Has anyone successfully fooled safetynet in an emulator? Maybe it'd be enough to block application's calls to it. Way to do this would be:
1. Somehow boot OEM rom or copy init.rc and build.prop
2. get magisk working using https://github.com/shakalaca/MagiskOnEmulator
3. Trick GMS using some combination of EDXPOSED, https://github.com/microg/RemoteDroidGuard and https://github.com/Felixho19/CuckooWithFrida.
Thoughts?
SafetyNet: Google's tamper detection for Android · Yiannis Kozyrakis ~ blog
thoughts on mobile security
koz.io
mcdoe123 said:
Has anyone successfully fooled safetynet in an emulator? Maybe it'd be enough to block application's calls to it. Way to do this would be:
1. Somehow boot OEM rom or copy init.rc and build.prop
2. get magisk working using https://github.com/shakalaca/MagiskOnEmulator
3. Trick GMS using some combination of EDXPOSED, https://github.com/microg/RemoteDroidGuard and https://github.com/Felixho19/CuckooWithFrida.
Thoughts?
SafetyNet: Google's tamper detection for Android · Yiannis Kozyrakis ~ blog
thoughts on mobile security
koz.io
Click to expand...
Click to collapse
I got root to install stable magisk through this tutorial, however I'm looking for a way to get past safetynet as well.
Android 11 (api 30)
Skin - Pixel_3a_API_30_x86
Windows 10 64bits
In the terminal it even shows the change of props. But it doesn't pass the tests
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Do you have any news?
Related
So Zygote is asking root permission from years I've been rooting phones never came by this, I scanned my phone and no malware found, I've sesrched internet is supposed to be a normal android process but since I've always denied its permission and phone runs normal i have doubt on what it is.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Sent from my SM-G900T using Tapatalk
It seems an Init process. I think it doesn't need root to work correctly
Hi, I've just had this pop up on my rooted RedMi Note 3 Pro, alongside whatsapp asking for root too, I'm not the only one to experience this, this guy here did too:
http://android.stackexchange.com/questions/166211/why-are-zygote-and-whatsapp-asking-for-root
given this, mine, and that guy experienced this all this year(only being 13 days into January) so all around the same time, I'd suspect we're witnessing some kind of malware
I will post in the Xiaomi board also about this and reference this post.
Same here.
I'm on a fresh install and this zygote su request wasn't appearing until I reinstalled all my apps so thinking it may have come from one of the apk's?
Another forum states that zygote is run at such a raw level that it simply would never request root.
With recent viruses masquerading with zygote, I am for now denying su requests with little to no adverse effects.
Can anyone confirm for certain that zygote should never need to request root? Is there anyway to dig out the rogue source/apk when av apps are showing nill?
samsung i9505 | resurrection remix | android 6
Take a look at this for Zygote
https://www.xda-developers.com/supersu-beta-lollipop-root-stock-kernel/
@gogglebot
As for Whatsapp asking for root priv, guess you have the xposed module "Whatsapp Extensions" installed
https://forum.xda-developers.com/showpost.php?p=68477859&postcount=3
Hi everyone,
I've already used Magisk/Xposed+RootCloack in the past to use my rooted device with a company MDM (BYOD policy) and it worked fine, but this year we had a new policy and they gave us a device (COPE policy), then they associate Android Enterprise with MDM activation so now even if I hide the device root, the OS perform some controls and return a block for the MDM Agent.
The problem isn't in the MDM itself (it wouldn't even start if it detected the root) nor SafetyNet detection, that Magisk without Xposed doesn't trigger.
Does anyone know if it's possible to bypass Android Enterprise controls with a Xposed hook or anything else?
Tell me if you need more information or if I wasn't clear,
Thanks
Not sure if they still work or not, but you can try either of these Xposed modules.
NOTE: If you try RootCloak, then you must install the most recent version from the Xposed repo site listed in the description. The other can just be installed through the Xposed app.
Good luck!
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Sent from my SM-N920T using Tapatalk
bogarty said:
Not sure if they still work or not, but you can try either of these Xposed modules.
