Getting Safety Net to Pass Again After Uninstalling Xposed? - Magisk

After installing Xposed I realized its current functionality isn't what it used to be so I uninstalled it to restore the ability to pass Safety Net, and it fails both the ctsProfile and basicIntegrity checks. What do I need to do to fix that?
I have Magisk 14.3 installed on a ZTE Axon 2017U, Android 7.1.1, if any of that is relevant.

Cyrus D. said:
After installing Xposed I realized its current functionality isn't what it used to be so I uninstalled it to restore the ability to pass Safety Net, and it fails both the ctsProfile and basicIntegrity checks. What do I need to do to fix that?
I have Magisk 14.3 installed on a ZTE Axon 2017U, Android 7.1.1, if any of that is relevant.
Click to expand...
Click to collapse
You shouldn't have to do anything else - I just tested, and just unchecking Xposed in my Magisk modules list and rebooting was all it took to get SafetyNet completely passing again. No other mods or alterations to /system that might have made it angry?

Xposed triggers SafetyNet, period. There's a Xposed module to pass the CTS profile check but you can't fully pass SafetyNet with Xposed active.

Jaitsu said:
You shouldn't have to do anything else - I just tested, and just unchecking Xposed in my Magisk modules list and rebooting was all it took to get SafetyNet completely passing again. No other mods or alterations to /system that might have made it angry?
Click to expand...
Click to collapse
I didn't have it installed as a module, I had it installed separately. I have it uninstalled now. I don't know what else I could have done to cause Safety Net's check to fail.
Didgeridoohan said:
Xposed triggers SafetyNet, period. There's a Xposed module to pass the CTS profile check but you can't fully pass SafetyNet with Xposed active.
Click to expand...
Click to collapse
I have it uninstalled completely. Any ideas what residual changes could cause this issue?

Cyrus D. said:
I didn't have it installed as a module, I had it installed separately. I have it uninstalled now. I don't know what else I could have done to cause Safety Net's check to fail.
I have it uninstalled completely. Any ideas what residual changes could cause this issue?
Click to expand...
Click to collapse
Ah... I didn't first understand you had uninstalled it in an attempt to pass SN.
Try a dirty flash of your ROM/factory image/firmware package.
Don't forget to uninstall the Xposed installer.

Just want to update that I got it working by running the uninstaller again from TWRP. Apparently the in-app "recovery" uninstallation didn't work properly despite reporting it did.
Edit: I just realized that Netflix was not updating because of it detecting Safety Net checks failed. That company is disgusting. It's locked to 720p outside of systems that have newer DRM, meaning on a PC you have to use Microsoft Edge, nothing else will work. And even then you can't get over 1080p unless it's attached to a certified DRM machine/qualified TV, and has a latest generation Intel chip for more built-in hardware DRM. I wish I was making this up, and I wish I knew that before I was paying for a "4K" account.

Cyrus D. said:
Just want to update that I got it working by running the uninstaller again from TWRP. Apparently the in-app "recovery" uninstallation didn't work properly despite reporting it did.
Edit: I just realized that Netflix was not updating because of it detecting Safety Net checks failed. That company is disgusting. It's locked to 720p outside of systems that have newer DRM, meaning on a PC you have to use Microsoft Edge, nothing else will work. And even then you can't get over 1080p unless it's attached to a certified DRM machine/qualified TV, and has a latest generation Intel chip for more built-in hardware DRM. I wish I was making this up, and I wish I knew that before I was paying for a "4K" account.
Click to expand...
Click to collapse
So actually you mean there was no SafetyNet pass after installing with Xposed uninstaller? Did you eventually fixed it? I guess it's a matter of deleting a few leftover files. Can you point out which files you've deleted (if any) and their storage path1? However, I think you can check these out by looking into the actual Xposed framework zip...
Sent from my Z2 Play using XDA Labs

The Analog Kid said:
So actually you mean there was no SafetyNet pass after installing with Xposed uninstaller? Did you eventually fixed it? I guess it's a matter of deleting a few leftover files. Can you point out which files you've deleted (if any) and their storage path1? However, I think you can check these out by looking into the actual Xposed framework zip...
Sent from my Z2 Play using XDA Labs
Click to expand...
Click to collapse
I actually don't remember much of anything, I switched to a Galaxy S9+ a long time ago and haven't looked back. I thought it'd be intolerable being on a locked device, but so far most functionality seems to work. With ADB commands most things more or less work, such as Greenify. Too bad I can't uninstall all the bloatware (using ADB commands to uninstall them just result in them being reinstalled on reboot).
This is kind of unfortunate for me because now I plan on sticking with Samsung devices, which are usually insanely priced and I have a real beef with Samsung. I got mine on a special promotion for getting $50 contract instead of a $40 one, + $25/m for 24 months for the phone. So $600 for the phone and an extra $120 which I wouldn't have paid otherwise (in Canadian dollars) but I do get some useful functionality out of it so whatever.

