Magisk 20.1 - Safetynet checks unsuccessful - Magisk

Hi everyone,
I just rooted (my 1st root) my pixel 4 yesterday to activate the soli module as in my country it doesn't work otherwise.
Soli is now working, but some app (like Netflix) cannot be used even after installing the APK from some APK database.
After looking online I understood that this was because of the safetynet checks, which are both failed (ctsprofile and basicintegrity)
Unfortunatelly, I haven't found any thread to fix it except some old for older versions or mentioning TWRP which i didn't use.
I have only 3 modules installed: Riru Edxposed / Riru Core and MagiskHide props config (and the check of all google playservice addresses in the module)
Can someone help me on that?
Thanks !

Seems like Google started detecting EdXposed yesterday, but this can be worked around by adding some Google components to the EdXposed blacklist. Take a look on the EdXposed Github for details.

Didgeridoohan said:
Seems like Google started detecting EdXposed yesterday, but this can be worked around by adding some Google components to the EdXposed blacklist. Take a look on the EdXposed Github for details.
Click to expand...
Click to collapse
The check is now green for both, thanks
But i can't still use netflix (app will remain on the logo for ever).
I tried to rename the liboem file with a root explorer but the file is not present in the folder in system\lib\ or \lib64

frikadel said:
The check is now green for both, thanks
But i can't still use netflix (app will remain on the logo for ever).
I tried to rename the liboem file with a root explorer but the file is not present in the folder in system\lib\ or \lib64
Click to expand...
Click to collapse
Hi,
Coul you please tell me if you are on custom rom?
I am on custom and only way to pass is to use Props Module in Magisk. But the Props is not loading when Riru EdXposed is active.
Thank you,
amplatfus

I just posted this on Github, kinda curious if it helps with Google Pay. I had never heard of this module before:
Has anyone tried the Hidden Core module in EdXposed? It is passing SafetyNet for me without any blacklisting or switching modes, just install and reboot.
For posterity, I am running EdXposed YAHFA 0.4.5.1. EdXposed Manager 4.5.1 under Magisk v20.1 / Android Pie.
https://ibb.co/xLBxDDV
https://ibb.co/F6y1hcH

SmilingPerson said:
I just posted this on Github, kinda curious if it helps with Google Pay. I had never heard of this module before:
Has anyone tried the Hidden Core module in EdXposed? It is passing SafetyNet for me without any blacklisting or switching modes, just install and reboot.
For posterity, I am running EdXposed YAHFA 0.4.5.1. EdXposed Manager 4.5.1 under Magisk v20.1 / Android Pie.
https://ibb.co/xLBxDDV
https://ibb.co/F6y1hcH
Click to expand...
Click to collapse
Hi,
Tried. It is not working. Still searching.
Thanks!

amplatfus said:
Hi,
Tried. It is not working. Still searching.
Thanks!
Click to expand...
Click to collapse
Yep, I recently went from rooted stock to LineageOS 16 on my phone, and can no longer use Netflix. My rooted Android media boxes also run LOS and Netflix *does* work on them, so I am perplexed. I can run the (terrible) remote control app for my Toyota by simply hiding things in Magisk and adding it to the blacklist in EdXposed Manager, otherwise it will complain about the phone being rooted. That works, but Netflix does not.
I don't need Netflix on my daily driver telephone, so no loss, but it tells us that whatever Google is doing, it is beatable. I just don't see the common ground though, it almost seems like it is device dependant. Next time I install Netflix, I am going to face due north, chant the Canadian anthem, and touch my nose with my right index finger while clutching a rosary in my left hand. Maybe that will be the ticket.
Sent from my unknown using Tapatalk

SmilingPerson said:
I just posted this on Github, kinda curious if it helps with Google Pay. I had never heard of this module before:
Has anyone tried the Hidden Core module in EdXposed? It is passing SafetyNet for me without any blacklisting or switching modes, just install and reboot.
For posterity, I am running EdXposed YAHFA 0.4.5.1. EdXposed Manager 4.5.1 under Magisk v20.1 / Android Pie.
https://ibb.co/xLBxDDV
https://ibb.co/F6y1hcH
Click to expand...
Click to collapse
You're a great bro !! after having installed the module on EdXposed and restarted my redmi note 4x (mido) with EAX Os 6.7, both the ticks were of a magnificent green! many thanks! :victory::victory::victory:

