Related
Update (28. Sep. 2014):
Did some more research on that matter for I found this really annoying. Deactivated Apps shall remain deactivated, even more so for as long as we don't have root yet.
Figured finally out (reproducible) that it's Disabling Device Administrators to trigger (some) Apps to get activated again.
Steps to reproduce:
Goto Settings -> Apps -> All
Deactivate e.g. Chrome, Google+, Hangouts, File Commander, Gmail, Maps, Play Store, Sony Select or Video Unlimited (so it's not only the GAPPS coming back).
Check the App Drawer, all the above should no longer be visible.
Goto Settings -> Security -> Device Administrators: Disable a Device Admin (BTW: Enabling does not re-activate Apps, only deactivation!)
Check the App Drawer again and find all of the above deactivated Apps have re-appeared.
This works in 23.0.A.2.98 (customized DE) as well as 23.0.A.2.105 (customized UK).
Sony: please fix this asap.
Devs: please, please give us root. The phone is worth it
Original assumption (OUTDATED):
Noticed a strange behaviour in builds 23.0.A.2.98 (customized DE) and builds 23.0.A.2.105 (customized UK) w.r.t. deactivated Apps getting automatically re-activated after changing language settings.
Started off with 23.0.A.2.98 (customized DE) on my phone and deactivated e.g. Chrome, Google Play Store, Google Play Services and some other Apps. Now, as I wanted to make some screenshots in English, I changed language settings from German to English. That moment Chrome, Google Play Services and otheres (but not all of them) got automatically re-activated and also (re-)appeared in the App drawer. Changing the phone back to German did not help as still some Apps keep getting re-activated after say a re-start of the phone.
Then, installed 23.0.A.2.105 (customized UK), immediately set it to German during first boot, deactivated same apps as before and guess what... same here.
It looks as if whenever you set your phone to use a language different to the one for which the build was localized for this problems shows.
Can anyone please try and confirm?
This explains this reactivating of Apps. I was trying to deactivate Admin for the Sony Enterprise something. It re-activates automatically and reactivates some of the disabled apps. Not all though...
Very anoying. Especially that Sony gives themselves admin rights again after I deactivated it.... hmmm.
msm1111 said:
Very anoying. Especially that Sony gives themselves admin rights again after I deactivated it.... hmmm.
Click to expand...
Click to collapse
Happy to see (well, kind of, for it shouldn't be present in the first place) that finally someone has been able to reproduce the bug.
In order to get rid of admins "Sony Enterprise API" and "Sony My Xperia" do the following:
Download ADB and store it somewhere on you PC.
Enable USB debugging on the phone and connect it to your PC.
Open a command window and navigate to where you stored ADB.
Type "adb shell" at the prompt, hit ENTER and and the prompt changes to "[email protected]:/ $"
To block "Sony Enterprise API", issue command: "pm block com.sonymobile.enterprise.service"
To block "Sony My Xperia", issue command: "pm block com.sonymobile.mx.android"
While we are at that (though not an Admin, yet annoying), to block "What's New", issue command: "block com.sonymobile.advancedwidget.entrance".
The result of the block commands should look like "Package %PACKAGE_NAME% new blocked state: true. If still "false", you have to deactivate the corresponding admin in the settings first and re-issue the command again.
Only thing I have not been able to figure out yet is how to remove/block admin "Configuration Agent" but that one does not turn on itself (like the "Sony Enterprise API" does).
sxtester said:
Only thing I have not been able to figure out yet is how to remove/block admin "Configuration Agent" but that one does not turn on itself (like the "Sony Enterprise API" does).
Click to expand...
Click to collapse
Ah, thank you!
Configuration agent is: pm block com.sonymobile.deviceconfigtool
Wonderful, that removed my last (unwanted) one.
Thanks. I'll try it on Sunday! Is this enterprise stuff actually good for something? Or just tracking.
msm1111 said:
Thanks. I'll try it on Sunday! Is this enterprise stuff actually good for something? Or just tracking.
Click to expand...
Click to collapse
This is mainly for policy enforcement on mobiles given to employees by their company.
Check this for more info: http://developer.sonymobile.com/201...-work-with-our-sdk-and-become-a-sony-partner/
Just a quick note to say thanks to the guys who wrote this one up. I managed to follow the instructions and get rid of the whats new icon ive lost a bit of my touch though as this is not for those who don't know what sdk is.
pm block com.sonymobile.enterprise.service with this one I was getting: "False" without knowing how to change it to "true"
sxtester,
Thanks! It worked! I got rid of this stuff. I needed some attemps and reboots in between.