Related

Samsung Pay and Magisk

Has anyone gotten Samsung Pay to work with Magisk? I've got it installed as a gear plugin and safetynet passes. However, somehow Samsung Pay still detects root, even though it's hidden in magisk hide.
Same. Then this droidx program protecting pay app
Sent from my SM-N910V using XDA-Developers Legacy app
Try the universal safteynet net module
Is your Knox tripped? Samsung Pay might check that independently of the root-status of your phone.
grymkmb said:
Is your Knox tripped? Samsung Pay might check that independently of the root-status of your phone.
Click to expand...
Click to collapse
I'm on an LG
I've got the same issue with galaxy tab 3
I got warranty bit warning was showing on the boot screen, so I'm pretty sure I triggered Knox. The reason I was using magisk was to prevent this issue, but I guess Google figured out how to detect its presence. I downloaded a fresh copy of the firmware, which will cause Knox to reset but it also factory resets the tablet. I will still use magisk on my new s8+ phone. I hope magisk will work more effectively to where I can use exposed and its modules. After jellybean, magisk wasn't able to allow exposed to be used because of the way Android sets up its environment to execute apps. Hopefully soon a work around will be accomplished especially since Oreo is coming to my two devices by the end of the year, I guess if not sooner.
Same problem here; Magisk works but Samsung pay won't work
Even tried freezing magisk. Though still no go must be detecting something.
hkbladelawhk said:
Has anyone gotten Samsung Pay to work with Magisk? I've got it installed as a gear plugin and safetynet passes. However, somehow Samsung Pay still detects root, even though it's hidden in magisk hide.
Click to expand...
Click to collapse
I tried the same thing but couldn't make it work. I think it is due to the fact that the "System Status" is custom (or modified) since magisk modifies the "boot" partition, and that you probably installed a custom recovery to install magisk. That's why OTA also don't work without first flashing back the original boot and recovery images. I don't have an LG to verify that the "System Status" appears on those.
If it does, what could be tried is to install xposed and a module that fakes the system status (if you've got marshmallow or before)
sevenday4 said:
I got warranty bit warning was showing on the boot screen, so I'm pretty sure I triggered Knox. The reason I was using magisk was to prevent this issue, but I guess Google figured out how to detect its presence. I downloaded a fresh copy of the firmware, which will cause Knox to reset but it also factory resets the tablet. I will still use magisk on my new s8+ phone. I hope magisk will work more effectively to where I can use exposed and its modules. After jellybean, magisk wasn't able to allow exposed to be used because of the way Android sets up its environment to execute apps. Hopefully soon a work around will be accomplished especially since Oreo is coming to my two devices by the end of the year, I guess if not sooner.
Click to expand...
Click to collapse
Sorry, once knox is tripped there is no going back. However, installing Magisk fools the phone into thinking knox is still untriggerred (0x0). By reflashing the original firmware, what you did is restore the "boot" partition that was modified by magisk. By doing that, your phone should get back its "official status", allowing OTA. However, Knox will stay tripped. Anyway, Knox does little... and is only used by samsung softwares.
There is nothing that we can do about it because Samsung Pay checks the tripped status on kernel level so it's impossible.
Iradj said:
There is nothing that we can do about it because Samsung Pay checks the tripped status on kernel level so it's impossible.
Click to expand...
Click to collapse
Booo!
someone please made an apps that can hide or fake the Knox status.
Iradj said:
There is nothing that we can do about it because Samsung Pay checks the tripped status on kernel level so it's impossible.
Click to expand...
Click to collapse
This is possible by disabling safetynet check at boot level before compiling the kernel
Iradj said:
There is nothing that we can do about it because Samsung Pay checks the tripped status on kernel level so it's impossible.
Click to expand...
Click to collapse
Does this apply for non-Samsung phones? I understand that Knox has a tripped flag, but on a non-Samsung phone, what exactly is "tripped"? As with everyone else, I'm pretty frustrated that I still can't use Samsung pay, even on a phone that passes safety checks and has MagiskHide.
gghose said:
Does this apply for non-Samsung phones? I understand that Knox has a tripped flag, but on a non-Samsung phone, what exactly is "tripped"? As with everyone else, I'm pretty frustrated that I still can't use Samsung pay, even on a phone that passes safety checks and has MagiskHide.
Click to expand...
Click to collapse
Works for me on a Samsung phone, after hide I just had to rename all busybox exe's.
Doesn't work for me on a OnePlus 3T, OOS 4.1.7, rooted with Magisk 14.0. This stopped working after the Samsung Pay (Gear version) was updated right around August 21st. Maybe I'm just missing one or more binaries or apps that still must be hidden. I don't have any busybox apps installed, though I previously did, and I removed the busybox binaries where I knew to find them. Maybe it's detecting Magisk's su install, or some other binary I still need to remove. SafetyNet passes just fine, and I can use AndroidPay and CapitalOneWallet on the phone, but I can't use the SPay tab in the Gear app without getting the "rooted phone" message.
Magisk hide 14
Hi Yeti47: I have a samsung galaxy s8 sm-g950f. It is rooted wit renovate ice and magisk 14. What modules I have to check in magisk hide to make samsung pay working? Please answer me in [email protected]. Thank you so much. Bye.
Finally solved it. Busybox can be installed in /data/local, apart from /system/xbin or /system/bin. Samsung Pay will find it there. After I removed it, I was able to get Samsung Pay (Gear Version) working again on my OnePlus 3T.
Spot on fella, just got it working on OP5 with lineage ROM.
dcbii said:
Finally solved it. Busybox can be installed in /data/local, apart from /system/xbin or /system/bin. Samsung Pay will find it there. After I removed it, I was able to get Samsung Pay (Gear Version) working again on my OnePlus 3T.
Click to expand...
Click to collapse
Root explorer won't let me remove it from xbin. How exactly did you do it?
Sent from my iPad using Tapatalk

