While I was testing my root on MOMO, I found it is detecting Xposed Framework when I'm hooking any LSPosed module to it. If I don't hook anything to MOMO, It says the environment is normal.
So I'm sure there are many apps that detect the Xposed Hooks/Module hooks.
My question is, How can we bypass this Xposed Hook detection by Apps?
My Device: OP6T
Magisk 24.1
Facing same issues. I'll appreciate someone to give reply to this.
This is an issue with the developer of LSPosed, and what he said in the support group was: don't use MOMO or don't use Xposed.
No mod hides Xposed from MOMO and no developer accepts complaints about MOMO unless the device has a problem
It's more in
brenosnt said:
This is an issue with the developer of LSPosed, and what he said in the support group was: don't use MOMO or don't use Xposed.
No mod hides Xposed from MOMO and no developer accepts complaints about MOMO unless the device has a problem
Click to expand...
Click to collapse
This is even more interesting
"Hide my applist" was an xposed modules I used on my lsposed which never triggered xposed hook "abnormal environment" error
However "Device ID masker lite" and "Android Faker" modules do detected xposed when I hook MOMO, and TB checker..
Lsposed dev "don't use xposed" I do not understand this, are modules not Xposed?
Ace_Cole said:
It's more in
This is even more interesting
"Hide my applist" was an xposed modules I used on my lsposed which never triggered xposed hook "abnormal environment" error
However "Device ID masker lite" and "Android Faker" modules do detected xposed when I hook MOMO, and TB checker..
Lsposed dev "don't use xposed" I do not understand this, are modules not Xposed?
Click to expand...
Click to collapse
No, unfortunately all he wants to say is that he won't do anything to hide it from Momo if the phone doesn't have a problem
brenosnt said:
No, unfortunately all he wants to say is that he won't do anything to hide it from Momo if the phone doesn't have a problem
Click to expand...
Click to collapse
Okay I get your point, but is there any way to know if other apps check for xposed hooks?
And if No
Is there any xposed manager with a fix of this issue?
Ace_Cole said:
Okay I get your point, but is there any way to know if other apps check for xposed hooks?
And if No
Is there any xposed manager with a fix of this issue?
Click to expand...
Click to collapse
I believe that LSPosed is the best option in this regard, unless you are going to use non-root modification (which I have honestly never tested).
I recommend that you try to check LSPosed module by module (deactivate them all and reactivate one by one) to see if any of them is the cause of the error, since with me it is not showing this error
brenosnt said:
I believe that LSPosed is the best option in this regard, unless you are going to use non-root modification (which I have honestly never tested).
I recommend that you try to check LSPosed module by module (deactivate them all and reactivate one by one) to see if any of them is the cause of the error, since with me it is not showing this error
Click to expand...
Click to collapse
Okay.
Well I have only 3 modules
* Hide my Applist
* Android faker
* Device ID masker lite
However MOMO works great when hooked with Hide my Applist and I get everything working "environment is normal"
But when hooked in lsposed with either Android faker
I get "xposed framework found"
Abnormal environment error
Check screenshot
Ace_Cole said:
Okay.
Well I have only 3 modules
* Hide my Applist
* Android faker
* Device ID masker lite
However MOMO works great when hooked with Hide my Applist and I get everything working "environment is normal"
But when hooked in lsposed with either Android faker
I get "xposed framework found"
Abnormal environment error
Check screenshot
Click to expand...
Click to collapse
Use HMA to hide the Xposed modules, however I'm pretty sure the two "Faker" modules are the cause. I found other reports on the web of them causing this error.
I believe there is no way to use them and succeed, but you can try using MagiskHide Props Config to do device emulation and uninstall problematic Xposed modules
brenosnt said:
Use HMA to hide the Xposed modules, however I'm pretty sure the two "Faker" modules are the cause. I found other reports on the web of them causing this error.
I believe there is no way to use them and succeed, but you can try using MagiskHide Props Config to do device emulation and uninstall problematic Xposed modules
Click to expand...
Click to collapse
I think no way really to use those 2 without getting caught in between
I so much love the Android faker because of ability to mask Mac address.. very useful, and hardware serial it can spoof.. I think no way to stay hidden from xposed for me
Ace_Cole said:
I think no way really to use those 2 without getting caught in between
I so much love the Android faker because of ability to mask Mac address.. very useful, and hardware serial it can spoof.. I think no way to stay hidden from xposed for me
Click to expand...
Click to collapse
brenosnt said:
Use HMA to hide the Xposed modules, however I'm pretty sure the two "Faker" modules are the cause. I found other reports on the web of them causing this error.
Click to expand...
Click to collapse
HMA really handles the hide of xposed modules well.
I have another tester app
TB checker, HMA hide all modules for both MOMO and TB checker and my phone got clean, even other apps
Just that I can't hook any app in Android faker without getting caught by "xposed framework found"
Ace_Cole said:
I think no way really to use those 2 without getting caught in between
I so much love the Android faker because of ability to mask Mac address.. very useful, and hardware serial it can spoof.. I think no way to stay hidden from xposed for me
Click to expand...
Click to collapse
Does your device not have MAC randomization?
There is a module called MacRandomizationEnabler that does this at Magisk level, which can be more effective (requires Android 10+)
brenosnt said:
Does your device not have MAC randomization?
There is a module called MacRandomizationEnabler that does this at Magisk level, which can be more effective (requires Android 10+)
Click to expand...
Click to collapse
I owned Xiaomi Redmi 9 with Android 10
Does that app works? I'll have to look to it
I'll try that and give feedback. Thanks
Related
Hi, I've been playing a game called Legion of Heroes for quite some while.
One day, after an update, suddenly the game started to detect that I have Xposed Framework installed and refused to start up.
I am familiar with apps detecting root and not turning on, but I've never seen an app that detects Xposed Framework before...
