Possible way to hide Magisk for workprofile and Microsoft Intune - Magisk

Hi!
I found a possible solution, which may work for who's have problem with MagiskHide when work profile is in use, and can't start some work profile app, because it's detecting root.
1.) Hide Magisk Manager and turn on MagiskHide
2.) Be sure, Magisk is hidden correctly in personal profile and not detected by Google Play
3.) Hide Magisk for all work profile app, ie. Outlook, Microsoft Intune, Authenticator etc.
4.) Open Microsoft Intune, select your device and tap on "Check device settings"
5.) After check completed you need to see "In Compliance" at the Device Setting Status section
If all point is done, you can use your work profile apps, without detecting root and failed to start
Tested on Xiaomi Mi 10T Pro, MIUI 12.5.5.0. EEA Android 11, need to work on all Xiaomi maybe on other OEM's devices.
Please hit the thanks button, if it's helped for you.
Have a nice day.

Check my verified work around post below earlier this week. This absolutely works.
[MODULE] Microsoft Intune Company Portal Hider (Intune Hider)' https://forum.xda-developers.com/t/...rtal-hider-intune-hider.3780451/post-85921771

Instead of the complicated solution here is a simple way to bypass the Microsoft Intune with Magisk 24.1 or higher:
[Tutorial] [Root] How to configure 'Microsoft Intune' to make it work with 'Magisk' (Update: Q1/2023)
Update 04.01.2023: I've updated/added additional steps to make this tutorial work again. This question was asked many times and often all the answers did not work: How do I get Magisk to work with Microsoft Apps like Microsoft Teams, Microsoft...
forum.xda-developers.com