Apps refuse to start because phone being rooted but it isn't!

At least 2 of my Apps refuse to start. One is my banking app and they do not offer any other way of interaction.
The problem is that the phone in fact is not rooted! It's just "OEM unlocked" to be prepared for root (which I need for E.g. titanium backup, but only maybe once a month).
Please give me a way out of this vicious circle!
I cannot remove the OEM unlock because it requires full wipe every time. Or is there a way?
Or what can I possibly tell the App Provider to improved their Code so that Oneplus phone state is being recognized (more) correctly?
Any help would be greatly appreciated.
Use Magisk I guess? Use it to hide root from that app.
Reeb_Lam said:
Use Magisk I guess? Use it to hide root from that app.
Click to expand...
Click to collapse
In fact I already flashed an official image and still (with no zip installed via TWRP) I'm getting refusals from these apps.
So for sure some apps decide from something else then simply an installed "root" manager or the installed "su" binaries.
What else could they decide from? "OEM unlock" was my first guess (and it would also be the worst, because as far as I know it can't be "hidden" temporarily, or can it?), but maybe there are other settings. Does anybody know more?
ako673de said:
In fact I already flashed an official image and still (with no zip installed via TWRP) I'm getting refusals from these apps.
So for sure some apps decide from something else then simply an installed "root" manager or the installed "su" binaries.
What else could they decide from? "OEM unlock" was my first guess (and it would also be the worst, because as far as I know it can't be "hidden" temporarily, or can it?), but maybe there are other settings. Does anybody know more?
Click to expand...
Click to collapse
You need to do some reading about Safetynet. If you're OEM unlocked you fail Verified Boot checks. Most custom Kernels include a bypass for this. Magisk alone should also work. I think you missed one important step:
Open Play Store Settings. Scroll down. It says 'Uncertified' at the bottom, right? Now install and set up Magisk. Go to system App Settings and clear Data and Cache for Play Store. Return to the Play Store Settings and scroll down. Now it should say 'Certified'. It might not be immediate, but it will happen. Now your Banking Apps work.
If you don't want, or have no luck with Magisk, simply flash a Custom Kernel that bypasses Verified Boot, and works with OOS.
Simple.
Thank you. That was for sure a major part of the overall issue. Unfortunately it didn't yet fix it. I'm now certified in play store and magisk succeeds with both safety net checks (which however it also did before). And root is disabled in magisk. dm-verity does not show the warning during Boot and the Check itself should be disabled (I followed the recommendation in another Thread to Patch the Boot Image).
Anything else you can imagine?
ako673de said:
Thank you. That was for sure a major part of the overall issue. Unfortunately it didn't yet fix it. I'm now certified in play store and magisk succeeds with both safety net checks (which however it also did before). And root is disabled in magisk. dm-verity does not show the warning during Boot and the Check itself should be disabled (I followed the recommendation in another Thread to Patch the Boot Image).
Anything else you can imagine?
Click to expand...
Click to collapse
Link to other Thread?
I don't know Magisk but are you hiding Root from your Banking App? Have you cleared Data and Cache for the Banking App since getting Certified?
First my phone did not Boot any more after installing superSU. Fixed that by patching Boot.img (to disable dm-verity) according to this thread: https://forum.xda-developers.com/oneplus-3t/how-to/disable-dm-verity-force-encryption-op3t-t3688748
Now data and cache of all (now) 3 affected Apps has been cleared and Magisk is configured to be hidden for them, but still no change.
However, in Magisk there is the "extended" option "AVB 2.0/keep dm-verity", which is unticked. I'm not sure, should I try to set it?
Any other idea?
ako673de said:
Any other idea?
Click to expand...
Click to collapse
Nope. If Play Store says Certified you should be good to go. I can only imagine it's a Magisk issue. Post screenshots of your config and let the Magisk experts pick through them. Maybe there's something not set up correctly.
ako673de said:
First my phone did not Boot any more after installing superSU. Fixed that by patching Boot.img (to disable dm-verity) according to this thread: https://forum.xda-developers.com/oneplus-3t/how-to/disable-dm-verity-force-encryption-op3t-t3688748
Now data and cache of all (now) 3 affected Apps has been cleared and Magisk is configured to be hidden for them, but still no change.
However, in Magisk there is the "extended" option "AVB 2.0/keep dm-verity", which is unticked. I'm not sure, should I try to set it?
Any other idea?
Click to expand...
Click to collapse
Hide Magisk Manager. I had to do that to get my banking app to work.
Edit: you may need to reboot after hiding Magisk Manager and clear you banking app's data before it works.
Sent from my OnePlus3T using XDA Labs