Related

[Help] Magisk hide works only when retoggled

Details: Huawei P20 Pro running 9.0. Magisk Manager v7 (latest), Magisk v18.2 (latest canary) original package name. Safety net passed.
I tested to make sure that magisk hide is working properly on my device. https://play.google.com/store/apps/details?id=com.revolut.revolut&hl=en_GB. This app does not have fingerprint login enabled without magisk hide. Hence when I turn off magisk hide, you can't use fingerprint to login into the app. When I turn it back on, fingerprint login works. Also my bank app works.
Here is the problem. https://play.google.com/store/apps/details?id=com.starlingbank.android&hl=en_GB. This app does not seem to run even when magisk hide is on. Here's the kicker, even though magiskhide has been toggled and confirmed working, upon opening this app it will show the usual "device not secure/rooted" message. After this it somehow disable magiskhide as my revolut app no longer prompts for fingerprint and my bank app stops working.
I have to go back into magisk and retoggle magisk hide for it to work again. (However the starling bank app still fails the root check)
I'm really really frustrated now and will appreciate any help.
UDPATE: I did some stuff from https://forum.xda-developers.com/apps/magisk/how-to-bypass-lloyds-root-detection-t3837206, the adaway host list. Added MagiskHide Props Config. I also set tasker to toggle magiskhide whenever I turn on my screen. Seems to work more consistently for now
Check the Magisk main thread and Github, there is a known problem with Magisk Hide in the 18.x. I went back to 17.x which work for me without any problems.
lambstone said:
Details: Huawei P20 Pro running 9.0. Magisk Manager v7 (latest), Magisk v18.2 (latest canary) original package name. Safety net passed.
I have to go back into magisk and retoggle magisk hide for it to work again. (However the starling bank app still fails the root check)
I'm really really frustrated now and will appreciate any help.
Click to expand...
Click to collapse
If Magisk Hide Of Magisk 18.x Is Working Intermittently (Which Means Also The Device Will Not Pass The SafetyNet Sometimes), Try To Use The Module Of Microsoft Intune Company Portal Hider Which Includes Also The Functionality Of Re-Enabling Magisk Hide Every 5 Min. For Magisk 18.x From This Thread https://forum.xda-developers.com/apps/magisk/module-microsoft-intune-company-portal-t3780451. Awaiting Your Feedback.
Dreamer(3MF) said:
The Functionality Of Re-Enabling Magisk Hide Every 5 Min
Click to expand...
Click to collapse
Doesn't this cause battery drain?
akxak said:
Check the Magisk main thread and Github, there is a known problem with Magisk Hide in the 18.x. I went back to 17.x which work for me without any problems.
Click to expand...
Click to collapse
Hi, some questions. Do I have to install also the Manager v6.10 to install Magisk v17.3? Or can I leave the last Manager? Then, I uninstall Magisk from the app and them I flash the v17.3 from (temporary) TWRP, is it correct?
Simone_ASR said:
Hi, some questions. Do I have to install also the Manager v6.10 to install Magisk v17.3? Or can I leave the last Manager? Then, I uninstall Magisk from the app and them I flash the v17.3 from (temporary) TWRP, is it correct?
Click to expand...
Click to collapse
The latest Magisk Manager dropped support for Magisk 17 or older, you need the matching Manager..
akxak said:
The latest Magisk Manager dropped support for Magisk 17 or older, you need the matching Manager..
Click to expand...
Click to collapse
Thank you so much for your fast reply!
In the exact same situation as OP P20 Pro (maybe except im on LOS 16)
Magisk seems to be working fine passing safteynet and Root Beet finding nothing but yet the Starling Bank app and the Arriva Ticket app both figure out my phone is rooted after a while and lock out.
Had exact problem with Starling app with magisk hide and app on hide list. Turned out to be a direct build.prop modification so after resetprop -p all good now.
gkornaks said:
Had exact problem with Starling app with magisk hide and app on hide list. Turned out to be a direct build.prop modification so after resetprop -p all good now.
Click to expand...
Click to collapse
Can you expand on this a bit?
I've downloaded Magiskhide props config, and what do I have to do now?
For me, starling always works for couple of days and then it locks me out via the root screen.
republicj said:
Can you expand on this a bit?
I've downloaded Magiskhide props config, and what do I have to do now?
For me, starling always works for couple of days and then it locks me out via the root screen.
Click to expand...
Click to collapse
I modified a build.prop directly before magisk install so compromised the system partition. I've used resetprop to mask it. Like you I'm occasionally getting root warning as well and have to re-authorise so magisk hide in 18.1 not perfect as mentioned a lot in a forum.
Hi,
it seams that the problem is still there. I have to retoggle Magisk Hide at every reboot of the phone.
Is there any workaround or any ETA on the fix?
Thank you.
No one?
Never ask for ETAs...
https://github.com/topjohnwu/Magisk/issues/1654
Didgeridoohan said:
Never ask for ETAs...
https://github.com/topjohnwu/Magisk/issues/1654
Click to expand...
Click to collapse
Ok, I'm sorry about that , I just needed a confirmation that the problem was still there. Thank you for the reply!
Yes it's till here. I cannot login to Arriva bus app with Magisk 20.1.