Is there a way to prevent the detection or somehow bypass the detection?
I've tried Xprivacy and disabled all the system permissions (including the getInstalledPackeges, getInstalledApplications, and all those other ones as well), however, the game still detects that Xposed is installed.
Its pretty frustrating since I have so many Xposed modules and I would have to uninstall Xposed in order to play this game...
Thanks in advance!
It's very difficult to deal with that problem.Maybe you can uninstall the xposed and install it again after starting on the game.
I have the same problem with a game called Seven Knights.
Really hope there will be an Xposed cloak module soon!
I have seen it before. Only one course of action. Leave 1 star rating explaining why. You can't hide xposed. Most companies will back off due to the negative publicity. It is entirely moronic to blacklist exposed. If it is used to cheat in your game then you need to deal with it by moving things server side or use native calls. Blacklisting the framework is simply the stupid way out of your project's issues.
Hi
You can try a module Sudohide. Use this module to hide one app from other. Try this..
Dhanankayamishra said:
Hi
You can try a module Sudohide. Use this module to hide one app from other. Try this..
Click to expand...
Click to collapse
Hi, I tried it. It didn't work.. Is it possible that the app (in my case Block Strike) is checking for other xposed related apps too?
install magisk (systemless root - systemless xposed) and install xposed installer and turn magisk hide on in magisk manager
then if u want to play the game just simply turn xposed off in xposed installer and reboot it won't take time like before to optimize apps when reactivating it
ahmedsasker said:
install magisk (systemless root - systemless xposed) and install xposed installer and turn magisk hide on in magisk manager
then if u want to play the game just simply turn xposed off in xposed installer and reboot it won't take time like before to optimize apps when reactivating it
Click to expand...
Click to collapse
This is not a real solution. Seems you've misunderstood the question. We are looking for some way to prevent a particular app from knowing that Xposed is installed, not to disable Xposed.
Anyone have any ideas?
LowVolume said:
This is not a real solution. Seems you've misunderstood the question. We are looking for some way to prevent a particular app from knowing that Xposed is installed, not to disable Xposed.
Anyone have any ideas?
Click to expand...
Click to collapse
Ahmedsasker was giving you the only known solution at this time. There has been much discussion in XDA about Xposed tripping Safetynet, which more and more games are using to detect an open system. Even the systemless Xposed module cannot be hidden at this time using Magisk. The real issue is that Safetynet is becoming more sophisticated with every new iteration, if you read the threads in Magisk to see it recently circumvented the hide methods of version V12 and luckily the developer found a solution with Beta V13. Its a cat and mouse game to stay ahead.
jrmt077 said:
Ahmedsasker was giving you the only known solution at this time. There has been much discussion in XDA about Xposed tripping Safetynet, which more and more games are using to detect an open system. Even the systemless Xposed module cannot be hidden at this time using Magisk. The real issue is that Safetynet is becoming more sophisticated with every new iteration, if you read the threads in Magisk to see it recently circumvented the hide methods of version V12 and luckily the developer found a solution with Beta V13. Its a cat and mouse game to stay ahead.
Click to expand...
Click to collapse
I don't use xposed anymore since I'm on 7.1, but last time I encountered an app that detected I had it installed, using appopsxposed to disable storage permissions of said app seemed to do the trick last time. Is this no longer the case?
Truant_Luce said:
I don't use xposed anymore since I'm on 7.1, but last time I encountered an app that detected I had it installed, using appopsxposed to disable storage permissions of said app seemed to do the trick last time. Is this no longer the case?
Click to expand...
Click to collapse
With Safetynet in place now I am not sure if that is a solution, I havent read any comments of anyone successfully using Xposed without tripping SN. Maybe someone using appopsxposed can comment back.
Hide exposed framework
Use dotmod module, u can download on xposedi apk. Dotmod can hide xposed, root, hook, etc. I hope cannhelpyou
8intang said:
Use dotmod module, u can download on xposedi apk. Dotmod can hide xposed, root, hook, etc. I hope cannhelpyou
Click to expand...
Click to collapse
Tested, Pokemon Go still sees Xposed via Magisk. Only option there is to turn module off, reboot and when you want to use Xposed again, Enable module, reboot, enable module again in xposed installer (beta, not enabled), reboot, enable module and reboot again.
you can try DIWA module Xposed
dotmod, Diwa and HiddenCore Xposed modules are ALL CLOSED source..
Is there any open source or otherwise trustworthy app or module to hide Xposed from an app?
RootedLee said:
dotmod, Diwa and HiddenCore Xposed modules are ALL CLOSED source..
Is there any open source or otherwise trustworthy app or module to hide Xposed from an app?
Click to expand...
Click to collapse
github. com/aldyjrz/Xposed-Safetynet-Hider
Test this open source project app
Hi everyone,
I just rooted (my 1st root) my pixel 4 yesterday to activate the soli module as in my country it doesn't work otherwise.
Soli is now working, but some app (like Netflix) cannot be used even after installing the APK from some APK database.
After looking online I understood that this was because of the safetynet checks, which are both failed (ctsprofile and basicintegrity)
Unfortunatelly, I haven't found any thread to fix it except some old for older versions or mentioning TWRP which i didn't use.
I have only 3 modules installed: Riru Edxposed / Riru Core and MagiskHide props config (and the check of all google playservice addresses in the module)
Can someone help me on that?
Thanks !
Seems like Google started detecting EdXposed yesterday, but this can be worked around by adding some Google components to the EdXposed blacklist. Take a look on the EdXposed Github for details.
Didgeridoohan said:
Seems like Google started detecting EdXposed yesterday, but this can be worked around by adding some Google components to the EdXposed blacklist. Take a look on the EdXposed Github for details.
Click to expand...
