatible device, the multi-disabler will semi-permanently disable a number of device protection features and services that become problematic on a rooted device. Some pose a threat to the rooted state of the device, while others become dysfunctional and generate a flood of log messages. Semi-permanently in this context means that the disablement will persist until re-enabled by the user, for example as a side-effect of flashing new firmware with Odin. You will therefore need to reflash the multi-disabler every time you perform a system-wide firmware update.

The methodology of the multi-disabler is the path of least intervention. This means that for any given device, only those services that must be disabled to ensure the smooth operation of the device will be tackled.

The following is a list of features disabled by the multi-disabler on Samsung devices launched in 2019:

  • FBE (file-based encryption): Until this is disabled, most versions of TWRP — all for Exynos devices and many for Qualcomm — cannot read files on /data (the userdata partition). You must format /data to actually remove FBE after disabling it. Back up your data first!
  • Vaultkeeper: Magisk now dynamically disables this during boot, but if you boot outside of Magisk, it will return with a vengeance on some devices.
  • Process authentication (a.k.a. proca): This service must be disabled on some devices in order to use a custom kernel without problems. Note that all 2019 devices with TWRP utilise a custom kernel for Android, because the same kernel is shared by Magisk to boot the system. This does not apply to devices lauched in 2020 and later.
  • Stock recovery auto-restoration: In certain circumstances, your device will automatically restore its stock recovery partition, overwriting your custom recovery (TWRP). Magisk now also provides dynamic protection against this, but again, this will not save you if you boot outside of Magisk.
  • wsm: On Android 10 and 11, this service prevents Samsung smartwatches from connecting to the Galaxy Wearable app.
  • Extra services are disabled as needed per device.

Furthermore, when the ZIP file is renamed to contain the string _btfix somewhere in the name and the file is then flashed on a supported Android 10 device, the system's libbluetooth.so library will be patched in situ to prevent the loss of Bluetooth pairings across reboots. This is a recurring issue with many rooted Samsung devices manufactured before 2020 and updated to Android 10. Devices launched in 2020 and later do not need this patch.

The multi-disabler's support for this solution is limited to a relatively small number of Samsung devices and is deprecated as of v3.0. It will be removed in a future release.

If you find that patching fails on your device, please refer to Arthur Trouillot's superior libbluetooth patcher, which supports a much wider variety of devices.

The multi-disabler is written in Bourne shell, so you can — and ideally should — audit the code yourself to ensure its safe operation. It's performing open-heart surgery on the software of your device, so you should not simply trust it. Apart from anything else, bugs can creep in from time to time, despite or sometimes even because of my refactoring of the code.

The multi-disabler is idempotent, which means you can safely flash it multiple times without incurring unintended side-effects.

The package is attached to this posting and the code is available on GitHub.
Hi i know this isnt the right place but can you please update a71 trees to android 12
i want to make pixelOS 12 for a71 but cant due to a11 trees
 

viktor92

Senior Member
Mar 27, 2013
1,579
537
I have just received a S20 FE 5G with A12, I wonder if v3.1 of multi disabler would work on this...
 

zhekavd

New member
Jul 2, 2022
2
0
34
Hilden
i cann't add Exchange Active Sync account after running multidisabler. how to fix it?
 

Attachments

  • Screenshot_20220810-141634_Email.png
    Screenshot_20220810-141634_Email.png
    85.7 KB · Views: 8
Last edited:

Top Liked Posts

  • There are no posts matching your filters.
  • 151
    The multi-disabler started life on the Exynos S10 range, the first Samsung devices to launch with Android 9 (Pie). Since then, it has grown to support a great many Samsung devices running either Android 9, 10 or 11, and with either an Exynos or a Qualcomm SoC at their core. This includes the S10 and S20 series, the N10 and N20 series, the A10 - A70 series, the Tab A and Tab S series, Z Flip and (Z) Fold devices, and many more.