edxposed v0.4.6.1 + EdXposed Manager = Safetynet Fail

Saw an update, thought cool finally out of beta, but upon upgrading, safetynet fails.
I didn't take a look too much into it, I did see on github that at least some users also had failing safetynet, but this was right at the same time as the google update to safetynet for magisk, so I couldn't rule that out for other users.
I've reverted back to v0.4.5.1 and edxposed installer and safetynet passes. I *think* it might be because edxposed installer has blacklist functionality. I couldn't find the equivalent setting on edxposed manager.
anonxlg said:
Saw an update, thought cool finally out of beta, but upon upgrading, safetynet fails.
I didn't take a look too much into it, I did see on github that at least some users also had failing safetynet, but this was right at the same time as the google update to safetynet for magisk, so I couldn't rule that out for other users.
I've reverted back to v0.4.5.1 and edxposed installer and safetynet passes. I *think* it might be because edxposed installer has blacklist functionality. I couldn't find the equivalent setting on edxposed manager.
Click to expand...
Click to collapse
Latest Xposed Manager try in settings menu scroll down to framework options enable:
App List mode
Pass Safetynet
To enable blacklist function - App List mode has to be enable. Then from main menu select Applications.
thanks, after some testing and restarting that did the trick.
I didn't see that the 'app list mode' is the blacklist and only turned on 'pass safetynet' thinking that was the only think I needed to do
I updated lineage and I can't get safetynet to pass again.
I verified that with edxposed disabled, it passes safetynet. I tried uninstalling/reinstalling edxposed and tried both sandhook and yahfa versions and it doesn't pass.
Scratching my head on how it doesn't working work anymore because from lineage update (my only guess).
anonxlg said:
I updated lineage and I can't get safetynet to pass again.
I verified that with edxposed disabled, it passes safetynet. I tried uninstalling/reinstalling edxposed and tried both sandhook and yahfa versions and it doesn't pass.
Scratching my head on how it doesn't working work anymore because from lineage update (my only guess).
Click to expand...
Click to collapse
In Edxposed Manager try downloading the canary release and flash through Magisk.
Also note that Google is starting to tighten it's grip in regards to Safety Net. Very basically it will fail with an unlocked bootloader.
https://mobile.twitter.com/topjohnwu/status/1237830555523149824
spawnlives said:
In Edxposed Manager try downloading the canary release and flash through Magisk.
Also note that Google is starting to tighten it's grip in regards to Safety Net. Very basically it will fail with an unlocked bootloader.
https://mobile.twitter.com/topjohnwu/status/1237830555523149824
Click to expand...
Click to collapse
I'm aware of that, but in my case, phone passed safetynet (with magisk, edxposed, and all modules the same) before updating lineage.
I should note that this is lineage 15.1 (A8.1) if it matters.
And that phones pre-pie are currently immune to that safetynet check because of old security hardware.
this work: https://repo.xposed.info/module/com.cofface.ivader
anonxlg said:
I'm aware of that, but in my case, phone passed safetynet (with magisk, edxposed, and all modules the same) before updating lineage.
I should note that this is lineage 15.1 (A8.1) if it matters.
And that phones pre-pie are currently immune to that safetynet check because of old security hardware.
Click to expand...
Click to collapse
On my spare S8 I've reinstall unofficial lineage 17.1 ( Android 10 ).
Using latest:
Stable version of magisk / manager
Edxposed manager - 4.5.7
Edxposed canary - 0.4.6.3 ( 4545 ) - Yahfa
Riru core - 19.8
This combination at the moment is passing safety net. Checked using magisk manager + two other apps from playstore. Also have Device is certified through play store. The latest play store version is 19.5.13 for my region.
Edxposed modules installed at moment
Xprivacylua
Minminguard
Resolver Activity Tweaks
installing HiddenCore Module did the trick, but i'm still curious why updating lineage broke safetynet or that using the older rirucore + edxposed passes safety net
I might have figured this problem, let me know if it helps you pass safetynet too as it did work on my device ( OP6T ):
Install everything just as the above steps,
-config magiskhide, install the fingerprints
-Install riru etc, install the canary version of sandhook
-put in airplane mode as soon as you reboot
-enable applist and blacklist google framework and services and playstore (also assuming you have done hidden these in magisk too)
-clear data from services, framework, playstore
- open playstore and check if youre logged in and its working
- Go check safetynet
Gpay is working for me flawlessly
As of april 25 this solution seems to work for me.
nousernamesorry said:
I might have figured this problem, let me know if it helps you pass safetynet too as it did work on my device ( OP6T ):
Install everything just as the above steps,
-config magiskhide, install the fingerprints
-Install riru etc, install the canary version of sandhook
-put in airplane mode as soon as you reboot
-enable applist and blacklist google framework and services and playstore (also assuming you have done hidden these in magisk too)
-clear data from services, framework, playstore
- open playstore and check if youre logged in and its working
- Go check safetynet
Gpay is working for me flawlessly
As of april 25 this solution seems to work for me.
Click to expand...
Click to collapse
I followed your order, but in magisk I have passed safetynet, but CTS and basicIntegrity is false
This the screenshot... S9 rooted + custom rom android 10 + kernel custom
Without xposed I had both positives
bmw320cd said:
I followed your order, but in magisk I have passed safetynet, but CTS and basicIntegrity is false
This the screenshot... S9 rooted + custom rom android 10 + kernel custom
Without xposed I had both positives
Click to expand...
Click to collapse
Sorry man, this solution no more works. It broke after April 27th.
So is there no current method to have edxposed/ru working while passing safetynet? Thanks
djjohnnyblaze said:
So is there no current method to have edxposed/ru working while passing safetynet? Thanks
Click to expand...
Click to collapse
At the moment still passing safety net using latest Riru core module + latest canary release of Edxposed.
System Crashes
nousernamesorry said:
I might have figured this problem, let me know if it helps you pass safetynet too as it did work on my device ( OP6T ):
Install everything just as the above steps,
-config magiskhide, install the fingerprints
-Install riru etc, install the canary version of sandhook
-put in airplane mode as soon as you reboot
-enable applist and blacklist google framework and services and playstore (also assuming you have done hidden these in magisk too)
-clear data from services, framework, playstore
- open playstore and check if youre logged in and its working
- Go check safetynet
Gpay is working for me flawlessly
As of april 25 this solution seems to work for me.
Click to expand...
Click to collapse
My system UI is crashing sometimes. Is it because of edxposed? I followed these steps and successfully passed the SafetyNet check. But my system is crashing sometimes!
I'm using sudohide module only!
romee_ahuja said:
My system UI is crashing sometimes. Is it because of edxposed? I followed these steps and successfully passed the SafetyNet check. But my system is crashing sometimes!
I'm using sudohide module only!
Click to expand...
Click to collapse
Hey, it could be that, maybe you have a module like gravitybox installed which is conflicting with your system configurations.
If not that, try disabling edxposed modules from magisk itself. If that fixes the solution, then it might be edxposed
One solution is disable module like gravitybox or update gravitybox