Thank you, indeed that WORKED! Well, at least for 2 out of 3 Apps. I think I can tell which one: "HVB banking". Maybe could somebody cross-check this one on his/her phone?
After firmware update to OOS 5.0.5 I now have the problem that my PlayStore can no longer be convinced in any way to show that it's certified. But interestingly my banking Apps work (currently really no root app installed). I even waited for one day because earlier in this thread somebody mentioned that it might take awhile. Is there anything special I need to care about under the new OS version?
ako673de said:
After firmware update to OOS 5.0.5 I now have the problem that my PlayStore can no longer be convinced in any way to show that it's certified. But interestingly my banking Apps work (currently really no root app installed). I even waited for one day because earlier in this thread somebody mentioned that it might take awhile. Is there anything special I need to care about under the new OS version?
Click to expand...
Click to collapse
Did you reflash custom kernel after update?
I'm not using any. What I did right after the update is to disable dm-verity (with a patched boot.img), like I did last time. But magisk is not yet re-installed because I wanted to see at least once the HypoVereinsbank App working, which it in fact does (different to last time when the phone was not rooted as well, and the store not certified!).
ako673de said:
But magisk is not yet re-installed
Click to expand...
Click to collapse
That's why... You can't pass the ctsProfile check if your bootloader is unlocked, and if you can't pass the ctsProfile check the Play Store won't be certified. You need Magisk for that...
Now I'm getting confused. The initial mail of this thread explains the situation as it was when I opened this thread:
--> Original ROM, no root, and banking apps didn't work <--
The advice to clear data of the PlayStore immediately brought the PlayStore back to "certified".
This is clearly in contrast to what you're saying now.
I can imagine only one reason: Maybe the older PlayStore had a bug and therefore was able to "certify" even with unlocked bootloader?
Sidenote: My main intention to do the firmware upgrade was that the "safety net checks" in Magisk suddenly stopped working one day (with the error message "invalid response", most probably you know what I'm talking about, I've read some comments from you on this issue). Therefore it's maybe really not too unlikely that Google has changed something very basic. Could you please confirm?
Edit: Now magisk is back, version 16.7, and in fact PlayStore is back to "certified" AND now even the HypoVereinsbank App works. Just one thing remains: magisk safety net check still says "invalid response" (after it downloaded some "FOSS" code, which it didn't do last time, when it was still working).
ako673de said:
Edit: Now magisk is back, version 16.7, and in fact PlayStore is back to "certified" AND now even the HypoVereinsbank App works. Just one thing remains: magisk safety net check still says "invalid response" (after it downloaded some "FOSS" code, which it didn't do last time, when it was still working).
Click to expand...
Click to collapse
https://www.didgeridoohan.com/magisk/MagiskHide#hn_The_response_is_invalid
Sorry, now comes a probably often asked question: do I need the safetynet check option in magisk for something real? Or do the alternative apps fulfill all possible needs? What are these needs? Isn't that exactly what the PlayStore does to determine "certified"?
After quite some months of absolutely no "root" problems with any of my apps, since today o2banking again doesn't work.
I tried to update Magisk, but after update of the Magisk manager app to v7.1.1(203) it reports that Magisk is not installed at all, and any update of Magisk itself resulted in just the same. So I reverted back to v6.1.0(165) and everything seems to be okay, except that o2banking doesn't work. SafetyNet is clean, Magisk is hidden for o2banking and Magisk manager is repacked.
Does anybody know what the problem might be? Especially with that new version of the manager app, but also with Magisk v19.0 which cannot be installed from v6.1.0 (max. is v18.1). Any ideas welcome! I'm now on OOS 5.0.8 by the way.
SOLVED it myself: As mentioned somewhere in the update FAQ of Magisk there was a bug in manager v6.1.0 that causes the updated v7.1.1 to co-exist with the old version if the old version has been re-packed. If anybody encounters the same problem, the solution is at the bottom of this page: https://www.didgeridoohan.com/magisk/ManagerIssues.
o2banking will then still not work. Update to v19.0 is mandatory. But that is no problem then any more...
probably your banking app identified oxygen os as custom rom and have root. 1 out of 3 banking app in my phone doesn't work with lineageos even though i already hide magisk, but when running oxygen os with magisk hide, and also hide magisk manager (turn it on in magisk manager setting) all 3 banking app work just fine. maybe try sending a message to bank app developer to add oxygen os as exception.
Did you notice my edit? It was a problem with magisk manager update and magisk main version. Now everything is back up and running.