    When flashed onto a compatible device, the multi-disabler will semi-permanently disable a number of device protection features and services that become problematic on a rooted device. Some pose a threat to the rooted state of the device, while others become dysfunctional and generate a flood of log messages. Semi-permanently in this context means that the disablement will persist until re-enabled by the user, for example as a side-effect of flashing new firmware with Odin. You will therefore need to reflash the multi-disabler every time you perform a system-wide firmware update.

    The methodology of the multi-disabler is the path of least intervention. This means that for any given device, only those services that must be disabled to ensure the smooth operation of the device will be tackled.

    The following is a list of features disabled by the multi-disabler on Samsung devices launched in 2019:

    • FBE (file-based encryption): Until this is disabled, most versions of TWRP — all for Exynos devices and many for Qualcomm — cannot read files on /data (the userdata partition). You must format /data to actually remove FBE after disabling it. Back up your data first!
    • Vaultkeeper: Magisk now dynamically disables this during boot, but if you boot outside of Magisk, it will return with a vengeance on some devices.
    • Process authentication (a.k.a. proca): This service must be disabled on some devices in order to use a custom kernel without problems. Note that all 2019 devices with TWRP utilise a custom kernel for Android, because the same kernel is shared by Magisk to boot the system. This does not apply to devices lauched in 2020 and later.
    • Stock recovery auto-restoration: In certain circumstances, your device will automatically restore its stock recovery partition, overwriting your custom recovery (TWRP). Magisk now also provides dynamic protection against this, but again, this will not save you if you boot outside of Magisk.
    • wsm: On Android 10 and 11, this service prevents Samsung smartwatches from connecting to the Galaxy Wearable app.
    • Extra services are disabled as needed per device.

    Furthermore, when the ZIP file is renamed to contain the string _btfix somewhere in the name and the file is then flashed on a supported Android 10 device, the system's libbluetooth.so library will be patched in situ to prevent the loss of Bluetooth pairings across reboots. This is a recurring issue with many rooted Samsung devices manufactured before 2020 and updated to Android 10. Devices launched in 2020 and later do not need this patch.

    The multi-disabler's support for this solution is limited to a relatively small number of Samsung devices and is deprecated as of v3.0. It will be removed in a future release.

    If you find that patching fails on your device, please refer to Arthur Trouillot's superior libbluetooth patcher, which supports a much wider variety of devices.

    The multi-disabler is written in Bourne shell, so you can — and ideally should — audit the code yourself to ensure its safe operation. It's performing open-heart surgery on the software of your device, so you should not simply trust it. Apart from anything else, bugs can creep in from time to time, despite or sometimes even because of my refactoring of the code.

    The multi-disabler is idempotent, which means you can safely flash it multiple times without incurring unintended side-effects.

    The package is attached to this posting and the code is available on GitHub.
    26
    Change log

    v3.1 (2020-12-30)

    • Fix failure to detect a Samsung device on some versions of TWRP.
    • Make deprecated libbluetooth patching also work on devices originally launched on Android 9 and later updated to Android 11.

    v3.0 (2020-12-29)

    • Add support for Android 11.
    • All Samsung devices running Android 9 or later are now implicitly supported.
    • Fix bug that caused disablement of stock recovery auto-reflash to fail on Android 10 devices.
    • Improve progress and error reporting.

    v2.6 (2020-10-05)

    • Add support for the North American Z Fold2 (F916U/U1).
    • Add support for the A71 (A715F).
    • Add support for the Note10 Lite (N770F).

    v2.5 (2020-09-14)

    • Fix issue of 2019 devices upgraded to OneUI 2.5 (DTH firmware) not booting after flashing.
    • Add failsafe logic for robust mounting of System partition by devices using very recent TWRP builds from the Android 10 branch (e.g. S20, N20, Tab S7 and Z Fold2).
    • Disable cass service on S10 and N10 series devices (required for OneUI 2.5).
    • Added an extra path to files searched for Vaultkeeper service disabling.
    • Added an extra path to files searched for cass service disabling.
    • Added support for the Z Fold2 (F916B/N and F9160).