LSPosed Xposed Framework [8.1-13.0]. Simple Magisk Module

Developers: LSPosed Developers
Homepage: GitHub
✱ Requirements:
• Magisk 21+
• Android 8.1-13
• Riru(NOT NEEDED) USE ZYGISK
Description: Riru module providing ART interception framework (natively for Android Pie) that provides consistent API -interfaces with OG Xposed, using YAHFA (or SandHook) interception environment, supports Android 8.1 ~ 11.
& Installation:
• Install Riru 23+
• Install Riru - LSPosed via Magisk Manager
• Install LSPosed Manager app (Note: No Saparate App and Zip, App Will be Installed Automatically)
• Reboot your device.
Download:
For stable release, please go to Github Release page For canary build use telegram.
Go to second post for latest version Download
Notes:I'm just sharing this from github, I'm not responsible if you bricked your device.
GPay and other banking apps working fine without any issue so this xposed alternative is worth trying and safer.
Note: If anyone facing bootloop issue, don't panic, hard reboot again and it will work.
Screenshot:
Download:
Flash zip file through magisk and then install LSPosed Manager app
Update 1 March 2021
V1.2.0
V1.3.7 Updated 15.May.2021
(Note: No Saparate App and Zip, App Will be Installed Automatically)
For Newer Version Changelogs and Downloads:
LsPosed Github
Changelog
Spoiler: See
Fix manager white screen
[*]Support split-apk modules (LSPosed will choose only one apk with xposed_init to load)
[*]Fix manager crash when launching an uninstalled module from notification
[*]Load modules with SharedMemory (it can speedup app cold launch) 2
[*]New manager icon
[*]Fix incorrect update notification in the first installation
[*]Fix some apps not showing in the scope list in some rare cases
[*]Show notification of module uninstallation
[*]Prevent modules from hooking inner methods (methods from XposedBridge's classloader)
Note:
Previously LSPosed only recognize modules from the primary user. However, this strategy is not good and leads to some problems: some modules require getting installed app lists for configuration but they cannot do so across users; some require reading themselves from the hooked apps but they cannot do so from non-primary users; some users want to configure modules differently on different users which is not feasible previously. Thus LSPosed now requires every module to be installed to the user on which the apps they want to hook are installed. Some devices restrict modules from installing onto some users. In such a case, you can install them from the manager (but it's recommended).
1: For some weird devices that prevent installing apps from the root user, please install the manager from /data/adb/lspd/manager.apk or manager.apk from the zip file manually.
2: Some modules get modules' apk path using reflection of its classloader, it's not recommended and unstable since the apk path from classloader no longer exists when using SharedMemory to load modules. Please use the documented way (from IXposedHookZygoteInit.StartupParam.modulePath) instead.
Reserved 2
Why it's safer than EdXposed?
QkiZMR said:
Why it's safer than EdXposed?
Click to expand...
Click to collapse
I didn't say it's safer than edxposed. I meant xposed alternatives like taichi etc.
All banking apps works, no system slowdown, i got more free ram etc.
In edxposed the hooked apps take time to open, no such issue with LSPosed.
That's why i thought it's worth trying and safer.
And +1 is safetynet passes all the time with LSPosed but, with edxposed safetynet works for some time after every reboot even with blacklisting google framework and services.
This slowdown is caused by YAHFA hook in EdXposed. On Sandhook is much better. Which hook method you use in LSposed?
And +1 is safetynet passes all the time with LSPosed but, with edxposed safetynet works for some time after every reboot even with blacklisting google framework and services
Click to expand...
Click to collapse
SafetyNet works till google patched it no matter which xposed clone you use. Before last patch SN was working fine with EdXposed. I don't needed blacklisting framework and services because EdXposed manager is doing automatically, with special option enabled. So don't say lies about EdXposed but tell us about technical differences between LSposed and EdXposed. What you change after forking EdXposed repo?
looks working good u,till now, just its annoying sometimes to have to choos which app has the module applies. a "select all" option would be welcome in a next release
How do I pass safety net? I have universal safety fix module is installed too.
Antho02 said:
looks working good u,till now, just its annoying sometimes to have to choos which app has the module applies. a "select all" option would be welcome in a next release
Click to expand...
Click to collapse
This is what i was confused about? ive never chosen before. I dont know which ones i need things like HiddenCoreModule to apply to? Everything?
It looks like this xposed clone works only in whitelist mode...
I'm quite amazed that this edxposed alternative is running much better than edxposed itself on my android 11, aosp rom, redmi k30 pro zoom. Really glad that I came across this!
Thanks for the great and awesome work devs!
Preparedtobereckless said:
This is what i was confused about? ive never chosen before. I dont know which ones i need things like HiddenCoreModule to apply to? Everything?
Click to expand...
Click to collapse
Apply to System Framework.
Hidden core module do nothing, try no device check module. BTW safetynet passes for me by default.
darashikoh said:
How do I pass safety net? I have universal safety fix module is installed too.
Click to expand...
Click to collapse
What are LSposed module we can use in A11
Im trying to ask the scope list of my modules. Firefds minminguard hiddencore and hide mock location. Anybody can help for the whitelist ??
what does mean: "select other app for each module" ?
for example for "GravitiyBox" module, which app should be enable and why?!
mrhamed said:
what does mean: "select other app for each module" ?
for example for "GravitiyBox" module, which app should be enable and why?!
Click to expand...
Click to collapse
Android System - android
Call - com.samsung.android.incallui
Camera - com.sec.android.app.camera
Contacts - com.samsung.android.contacts
Email - com.samsung.android.email.provider
Firefds Kit - sb.firefds.r.firefdskit
Messaging - com.samsung.android.messaging
MTP Application - com.samsung.android.MtpApplication
NFC - com.android.nfc
One UI Home - com.sec.android.app.launcher
Settings - com.android.settings
Smart Capture - com.samsung.android.app.smartcapture
Software Update - com.wssyncmldm
System UI - com.android.systemui
It also depends on what firmware you are using amd what features you've enabled in gravity box. Enable these according.
What I've enabled in miui are shown in image below.
a module based selection, what to hook seems a good approach of doing what you want and at the same time saving resources. a more advanced selectiin UI would be good. filter based on words and then select in the filtered list, select deselect all. in addition I have no idea what some modules are hooking like gravity box...this is just an example...I know I can find out however maybe the manager app can support to find out or tick what is recommended
I am trying LSposed on my OnePlus 7 Pro (GM-1917), OOS 10.3.8, Magisk 21.4, xXx 12.4.
I followed these instructions from the OP ...
• Install Riru 23+
• Install Riru - LSPosed via Magisk Manager
• Install LSPosed Manager app
• Reboot your device.
Click to expand...
Click to collapse
I got into what seems to be an infinite boot loop. I waited 3-5 minutes, but the boot loop continued.
Has anyone seen this behavior? If so, is there a workaround?
Thank you in advance.
UPDATE: I must have messed up one or more of the installation steps the first time around. I retried installing, and now LSPosed works for me with no boot loop.
OnePlus 7 Pro (GM-1917)
OOS 10.3.8
Magisk 21.4
Magisk Manager 8.0.7
xXx 12.4
Riru 23.4
LSPosed-v0.5.4.0-5135-release.zip (YAHFA)
LSPosedManager-v0.5.4.0-5175-release-signed.apk
Good work!
Onward!
HippoMan said:
I am trying LSposed on my OnePlus 7 Pro (GM-1917), OOS 10.3.8, Magisk 21.4, xXx 12.4.
I followed these instructions from the OP ...
I got into what seems to be an infinite boot loop. I waited 3-5 minutes, but the boot loop continued.
Has anyone seen this behavior? If so, is there a workaround?
Thank you in advance.
Click to expand...
Click to collapse
Working fine with OnePlus 7t latest beta. There might be some other issue. LSPosed doesn't seem to cause bootloop. Share logcat.

