So Zygote is asking root permission from years I've been rooting phones never came by this, I scanned my phone and no malware found, I've sesrched internet is supposed to be a normal android process but since I've always denied its permission and phone runs normal i have doubt on what it is.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Sent from my SM-G900T using Tapatalk
It seems an Init process. I think it doesn't need root to work correctly
Hi, I've just had this pop up on my rooted RedMi Note 3 Pro, alongside whatsapp asking for root too, I'm not the only one to experience this, this guy here did too:
http://android.stackexchange.com/questions/166211/why-are-zygote-and-whatsapp-asking-for-root
given this, mine, and that guy experienced this all this year(only being 13 days into January) so all around the same time, I'd suspect we're witnessing some kind of malware
I will post in the Xiaomi board also about this and reference this post.
Same here.
I'm on a fresh install and this zygote su request wasn't appearing until I reinstalled all my apps so thinking it may have come from one of the apk's?
Another forum states that zygote is run at such a raw level that it simply would never request root.
With recent viruses masquerading with zygote, I am for now denying su requests with little to no adverse effects.
Can anyone confirm for certain that zygote should never need to request root? Is there anyway to dig out the rogue source/apk when av apps are showing nill?
samsung i9505 | resurrection remix | android 6
Take a look at this for Zygote
https://www.xda-developers.com/supersu-beta-lollipop-root-stock-kernel/
@gogglebot
As for Whatsapp asking for root priv, guess you have the xposed module "Whatsapp Extensions" installed
https://forum.xda-developers.com/showpost.php?p=68477859&postcount=3
Related
Hi,
The file kjrnl.nb was seeking root access from SuperSU today. It was denied access to root and thereafter I don't see any difference with the phone.
Anyone here can shed some light; from what / where this file came from ? Thanks.
Phone: Galaxy Note N7000.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I up that, I've got the same file requesting for a bunch of permissions today, out of nowhere.
Anyone knows what might that be?
It popped up when I clicked on the Prepay Widget Lite widget, which already has root permissions granted (it fetches USSD code updates like account balance and presents the results in a nice widget).
Hi there, just had the same file request root access as well. I made the mistake of granting and noticed it started to tamper with iptables. Does anyone know what this file is? No info on it all I can find?
Sent from my iPad using Tapatalk
Wow, nobody know? Really?
The other disturbing thing, after this request pops up the next time you visit the SuperSU gui your prompted with a request to update the binary. I did initially allow it access and it proceeded to modify iptables
Sent from my iPad using Tapatalk
Old thread but same problem.
Have you found the origin of this file? It runs only when I boot the phone (n910c) and I can't find the file kjrnl.nb but it shows running with "busybox ps". It might be something that gets uncompressed realtime during boot. I have always to kill the PID after boot.
Thanks for any insight.
Hello. This will be my first post since I registered. I've been lurking for a bit, trying to get my Tab E 8.0 (Sprint) rooted, and xposed installed. I have narrowed it down to the framework being the ARM variety. At least I can assume that. I have 6.0.1, so with that said, that is Marshmallow right?
I install that using TRWP, and it restarts, but never gets past the Sprint Logo. Not sure why that is, but it wont' boot past that. I recover using the uninstaller, and everything is back to normal.
Is there a different type of framework for samsung tablets? Or am I just not doing something right. TIA.
kxwarrior said:
there a different type of framework for samsung
Click to expand...
Click to collapse
The above snippet from your post is the answer.
1st, in the xPosed read-only sticky thread you'll see the following
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
If your samsung ROM is stock or stock based, that means it is touchwiz so you need to find the build of xPosed that the picture suggests
Next in the XDA search box type
Samsung xposed marshmallow.
Find the most authoritative looking of the threads (hint: it starts with "unofficial") read THE ENTIRE THREAD (if you don't have time to skim it, then you don't have the time necessary to do this right and should leave device modification alone). You can and will break your phone if you do it wrong, so after reading the thread you are unsure where to go from there (such as how to remove the incorrect xPosed) ask in that thread, they will be happy to help.