For "com.sonymobile.enterprise.service" you need to first disable admin and block "com.sonymobile.mx.android", reboot, then disable admin for the enterpriseAPI, block, reboot. Now its gone
I also successfully blocked "com.sonymobile.advancedwidget.entrance", "com.sony.smallapp.launcher" and "com.sony.smallapp.app.widget"
As I am not so familiar in adb, may I ask what is the difference between blocking and disabling (I guess its the same disable I can do in Settings/Apps)? I realized the blocked packages do not show up in the "pm list packages" anymore. Disabled ones do. Is there a list to see what was blocked? Thanks.
Btw I can also confirm that the OP is correct. When I first disabled Sony enterprise most or all of my disabled apps were re enabled.
Every thing worked great, thanks for help!
Thank you!!! Worked great Z3
PM BLOCK commands don't work...
I tried what was suggested above, but after I entered my ADB SHELL, the PM BLOCK command didn't work. I used the latest ADB that was installed on my system, but the only command that seems relevant to this was: PM DISABLE. I used that with the packages mentioned but they didn't get disabled. I had to disable them manually again after rebooting.
m0b1f0n3 said:
I tried what was suggested above, but after I entered my ADB SHELL, the PM BLOCK command didn't work. I used the latest ADB that was installed on my system, but the only command that seems relevant to this was: PM DISABLE. I used that with the packages mentioned but they didn't get disabled. I had to disable them manually again after rebooting.
Click to expand...
Click to collapse
As you didn't specify the version of ADB, try the following:
Download EasyRoot Tool from http://forum.xda-developers.com/showthread.php?t=2784900
Don't run the tool itself, it won't work on the Z3/Z3C! However, it contains a very slim ADB version 1.0.31 which worked for me.
Unpack the ZIP to a directory of your choice.
Open a CMD Window and navigate to %YOUR_FOLDER%\EasyRootTool v12.3\files
Connect you phone and issue the PM block commans as described above.
PM BLOCK commands still don't work...
sxtester,
Thanks for your response. I tried all sorts of ADB versions (1.0.25) including the one you suggested. I had no luck. Once I issued any of the commands above, I got the message: "Error: unknown command 'block'". I am not sure what more I can do at this point.
Any ideas?
m0b1f0n3 said:
sxtester,
Thanks for your response. I tried all sorts of ADB versions (1.0.25) including the one you suggested. I had no luck. Once I issued any of the commands above, I got the message: "Error: unknown command 'block'". I am not sure what more I can do at this point.
Any ideas?
Click to expand...
Click to collapse
I used "hide" command and it worked like a charm, i.e.: pm hide com.sony...
Hope it will help.
Hi
I've search the forums but apart from finding several people with the same issue, i didn't find anything useful.
I'm running LOS14.1 on a OP3 with latest Magisk. Safetynet passes but the MS Intune company portal seems to be detecting that the device is rooted. Turning off root however is not fixing this. Any idea on how it detects this or are there solutions via Magisk for dealing with this (or other solutions off course).
Regards
Mrhubris
mrhubris said:
Hi
I've search the forums but apart from finding several people with the same issue, i didn't find anything useful.
I'm running LOS14.1 on a OP3 with latest Magisk. Safetynet passes but the MS Intune company portal seems to be detecting that the device is rooted. Turning off root however is not fixing this. Any idea on how it detects this or are there solutions via Magisk for dealing with this (or other solutions off course).
Regards
Mrhubris
Click to expand...
Click to collapse
I am on stock Lollipop rooted using Magisk 11.6. Outlook wouldn't start for me even though magisk hide was enabled and safetynet passed. I used the Tasker app to get around the root check with the with the following tasks:
Launch App (Outlook)
Run Shell command:
su
chmod 0754 /data/magisk
sleep 25
chmod 0755 /data/magisk
This launches the outlook app and changes the permissions of the magisk folder for 25 seconds so that when it does the root check after I input my pin everything checks out. After 25 seconds it restores the permissions to what they were, and root continues to work. I exported this as an app (long hold on task, click menu in upper right and export as app) and it seems to work like a charm.