NOTE: If you try RootCloak, then you must install the most recent version from the Xposed repo site listed in the description. The other can just be installed through the Xposed app.
Good luck!View attachment 4407010
Sent from my SM-N920T using Tapatalk
Click to expand...
Click to collapse
RootCloack doesn't work on Nougat, but as I said unfortunatly the problem isn't the MDM Agent itself, but the Android for Work implementation which comes with the Agent.
Also, "Good for Enterprise" is a specific application and it's not my Agent.
Thank you anyway
Hey, I just rooted my OnePlus 5T following this guide . After successfully rooting, I found this on magisk's website, telling me how to bypass the SafetyNet thing. I tried both linked things, the "Latest Module By Didgeridoohan" and "Safetypatcher {Module} by hackintosh5". On both I get ctsProfile: true and basicIntegrity: true.
However, the pushTAN app for my online banking still won't work, upon opening it it redirects me to my browser, opening a page that tells me that my device is rooted and thus the app won't work. I cleared the app's data, even reinstalled it... but none of it will work.
Any idea on how to fix this? Thanks in advance!
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
First of all, here's a quote from the official Magisk release thread here on XDA:
Magisk does NOT have a website. Do NOT download Magisk from unofficial sites.
Official Links: Magisk Github Release
Click to expand...
Click to collapse
Second, take a look here for root hiding tips:
https://didgeridoohan.com/magisk/MagiskHide#hn_Hiding_root_from_apps
Didgeridoohan said:
First of all, here's a quote from the official Magisk release thread here on XDA:
Second, take a look here for root hiding tips:
https://didgeridoohan.com/magisk/MagiskHide#hn_Hiding_root_from_apps
Click to expand...
Click to collapse
The Magic Core Only Mode seemed to work, my TAN app now loads. Thank you very much!
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Before I change rom at thet mark "crypto" have result File, after I change rom it only N/A and safetynet fale must to be use props and module to bypass, last time crypto = File is passing easy and not laging
Someone can give me answer, and hot to install magisk with Crypto = File
Thank you For everyone interesting this thread, hope can fix IT.
"Crypto" just reports what kind of encryption your device uses, it's got nothing directly to do with Magisk (that little piece of info is even removed from the app in the recent Canary releases). If your device isn't encrypted (or if Magisk can't tell if it's encrypted) it'll say N/A...
If you want the device to be encrypted you'll find that setting in your ROM somewhere, not Magisk.
Didgeridoohan said:
"Crypto" just reports what kind of encryption your device uses, it's got nothing directly to do with Magisk (that little piece of info is even removed from the app in the recent Canary releases). If your device isn't encrypted (or if Magisk can't tell if it's encrypted) it'll say N/A...
If you want the device to be encrypted you'll find that setting in your ROM somewhere, not Magisk.
Click to expand...
Click to collapse
Oh I got it thank you so much, Now I can tell don't worry about that.
Hi everyone, I recently unlocked the bootloader and installed twrp and magisk on my g9 plus (android 11)... But something is not right, even though root is working, I don't have any super user privileges, I tested 5 root uninstallers and I couldn't uninstall any apps from the system, and I can't modify the system files (I use solid explorer). I try downgrade to android 10 and flashing a old magisk, but I had no solution...
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
JesusChrist<3 said:
Hi everyone, I recently unlocked the bootloader and installed twrp and magisk on my g9 plus (android 11)... But something is not right, even though root is working, I don't have any super user privileges, I tested 5 root uninstallers and I couldn't uninstall any apps from the system, and I can't modify the system files (I use solid explorer). I try downgrade to android 10 and flashing a old magisk, but I had no solution...View attachment 5401949View attachment 5401951
Click to expand...
Click to collapse
It is not that your device is not rooted, the app is showing you it does. Since A10 it was implemented dynamic partitions, so they are dynamically "mounted" and system remains as read/write only, some ROMs can re-implement that mounting the system where usually it is placed, and some TWRPs also can manage with this, you should try using the file browser in-built in TWRP and delete the apps manually.