[Discussion] Bypass root detection Fidor banking app

Hi, my original plan was keeping my OP7 root-free because I need that banking app - which has an incredibly good root detection.
Long story short, a few days later and went back to my old habits... Magisk, Kernel, you name it. And the banking app stopped working again.
I do pass the safetynet test, have repackaged Magisk Manager. Google Pay is working like a charme. But Fidor bank seems to be better than Google, at least in this regard. I tried logging traffic using adguard, the app does not connect to anything, no dns requests as well.
Most of the times the app won't start at all, sometimes the first screen flashes for a very short period, and sometimes chrome opens with a webpage from the bank telling me my device is modified. How the **** do they know?
Maybe you guys may have a hint in what direction I could continue poking, because carrying a second phone just for banking is a little bit overkill...
h0l said:
Hi, my original plan was keeping my OP7 root-free because I need that banking app - which has an incredibly good root detection.
Long story short, a few days later and went back to my old habits... Magisk, Kernel, you name it. And the banking app stopped working again.
I do pass the safetynet test, have repackaged Magisk Manager. Google Pay is working like a charme. But Fidor bank seems to be better than Google, at least in this regard. I tried logging traffic using adguard, the app does not connect to anything, no dns requests as well.
Most of the times the app won't start at all, sometimes the first screen flashes for a very short period, and sometimes chrome opens with a webpage from the bank telling me my device is modified. How the **** do they know?
Maybe you guys may have a hint in what direction I could continue poking, because carrying a second phone just for banking is a little bit overkill...
Click to expand...
Click to collapse
Did you clear data of the banking app after Repackaging Magisk & adding it to Magisk Hide? I assume you did it.
Sent from my OnePlus6T using XDA Labs
DarkSJ1998 said:
Did you clear data of the banking app after Repackaging Magisk & adding it to Magisk Hide? I assume you did it.
Sent from my OnePlus6T using XDA Labs
Click to expand...
Click to collapse
I did. And rebooted. And reinstalled. And combinations of those.
A short screenrecord of what is happening as soon as I try to open the app can be found here (youtube link)
I have the exact same Problem
Everything works: Netflix, other banking apps, etc.. Just Fidor. I do not really know how their detection works, but I assume it's not just a root detection.
The weird thing is, it worked flawlessly 2 years ago Now it's just annoying..
Waited a few versions oft Magisk now, however nothing changes.
You're not alone
https://www.didgeridoohan.com/magisk/MagiskHide#hn_Hiding_root_from_apps
Same problem here ... since the new fidor version v3.14 is out, no way to getting it to work. Downgrade to 3.12 is futile, it forces the update to 3.14 immediately.
As an amendment to my post above (where you'll find pretty much all you need to hide from almost any app), I've successfully tested and hidden root from Fidor v3.14.0.1.
https://forum.xda-developers.com/showpost.php?p=79997227&postcount=98
Thank you, the issue seems to have been addressed there. But as far as I can see, the canary version does not have the optional modules, correct? So I think, unfortunately I will have to wait for an adapted release of the regular magisk.
rpc75 said:
But as far as I can see, the canary version does not have the optional modules, correct?
Click to expand...
Click to collapse
I have no idea what that means... Magisk modules works just fine on the Canary releases.
Didgeridoohan said:
As an amendment to my post above (where you'll find pretty much all you need to hide from almost any app), I've successfully tested and hidden root from Fidor v3.14.0.1.
https://forum.xda-developers.com/showpost.php?p=79997227&postcount=98
Click to expand...
Click to collapse
Thanks for sharing!
I have successfully installed the canary Magisk, have Magisk hide enabled, safetynet pass etc.
All bank apps work after adding them to the hide list, for example trying "Kontist" w/o hide gave error, with hide it works.
However, Fidor (3.14.0.1) is still not working for me :/
The app stays open for 1-2 seconds on the canary build, quite a bit longer than on stable version (instant close), clean cache + clean app data, still no luck.
So Fidor must use another detection method that the other bank apps don't have.
Any advice would be greatly appreciated!
dagoban said:
Thanks for sharing!
I have successfully installed the canary Magisk, have Magisk hide enabled, safetynet pass etc.
All bank apps work after adding them to the hide list, for example trying "Kontist" w/o hide gave error, with hide it works.
However, Fidor (3.14.0.1) is still not working for me :/
The app stays open for 1-2 seconds on the canary build, quite a bit longer than on stable version (instant close), clean cache + clean app data, still no luck.
So Fidor must use another detection method that the other bank apps don't have.
Any advice would be greatly appreciated!
Click to expand...
Click to collapse
https://www.didgeridoohan.com/magisk/MagiskHide#hn_Hiding_root_from_apps
Similar Problem, my bank brought out a new app, that is detecting the root/custom rom somehow. The app closes and shows me security bull**** about root, jailbreak, custom roms. I don't know how everything should be hidden, SafetyNet checks out but this app can detect it. No idea how.
alike03 said:
Similar Problem, my bank brought out a new app, that is detecting the root/custom rom somehow. The app closes and shows me security bull**** about root, jailbreak, custom roms. I don't know how everything should be hidden, SafetyNet checks out but this app can detect it. No idea how.
Click to expand...
Click to collapse
Check the link, one post before yours...
Didgeridoohan said:
Check the link, one post before yours...
Click to expand...
Click to collapse
Thanks, I was already going through that one.
Turns out the Banking app was detecting the Original Magisk Package.
Hiding Magisk Manager itself fixed my problem. Thanks for the link.
Didgeridoohan said:
https://www.didgeridoohan.com/magisk/MagiskHide#hn_Hiding_root_from_apps
Click to expand...
Click to collapse
Still did not get Fidor to work. Crashes after the initial first 2-3 seconds. If I uninstall Magisk it works again. Disabling modules, delete files from sd-card, etc. didn't change a thing.
This also seem not to be the problem, since it works after uninstalling Magisk.
Fidor is hidden from Magisk, Magisk is repacked with other name.
Mind giving specific instructions on what you did to make Fidor work on your device?
Thyrador said:
Mind giving specific instructions on what you did to make Fidor work on your device?
Click to expand...
Click to collapse
It's all right there in the link provided. I'm not doing anything that's not described there... Of course, there's a whole lot of things there that I didn't do.
Here's my setup:
Android Pie.
Magisk v19.4 (19307), with hidden Manager.
The app on the Hide list.
My internal storage is full of Magisk files and I never bother to disable any modules (all of the ones I have installed can be hidden without issue). I also have OEM Unlocking disabled, but that's just by chance and not something I've done because of an app detecting it...
Didgeridoohan said:
It's all right there in the link provided. I'm not doing anything that's not described there... Of course, there's a whole lot of things there that I didn't do.
Here's my setup:
Android Pie.
Magisk v19.4 (19307), with hidden Manager.
The app on the Hide list.
My internal storage is full of Magisk files and I never bother to disable any modules (all of the ones I have installed can be hidden without issue). I also have OEM Unlocking disabled, but that's just by chance and not something I've done because of an app detecting it...
Click to expand...
Click to collapse
So basically same setup. Still doesn't work with latest Fidor Release.
Thyrador said:
So basically same setup. Still doesn't work with latest Fidor Release.
Click to expand...
Click to collapse
When you say "basically", what's the difference?
Didgeridoohan said:
When you say "basically", what's the difference?
Click to expand...
Click to collapse
That's the question. Even if I do a complete fresh install without anything else beside Magisk and Fidor: as soon as Magisk is running (hidden manager & Fidor, SafetyNet Pass and certified in PlayStore), Fidor stops working.
Thyrador said:
That's the question. Even if I do a complete fresh install without anything else beside Magisk and Fidor: as soon as Magisk is running (hidden manager & Fidor, SafetyNet Pass and certified in PlayStore), Fidor stops working.
Click to expand...
Click to collapse
You're going to have to start digging deeper then...