I tried changing permissions on the individual files in the /system/data/magisk folder, but that didn't work. changing the permissions on the whole /system/data/magisk directory to 0754 seems to do the trick.
You can also use a root file manager to change the permissions, but you have to be careful because if the file browser loses its root privilege before changing the permissions back, you will lose your root capabilities until rebooting into TWRP recovery to do a chmod 0755 on the magisk folder. It's more inconvenient than having tasker do it, but it works.
Hope this helps somewhat.
The only issue I'm having is that tasker seems to be a paid app. I'm not willing to pay money if I'm not sure it works.
This is why asked the question. In the other threads I read it was clear that this is not always working so I asked the question in here specifically for magisk.
Regards
Mrhubris
mrhubris said:
The only issue I'm having is that tasker seems to be a paid app. I'm not willing to pay money if I'm not sure it works.
This is why asked the question. In the other threads I read it was clear that this is not always working so I asked the question in here specifically for magisk.
Regards
Mrhubris
Click to expand...
Click to collapse
Tasker is definitely worth it! If you're worried you can try by doing the chmod manually first.
@dizzybrow
Thank you! Purchased Tasker just to do this and it worked!
dizzybrow said:
I am on stock Lollipop rooted using Magisk 11.6. Outlook wouldn't start for me even though magisk hide was enabled and safetynet passed. I used the Tasker app to get around the root check with the with the following tasks:
Launch App (Outlook)
Run Shell command:
su
chmod 0754 /data/magisk
sleep 25
chmod 0755 /data/magisk
This launches the outlook app and changes the permissions of the magisk folder for 25 seconds so that when it does the root check after I input my pin everything checks out. After 25 seconds it restores the permissions to what they were, and root continues to work. I exported this as an app (long hold on task, click menu in upper right and export as app) and it seems to work like a charm.
I tried changing permissions on the individual files in the /system/data/magisk folder, but that didn't work. changing the permissions on the whole /system/data/magisk directory to 0754 seems to do the trick.
You can also use a root file manager to change the permissions, but you have to be careful because if the file browser loses its root privilege before changing the permissions back, you will lose your root capabilities until rebooting into TWRP recovery to do a chmod 0755 on the magisk folder. It's more inconvenient than having tasker do it, but it works.
Hope this helps somewhat.
Click to expand...
Click to collapse
I can use Outlook app without Magisk Hide, I don't understand why you need do that.
Deic said:
I can use Outlook app without Magisk Hide, I don't understand why you need do that.
Click to expand...
Click to collapse
Each company has different policies. Also some don't use intune (maybe that's you).
Time for another update.
The problem is not necessarly the oulook app. It's the Intune Company Portal that's closing everything up. Is there a way around this?
From my experience it even trips on unsigned custom roms. Currently Paranoid Android is the only one not giving me problems.
as far as i can tell it detects:
- signed / Un-signed
- root (the binaries itself). Disabling root results in the exact same error notification
If magisk.hide is enabled for the app, there is no way it will detect the root binaries.
Detection could be due to the build props .. ones such as
ro.build.tags=release-keys
ro.build.type=user
Have you tried setting the above build.prop properties to the value mentioned above. These are not set like this for custom roms.
You may try the attached magisk module to set these.
Changing these build props is not working.
Root beer sample is still detecting dangerous props and safetynet is also triggering.
mrhubris said:
Changing these build props is not working.
Root beer sample is still detecting dangerous props and safetynet is also triggering.
Click to expand...
Click to collapse
Then you have some other issue. Both, root bear and safteynet should pass easily with magisk on custom roms.
candiesdoodle said:
Then you have some other issue. Both, root bear and safteynet should pass easily with magisk on custom roms.
Click to expand...
Click to collapse
Intune is just detecting specific aspects and the company i work for says that in those cases no configuration (of email for example) is allowed to happen.
But i've got no clue as to what it is detecting.
If i run Paranoid Android as a ROM it is possible. If i switch to LineageOS or Resurrection it's not.
Somehow the setup of these ROM's differs in a way to MS Intune trips or not. Is it possible to figure this out in some way?
I having same problems too but with onedrive, atm at work we are testing intune and now it would not let me use onedrive as the intune app detects root...
It could be detecting apps that require root as a secondary check, do you have anything like root explorer , Titanium backup etc ?