Click to collapse
The check is now green for both, thanks
But i can't still use netflix (app will remain on the logo for ever).
I tried to rename the liboem file with a root explorer but the file is not present in the folder in system\lib\ or \lib64
frikadel said:
The check is now green for both, thanks
But i can't still use netflix (app will remain on the logo for ever).
I tried to rename the liboem file with a root explorer but the file is not present in the folder in system\lib\ or \lib64
Click to expand...
Click to collapse
Hi,
Coul you please tell me if you are on custom rom?
I am on custom and only way to pass is to use Props Module in Magisk. But the Props is not loading when Riru EdXposed is active.
Thank you,
amplatfus
I just posted this on Github, kinda curious if it helps with Google Pay. I had never heard of this module before:
Has anyone tried the Hidden Core module in EdXposed? It is passing SafetyNet for me without any blacklisting or switching modes, just install and reboot.
For posterity, I am running EdXposed YAHFA 0.4.5.1. EdXposed Manager 4.5.1 under Magisk v20.1 / Android Pie.
https://ibb.co/xLBxDDV
https://ibb.co/F6y1hcH
SmilingPerson said:
I just posted this on Github, kinda curious if it helps with Google Pay. I had never heard of this module before:
Has anyone tried the Hidden Core module in EdXposed? It is passing SafetyNet for me without any blacklisting or switching modes, just install and reboot.
For posterity, I am running EdXposed YAHFA 0.4.5.1. EdXposed Manager 4.5.1 under Magisk v20.1 / Android Pie.
https://ibb.co/xLBxDDV
https://ibb.co/F6y1hcH
Click to expand...
Click to collapse
Hi,
Tried. It is not working. Still searching.
Thanks!
amplatfus said:
Hi,
Tried. It is not working. Still searching.
Thanks!
Click to expand...
Click to collapse
Yep, I recently went from rooted stock to LineageOS 16 on my phone, and can no longer use Netflix. My rooted Android media boxes also run LOS and Netflix *does* work on them, so I am perplexed. I can run the (terrible) remote control app for my Toyota by simply hiding things in Magisk and adding it to the blacklist in EdXposed Manager, otherwise it will complain about the phone being rooted. That works, but Netflix does not.
I don't need Netflix on my daily driver telephone, so no loss, but it tells us that whatever Google is doing, it is beatable. I just don't see the common ground though, it almost seems like it is device dependant. Next time I install Netflix, I am going to face due north, chant the Canadian anthem, and touch my nose with my right index finger while clutching a rosary in my left hand. Maybe that will be the ticket.
Sent from my unknown using Tapatalk
SmilingPerson said:
I just posted this on Github, kinda curious if it helps with Google Pay. I had never heard of this module before:
Has anyone tried the Hidden Core module in EdXposed? It is passing SafetyNet for me without any blacklisting or switching modes, just install and reboot.
For posterity, I am running EdXposed YAHFA 0.4.5.1. EdXposed Manager 4.5.1 under Magisk v20.1 / Android Pie.
https://ibb.co/xLBxDDV
https://ibb.co/F6y1hcH
Click to expand...
Click to collapse
You're a great bro !! after having installed the module on EdXposed and restarted my redmi note 4x (mido) with EAX Os 6.7, both the ticks were of a magnificent green! many thanks! :victory::victory::victory:
For context I have "treble_arm64_bvS-userdebug 11 RQ3A.211001.001 eng.crossg.20211108.032335 test-keys" LineageOS custom rom with magisk and safetynet granted (thanks to riru module)
But my banking app got recently updated https://play.google.com/store/apps/details?id=com.cm_prod.bad and now refuses to let me connect because "For security reasons this application does'nt support emulators anymore"
This app has MagiskHide applied otherwise it detects root and refuses to let me connect
I know MagiskHide is discontinued but is there a Magisk module or a tweak that could resolve my issue ?
Thanks in advance for any help
Try install IsLand and add app that detect Magisk into IsLand, also hide magisk app by repacking magisk with random package
Dawnowl444 said:
For context I have "treble_arm64_bvS-userdebug 11 RQ3A.211001.001 eng.crossg.20211108.032335 test-keys" LineageOS custom rom with magisk and safetynet granted (thanks to riru module)
But my banking app got recently updated https://play.google.com/store/apps/details?id=com.cm_prod.bad and now refuses to let me connect because "For security reasons this application does'nt support emulators anymore"
This app has MagiskHide applied otherwise it detects root and refuses to let me connect
I know MagiskHide is discontinued but is there a Magisk module or a tweak that could resolve my issue ?
Thanks in advance for any help
Click to expand...
Click to collapse
https://github.com/kdrag0n/safetynet-fix make sure you use the one for magisk hide not zygisk.
Also make sure that magisk manager is hidden ex in magisk manager settings hide magisk rename. Also make sure gms(play services), play store, and your banking app is hidden
toolhas4degrees said:
https://github.com/kdrag0n/safetynet-fix make sure you use the one for magisk hide not zygisk.
Also make sure that magisk manager is hidden ex in magisk manager settings hide magisk rename. Also make sure gms(play services), play store, and your banking app is hidden
Click to expand...
Click to collapse
There are more and more app now can detect magisk stub apk (random package). Your tutorial is old and already have a post about how to do this ))
Well thanks for your responses and yes I have already have already rename Magisk with random id, I have universal safety net fix with riru, and MagiskHide enabled with my banking app (otherwise it detects root as is). And tough that all of this was enough (I do pass safetynet for now) but seems that it is not for my banking app...
@huskydg.11455139 I installed IsLand but I was a bit too much surprised with all the professional profil tweaking that it was doing without my consent... I kinda panic and uninstall the all thing...
But :
- I don't get in what way this will hide the fact that my banking app detect Magisk as an emulator
- When an app is "professionalised" what does it do and what does happen to my saves ?