[Help] Can't reinstall magisk

I upgraded to Magisk v23 without thinking and I am trying to reinstall 22.1 so I can continue with magisk hide, but no matter how I flash the repackaged boot.img, after reboot, installed always shows N/A. I've tried with v22 as well, and the same result.
Am I missing something about downgrading, or am I just doing something way off? Thanks in advance.
Why v22.1? Magisk v23 still has the "normal" MagiskHide...
(And just as a FYI, the new Deny list that is included in the latest Canary, 23010, works just as good to hide Magisk from what I've seen so far.)
I've tried 23 as well, I am on it as we speak, yet no matter what, I cannot get the boot to flash...
I did try the new version before rolling back and I could not add the RSA app I need for work to the deny list, rather it caught on to root and crapped out.
If I missed how to add to the deny list, I am happy to try again.
DrSeussFreak said:
I've tried 23 as well, I am on it as we speak, yet no matter what, I cannot get the boot to flash...
I did try the new version before rolling back and I could not add the RSA app I need for work to the deny list, rather it caught on to root and crapped out.
If I missed how to add to the deny list, I am happy to try again.
Click to expand...
Click to collapse
I was on Magisk 23001 (albeit on Android 12) and MagiskHide + SafetyNet worked great for me.
I'm currently on 23010, and it's still working:
V0latyle said:
So Magisk Canary was released yesterday:
Magisk 23010
Someone who is temp rooting want to patch their boot image with this and see what happens?
Also, Magisk Hide is no longer, so here's what you have to do to pass Safetynet (the check is no longer in Magisk so you'll have to use an external app)
In Magisk:
Remove Universal Safetynet Fix and Riru, if you have them installed, Reboot.
Launch Magisk again
Settings > Magisk:
Enable Zygisk
Enable Enforce Denylist
Enable for Google Play Services components: (I just enabled for all subcomponents)
com.google.android.gms
com.google.android.gms.unstable
That should be enough to pass Safetynet. Don't forget to hide other apps such as banking, GPay, DRM (Netflix, Amazon Prime Video, etc)
Click to expand...
Click to collapse
V0latyle said:
I was on Magisk 23001 (albeit on Android 12) and MagiskHide + SafetyNet worked great for me.
I'm currently on 23010, and it's still working:
Click to expand...
Click to collapse
Google play services is what I was missing in my earlier attempts. I cannot thank-you enough!
DrSeussFreak said:
Google play services is what I was missing in my earlier attempts. I cannot thank-you enough!
Click to expand...
Click to collapse
No problem. Google Play Services actually provides the security information for applications that depend on it, so it's one of the most important ones to hide.
Don't forget to hide other apps too. I've come across some weird ones; for example, I have a Honeywell WiFi smart thermostat, and for some odd reason the app not only checks for root, but prevents me from remotely controlling the thermostat if root is detected.
In most cases, you should be able to tell if something needs to be hidden or not; some apps just won't work (like Netflix or Amazon Prime Video).
V0latyle said:
No problem. Google Play Services actually provides the security information for applications that depend on it, so it's one of the most important ones to hide.
Don't forget to hide other apps too. I've come across some weird ones; for example, I have a Honeywell WiFi smart thermostat, and for some odd reason the app not only checks for root, but prevents me from remotely controlling the thermostat if root is detected.
In most cases, you should be able to tell if something needs to be hidden or not; some apps just won't work (like Netflix or Amazon Prime Video).
Click to expand...
Click to collapse
I just went through and re-did all my financials and streaming (plus all Amazon apps). I just forgot I had enabled it for these services.
V0latyle said:
No problem. Google Play Services actually provides the security information for applications that depend on it, so it's one of the most important ones to hide.
Don't forget to hide other apps too. I've come across some weird ones; for example, I have a Honeywell WiFi smart thermostat, and for some odd reason the app not only checks for root, but prevents me from remotely controlling the thermostat if root is detected.
In most cases, you should be able to tell if something needs to be hidden or not; some apps just won't work (like Netflix or Amazon Prime Video).
Click to expand...
Click to collapse
Sorry, 1 additional question I didn't get a clear answer from the forums. I have 4 modules active in Magisk, 3 of them related to safetynet, Riru, MagiskHide Props Config and Universal Safetynet Fix. I disabled them and everything is still working, and I am guessing I do not need them anymore, since it's a whole new setup.
Am I correct that I no longer need these modules anymore? Once again, I appreciate the help.
DrSeussFreak said:
Sorry, 1 additional question I didn't get a clear answer from the forums. I have 4 modules active in Magisk, 3 of them related to safetynet, Riru, MagiskHide Props Config and Universal Safetynet Fix. I disabled them and everything is still working, and I am guessing I do not need them anymore, since it's a whole new setup.
Am I correct that I no longer need these modules anymore? Once again, I appreciate the help.
Click to expand...
Click to collapse