Sent from my ONEPLUS A5000 using Tapatalk
For me, It's detecting something in sbin even though magisk unmounts it. If I remove read or execute permissions from sbin then Company Portal and all associated apps launch just fine. Of course nothing that needs root works anymore since without those permissions nothing can access su or anything else needed for root.
Sent from my Nexus 6 using Tapatalk
i found out @dizzybrow fix works in magisk 11.6 but not 13 (didn't try 12). i'm staying on 11.6 just for this reason.
Any better ways to fix this problem?
illwafer said:
i found out @dizzybrow fix works in magisk 11.6 but not 13 (didn't try 12). i'm staying on 11.6 just for this reason.
Click to expand...
Click to collapse
So you are using Magisk Hide on 11.6 and Intune is not detecting root? I tried that and it didn't work for me.
Anyone else have any ideas?
Are you using Tasker with the variables provided by dizzybrow? If so, it should work with 11.6 (safetynet still fails).
illwafer said:
Are you using Tasker with the variables provided by dizzybrow? If so, it should work with 11.6 (safetynet still fails).
Click to expand...
Click to collapse
I am trying to, but I am not all that familiar with Tasker, so apparently I am doing something wrong. I would appreciate any assistance as far as setting it up correctly.
I'm using official Omni 8.1. The issue I'm facing is that the Magisk Manager can't seem to remember the apps it has granted Superuser permission. Even in the Superuser tab it shows "No apps found". Result being I have to grant Superuser permission every time when I open an app like Root Explorer.
Please look into this issue.
Magisk Manager: v5.5.2
Magisk Root: v15.1 Stable
I don't have this issue on version 5.5.0 and 15.1 on the latest Omni 8.1 weekly on my Oneplus 3T.
Edit: You didn't mention what device, so I doubt anyone would be able to help you. But I guess you're running a Oneplus 3T or a Oneplus 5 since there are no 8.1 Omni weeklies for any other devices, yet. Maybe you could try to attach some logs.
For me Magisk v15.1 doesn't boot anymore, it just fails and goes back to recovery.
v14.6 works fine.
Omni 8.1 on Oneplus 5T
Same problem here. Any solution?
Look into this issue, doesn't boot, solutions?
Where are the logs?
How do you expect someone to help you without that?
For all the praise Magisk seems to get, it sure does have some issues. Lately, it's been kind of a lottery figuring out which version will work with which ROM... These things never happend to me on SuperSu
Jazavchar said:
For all the praise Magisk seems to get, it sure does have some issues. Lately, it's been kind of a lottery figuring out which version will work with which ROM... These things never happend to me on SuperSu
Click to expand...
Click to collapse
I'd say it has to do with the incredible speed that the Magisk development has been going at. Looking back over the past year, a lot has happened. This kind of speed can cause instabilities...
Now, it's most likely at a point where the focus will be on stability and compatibility development.
Having said that, though, all users experiencing issues can help with that by providing as much details as possible and relevant logs.
I can confirm this. It seems Magisk has a problem opening the sqlite3 database, on OmniROM 8.1 at least.
The Superuser request can be granted, and it goes through (as in the app gets its root access), however nothing is permitted "forever".
Superuser log in Magisk Manager is empty, so is the list of apps granted Superuser access.
From my log:
Code:
sqlite3 open failure: unable to open database file
Either the sqlite3 database is located somewhere else, or Magisk didn't get the correct writing rights during the install. Did something change regarding this in 8.1?
There is also a somewhat unrelated issue with Magisk Hide, where the hidelist-file doesn't exist/wasn't initially created upon installation:
Code:
fopen: /sbin/.core/img/.core/hidelist failed with 2: No such file or directory
Full log attached.
debichu said:
I can confirm this. It seems Magisk has a problem opening the sqlite3 database, on OmniROM 8.1 at least.
The Superuser request can be granted, and it goes through (as in the app gets its root access), however nothing is permitted "forever".
Superuser log in Magisk Manager is empty, so is the list of apps granted Superuser access.
From my log:
Code:
sqlite3 open failure: unable to open database file
Either the sqlite3 database is located somewhere else, or Magisk didn't get the correct writing rights during the install. Did something change regarding this in 8.1?
There is also a somewhat unrelated issue with Magisk Hide, where the hidelist-file doesn't exist/wasn't initially created upon installation:
Code:
fopen: /sbin/.core/img/.core/hidelist failed with 2: No such file or directory
Full log attached.