Related

{guide} pass SafteyNet any android 11

hello guys today i managed to bypass SafteyNet after couple of test and god know how many formats i did
but here i share the joy of it with you all
instead of texting guide i prefered to do full video guide in the video guide i will take you from point 0 where the phone is formated and fresh rooted to fully bypass SafteyNet with edxposed installed
last android version 11
basic integrity : pass
cts profile : pass
in advance sorry for my bad english in this post and in the video
do it on your OWN RISK
guide
skysatan said:
hello guys today i managed to bypass SafteyNet after couple of test and god know how many formats i did
but here i share the joy of it with you all
instead of texting guide i prefered to do full video guide in the video guide i will take you from point 0 where the phone is formated and fresh rooted to fully bypass SafteyNet with edxposed installed
last android version 11
basic integrity : pass
cts profile : pass
in advance sorry for my bad english in this post and in the video
do it on your OWN RISK
guide
Click to expand...
Click to collapse
Working like a charm on my S20 Ultra with Android 11 (Beyond Rom 2.0)
Thanks
m8980 said:
Working like a charm on my S20 Ultra with Android 11 (Beyond Rom 2.0)
Thanks
Click to expand...
Click to collapse
yw my friend
Thank you for the nice video,safety Net pass.
pannerch said:
Thank you for the nice video,safety Net pass.
Click to expand...
Click to collapse
yw bro
Edit: Please see Didgeridoohan's post below mine for additional info/context before following this breakdown of what happened in the video.
TL;DW version:
Starting clean, install magisk.
Install the following modules through the magisk download section (You don't need to reboot after installing each module): 'Busybox', 'MagiskHide Props Config'
Install what I think is this? The video is not at all clear, but I believe it to be the latest version of riru from here: https://github.com/RikkaApps/Riru/releases
Install what appears to be the latest sandhook debug version of this: https://github.com/ElderDrivers/EdXposed/releases (Video technically uses the previous 0.5.1.3 revision but that was the latest version at the time the video was posted)
Go into Magisk Manager settings, enable the magisk hide toggle
Select the option above this, 'Hide Magisk Manager' and hide it with whatever setting you like.
Restart? Not too sure if this is needed here, video guy's phone froze here and had to be hard restarted.
If you check Safetynet inside of Magisk now you should now pass basicintegrity while failing ctsprofile.
Install EdXposed Manager (I assume this one: https://github.com/ElderDrivers/EdXposedManager/releases/ ) (Note: A version of this is installed while installing the Riru/EdXposed through Magisk, no idea if this version is different to that)
Install Termux (I assume this one: https://f-droid.org/packages/com.termux/ )
(Optionally) Install the following apps to confirm that everything has been successful once we are finished:
SafetyNet Test - Apps on Google Play
SafetyNet device compatibility test
play.google.com
SafetyNet Checker - Apps on Google Play
SafetyNet is way to check health and environment where android device running.
play.google.com
Root and SafetyNet Checker - Apps on Google Play
Let you know if your device is Rooted and checks if it passes SafetyNet
play.google.com
Open up EdXoposed manager and confirm the framework is active.
Go into EdXposed settings, scroll down to app list mode and enable, scroll down to 'Pass Safetynet' and enable.
Run Termux, type in:
su
Hit enter, grant root access. Type in:
props
Hit enter. Select the first option (Edit device fingerprint), then select 'Pick a certified fingerprint'
In the next screens select your phone manufacturer and model from the lists that appear.
Confirm you selected the correct device by selecting yes, and then reboot when requested.
Run termux, enter su and props again. Confirm that 'Edit device fingerprint' is now Active.
Select 'Force BASIC key attestation'
Select 'Pick from device list' and select your own device from the lists.
Confir you selected the right device and reboot.
Run termux, su, props. 'Edit devide fingerprint' and 'Force BASIC key attestation' should now be active.
Select 'Device simulation'
Select 'Device simulation' again. Confirm you want to enable basic device simulation.
Select 'ro.product.manufacturer'. Confirm you want to enable simulating 'ro.product.manufacturer'. Reboot.
It should now be working.
That said, I was following the instructions on my pixel 2 XL as I typed them out and I'm still failing safetynet so YMMV.
Edit: Did some digging, in the 'Force BASIC key attestation' section I neede to select a device which was similar but not exactly my device. In my case I used the regular Pixel 2. This got it working.
ivivaitylin said:
TL;DW version:
Click to expand...
Click to collapse
If that's what's in the video, there are a few errors that could be corrected...