Correct, I was using the same solution as you - I had Riru, USNF, MagiskHide Props Config, and Systemless Hosts. I removed everything and reenabled Systemless Hosts after a reboot. The reason this is necessary is because 23010 uses a different language to interface with modules, so a lot of modules are going to have to be rewritten.
I may end up going back to 23001 because my banking app (Navy Federal) now refuses to start.
V0latyle said:
Correct, I was using the same solution as you - I had Riru, USNF, MagiskHide Props Config, and Systemless Hosts. I removed everything and reenabled Systemless Hosts after a reboot. The reason this is necessary is because 23010 uses a different language to interface with modules, so a lot of modules are going to have to be rewritten.
I may end up going back to 23001 because my banking app (Navy Federal) now refuses to start.
Click to expand...
Click to collapse
Thank you for confirming and good luck with your banking app, I checked all mine, so far so good. New system news bugs
V0latyle said:
I was on Magisk 23001 (albeit on Android 12) and MagiskHide + SafetyNet worked great for me.
I'm currently on 23010, and it's still working:
Click to expand...
Click to collapse
Hi, gpay does not work anymore....Say system rooted....but safetynet pass....
Aldo there Is no way ti install back 23001
pippo45454 said:
Hi, gpay does not work anymore....Say system rooted....but safetynet pass....
Aldo there Is no way ti install back 23001
Click to expand...
Click to collapse
That is what i saw. I've been rooted for almost a decade and I've never seen this issue before with magisk. I don't use gpay often, so that is ok, but i appreciate the info.
pippo45454 said:
Hi, gpay does not work anymore....Say system rooted....but safetynet pass....
Aldo there Is no way ti install back 23001
Click to expand...
Click to collapse
Did you use DenyList to hide both GPay, Google Play Services, and Google Play Store?
GPay works for me, but I am getting a CTS profile mismatch on Magisk 23010, so there's more work to be done. For now, I've downgraded to 23001.
I'll confirm gpay working, i hadn't checked earlier, but I'd marked it for the deny list earlier
How you downgrade to 23001?could you write entire procedure please?
I pur all exclusion, in Witch way you obtain CTS profile?
V0latyle said:
The reason this is necessary is because 23010 uses a different language to interface with modules, so a lot of modules are going to have to be rewritten.
Click to expand...
Click to collapse
Not quite true. 23010 introduces Zygisk that gives module developers way more options on how to create advanced modules. We'll now be able to have Xposed style Magisk mods. Really cool. Old modules still work just as fine though...
V0latyle said:
I am getting a CTS profile mismatch on Magisk 23010
Click to expand...
Click to collapse
Could be because you removed the modules that can help you pass CTS...
MagiskHide Props Config if you need a certified print on a custom ROM (no need on the stock ROM) or if you need to reapply sensitive prop changes that are no longer included in Magisk (although these are also included in Universal SafetyNet Fix v2.1+).
Universal SafetyNet Fix to get around hardware backed key attestation and spoofing model props for Play Services (although currently Magisk Canary 23010 isn't compatible with Riru, so you'll probably have to use an older USNF release for now, and spoof props with MHPC).
I passeri CTS profile with safetynet but anytime i try ti add my card on gpay the band Will block automatically mi credito card...seems that they found that the phone Is not secure do to root....how i can go back ti 23001?
pippo45454 said:
I passeri CTS profile with safetynet but anytime i try ti add my card on gpay the band Will block automatically mi credito card...seems that they found that the phone Is not secure do to root....how i can go back ti 23001?
Click to expand...
Click to collapse
Go into Magisk and tap Uninstall > Restore Images, then Uninstall Completely. Allow Magisk to reboot the phone. When it reboots, Magisk and root will be gone.
Install Magisk 23.0. Manually patch the boot image, reboot to bootloader, and flash the patched boot image. Reboot again and you should come back into root with 23.0.
Didgeridoohan said:
Not quite true. 23010 introduces Zygisk that gives module developers way more options on how to create advanced modules. We'll now be able to have Xposed style Magisk mods. Really cool. Old modules still work just as fine though...
Click to expand...
Click to collapse
Thank you for the explanation. I was under the impression that most modules would have to be rewritten to work with Zygisk.
Didgeridoohan said:
Could be because you removed the modules that can help you pass CTS...
MagiskHide Props Config if you need a certified print on a custom ROM (no need on the stock ROM) or if you need to reapply sensitive prop changes that are no longer included in Magisk (although these are also included in Universal SafetyNet Fix v2.1+).
Universal SafetyNet Fix to get around hardware backed key attestation and spoofing model props for Play Services (although currently Magisk Canary 23010 isn't compatible with Riru, so you'll probably have to use an older USNF release for now, and spoof props with MHPC).
Click to expand...
Click to collapse
Well, I tried USNF 2.0.0, CTS profile still failed, so I removed Magisk and went back to the last version that worked for me, 23001. I only use 4 modules: USNF, Riru to support it, MagiskHide Props, and Systemless Hosts. I'm on the stock ROM. I'll just wait until USNF is updated to work with Zygisk.

What is the go-to replacement for MagiskHide & the central module repo?