Bank app detecting root or modified system

I'm trying to use this app: play.google.com/store/apps/details?id=br.com.banrisul
I've added to the hiding list and enable core only mode, it still closes at startup after saying my phone is either root or running a modified system. I've tested with rootbeercheck and it doesn't detect root in any of its tests.
i.imgur.com/60Zs5IH.png
No issues opening the app here... That means Magisk is perfectly capable of hiding from it, but you might have something else in your setup that triggers it.
https://www.didgeridoohan.com/magisk/MagiskHide#hn_Hiding_root_from_apps
Didgeridoohan said:
No issues opening the app here... That means Magisk is perfectly capable of hiding from it, but you might have something else in your setup that triggers it.
Click to expand...
Click to collapse
but what exactly would trigger it? The link talks mostly about methods to hide magisk, I didn't find anything about what to do if magisk is working but the check fails. I've uninstalled titaniumbackup and rootbrowser. I've disable adb and developer options, I've deleted any folder or downloaded file related to magisk or those apps.
I'm running lineageos, would that be it? How would I go about it?
Could be any number of things... Your ROM might be one of them (more details about that?). It's pretty much impossible for me to do anything else but make educated guesses. The only thing I can say with relative certainty is that it shouldn't have anything to do with Magisk (since I can hide from the app just fine when testing).
You do pass SafetyNet, right? Could be that this is one of those apps that actually use SN.
Didgeridoohan said:
Could be any number of things... Your ROM might be one of them (more details about that?). It's pretty much impossible for me to do anything else but make educated guesses. The only thing I can say with relative certainty is that it shouldn't have anything to do with Magisk (since I can hide from the app just fine when testing).
You do pass SafetyNet, right? Could be that this is one of those apps that actually use SN.
Click to expand...
Click to collapse
It passes both checks.
I am running lineage OS 14.1 (Android 7.1.2) on a moto g4.
My main guess is that it's detecting something about your ROM. LOS is well known enough for apps to look for certain properties of it.
Didgeridoohan said:
My main guess is that it's detecting something about your ROM. LOS is well known enough for apps to look for certain properties of it.
Click to expand...
Click to collapse
Yes, after searching around a bit more I found about why. I completely forgot that I had flashed supersu on my phone before flashing magisk. So I guess that's what the app was freaking out about. So I flashed a supersu removal and reflashed my ROM, now the app is working normally
Thanks for the help!
Same problem
Hello everyone
After the last update of my banking app and wallet too
Both apps stopped starting due tl root device detection
While it was working well yesterday
I just updat apps to the last version
I think these app's developers find a way to detect magisk
Of course im hiding and randomly renaming it
hammohammo said:
Hello everyone
After the last update of my banking app and wallet too
Both apps stopped starting due tl root device detection
While it was working well yesterday
I just updat apps to the last version
I think these app's developers find a way to detect magisk
Of course im hiding and randomly renaming it
Click to expand...
Click to collapse
What version of the application do you want?
I have the latest version installed and it does not detect root