    v2.4 (2020-09-10)

    • Added support for many new 2020 devices, such as the S20 and Note20 ranges, as well as the Tab S7 and Tab S7+ ranges.
    • Fixed mode of patched Bluetooth library to match original.
    • Other minor bug fixes.

    v2.3 (2020-04-11)

    • Support Snapdragon-based devices that have been upgraded to Android 10, such as the F900[FN] (Fold), F907[BN] (Fold 5G), T860 (Tab S6) and T865 (Tab S6 LTE), as well as Asian S10 and Note10 models.
    • Improve robustness of libbluetooth patching.

    v2.2 (2019-12-13)

    • Disable wsm service to allow Samsung smartwatches to connect to Galaxy Wearable app (thanks to Andrei Seitan).
    • Support optional patching of system libbluetooth.so for retention of Bluetooth pairings across reboots (thanks to Arthur Trouillot).
    • Remove undocumented interactive mode.

    v2.1 (2019-12-04)

    • Fix disabling of Vaultkeeper and proca in the vendor interface manifest.
    • Add support for N971N (Korean N10 5G).

    v2.0 (2019-11-30)

    • Add support for Exynos-based devices upgraded to Android 10.
    • Add support for T72[05].

    v1.7 (2019-10-20)

    • Add generic support for Qualcomm devices.
    • Support the Qualcomm S10 (G9700, G9730 and G9750), Note10 (N9700, N9750 and N9760), Tab S6 (T860 and T865) and Fold (F900F and F907B) ranges.
    • Add support for more Korean (N type) variants.

    v1.6 (2019-09-18)

    • Add support for more variants of A50: A505([YG]N|G).
    • Fix A205G detection.

    v1.5 (2019-09-13)

    • Added support for A10 - A50 and Tab A 10.1.

    v1.41 (2019-08-28)

    • Added support for N976B (Note 10+ 5G).

    v1.4 (2019-08-28)

    • Changed regex that caused too much of $ANDROID_ROOT/init.rc to be commented out by some versions of sed(1).

    v1.3 (2019-08-18)

    • Updated to work with TWRP 3.3.1-6_ianmacd and later for the S10 range.
    • Added support for Note 10 and Note 10+ F and N model devices.

    v1.2 (2019-06-17)

    • Added support for G977B (S10 5G) model devices.

    v1.1 (2019-04-22)

    • Fixed stock recovery auto-reflash prevention.
    • Added support for N (Korean) model S10 devices.

    v1.0 (2019-04-09)

    • Initial version, supporting F model S10 devices.
    11
    Version 2.2 released.

    Change log

    v2.2 (2019-12-13)

    • Disable wsm service to allow Samsung smartwatches to connect to Galaxy Wearable app (thanks to Andrei Seitan).
    • Support optional patching of system libbluetooth.so for retention of Bluetooth pairings across reboots (thanks to Arthur Trouillot).
    • Remove undocumented interactive mode.

    See the OP for details of how to indicate that you want libbluetooth.so to be patched.
    11
    Just a question: is this to be flashed after rooting with johnwu magisk root process or which rooting method would u advice?

    If rooting with Magisk alone and in accordance with John Wu's instructions, this disabler isn't needed. If you're going to use a rooted TWRP image instead of stock recovery, however, then you're probably going to want to flash it.
    11
    Version 2.0 released.

    This major version bump heralds the addition of support for Android 10.

    Earlier this week, the S10 series became the first Samsung devices to receive an official production release of Android 10. It's a fitting development for the product line that was also Samsung's first to come with Android 9 earlier this year. Indeed, those devices are what inspired the multi-disabler project that has since expanded to so many other devices.

    Change log

    v2.0 (2019-11-30)

    • Add support for Android 10.
    • Add support for T72[05].