I just realized there was a new public Magisk release yesterday, v24, and reading through the changes I see there are two that kind of impact me: MagiskHide and the central module repository removals.
So far I had been using MagiskHide because of its ease of use, list apps, tick box, and that's it (I haven't encountered apps that detected Magisk or root status, although I know it's insufficient for some). For modules, for example, the one that moves user certs to the system store, I just searched directly from the Magisk app and it was all good as well.
But things change from now on with those things being deprecated and removed and because there isn't much to go about in the release notes I was wondering if someone could direct me to the way of doing things now.
- What's the most apt, prevalent, or recommended replacement for MagiskHide? From the release notes I gather its a module, but I'm clueless as to which one or whether there are more than one option.
- If searching for mods and directly installing them is not available through the app, is there anything like it? Or is it all manual now? I.e. look for a module around the net, download it, copy it / decompress it somewhere in the device and install it.
Thanks for everything!
KaoDome said:
I just realized there was a new public Magisk release yesterday, v24, and reading through the changes I see there are two that kind of impact me: MagiskHide and the central module repository removals.
So far I had been using MagiskHide because of its ease of use, list apps, tick box, and that's it (I haven't encountered apps that detected Magisk or root status, although I know it's insufficient for some). For modules, for example, the one that moves user certs to the system store, I just searched directly from the Magisk app and it was all good as well.
But things change from now on with those things being deprecated and removed and because there isn't much to go about in the release notes I was wondering if someone could direct me to the way of doing things now.
- What's the most apt, prevalent, or recommended replacement for MagiskHide? From the release notes I gather its a module, but I'm clueless as to which one or whether there are more than one option.
- If searching for mods and directly installing them is not available through the app, is there anything like it? Or is it all manual now? I.e. look for a module around the net, download it, copy it / decompress it somewhere in the device and install it.
Thanks for everything!
Click to expand...
Click to collapse
[Discussion] Magisk - The Age of Zygisk.
This is a discussion and help thread for the newer versions of Magisk. The main goal of this thread is to help users migrate to Magisk v24+ SafetyNet Basic integrity Pass CTS profile match Pass Play Protect certification Device is certified...
forum.xda-developers.com
Here. First 5 post and you should know all you need
So, I read through that thread. It certainly solved a few issues for me. Like getting safety net, getting a repository, etc.
But it didn't have anything I see to replace magisk hide, even in the Fox Magisk Module Manager.
Do I just need to know other terminology now? Or is there something else I'm missing?
Quantumrabbit said:
So, I read through that thread. It certainly solved a few issues for me. Like getting safety net, getting a repository, etc.
But it didn't have anything I see to replace magisk hide, even in the Fox Magisk Module Manager.
Do I just need to know other terminology now? Or is there something else I'm missing?
Click to expand...
Click to collapse
I don't get it, Magisk Hide is good for passing SafetyNet and you said you got it. Anyway, for SafetyNet you can use the Universal SafetyNet Fix module.
If you meant the hide list, there's now the Deny list. To quote:
The Deny list is similar but instead of hiding Magisk from the process, Magisk is unloaded so there is nothing to hide.
Click to expand...
Click to collapse
Porpet said:
I don't get it, Magisk Hide is good for passing SafetyNet and you said you got it. Anyway, for SafetyNet you can use the Universal SafetyNet Fix module.
If you meant the hide list, there's now the Deny list. To quote:
Click to expand...
Click to collapse
Yes, it's for some banking apps, Concur, and others, none of which have any business checking for root, but all check for Magisk and such in other ways, and prevent usage.
If the deny list is how to do that now, I'll give that a go. Thank you
Quantumrabbit said:
Yes, it's for some banking apps, Concur, and others, none of which have any business checking for root, but all check for Magisk and such in other ways, and prevent usage.
If the deny list is how to do that now, I'll give that a go. Thank you
Click to expand...
Click to collapse
And where did you find the deny list?
fusk said:
And where did you find the deny list?
Click to expand...
Click to collapse
Settings enforce deny list. You need to enable zygisk and reboot prior also in settings.
Also there is an add on module shamiko that has more hide features after you configure denylist
H
toolhas4degrees said:
Settings enforce deny list. You need to enable zygisk and reboot prior also in settings.
Also there is an add on module shamiko that has more hide features after you configure denylist
Click to expand...
Click to collapse
How to add modules shamiko & how to more hide features
Spartacus500 said:
H
How to add modules shamiko & how to more hide features
Click to expand...
Click to collapse
Shamiko is a flashable only need to slash magisk module. You can find it in the magisk alpha thread on telegram. You need to configure denylist first and reboot then turn off the enforce denylist toggle and flash the shamiko module.
If you are using lsposed download hide my applist xposed module and search how to use it if you want more coverage
Pm me if you want links
I'm having a lot of trouble. Duo Mobile (a 2FA app) is still able to detect that I'm rooted. Here's what I've done:
1) Installed Magisk & Manager app version 24.1 (24100)
2) Enabled Zygisk (and rebooted of course)
3) Enabled Enforce DenyList
4) Added com.duosecurity.duomobile and ALL Google Play Services submodules to the DenyList
5) Installed Universal SafetyNet Fix v2.2.1 from https://github.com/kdrag0n/safetynet-fix/releases/tag/v2.2.1
6) Hidden the Magisk app
7) Completely uninstalled & reinstalled Duo Mobile (and verified that it's still on the DenyList