- I do need MagiskHide to hide root otherwise my banking app detects it either way, can I do that while having IsLand enabled ?
Dawnowl444 said:
Well thanks for your responses and yes I have already have already rename Magisk with random id, I have universal safety net fix with riru, and MagiskHide enabled with my banking app (otherwise it detects root as is). And tough that all of this was enough (I do pass safetynet for now) but seems that it is not for my banking app...
@huskydg.11455139 I installed IsLand but I was a bit too much surprised with all the professional profil tweaking that it was doing without my consent... I kinda panic and uninstall the all thing...
But :
- I don't get in what way this will hide the fact that my banking app detect Magisk as an emulator
- When an app is "professionalised" what does it do and what does happen to my saves ?
- I do need MagiskHide to hide root otherwise my banking app detects it either way, can I do that while having IsLand enabled ?
Click to expand...
Click to collapse
IsLand is second space, any app in IsLand cannot collect anything in Primary space, prevent it collects app list and scan these apk to detect random package magisk app
You can apply MagiskHide / MagiskDenyList for any app in IsLand
I used this to bypass Techcombank, PUBG NEW STATE which can even detect random package magisk app (stub.apk) without freezing Magisk app
Or Hide your list app by using Xposed module: Hide My List App, because now more and more app can detect magisk even it has random package.
With combo (MagiskHide)+(Random Package Magisk app)
huskydg said:
IsLand is second space, any app in IsLand cannot collect anything in Primary space, prevent it collects app list and scan these apk to detect random package magisk app
You can apply MagiskHide / MagiskDenyList for any app in IsLand
I used this to bypass Techcombank, PUBG NEW STATE which can even detect random package magisk app (stub.apk) without freezing Magisk app
Or Hide your list app by using Xposed module: Hide My List App, because now more and more app can detect magisk even it has random package.
With combo (MagiskHide)+(Random Package Magisk app)
Click to expand...
Click to collapse
Well I did just now tried IsLand and my banking app still detects that my phone is considered as an emulator.
But the thing is MagiskHide and random package repacking do work as long as hiding root is concerned, otherwise by banking app do warn me that it detects root. But I wonder if in that process MagiskHide use some technics that are ones of an emulator in the process and my banking app do detects that...
Dawnowl444 said:
Well I did just now tried IsLand and my banking app still detects that my phone is considered as an emulator.
But the thing is MagiskHide and random package repacking do work as long as hiding root is concerned, otherwise by banking app do warn me that it detects root. But I wonder if in that process MagiskHide use some technics that are ones of an emulator in the process and my banking app do detects that...
Click to expand...
Click to collapse
Are you using Custom ROM?
huskydg said:
Are you using Custom ROM?
Click to expand...
Click to collapse
Well yes I'm using AndyYan's Lineage OS (Android 11) rom thanks to phh experimentation from the Treble Project.
This could could be a thing but I'ts weird that my banking app is warning me about emulator and not custom rom (instead of WhatsApp that clearly says that it detects custom rom).
I'm just speculating at this point but I have my bootloader unlock and the phh/AndyYan rom is userdebug. I think the unlock bootloader is spoofed by safetynet fix but I don't know if the userdebug variant can be detect and can be sign of an emulator...
Dawnowl444 said:
Well yes I'm using AndyYan's Lineage OS (Android 11) rom thanks to phh experimentation from the Treble Project.
This could could be a thing but I'ts weird that my banking app is warning me about emulator and not custom rom (instead of WhatsApp that clearly says that it detects custom rom).
I'm just speculating at this point but I have my bootloader unlock and the phh/AndyYan rom is userdebug. I think the unlock bootloader is spoofed by safetynet fix but I don't know if the userdebug variant can be detect and can be sign of an emulator...
Click to expand...
Click to collapse
So that's why, most Custom ROM has broken rules, do you know? Also app can easily detect if you are running Custom ROM
huskydg said:
So that's why, most Custom ROM has broken rules, do you know? Also app can easily detect if you are running Custom ROM
Click to expand...
Click to collapse
Welp same here but it just bug me that my app detects "emulator" and not custom rom... But it's could be some nonsens from by banking app after all...
And weird think that I need to disable MagiskHide, that is still usefull to me, for Momo checking.
So then I should try to spoof my build id and other stuff that can say that I have custom rom?
Dawnowl444 said:
Welp same here but it just bug me that my app detects "emulator" and not custom rom... But it's could be some nonsens from by banking app after all...
And weird think that I need to disable MagiskHide, that is still usefull to me, for Momo checking.
So then I should try to spoof my build id and other stuff that can say that I have custom rom?
Click to expand...
Click to collapse
Maybe they can mark custom ROM as emulator just to make you fear (sometime they said they found something but not that thing). who know?
Try restore to stock rom (no root) and check
huskydg said:
Maybe they can mark custom ROM as emulator just to make you fear (sometime they said they found something but not that thing). who know?
Try restore to stock rom (no root) and check
Click to expand...
Click to collapse
Yeah sometimes they say stuff because they found root or "insecurity" but the app says something completely different.
I will loose all my data if I restore stock rom plus it's a Chinese bloated rom, so I won't do that. I do really like Lineage OS so I will stay out there. But yeah it will most definitively work with stock rom not rooted that's obvious (well I say that but I still have TWRP and unlock bootloader)
huskydg said:
There are more and more app now can detect magisk stub apk (random package). Your tutorial is old and already have a post about how to do this ))
Click to expand...
Click to collapse
If you are using xposed, you can use dev opts hide and hide my applist modules to hide anything you want. I was going with the simplest answer to see if all the first checks were in place.
toolhas4degrees said:
If you are using xposed, you can use dev opts hide and hide my applist modules to hide anything you want. I was going with the simplest answer to see if all the first checks were in place.