Click to expand...
Click to collapse
Two things I'm curious about (at the moment):
What are the permissions for /data/adb/magisk.db?
Do you now have a hidelist file in /sbin/.core/img/.core?
Didgeridoohan said:
Two things I'm curious about (at the moment):
What are the permissions for /data/adb/magisk.db?
Do you now have a hidelist file in /sbin/.core/img/.core?
Click to expand...
Click to collapse
There is no such file in that location. There is a magisk.img in that folder with -rw-r--r--, and a magisk/ folder but not containing any magisk.db file either.
Yes, there is now a hidelist file in /sbin/.core/img/.core with -rw-rw-rw-
Bonus info:
I did a complete wipe (I initially did that but I wanted to be certain), and I got this error while installing Magisk right after OmniROM (also see attached):
Code:
! System installed root detected, mount rw :(
Now, OmniROM doesn't ship with root built in - at least not to my knowledge. So I don't know what this "system installed root" Magisk is detecting.
debichu said:
There is no such file in that location. There is a magisk.img in that folder with -rw-r--r--, and a magisk/ folder but not containing any magisk.db file either.
Yes, there is now a hidelist file in /sbin/.core/img/.core with -rw-rw-rw-
Bonus info:
I did a complete wipe (I initially did that but I wanted to be certain), and I got this error while installing Magisk right after OmniROM (also see attached):
Code:
! System installed root detected, mount rw :(
Now, OmniROM doesn't ship with root built in - at least not to my knowledge. So I don't know what this "system installed root" Magisk is detecting.
Click to expand...
Click to collapse
Number 1 is an issue, because that's the su database... If there is none, it's no wonder why granted superuser requests aren't saved.
Hi, do you have a solution?
@Didgeridoohan i am facing same issue like this . it keeps asking for superuser req .
cpt.macp said:
@Didgeridoohan i am facing same issue like this . it keeps asking for superuser req .
Click to expand...
Click to collapse
As far as I know, so far the only known working solution is to reformat /data as ext4. Or stay on an old version of Magisk.
Didgeridoohan said:
As far as I know, so far the only known working solution is to reformat /data as ext4. Or stay on an old version of Magisk.
Click to expand...
Click to collapse
which version you suggest also my /data is ext4 only .
also i would like to tell you one more thing after tinkering little bit and observed following things
as soon as i dont open the magsik app and using root by simple toast and granting the permission it works but as soon as i open the app , it starts misbehaving . i wonder why .
cpt.macp said:
which version you suggest also my /data is ext4 only .
also i would like to tell you one more thing after tinkering little bit and observed following things
as soon as i dont open the magsik app and using root by simple toast and granting the permission it works but as soon as i open the app , it starts misbehaving . i wonder why .
Click to expand...
Click to collapse
Let me guess: you're not using OmniROM...
Since you're posting in this thread, I kind of assumed you did, so my answer was given accordingly.
If you need help, post all possible details and lots of relevant logs.
I've had the same error. Magisk seems unstable on OmniROM 8.1 on OnePlus 5. Probably an issue with the ROM, but the developer seems like the kind of guy who will tell you to go f*ck yourself if you have a problem like this.
Sometimes it works sometimes it doesn't.
A temporary workaround with the permission issue on /data/adb/magisk.db, even after not working trying 0666 permissions, was to change ownership. None of many other solutions worked for me until I found the user for Magisk. You can use a shell as root or with apps like FX File Explorer with root capability to see which user owns files in "/data/adb/magisk/" . Then I applied that user as the owner of magisk.db. Verified that apps which ask for root permission get saved now. The user of Magisk will be different for you since it is marked as "app_##' which I suppose is up to the amount of apps you have installed.
I have a problem and think it caused by the same reason other users here.. My issue is after installing omni rom and gapps ONLY i can't use my banking apps because ( i guess) it thinks my device is rooted.
Device : oneplus 5
I wasn't planning to root my device to keep those kind of issues away
saidmsb said:
I have a problem and think it caused by the same reason other users here.. My issue is after installing omni rom and gapps ONLY i can't use my banking apps because ( i guess) it thinks my device is rooted.
Device : oneplus 5
I wasn't planning to root my device to keep those kind of issues away
Click to expand...
Click to collapse
No... I don't think so. This thread is about an issue with Magisk and f2fs on Android 8.1 ROMs. Your issue could be that OmniROM sets some sensitive props to triggering values.