This is incredibly annoying, is there anything I'm doing wrong? Is there a way to verify that the SafetyNet Fix is working as expected? Magisk doesn't have a "Check SafetyNet" option on the app anymore.
Drakinite said:
I'm having a lot of trouble. Duo Mobile (a 2FA app) is still able to detect that I'm rooted. Here's what I've done:
1) Installed Magisk & Manager app version 24.1 (24100)
2) Enabled Zygisk (and rebooted of course)
3) Enabled Enforce DenyList
4) Added com.duosecurity.duomobile and ALL Google Play Services submodules to the DenyList
5) Installed Universal SafetyNet Fix v2.2.1 from https://github.com/kdrag0n/safetynet-fix/releases/tag/v2.2.1
6) Hidden the Magisk app
7) Completely uninstalled & reinstalled Duo Mobile (and verified that it's still on the DenyList
This is incredibly annoying, is there anything I'm doing wrong? Is there a way to verify that the SafetyNet Fix is working as expected? Magisk doesn't have a "Check SafetyNet" option on the app anymore.
Click to expand...
Click to collapse
This is quite weird and definitely shows how different devices handle root detection. I a Samsung S10+ and just installed Magisk 24 with enforce DenyList earlier this week. Today I just installed Duo Mobile and it works fine. I do not have it in the DenyList, and Magisk is not hidden. I use a custom SafetyNet fix that was installed when I originally installed an AIO TWRP/Magisk/SafetyNet fix after unlocking my bootloader. I also fail SafetyNet checks.
Have you tried Shamiko? It didn't help me pass SafetyNet so I removed it.
Unfortunately I don't have any other fixes for you but you can check SafetyNet with apps from the play store, I use YASNAC and SafetyNet 'attest'.
What phone are you using?
Drakinite said:
This is incredibly annoying, is there anything I'm doing wrong? Is there a way to verify that the SafetyNet Fix is working as expected? Magisk doesn't have a "Check SafetyNet" option on the app anymore.
Click to expand...
Click to collapse
There are SafetyNet checker apps you can download from the Play Store or F-Droid such as YASNAC.
danbest82 said:
Have you tried Shamiko? It didn't help me pass SafetyNet so I removed it.
Unfortunately I don't have any other fixes for you but you can check SafetyNet with apps from the play store, I use YASNAC and SafetyNet 'attest'.
What phone are you using?
Click to expand...
Click to collapse
I'm using a Oneplus 6. At your suggestion, I tried Shamiko, but so far it hasn't worked.
anonymous-bot said:
There are SafetyNet checker apps you can download from the Play Store or F-Droid such as YASNAC.
Click to expand...
Click to collapse
I tried Momo from the Magisk alpha telegram channel, and it's been helpful so far, but it's detecting Magisk/TWRP files and I don't know where they are located. Is there a way to find where these files it's detecting are? This might be what Duo is detecting.
When I run YASNAC, it passes the SafetyNet check.
Drakinite said:
I'm using a Oneplus 6. At your suggestion, I tried Shamiko, but so far it hasn't worked.
I tried Momo from the Magisk alpha telegram channel, and it's been helpful so far, but it's detecting Magisk/TWRP files and I don't know where they are located. Is there a way to find where these files it's detecting are? This might be what Duo is detecting.
When I run YASNAC, it passes the SafetyNet check.
Click to expand...
Click to collapse
Get VD Infos and use it to scan your files. You can find it on XDA.
Drakinite said:
I'm using a Oneplus 6. At your suggestion, I tried Shamiko, but so far it hasn't worked.
Click to expand...
Click to collapse
Hmm ok. Like I said shimako didn't work for me either. I'm not sure why Duo is still detecting root. For reference this is what is on my DenyList:
Drakinite said:
I tried Momo from the Magisk alpha telegram channel, and it's been helpful so far, but it's detecting Magisk/TWRP files and I don't know where they are located. Is there a way to find where these files it's detecting are? This might be what Duo is detecting.
When I run YASNAC, it passes the SafetyNet check.
Click to expand...
Click to collapse
YASNAC is the replacement for Momo it looks like since Momo is Riru based (https://github.com/canyie/Riru-MomoHider)
simplydat said:
Get VD Infos and use use to scan your files. You can find it in XDA
Click to expand...
Click to collapse
Ok so this one is more helpful, but I'm not sure how to hide these that appeared. Any idea what ro.kernel.qemu.gles is? I looked through my list of installed apps and nothing like that showed up.
Should we switch to private messages to not spam the thread? Or perhaps staying in here can be helpful for those with the same problem?
Drakinite said:
Ok so this one is more helpful, but I'm not sure how to hide these that appeared. Any idea what ro.kernel.qemu.gles is? I looked through my list of installed apps and nothing like that showed up.
Should we switch to private messages to not spam the thread? Or perhaps staying in here can be helpful for those with the same problem?
Click to expand...
Click to collapse
OMG WAIT, it finally worked! I don't know what changed, but Duo is now no longer detecting root. Gotta love when things magically start working when you don't know what changed.
Drakinite said:
OMG WAIT, it finally worked! I don't know what changed, but Duo is now no longer detecting root. Gotta love when things magically start working when you don't know what changed.
Click to expand...
Click to collapse
Awesome. Hope it stays that way!
Hi,
I've switched to the new method with the DenyList & Shamiko (v0.5.0) on OnePlus 6 recently - Magisk (v24.3), however it doesn't seem to hide root from Google Pay. Can it still be a bug with Magisk, when it can't hide system apps? In the changelog of Shamiko it mentioned that it was fixed in Magisk "24102+", I'm not sure what version is this, but I imagine it's not released yet. If so, is there a way of installing this version early?
Thank you!
antivirtel said:
Hi,
I've switched to the new method with the DenyList & Shamiko (v0.5.0) on OnePlus 6 recently - Magisk (v24.3), however it doesn't seem to hide root from Google Pay. Can it still be a bug with Magisk, when it can't hide system apps? In the changelog of Shamiko it mentioned that it was fixed in Magisk "24102+", I'm not sure what version is this, but I imagine it's not released yet. If so, is there a way of installing this version early?
Thank you!
Click to expand...
Click to collapse
Version 24102 would be v24.102. So your Magisk 24.300 is newer.

Categories

Resources