First one is rather minor: you do not need to install busybox together with MagiskHide Props Config (that requirement was removed in v5.2.6, more than 6 months ago (a small indication that it's not always a good idea to blindly follow random guides on the internet, they rarely get updated as the tools changes).
Enabling MagiskHide is of course necessary, but hiding the Manager isn't if all you want to do is to pass SafetyNet. It's a useful tool though, since many apps look for the Manager. But not SafetyNet...
And, if you want to use EdXposed (it's not necessary for passing SafetyNet, but there might be many useful modules), you need to keep in mind that Google constantly chases these tools and eventually they'll likely get detected. If you keep on the latest versions of EdXposed, the devs usually manages to keep one step ahead.
Changing the device fingerprint is only necessary if you aren't on a stock ROM, or have a device that isn't Google certified.
The "Force BASIC key attestation" option in MagiskHide Props Config is only necessary if your device uses hardware backed key attestation (you can see if it's basic or hardware when you make a SafetyNet check in the Magisk Manager). If you do need to force a basic check you should not pick your own device. That's very clearly stated both in the ui and the module docs. Picking your own device does absolutely nothing.
"Device simulation" isn't necessary at all, and if you're using a device fingerprint from your own device it won't do anything.
There's more on what options to use in MagiskHide Props Config in the module docs:
MagiskHidePropsConf/README.md at master · Magisk-Modules-Repo/MagiskHidePropsConf
This tool is now dead... Contribute to Magisk-Modules-Repo/MagiskHidePropsConf development by creating an account on GitHub.
github.com
Thanks for the info and breakdown, I've added something at the top of my post directing people to check your post before following it.
Didgeridoohan said:
If that's what's in the video, there are a few errors that could be corrected...
First one is rather minor: you do not need to install busybox together with MagiskHide Props Config (that requirement was removed in v5.2.6, more than 6 months ago (a small indication that it's not always a good idea to blindly follow random guides on the internet, they rarely get updated as the tools changes).
Enabling MagiskHide is of course necessary, but hiding the Manager isn't if all you want to do is to pass SafetyNet. It's a useful tool though, since many apps look for the Manager. But not SafetyNet...
And, if you want to use EdXposed (it's not necessary for passing SafetyNet, but there might be many useful modules), you need to keep in mind that Google constantly chases these tools and eventually they'll likely get detected. If you keep on the latest versions of EdXposed, the devs usually manages to keep one step ahead.
Changing the device fingerprint is only necessary if you aren't on a stock ROM, or have a device that isn't Google certified.
The "Force BASIC key attestation" option in MagiskHide Props Config is only necessary if your device uses hardware backed key attestation (you can see if it's basic or hardware when you make a SafetyNet check in the Magisk Manager). If you do need to force a basic check you should not pick your own device. That's very clearly stated both in the ui and the module docs. Picking your own device does absolutely nothing.
"Device simulation" isn't necessary at all, and if you're using a device fingerprint from your own device it won't do anything.
There's more on what options to use in MagiskHide Props Config in the module docs:
MagiskHidePropsConf/README.md at master · Magisk-Modules-Repo/MagiskHidePropsConf
This tool is now dead... Contribute to Magisk-Modules-Repo/MagiskHidePropsConf development by creating an account on GitHub.
github.com
Click to expand...
Click to collapse
you can use it with out EdXposed
skysatan said:
you can use it with out EdXposed
Click to expand...
Click to collapse
That's what you took from my post? The only thing I wrote about EdXposed is that Google often finds ways to detect it...
skysatan said:
hello guys today i managed to bypass SafteyNet after couple of test and god know how many formats i did
but here i share the joy of it with you all
instead of texting guide i prefered to do full video guide in the video guide i will take you from point 0 where the phone is formated and fresh rooted to fully bypass SafteyNet with edxposed installed
last android version 11
basic integrity : pass
cts profile : pass
in advance sorry for my bad english in this post and in the video
do it on your OWN RISK
guide
Click to expand...
Click to collapse
Video is not available anyone share the direct video link
pannerch said:
Thank you for the nice video,safety Net pass.
Click to expand...
Click to collapse
Send the link of the video i unable to watch that video in YouTube