Second secret hint (but don't tell me I told you): the developer of the xPosed you want is AWESOME! his name is Wanam
Has anyone successfully fooled safetynet in an emulator? Maybe it'd be enough to block application's calls to it. Way to do this would be:
1. Somehow boot OEM rom or copy init.rc and build.prop
2. get magisk working using https://github.com/shakalaca/MagiskOnEmulator
3. Trick GMS using some combination of EDXPOSED, https://github.com/microg/RemoteDroidGuard and https://github.com/Felixho19/CuckooWithFrida.
Thoughts?
SafetyNet: Google's tamper detection for Android · Yiannis Kozyrakis ~ blog
thoughts on mobile security
koz.io
mcdoe123 said:
Has anyone successfully fooled safetynet in an emulator? Maybe it'd be enough to block application's calls to it. Way to do this would be:
1. Somehow boot OEM rom or copy init.rc and build.prop
2. get magisk working using https://github.com/shakalaca/MagiskOnEmulator
3. Trick GMS using some combination of EDXPOSED, https://github.com/microg/RemoteDroidGuard and https://github.com/Felixho19/CuckooWithFrida.
Thoughts?
SafetyNet: Google's tamper detection for Android · Yiannis Kozyrakis ~ blog
thoughts on mobile security
koz.io
Click to expand...
Click to collapse
I got root to install stable magisk through this tutorial, however I'm looking for a way to get past safetynet as well.
Android 11 (api 30)
Skin - Pixel_3a_API_30_x86
Windows 10 64bits
In the terminal it even shows the change of props. But it doesn't pass the tests
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Do you have any news?
Hey everybody.
I'm trying to start my McDonald's app but it always gives me this message where it says that my device doesnot pass the security check. I tried magisk hide, I deleted app data and reinstalled, i deleted the twrp folder in the root of my phone. It still gives me this message and i really don't know what to do. there has to be a solution. Please help
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
It's a long term issue with McDonald's own paranoid security check. There's a chance it's also country specific, as I no longer have that problem recently. At least I can open the app and see ongoing promos. But I haven't tested redeeming coupons and such.
use my tutorial for mario kart, works with mcdonalds app and many others who detect root.
here: https://forum.xda-developers.com/t/discussion-mario-kart-tour-magisk-discussion-thread.4087357/
hotmountner2310 said:
Hey everybody.
I'm trying to start my McDonald's app but it always gives me this message where it says that my device doesnot pass the security check. I tried magisk hide, I deleted app data and reinstalled, i deleted the twrp folder in the root of my phone. It still gives me this message and i really don't know what to do. there has to be a solution. Please help
Click to expand...
Click to collapse
Hello there, would you like to check my method? Found it this morning, works for me.
Hello there.
I am still rather new to android but understand some things. For example, I have note 10 pro with Arrow OS installed on it. Wanted it for privacy (thanks xioami, had to give them all details to unlock bootloader, woops) and get rid of bloat.
I have noticed on my last charge that microg services seem to be running. Which seems odd to me as I have disabled it (from settings app), and don't have many apps which need it. (ones which do are disabled also)
So my question is, what could be cause for it using 33℅ battery?! And where can I get further logs to understand what's going on.
If I'm running 33℅ on service I don't use, then that could be extra day or 2 for me not charging.
Pictures for reference
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Here's just showing its run as a background app.
Sorry for noob first question, with full ambiguity. Please be gentle
I have come to realise that I may have disabled it, but I have rebooted my phone a few times so it probably would re-enable.
Question still stands, can I get further logs to understand why its using 33%? Thanks
Try investigate further with betterbatterystats (grab it from xda or play store). Grant any permissions that requires (root isn't mandatory). In my old experience with microg, it might be caused by the cloud messaging service, try to increase the ping intervals to 10 minutes or greater. But your case might different.