And wasn't tutorial was a question
Click to expand...
Click to collapse
Not all apps you can apply the same way
huskydg said:
Not all apps you can apply the same way
Click to expand...
Click to collapse
Actually you can if they are more invasive you will need more hiding than magisk hide can give you. Which are the lsposed method example of what I said also lua module can do some of it also depends which module you prefer. I use hide my applist and dev opts
Go search lsposed and how to use hide my applist
toolhas4degrees said:
Actually you can if they are more invasive you will need more hiding than magisk hide can give you. Which are the lsposed method example of what I said also lua module can do some of it also depends which module you prefer. I use hide my applist and dev opts
Go search lsposed and how to use hide my applist
Click to expand...
Click to collapse
You think I don't know this , don't you?
If you do you wouldn't be here asking.
Maybe you should try using them correctly and clearing data and cache of the app.
toolhas4degrees said:
If you do you wouldn't be here asking.
Maybe you should try using them correctly and clearing data and cache of the app.
Click to expand...
Click to collapse
What's the question I am asking?
toolhas4degrees said:
If you do you wouldn't be here asking.
Maybe you should try using them correctly and clearing data and cache of the app.
Click to expand...
Click to collapse
Maybe you misunderstand what i am taking?
I just realized there was a new public Magisk release yesterday, v24, and reading through the changes I see there are two that kind of impact me: MagiskHide and the central module repository removals.
So far I had been using MagiskHide because of its ease of use, list apps, tick box, and that's it (I haven't encountered apps that detected Magisk or root status, although I know it's insufficient for some). For modules, for example, the one that moves user certs to the system store, I just searched directly from the Magisk app and it was all good as well.
But things change from now on with those things being deprecated and removed and because there isn't much to go about in the release notes I was wondering if someone could direct me to the way of doing things now.
- What's the most apt, prevalent, or recommended replacement for MagiskHide? From the release notes I gather its a module, but I'm clueless as to which one or whether there are more than one option.
- If searching for mods and directly installing them is not available through the app, is there anything like it? Or is it all manual now? I.e. look for a module around the net, download it, copy it / decompress it somewhere in the device and install it.
Thanks for everything!
KaoDome said:
I just realized there was a new public Magisk release yesterday, v24, and reading through the changes I see there are two that kind of impact me: MagiskHide and the central module repository removals.
So far I had been using MagiskHide because of its ease of use, list apps, tick box, and that's it (I haven't encountered apps that detected Magisk or root status, although I know it's insufficient for some). For modules, for example, the one that moves user certs to the system store, I just searched directly from the Magisk app and it was all good as well.
But things change from now on with those things being deprecated and removed and because there isn't much to go about in the release notes I was wondering if someone could direct me to the way of doing things now.
- What's the most apt, prevalent, or recommended replacement for MagiskHide? From the release notes I gather its a module, but I'm clueless as to which one or whether there are more than one option.
- If searching for mods and directly installing them is not available through the app, is there anything like it? Or is it all manual now? I.e. look for a module around the net, download it, copy it / decompress it somewhere in the device and install it.
Thanks for everything!
Click to expand...
Click to collapse
[Discussion] Magisk - The Age of Zygisk.
This is a discussion and help thread for the newer versions of Magisk. The main goal of this thread is to help users migrate to Magisk v24+ SafetyNet Basic integrity Pass CTS profile match Pass Play Protect certification Device is certified...
forum.xda-developers.com
Here. First 5 post and you should know all you need
So, I read through that thread. It certainly solved a few issues for me. Like getting safety net, getting a repository, etc.
But it didn't have anything I see to replace magisk hide, even in the Fox Magisk Module Manager.
Do I just need to know other terminology now? Or is there something else I'm missing?
Quantumrabbit said:
So, I read through that thread. It certainly solved a few issues for me. Like getting safety net, getting a repository, etc.
But it didn't have anything I see to replace magisk hide, even in the Fox Magisk Module Manager.
Do I just need to know other terminology now? Or is there something else I'm missing?
Click to expand...
Click to collapse
I don't get it, Magisk Hide is good for passing SafetyNet and you said you got it. Anyway, for SafetyNet you can use the Universal SafetyNet Fix module.
If you meant the hide list, there's now the Deny list. To quote:
The Deny list is similar but instead of hiding Magisk from the process, Magisk is unloaded so there is nothing to hide.
Click to expand...
Click to collapse
Porpet said:
I don't get it, Magisk Hide is good for passing SafetyNet and you said you got it. Anyway, for SafetyNet you can use the Universal SafetyNet Fix module.
If you meant the hide list, there's now the Deny list. To quote:
Click to expand...
Click to collapse
Yes, it's for some banking apps, Concur, and others, none of which have any business checking for root, but all check for Magisk and such in other ways, and prevent usage.
If the deny list is how to do that now, I'll give that a go. Thank you
Quantumrabbit said:
Yes, it's for some banking apps, Concur, and others, none of which have any business checking for root, but all check for Magisk and such in other ways, and prevent usage.
If the deny list is how to do that now, I'll give that a go. Thank you
Click to expand...
Click to collapse
And where did you find the deny list?
fusk said:
And where did you find the deny list?
Click to expand...
Click to collapse
Settings enforce deny list. You need to enable zygisk and reboot prior also in settings.
Also there is an add on module shamiko that has more hide features after you configure denylist
H
toolhas4degrees said:
Settings enforce deny list. You need to enable zygisk and reboot prior also in settings.
Also there is an add on module shamiko that has more hide features after you configure denylist
Click to expand...
Click to collapse
How to add modules shamiko & how to more hide features
Spartacus500 said:
H
How to add modules shamiko & how to more hide features
Click to expand...