That can be taken care of by using Magisk and MagiskHide. Take a look here for more info:
https://www.didgeridoohan.com/magisk/MagiskHide#hn_Sensitive_props
If you decide to install Magisk, this part of the guide might also be useful (all of it is useful, really):
https://www.didgeridoohan.com/magisk/MagiskHide#hn_Hiding_root_from_apps
UPDATE!NO MORE COMPLICATED SCRIPTS, JUST USE MAGISK 24.1 WITH DENY LIST!
1. Enable Zygisk, add the apps to the deny list
2. Hide Magisk App
3. Install SafetyNet Fix by kdrag0n (Might still need Magisk Hide Props if your device is a little older)
Working on: Poco X3 Pro + Lineage 18.1 (Android 11)
Aurora Store | F-Droid - Free and Open Source Android App Repository
A Google Playstore Client
f-droid.org
^Use aurora store to get the older version of Singapass that's likely to work, I'm using build 100.
V-Key Pte Ltd is basically a IT security technology based in Singapore I suppose.
Some softwares in Singapore, i.e. OCBC Banking, SingPass and maybe some other SEA banking softwares have v-key components which detects magisk.
This is a guide on how to use such softwares with Magisk, because I firmly believe that I get to choose what features I wish to have for my phone, and it is not fair for these banking companies to deny their services just because my device is rooted, I mean, if my banking stuff gets compromised because my phone is rooted and exploited, I'm willing to take the risk.
This guide aims to help mostly Singaporean users or anyone using such softwares with v-key components.
To make things work, the following things must be done:
1. Make sure Magisk manager is hidden
2. Make sure device fingerprint is certified by google (Check out the MagiskHide Props Config module) Please contribute fingerprints to this module for the benefit of everyone, checkout the GitHub page for more details.
3. Add the apps to Magisk Hide list.
4. Use package manager (pm) to disable the following v-key components in terminal (Using POSB Banking App as an example:
pm disable com.dbs.sg.posbmbanking/vkey.android.vos.MgService
pm disable com.dbs.sg.posbmbanking/com.vkey.android.support.permission.VGuardPermissionActivity
pm disable com.dbs.sg.posbmbanking/com.vkey.android.vguard.VGDialogActivity
pm disable com.dbs.sg.posbmbanking/com.vkey.android.internal.vguard.cache.ProcessHttpRequestIntentService
*Some apps may not have one or two v-key components listed above (i.e. SingPass), so getting an error on one or two components being not found should not be a big issue. If things works out you should see out puts on new states being disabled
*Attached a script that deals with OCBC, POSB and SingPass, if you have some weird errors make sure the encoding or format (Not sure of the jargon for it) is Unix or sth and not Windows
Credits:
Reddit User u/Inscythe for giving me a vague idea on the existence of v-key components
Muntashir Akon for his App Manager, allowed me to search for v-key components of apps(tried the disabling features of this app but didn't work, hence the script with pm command)
@Didgeridoohan for MagiskHide Props Config
@vurtomatic for giving me the idea of creating a guide on this.
Hi @Xanth0k1d , thanks for the guide.
I have a rooted LOS 18.1 (OnePlus 3), with magisk 22.1, magisk hide on and magisk manager hidden. All my bank apps work correctly excepts K-PLUS app, the retail bank app from Kasikorn Bank in Thailand.
I can see in the logs of magisk that some vkey components are linked to the app. I followed you guide and was able to disable 2/4 components you listed (2 didn't exist).
Unfortunately this didn't fix the issue.
Do you know how I can search in my phone if other vkey components exist that I might need to disable?
Thanks
Hey @Xanth0k1d, does this still work for you? I noticed that VGuard services are visible with App Manager for DBS but not Government apps. I could disable those services via ADB Root without the use of Magisk just fine.
Seems like GovTech has caught up to this trick :/
erOzeOz said:
Hi @Xanth0k1d , thanks for the guide.
I have a rooted LOS 18.1 (OnePlus 3), with magisk 22.1, magisk hide on and magisk manager hidden. All my bank apps work correctly excepts K-PLUS app, the retail bank app from Kasikorn Bank in Thailand.
I can see in the logs of magisk that some vkey components are linked to the app. I followed you guide and was able to disable 2/4 components you listed (2 didn't exist).