Using Software with V-key Components

UPDATE!​NO MORE COMPLICATED SCRIPTS, JUST USE MAGISK 24.1 WITH DENY LIST!
1. Enable Zygisk, add the apps to the deny list
2. Hide Magisk App
3. Install SafetyNet Fix by kdrag0n (Might still need Magisk Hide Props if your device is a little older)
Working on: Poco X3 Pro + Lineage 18.1 (Android 11)
Aurora Store | F-Droid - Free and Open Source Android App Repository
A Google Playstore Client
f-droid.org
^Use aurora store to get the older version of Singapass that's likely to work, I'm using build 100.
V-Key Pte Ltd is basically a IT security technology based in Singapore I suppose.
Some softwares in Singapore, i.e. OCBC Banking, SingPass and maybe some other SEA banking softwares have v-key components which detects magisk.
This is a guide on how to use such softwares with Magisk, because I firmly believe that I get to choose what features I wish to have for my phone, and it is not fair for these banking companies to deny their services just because my device is rooted, I mean, if my banking stuff gets compromised because my phone is rooted and exploited, I'm willing to take the risk.
This guide aims to help mostly Singaporean users or anyone using such softwares with v-key components.
To make things work, the following things must be done:
1. Make sure Magisk manager is hidden
2. Make sure device fingerprint is certified by google (Check out the MagiskHide Props Config module) Please contribute fingerprints to this module for the benefit of everyone, checkout the GitHub page for more details.
3. Add the apps to Magisk Hide list.
4. Use package manager (pm) to disable the following v-key components in terminal (Using POSB Banking App as an example:
pm disable com.dbs.sg.posbmbanking/vkey.android.vos.MgService
pm disable com.dbs.sg.posbmbanking/com.vkey.android.support.permission.VGuardPermissionActivity
pm disable com.dbs.sg.posbmbanking/com.vkey.android.vguard.VGDialogActivity
pm disable com.dbs.sg.posbmbanking/com.vkey.android.internal.vguard.cache.ProcessHttpRequestIntentService
*Some apps may not have one or two v-key components listed above (i.e. SingPass), so getting an error on one or two components being not found should not be a big issue. If things works out you should see out puts on new states being disabled
*Attached a script that deals with OCBC, POSB and SingPass, if you have some weird errors make sure the encoding or format (Not sure of the jargon for it) is Unix or sth and not Windows
Credits:
Reddit User u/Inscythe for giving me a vague idea on the existence of v-key components
Muntashir Akon for his App Manager, allowed me to search for v-key components of apps(tried the disabling features of this app but didn't work, hence the script with pm command)
@Didgeridoohan for MagiskHide Props Config
@vurtomatic for giving me the idea of creating a guide on this.
Hi @Xanth0k1d , thanks for the guide.
I have a rooted LOS 18.1 (OnePlus 3), with magisk 22.1, magisk hide on and magisk manager hidden. All my bank apps work correctly excepts K-PLUS app, the retail bank app from Kasikorn Bank in Thailand.
I can see in the logs of magisk that some vkey components are linked to the app. I followed you guide and was able to disable 2/4 components you listed (2 didn't exist).
Unfortunately this didn't fix the issue.
Do you know how I can search in my phone if other vkey components exist that I might need to disable?
Thanks
Hey @Xanth0k1d, does this still work for you? I noticed that VGuard services are visible with App Manager for DBS but not Government apps. I could disable those services via ADB Root without the use of Magisk just fine.
Seems like GovTech has caught up to this trick :/
erOzeOz said:
Hi @Xanth0k1d , thanks for the guide.
I have a rooted LOS 18.1 (OnePlus 3), with magisk 22.1, magisk hide on and magisk manager hidden. All my bank apps work correctly excepts K-PLUS app, the retail bank app from Kasikorn Bank in Thailand.
I can see in the logs of magisk that some vkey components are linked to the app. I followed you guide and was able to disable 2/4 components you listed (2 didn't exist).
Unfortunately this didn't fix the issue.
Do you know how I can search in my phone if other vkey components exist that I might need to disable?
Thanks
Click to expand...
Click to collapse
Disabling the existing vkey components should be enough.