Click to collapse
Shamiko is a flashable only need to slash magisk module. You can find it in the magisk alpha thread on telegram. You need to configure denylist first and reboot then turn off the enforce denylist toggle and flash the shamiko module.
If you are using lsposed download hide my applist xposed module and search how to use it if you want more coverage
Pm me if you want links
I'm having a lot of trouble. Duo Mobile (a 2FA app) is still able to detect that I'm rooted. Here's what I've done:
1) Installed Magisk & Manager app version 24.1 (24100)
2) Enabled Zygisk (and rebooted of course)
3) Enabled Enforce DenyList
4) Added com.duosecurity.duomobile and ALL Google Play Services submodules to the DenyList
5) Installed Universal SafetyNet Fix v2.2.1 from https://github.com/kdrag0n/safetynet-fix/releases/tag/v2.2.1
6) Hidden the Magisk app
7) Completely uninstalled & reinstalled Duo Mobile (and verified that it's still on the DenyList
This is incredibly annoying, is there anything I'm doing wrong? Is there a way to verify that the SafetyNet Fix is working as expected? Magisk doesn't have a "Check SafetyNet" option on the app anymore.
Drakinite said:
I'm having a lot of trouble. Duo Mobile (a 2FA app) is still able to detect that I'm rooted. Here's what I've done:
1) Installed Magisk & Manager app version 24.1 (24100)
2) Enabled Zygisk (and rebooted of course)
3) Enabled Enforce DenyList
4) Added com.duosecurity.duomobile and ALL Google Play Services submodules to the DenyList
5) Installed Universal SafetyNet Fix v2.2.1 from https://github.com/kdrag0n/safetynet-fix/releases/tag/v2.2.1
6) Hidden the Magisk app
7) Completely uninstalled & reinstalled Duo Mobile (and verified that it's still on the DenyList
This is incredibly annoying, is there anything I'm doing wrong? Is there a way to verify that the SafetyNet Fix is working as expected? Magisk doesn't have a "Check SafetyNet" option on the app anymore.
Click to expand...
Click to collapse
This is quite weird and definitely shows how different devices handle root detection. I a Samsung S10+ and just installed Magisk 24 with enforce DenyList earlier this week. Today I just installed Duo Mobile and it works fine. I do not have it in the DenyList, and Magisk is not hidden. I use a custom SafetyNet fix that was installed when I originally installed an AIO TWRP/Magisk/SafetyNet fix after unlocking my bootloader. I also fail SafetyNet checks.
Have you tried Shamiko? It didn't help me pass SafetyNet so I removed it.
Unfortunately I don't have any other fixes for you but you can check SafetyNet with apps from the play store, I use YASNAC and SafetyNet 'attest'.
What phone are you using?
Drakinite said:
This is incredibly annoying, is there anything I'm doing wrong? Is there a way to verify that the SafetyNet Fix is working as expected? Magisk doesn't have a "Check SafetyNet" option on the app anymore.
Click to expand...
Click to collapse
There are SafetyNet checker apps you can download from the Play Store or F-Droid such as YASNAC.
danbest82 said:
Have you tried Shamiko? It didn't help me pass SafetyNet so I removed it.
Unfortunately I don't have any other fixes for you but you can check SafetyNet with apps from the play store, I use YASNAC and SafetyNet 'attest'.
What phone are you using?
Click to expand...
Click to collapse
I'm using a Oneplus 6. At your suggestion, I tried Shamiko, but so far it hasn't worked.
anonymous-bot said:
There are SafetyNet checker apps you can download from the Play Store or F-Droid such as YASNAC.
Click to expand...
Click to collapse
I tried Momo from the Magisk alpha telegram channel, and it's been helpful so far, but it's detecting Magisk/TWRP files and I don't know where they are located. Is there a way to find where these files it's detecting are? This might be what Duo is detecting.
When I run YASNAC, it passes the SafetyNet check.
Drakinite said:
I'm using a Oneplus 6. At your suggestion, I tried Shamiko, but so far it hasn't worked.
I tried Momo from the Magisk alpha telegram channel, and it's been helpful so far, but it's detecting Magisk/TWRP files and I don't know where they are located. Is there a way to find where these files it's detecting are? This might be what Duo is detecting.
When I run YASNAC, it passes the SafetyNet check.
Click to expand...
Click to collapse
Get VD Infos and use it to scan your files. You can find it on XDA.
Drakinite said:
I'm using a Oneplus 6. At your suggestion, I tried Shamiko, but so far it hasn't worked.
Click to expand...
Click to collapse
Hmm ok. Like I said shimako didn't work for me either. I'm not sure why Duo is still detecting root. For reference this is what is on my DenyList:
Drakinite said:
I tried Momo from the Magisk alpha telegram channel, and it's been helpful so far, but it's detecting Magisk/TWRP files and I don't know where they are located. Is there a way to find where these files it's detecting are? This might be what Duo is detecting.
When I run YASNAC, it passes the SafetyNet check.
Click to expand...
Click to collapse
YASNAC is the replacement for Momo it looks like since Momo is Riru based (https://github.com/canyie/Riru-MomoHider)
simplydat said:
Get VD Infos and use use to scan your files. You can find it in XDA
Click to expand...
Click to collapse
Ok so this one is more helpful, but I'm not sure how to hide these that appeared. Any idea what ro.kernel.qemu.gles is? I looked through my list of installed apps and nothing like that showed up.
Should we switch to private messages to not spam the thread? Or perhaps staying in here can be helpful for those with the same problem?
Drakinite said:
Ok so this one is more helpful, but I'm not sure how to hide these that appeared. Any idea what ro.kernel.qemu.gles is? I looked through my list of installed apps and nothing like that showed up.
Should we switch to private messages to not spam the thread? Or perhaps staying in here can be helpful for those with the same problem?
Click to expand...