Question How do I hide root from certain apps?

Hey, I rooted my phone just yesterday, and today I went to musescore just to see that they for whatever reason don't allow rooted phones to use their app?
So I tried enabling zygisk, DenyList, and I added musescore to the denylist and restarted my phone, but somehow musescore still knows that I'm rooted.
Is it possible that vbmeta is somehow related? if so then what file exactly am I supposed to flash as vbmeta (I use custom ROM).
If not, then what can I do to hide root from the app?
YayJohn said:
Hey, I rooted my phone just yesterday, and today I went to musescore just to see that they for whatever reason don't allow rooted phones to use their app?
So I tried enabling zygisk, DenyList, and I added musescore to the denylist and restarted my phone, but somehow musescore still knows that I'm rooted.
Is it possible that vbmeta is somehow related? if so then what file exactly am I supposed to flash as vbmeta (I use custom ROM).
If not, then what can I do to hide root from the app?
Click to expand...
Click to collapse
After force deny list did you've deleted caches of google play and google services and reboot? check also google play store inside settings if certified, if certified then it should work for your app too.
Maybe try installing Universal SafetyNet Fix?
GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
Google SafetyNet attestation workarounds for Magisk - GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
github.com
And some applications can be extra finicky. LIke for me, Google Pay always takes its time to get persuaded about not being rooted. Also there might be other components either of this app or for system apps that might need hiding. I would generally try following guides for making banking apps work.
YayJohn said:
Hey, I rooted my phone just yesterday, and today I went to musescore just to see that they for whatever reason don't allow rooted phones to use their app?
So I tried enabling zygisk, DenyList, and I added musescore to the denylist and restarted my phone, but somehow musescore still knows that I'm rooted.
Is it possible that vbmeta is somehow related? if so then what file exactly am I supposed to flash as vbmeta (I use custom ROM).
If not, then what can I do to hide root from the app?
Click to expand...
Click to collapse
I'm not familiar with that app, but I know that some apps also check for the presence of the Magisk Manager app. If you've already tried Zygisk and the deny list, then another thing to do would be to hide the Magisk app. It the Magisk Manager, go to Settings > Hide Magisk app.
What worked for me is installing Insular ( from Fdroid) and then clone the App that complains about root to the work environment.
I just downloaded musescore and installed it. It hasn't detected root on my phone. I use Shamiko to hide root. Get Fox's magisk module manager from fdroid. Then use it to install Shamiko. Make sure you turn off Enforce Denylist in magisk so Shamiko can enforce the deny list. Hide the magisk app using the feature in magisk. It works for me.
YayJohn said:
Hey, I rooted my phone just yesterday, and today I went to musescore just to see that they for whatever reason don't allow rooted phones to use their app?
So I tried enabling zygisk, DenyList, and I added musescore to the denylist and restarted my phone, but somehow musescore still knows that I'm rooted.
Is it possible that vbmeta is somehow related? if so then what file exactly am I supposed to flash as vbmeta (I use custom ROM).
If not, then what can I do to hide root from the app?
Click to expand...
Click to collapse
Oh yes I can't seem to open musescore too even with safety net pass. But it is because I am using MicroG. I tried it on my other phone with Play Services and it works fine with hidden root (shamiko and magisk disabled) and safety net pass.
BigChungus321 said:
Oh yes I can't seem to open musescore too even with safety net pass. But it is because I am using MicroG. I tried it on my other phone with Play Services and it works fine with hidden root (shamiko and magisk disabled) and safety net pass.
Click to expand...
Click to collapse
I use MicroG as well. I can load the app and use it, I just can't subscribe because it requires GSF to make payment.
IrishJames said:
I use MicroG as well. I can load the app and use it, I just can't subscribe because it requires GSF to make payment.
Click to expand...
Click to collapse
You can open it right? But can you select and open a random piano piece or something like that. For me, the piece loads up then detects something (root, safety net idk) then just tells me I can't for root reasons. I tried using shamiko too and all the root hiding methods I know and I still couldn't open a piece. It does load the main menu for me too on MicroG+patch playstore but can't open the contents.
It's been roughly a month. Has anyone found a fix for this issue yet? There was discussion about the issue here where a dev 'fixed' the app for someone with a rooted phone. However I cant tell what the dev did because all his messages are deleted, for all I know he could of shared an apk or something, guess I'll never know. I've decided to try to get in contact with one of the people whose issue managed to get fixed, although I don't know if he'll ever respond. Apparently in the forum, he told the dev that he assumed the block was intentional. Maybe this could hint us towards a fix because maybe the block doesn't target rooted users?