Did you spoof the device signature with the magisk hideprops module?
KrishvY said:
Hey @Xanth0k1d, does this still work for you? I noticed that VGuard services are visible with App Manager for DBS but not Government apps. I could disable those services via ADB Root without the use of Magisk just fine.
Seems like GovTech has caught up to this trick :/
Click to expand...
Click to collapse
All my apps are working fine, could you please be clear of your problem? i.e. what's working, what's not etc
Xanth0k1d said:
All my apps are working fine, could you please be clear of your problem? i.e. what's working, what's not etc
Click to expand...
Click to collapse
I'm using a OP6, LineageOS 17.1, latest nightly build. I can't use SingPass and Standard Chartered but I can use DBS just fine. I did not root my phone and I don't have Magisk installed either.
I just can't find V-key components in SingPass with App Manager.
KrishvY said:
I'm using a OP6, LineageOS 17.1, latest nightly build. I can't use SingPass and Standard Chartered but I can use DBS just fine. I did not root my phone and I don't have Magisk installed either.
I just can't find V-key components in SingPass with App Manager.
Click to expand...
Click to collapse
The App Mananger by Muntashir Akon?
I think I need to explain this properly, SIngapass and some apps may not work in the following situations:
You installed a custom rom without a Google approved device ID
You rooted your phone
You have Magisk
etc​
For your case, Singpass does not work because you installed Lineage - a custom rom, which should not have a Google approved device prop by default. It doesn't matter if you are rooted or you have install Magisk at this point.
My suggestion to you is to install Magisk and follow my guide-hide magisk and spoof you device fingerprint so it looks like you are running a stock rom.
hi @Xanth0k1d. Have been using your method to hide singpass in the past. But the app just recently was able to detect root. As someone mentioned above, the updated app has no v-key components listed in the service. Any idea how to circumvent the situation and what services to disable?
Holy ****, I just saw the update.
Probably some dude saw this post...
I have yet updated so I can't test, if anyone's finding any solutions to this pls update as well.
Xanth0k1d said:
V-Key Pte Ltd is basically a IT security technology based in Singapore I suppose.
Some softwares in Singapore, i.e. OCBC Banking, SingPass and maybe some other SEA banking softwares have v-key components which detects magisk.
This is a guide on how to use such softwares with Magisk, because I firmly believe that I get to choose what features I wish to have for my phone, and it is not fair for these banking companies to deny their services just because my device is rooted, I mean, if my banking stuff gets compromised because my phone is rooted and exploited, I'm willing to take the risk.
This guide aims to help mostly Singaporean users or anyone using such softwares with v-key components.
To make things work, the following things must be done:
1. Make sure Magisk manager is hidden
2. Make sure device fingerprint is certified by google (Check out the MagiskHide Props Config module) Please contribute fingerprints to this module for the benefit of everyone, checkout the GitHub page for more details.
3. Add the apps to Magisk Hide list.
4. Use package manager (pm) to disable the following v-key components in terminal (Using POSB Banking App as an example:
pm disable com.dbs.sg.posbmbanking/vkey.android.vos.MgService
pm disable com.dbs.sg.posbmbanking/com.vkey.android.support.permission.VGuardPermissionActivity
pm disable com.dbs.sg.posbmbanking/com.vkey.android.vguard.VGDialogActivity
pm disable com.dbs.sg.posbmbanking/com.vkey.android.internal.vguard.cache.ProcessHttpRequestIntentService
*Some apps may not have one or two v-key components listed above (i.e. SingPass), so getting an error on one or two components being not found should not be a big issue. If things works out you should see out puts on new states being disabled
*Attached a script that deals with OCBC, POSB and SingPass, if you have some weird errors make sure the encoding or format (Not sure of the jargon for it) is Unix or sth and not Windows
Credits:
Reddit User u/Inscythe for giving me a vague idea on the existence of v-key components