Click to collapse
OMG WAIT, it finally worked! I don't know what changed, but Duo is now no longer detecting root. Gotta love when things magically start working when you don't know what changed.
Drakinite said:
OMG WAIT, it finally worked! I don't know what changed, but Duo is now no longer detecting root. Gotta love when things magically start working when you don't know what changed.
Click to expand...
Click to collapse
Awesome. Hope it stays that way!
Hi,
I've switched to the new method with the DenyList & Shamiko (v0.5.0) on OnePlus 6 recently - Magisk (v24.3), however it doesn't seem to hide root from Google Pay. Can it still be a bug with Magisk, when it can't hide system apps? In the changelog of Shamiko it mentioned that it was fixed in Magisk "24102+", I'm not sure what version is this, but I imagine it's not released yet. If so, is there a way of installing this version early?
Thank you!
antivirtel said:
Hi,
I've switched to the new method with the DenyList & Shamiko (v0.5.0) on OnePlus 6 recently - Magisk (v24.3), however it doesn't seem to hide root from Google Pay. Can it still be a bug with Magisk, when it can't hide system apps? In the changelog of Shamiko it mentioned that it was fixed in Magisk "24102+", I'm not sure what version is this, but I imagine it's not released yet. If so, is there a way of installing this version early?
Thank you!
Click to expand...
Click to collapse
Version 24102 would be v24.102. So your Magisk 24.300 is newer.
With Magisk 24 a couple of things have changed and its got me confused maybe someone here can help me understand.
Previously, with MagiskHide I could select apps for which Magisk would be hidden. In addition, I had riru/lsposed with a couple of modules, afwall+ donate and xprivacyLua for example. I selected all user installed apps for both these modules. So I basically had hidden magisk, and magisk and lsposed modules worked on selected apps.
With Magisk 24 it seems differently, but maybe I misinterpret.
With Magisk 24, I enable zygisk with enforce deny list. The description says that selected processes will have all Magisk modifications reverted.
I installed lsposed canary version which works with zygisk on Magisk 24 (on 2/2 it will be pushed to the stable channel). I installed the same modules, afwall+ and xprivacylua. Except that now all the apps that are on the zygisk denylist are marked as such in the lsposed module list. I suspect this means lsposed as a zygisk module is also reverted on apps on the denylist.
So if thats correct, basically we cannot have Magisk hidden and still have LSPosed modules applied, such as AFWall and XprivacyLUA.
Is that correct or am I misinterpreting the denylist description?
droidvark said:
With Magisk 24 a couple of things have changed and its got me confused maybe someone here can help me understand.
Previously, with MagiskHide I could select apps for which Magisk would be hidden. In addition, I had riru/lsposed with a couple of modules, afwall+ donate and xprivacyLua for example. I selected all user installed apps for both these modules. So I basically had hidden magisk, and magisk and lsposed modules worked on selected apps.
With Magisk 24 it seems differently, but maybe I misinterpret.
With Magisk 24, I enable zygisk with enforce deny list. The description says that selected processes will have all Magisk modifications reverted.
I installed lsposed canary version which works with zygisk on Magisk 24 (on 2/2 it will be pushed to the stable channel). I installed the same modules, afwall+ and xprivacylua. Except that now all the apps that are on the zygisk denylist are marked as such in the lsposed module list. I suspect this means lsposed as a zygisk module is also reverted on apps on the denylist.
So if thats correct, basically we cannot have Magisk hidden and still have LSPosed modules applied, such as AFWall and XprivacyLUA.
Is that correct or am I misinterpreting the denylist description?
Click to expand...
Click to collapse
Your misinterpreting it, deny list just denies access to zygisk to the apps you selected, you have to use LSPosed zygisk version as Rieu will not work with it. Everything else works the same
Darkaeluz said:
Your misinterpreting it, deny list just denies access to zygisk to the apps you selected, you have to use LSPosed zygisk version as Rieu will not work with it. Everything else works the same
Click to expand...
Click to collapse
Thanks! Yes I am using the Zygisk version (and I think you meant riru, rieu sounds like an autocorrect mistake ).
Maybe I didn't explain it very well. I tested it with several apps in different situations and it works like I suspected. For example, XprivacyLua can deny apps access to the clipboard. When an app is on the denylist in Zygisk and has access to the clipboard denied in XprivacyLua, it still has access to the clipboard. Once I remove the app from the denylist, XprivacyLua starts working and selected apps are denied access to the clipboard.
In other words, LSPosed modules do not work on apps that are on the denylist. During my trials I also noticed the short popup message in LSPosed saying that it might not work on apps on the denylist.
I think this is a serious regression from previous versions.
The OP has a valid question. I hope someone can answer.
I have the same query as OP. How do we configure denylist in tandem with other modules?
If any bank app is selected in the denylist, then in XPrivacyLua the same app is given a label "On denylist"
droidvark said:
With Magisk 24 a couple of things have changed and its got me confused maybe someone here can help me understand.
Previously, with MagiskHide I could select apps for which Magisk would be hidden. In addition, I had riru/lsposed with a couple of modules, afwall+ donate and xprivacyLua for example. I selected all user installed apps for both these modules. So I basically had hidden magisk, and magisk and lsposed modules worked on selected apps.
With Magisk 24 it seems differently, but maybe I misinterpret.
With Magisk 24, I enable zygisk with enforce deny list. The description says that selected processes will have all Magisk modifications reverted.
I installed lsposed canary version which works with zygisk on Magisk 24 (on 2/2 it will be pushed to the stable channel). I installed the same modules, afwall+ and xprivacylua. Except that now all the apps that are on the zygisk denylist are marked as such in the lsposed module list. I suspect this means lsposed as a zygisk module is also reverted on apps on the denylist.