BigChungus321 said:
I tried using shamiko too and all the root hiding methods I know and I still couldn't open a piece.
Click to expand...
Click to collapse
If thats the case then perhaps the app isin't checking for root? Theres no way musescore has more sophisticated anti-root software than some banking apps out there. Perhaps it's detecting the os that the user uses instead? I can confirm this because my samsung s7 edge with the same lineage os version as my Xiaomi doesn't want to play any scores either. This issue also happens to people who have no custom rom or even no root, it has to do with the os that you use rather than being an issue with root.
So what, did I type 2 paragraphs on a one month old forum just to rant? No. I will find the issue (well, I already found the reason in the text above), and I will try to fix it, not by making any workarounds such as cloning the app but getting the app to reliably work on a rooted / custom rom phone.
EDIT: Maybe using something to spoof the OS to make apps think it's a different OS?
POTENTIAL FIX: So in new versions of magisk, the developer decided to remove magiskhide. Turns out that having magiskhide turned on makes musescore actually be able to function. I tested this on my samsung s7 edge (didn't want to brick my Xiaomi phone by accident just yet and it worked. However I labelled this 'POTENTIAL' as downgrading magisk isin't really a plausible fix and could still be considered a workaround.
RoboNinjaR said:
It's been roughly a month. Has anyone found a fix for this issue yet? There was discussion about the issue here where a dev 'fixed' the app for someone with a rooted phone. However I cant tell what the dev did because all his messages are deleted, for all I know he could of shared an apk or something, guess I'll never know. I've decided to try to get in contact with one of the people whose issue managed to get fixed, although I don't know if he'll ever respond. Apparently in the forum, he told the dev that he assumed the block was intentional. Maybe this could hint us towards a fix because maybe the block doesn't target rooted users?
If thats the case then perhaps the app isin't checking for root? Theres no way musescore has more sophisticated anti-root software than some banking apps out there. Perhaps it's detecting the os that the user uses instead? I can confirm this because my samsung s7 edge with the same lineage os version as my Xiaomi doesn't want to play any scores either. This issue also happens to people who have no custom rom or even no root, it has to do with the os that you use rather than being an issue with root.
So what, did I type 2 paragraphs on a one month old forum just to rant? No. I will find the issue (well, I already found the reason in the text above), and I will try to fix it, not by making any workarounds such as cloning the app but getting the app to reliably work on a rooted / custom rom phone.
EDIT: Maybe using something to spoof the OS to make apps think it's a different OS?
Click to expand...
Click to collapse
Its not opening for me because I'm using MicroG. Like banking apps, MuseScore checks for specific Play Services version. Since microg uses idk android4.4 play services, it will fail to load any Banking Apps or apps of the same kind that uses that check regardless of root 'cause that version's too old and a potential for security. For the OS check, I guess it does check it too. I tried on two emulators and both failed to load a piece as well (might be because of safetynet cuz emulators can't pass it). There are xposed and magisk modules that can spoof OS and even prevent the app from seeing user installed apps. I haven't tried that method because I switched ROM now and got MuseScore working fine even without hiding root.
BigChungus321 said:
Its not opening for me because I'm using MicroG. Like banking apps, MuseScore checks for specific Play Services version. Since microg uses idk android4.4 play services, it will fail to load any Banking Apps or apps of the same kind that uses that check regardless of root 'cause that version's too old and a potential for security. For the OS check, I guess it does check it too. I tried on two emulators and both failed to load a piece as well (might be because of safetynet cuz emulators can't pass it). There are xposed and magisk modules that can spoof OS and even prevent the app from seeing user installed apps. I haven't tried that method because I switched ROM now and got MuseScore working fine even without hiding root.
Click to expand...
Click to collapse
Weird. I have microG and I managed to get musescore working without switching roms. All I did was use safety net fix, enabled zygisk and added it to the deny list. Tried it before and it didn't work, probably because I didn't install safetynet fix. Who knows, maybe it's related to what type of GApps you install. I guess this issue is fixed for now.

Categories

Resources