Muntashir Akon for his App Manager, allowed me to search for v-key components of apps(tried the disabling features of this app but didn't work, hence the script with pm command)
@Didgeridoohan for MagiskHide Props Config
@vurtomatic for giving me the idea of creating a guide on this.
Click to expand...
Click to collapse
heya, I'm the reddit user... I had updated the app, but so far has no luck finding where the detection is hiding now... I might just try turning off services one-by-one with servicely, but I'll keep you all updated if I get any success.
@Xanth0k1d since you haven't updated your singpass, can you check what are the available services and listeners currently your version is using? I want to compare the difference with the latest version.
I managed to get Singapore's GPay app to work by blocking this `com.google.android.gms.gmscompliance.ui.UncertifiedDeviceActivity`. Do your devices pass SafetyNet?
The recent Singpass update requires disabling o.InvalidRegistrarException for root detection to be circumvented.
stevenkyk said:
The recent Singpass update requires disabling o.InvalidRegistrarException for root detection to be circumvented.
Click to expand...
Click to collapse
Thanks! Can confirm that this works!
Singpass is a really weird app.
Recently google nuke the api so magisk stopped working, can't pass the safetynet. Magisk released a canary release that fix that.
Yet, singpass continue to stop working so I thought maybe I need do more? Then I coincidently force stop the app to run it again, it magically working again! That is after I reboot twice before that. So now I learn the rebooting and force stop do different things.
I didn't apply anything from this thread, it is really a weird app.
Lu5ck said:
Singpass is a really weird app.
Recently google nuke the api so magisk stopped working, can't pass the safetynet. Magisk released a canary release that fix that.
Yet, singpass continue to stop working so I thought maybe I need do more? Then I coincidently force stop the app to run it again, it magically working again! That is after I reboot twice before that. So now I learn the rebooting and force stop do different things.
I didn't apply anything from this thread, it is really a weird app.
Click to expand...
Click to collapse
The safetynet api did not get nuked, the api changed so code that use the old api won't work, even on the latest stable build safetynet will still pass when using another checker app. While I won't go into the technical details, singpass spawns a new isolated process to check for root, exploiting the fact that isolated processes are treated differently and is difficult for magisk to hide itself. So the solution is to disable the offending process and not let it spawn. There are several other requirements necessary for singpass to run, which are largely beyond the scope of discussion in this thread.
Any idea how to bypass Citibank sg root detection? I am able to use vkey method for posb and ocbc but Citibank doesn't have a vkey service
auggie246 said:
Any idea how to bypass Citibank sg root detection? I am able to use vkey method for posb and ocbc but Citibank doesn't have a vkey service
Click to expand...
Click to collapse
The trick here is to decompile the APK using apktool and inspect the Androidmanifest.xml manually. Search for "ISOLATED" and in the same line you should be able to find the name of the service to be disabled. Of course this assumes that citibank's app used a similar tactic as the other apps.
Edit: I tried the citibank sg app, magisk hide + rename package is sufficient for me to launch the app, don't have an account so I can't test any further.
stevenkyk said:
The recent Singpass update requires disabling o.InvalidRegistrarException for root detection to be circumvented.
Click to expand...
Click to collapse
I guess there's another update to Singpass that circumvent this circumvention as well lol
Apparently it's now using a service called o.ImmutableSetMultimap for checking root (confirmed by magiskhide entry) and it works for a few seconds after loading Singpass before failing again with different error message. I think it checks for both whether the service is active and found a root (gives error T0), or whether the service is running at all (gives error T-1). I think we need something else to block this.