So if thats correct, basically we cannot have Magisk hidden and still have LSPosed modules applied, such as AFWall and XprivacyLUA.
Is that correct or am I misinterpreting the denylist description?
Click to expand...
Click to collapse
same here :v
so much confusion lol
droidvark said:
Thanks! Yes I am using the Zygisk version (and I think you meant riru, rieu sounds like an autocorrect mistake ).
Maybe I didn't explain it very well. I tested it with several apps in different situations and it works like I suspected. For example, XprivacyLua can deny apps access to the clipboard. When an app is on the denylist in Zygisk and has access to the clipboard denied in XprivacyLua, it still has access to the clipboard. Once I remove the app from the denylist, XprivacyLua starts working and selected apps are denied access to the clipboard.
In other words, LSPosed modules do not work on apps that are on the denylist. During my trials I also noticed the short popup message in LSPosed saying that it might not work on apps on the denylist.
I think this is a serious regression from previous versions.
Click to expand...
Click to collapse
In order to make this work before what you need to do is configure the dentist and enforce toggle on. Reboot phone. Search Magisk alpha thread on telegram. Download latest Shamiko Magisk module. Toggle the enforce toggle off then flash the Shamiko module and reboot. all will work like before
Ps riru doesn't work on zygisk yet as far as I know and there is lsposed zygisk version you will need to run attached below. Remove riru core and old lsposed prior to flashing new one
Also if you need more hiding ability use hidemyapplist xposed module for other stuff
toolhas4degrees said:
In order to make this work before what you need to do is configure the dentist and enforce toggle on. Reboot phone. Search Magisk alpha thread on telegram. Download latest Shamiko Magisk module. Toggle the enforce toggle off then flash the Shamiko module and reboot. all will work like before
Ps riru doesn't work on zygisk yet as far as I know and there is lsposed zygisk version you will need to run attached below. Remove riru core and old lsposed prior to flashing new one
Click to expand...
Click to collapse
Thanks gonna try this out.
edit: everything works fine. thanks!
looks like shamiko takes the denylist and enforces it while preserving the ability for the same list to be accessible for lsposed modules. nice thing.
EGYPT2021 said:
Thanks gonna try this out.
edit: everything works fine. thanks!
looks like shamiko takes the denylist and enforces it while preserving the ability for the same list to be accessible for lsposed modules. nice thing.
Click to expand...
Click to collapse
Been using it this way for 3 plus months
Shamiko is actually a zygisk hide itself
Thank you guys for offering a possible solution but after the tests i took i think this shamiko module is just a visual module. To share one of my test results i installed this app Device info pro and on the system tab it says root management app Magisk....
So there is no solution yet i think to have zygisk deny list configured for the some app and use for example xprivacylua lua on this app and have them both working toghether properly..
okwhateverok said:
Thank you guys for offering a possible solution but after the tests i took i think this shamiko module is just a visual module. To share one of my test results i installed this app Device info pro and on the system tab it says root management app Magisk....
So there is no solution yet i think to have zygisk deny list configured for the some app and use for example xprivacylua lua on this app and have them both working toghether properly..
Click to expand...
Click to collapse
Shamiko is not a visual mod... It hides zygisk.... Maybe read a little. Also did you turn denylist toggle off before flashing shamiko.
Exactly, if shamiko v0.4.3 was not a visual mod (at least on system level) i should not be able to see what app does provide root if i got this app enabled on the magisk denylist and got this same app completely blocked by xprivacylua using Lsposed 1.7.2 zygisk.
This means that this is a pure cosmetic mod, but thanks to the developers anyway.
I think i had done a little more than only read a little haha...
Nvm
Hi, I have a similar question. I use SeftyNet from kdrag0n, works fine with a banking app (denyList + enforce)
Can I add programs preventively? For example most of Google, all banking apps (before I run them)?
Could this slow down the system? Or make the applications will not work properly?
After reading this thread, I have a question. I wonder whether to use SeftyNet from kdrag0n, or Shamiko ?
PS I've had a lot of work lately and a long pause on Android systems, And I'm just catching up.
okwhateverok said:
Exactly, if shamiko v0.4.3 was not a visual mod (at least on system level) i should not be able to see what app does provide root if i got this app enabled on the magisk denylist and got this same app completely blocked by xprivacylua using Lsposed 1.7.2 zygisk.
This means that this is a pure cosmetic mod, but thanks to the developers anyway.
I think i had done a little than only read a little haha...
Click to expand...
Click to collapse
Did you find an answer? Lsposed modules + Denylist enforced or somehow else?
I did not find a solution nor the developers did so far...
This all while running the latest version of Shamiko v0.5.0 and Lsposed Zygisk v1.8.3.
But still i want to thank the developers for their hard work because it is actually the manufacturers android developers who does close these doors for their users to modify and control their own devices.
No delta anymore
FYI .... I found out that for some funny reason one banking app with a wierd name like /data/data/com.uniken.r2fa4a.boi will not add via GUI . If you add it to denylist via GUI it will auto uncheck. Its aint a system app why then does Magisk ( latest as I type ) refuse to add it ? Go Figure. In the meantime , found a workaround by using ---denylist add < package > on command line. So far it seemed to have worked. But dunno why GUI would'nt take my commands
huskydg said:
I have a fork that restore MagiskHide from DenyList. MagiskHide can be enabled no matter Zygis is enabled or disabled. After enable MagiskHide, zygisk module will still be loaded on denylist. I also add hide zygisk, hide for isolated process and app zygote into MagiskHide.
Where is this?
Click to expand...
Click to collapse
magiskhide is already inc in the magisk --denylist command just that there is no seperate bin for that in the new one .
Thanks @toolhas4degrees ! I also use XPrivacyLua and wanted to maintain security/privacy restrictions while also hiding root for certain apps. The Shamiko mod works!