Banking app detected (Keytrade). I've tried many options from the forum but no success.

I use Fairphone 3+ running Android 10.
Safety Net check is ok.
Magisk hide is configured for keytrade banking and google play services
Magisk is hided with another name
I tried Riru-MomoHider, Riru Enhanced mode for Magisk Hide...
...
Now, I really can't find any new idea.
Hi OpenWorld,
a temporary fix is to downgrade the app (you can use aptoide to do that, make sure you use a trusted source though). I got back to version 5.4.5 and it apparently did the trick. I am afraid however that sooner or later Keytrade will force us to move to the updated version, so a stable solution to this issue is still to be found.
Maybe the Magisk crew could investigate what system the Keytrade is using to spot root? No Keytrade account is needed (root is immediately identified upon opening the app, so if one manages to get to the first screen where an account must be created, this means that Magisk has not been spotted) and it could be of general interest to the Magisk community to see what trick the Keytrade app is using to spot root... I am sorry I am not knowledgeable enough to help with this.
Best, A

Question Ive rooted my Pixel 7. I updated some apps on my P7. Now some apps are saying they wont work on Rooted devices. How to fix without unrooting?

I used these videos on Youtube to root my Pixel 7 several months ago.
Main reason was so I take advantage of the root version of APH Phone (Call recorder). Now I have a app called Roadie installed and updated and now its saying It will not work on Rooted or Jailbroken devices.
Is there any way to be able to use this with unrooting? Maybe some sort of root checking blocker?
Unrooting is a last resort.
See Post #2 - Unlocking Bootloader / Rooting / Updating | SafetyNet | ADB/Fastboot & Windows USB Drivers:
TL;DR - for the seasoned repeat users
SafetyNet
Magisk_Module_+_Uninstaller << Here are the needed Files!!!!
-Install Magisk.apk App from /sdcard/ and start Magisk App
-go to Settings and Enable "Zygisk" Option
-Setup the Denie-List with Apps you would hide Root (Especially Banking-Apps and other the dont start in Rooted-Device)
-Setup "Hide-Magisk-App" and choose a name 4 the new Shortcut
-Now The App starts again
-goto Modules and choose "Setup from Internal_storage" and Install "MagiskHidePropsConf-v6.1.2.zip" &
"safetynet-fix-v2.4.0.zip" without Restart the Device!!!
-After that reboot the Device
-Now Setup a Terminal_Emulator/Termux/etc.. from PlayStore!!!
-open your Terminal on Android and Type the following command
su
props
choose 1
choose f
choose your Device in next 2 Steps!!
(Samsung - 26 / Galaxy Tab A 10.1 2019 - 84)
choose y
choose y to reboot Device!!
-After Reboot open Settings and go to Apps
show all and choose
1# Google-PlayStore and Clear Stored-Datas/ Clear Cache
than goto
2# Google-PlayServices and Clear Stored-Datas/ Clear Cache
-Now you can Download "YASNAC SafetyNet Checker" from Playstore and can Check the Status!!!
-Finish!!!!!!
While changing your phone model through MagiskHidePropsConfig (MHPC) is a viable method, it really is a drastic one and should be one of the last resorts -- your phone gets identified by apps as non-rooted, but also Google services, other services, and other apps will wrongly identify your phone as what you "spoof" and they can try and apply incorrect data because it doesn't see the device as a Pixel 7, but what you spoof.
Especially since there are so many other hide root methods out there that one should try first that doesn't require such drastic methods (with more minimal side-effects) and work like 95% percent of the time; regular ol' Zygisk DenyList, Universal SafetyNet Fix (best for our device is Displax Mod 2.1), Shamiko (there are blacklists and whitelists (in this option) that one can employ in addition), Magisk Delta, HideMyApp (which had been suggested previously), and a few others.
I hope you keep this in mind...
surel
simplepinoi177 said:
While changing your phone model through MagiskHidePropsConfig (MHPC) is a viable method, it really is a drastic one and should be one of the last resorts -- your phone gets identified by apps as non-rooted, but also Google services, other services, and other apps will wrongly identify your phone as what you "spoof" and they can try and apply incorrect data because it doesn't see the device as a Pixel 7, but what you spoof.
Especially since there are so many other hide root methods out there that one should try first that doesn't require such drastic methods and work like 95% percent of the time; regular ol' Zygisk DenyList, Universal SafetyNet Fix (best for our device is Displax Mod 2.1), Shamiko (there are blacklists and whitelists (in this option) that one can employ in addition), Magisk Delta, HideMyApp (which had been suggested previously), and a few others.
I hope you keep this in mind...
Click to expand...
Click to collapse
i know now other Methods ok, but i must Test them out to say more!! In the past i was Satisfied with the shown Method, works fine on Magisk & Lygisk!!!

How To Guide Company Portal Work Profile (& any other app) - prevent root detection & pass safetynet (A13)

Prevent Root Detection in all apps inc banking - fully functioning work profile - MS Teams - Outlook etc​I have seen some crazy guides floating around in order to prevent root detection and just wanted to share how I achieved it.
After smashing the screens of 6 pro, followed by 6a, I now have a pixel 7 as of yesterday woohoo.
(i'll order screens from china for the other two pixels as the local price in UK is ridiculous)
Pixel 7 (Panther) - Android 13 May 23 security patch - TQ2A.230505.002
Magisk Canary Official 26102 - Unlocked bootloader, flashed magisk patched init_boot.img from fw named above
Enabled Zygisk
Hide the Magisk app (I reinstalled as "SettingsMA")
Configure DenyList (all work profile apps) ie. company portal / teams / outlook - I simply searched for "Microsoft" "Azure" & then "Office" , oh and personally I also hide google wallet
Do not enforce DenyList
Cleared storage of teams and outlook apps
LSPosed-v1.8.6-6712-zygisk-release.zip reboot
LSPosed v 1.8.6 6901 zygisk release.zip reboot
safetynet-fix-v2.4.0-MOD_1.2.zip Displax Mod reboot
Shamiko-v0.7.3-174-release.zip reboot
IAmNotADeveloper 1.0.2 - Installed apk and enabled in LSPosed against company portal / office 365 / authenticator and then within lsposed, select this app and choose install to work profile, ignore the warning, lsposed now has a work profile tab to load it against all of the apps
Other module(s) installed without a direct impact
AOSPMods-253.zip Canary - update to canary from within app/updates section of standard release AOSP mods
Substratum and Liv Dark theme from playstore
All working like a dream, no longer detecting root on anything
the key to the above working is simply Shamiko - the same guide without shamiko and instead enforcing DenyList does not work
Thanks to all of the developers of the above tools, mods, apps!
Update 06/06/23: LSPosed version initially posted still caused work profile to intermittently detect root, using 6901 instead, resolves this issue.

Categories

Resources