Unfortunately this didn't fix the issue.
Do you know how I can search in my phone if other vkey components exist that I might need to disable?
Thanks
Click to expand...
Click to collapse
Disabling the existing vkey components should be enough.
Did you spoof the device signature with the magisk hideprops module?
KrishvY said:
Hey @Xanth0k1d, does this still work for you? I noticed that VGuard services are visible with App Manager for DBS but not Government apps. I could disable those services via ADB Root without the use of Magisk just fine.
Seems like GovTech has caught up to this trick :/
Click to expand...
Click to collapse
All my apps are working fine, could you please be clear of your problem? i.e. what's working, what's not etc
Xanth0k1d said:
All my apps are working fine, could you please be clear of your problem? i.e. what's working, what's not etc
Click to expand...
Click to collapse
I'm using a OP6, LineageOS 17.1, latest nightly build. I can't use SingPass and Standard Chartered but I can use DBS just fine. I did not root my phone and I don't have Magisk installed either.
I just can't find V-key components in SingPass with App Manager.
KrishvY said:
I'm using a OP6, LineageOS 17.1, latest nightly build. I can't use SingPass and Standard Chartered but I can use DBS just fine. I did not root my phone and I don't have Magisk installed either.
I just can't find V-key components in SingPass with App Manager.
Click to expand...
Click to collapse
The App Mananger by Muntashir Akon?
I think I need to explain this properly, SIngapass and some apps may not work in the following situations:
You installed a custom rom without a Google approved device ID
You rooted your phone
You have Magisk
etc
For your case, Singpass does not work because you installed Lineage - a custom rom, which should not have a Google approved device prop by default. It doesn't matter if you are rooted or you have install Magisk at this point.
My suggestion to you is to install Magisk and follow my guide-hide magisk and spoof you device fingerprint so it looks like you are running a stock rom.
hi @Xanth0k1d. Have been using your method to hide singpass in the past. But the app just recently was able to detect root. As someone mentioned above, the updated app has no v-key components listed in the service. Any idea how to circumvent the situation and what services to disable?
Holy ****, I just saw the update.
Probably some dude saw this post...
I have yet updated so I can't test, if anyone's finding any solutions to this pls update as well.
Xanth0k1d said:
V-Key Pte Ltd is basically a IT security technology based in Singapore I suppose.
Some softwares in Singapore, i.e. OCBC Banking, SingPass and maybe some other SEA banking softwares have v-key components which detects magisk.
This is a guide on how to use such softwares with Magisk, because I firmly believe that I get to choose what features I wish to have for my phone, and it is not fair for these banking companies to deny their services just because my device is rooted, I mean, if my banking stuff gets compromised because my phone is rooted and exploited, I'm willing to take the risk.
This guide aims to help mostly Singaporean users or anyone using such softwares with v-key components.
To make things work, the following things must be done:
1. Make sure Magisk manager is hidden
2. Make sure device fingerprint is certified by google (Check out the MagiskHide Props Config module) Please contribute fingerprints to this module for the benefit of everyone, checkout the GitHub page for more details.
3. Add the apps to Magisk Hide list.
4. Use package manager (pm) to disable the following v-key components in terminal (Using POSB Banking App as an example:
pm disable com.dbs.sg.posbmbanking/vkey.android.vos.MgService
pm disable com.dbs.sg.posbmbanking/com.vkey.android.support.permission.VGuardPermissionActivity
pm disable com.dbs.sg.posbmbanking/com.vkey.android.vguard.VGDialogActivity
pm disable com.dbs.sg.posbmbanking/com.vkey.android.internal.vguard.cache.ProcessHttpRequestIntentService
*Some apps may not have one or two v-key components listed above (i.e. SingPass), so getting an error on one or two components being not found should not be a big issue. If things works out you should see out puts on new states being disabled
*Attached a script that deals with OCBC, POSB and SingPass, if you have some weird errors make sure the encoding or format (Not sure of the jargon for it) is Unix or sth and not Windows
Credits:
Reddit User u/Inscythe for giving me a vague idea on the existence of v-key components
Muntashir Akon for his App Manager, allowed me to search for v-key components of apps(tried the disabling features of this app but didn't work, hence the script with pm command)
@Didgeridoohan for MagiskHide Props Config
@vurtomatic for giving me the idea of creating a guide on this.
Click to expand...
Click to collapse
heya, I'm the reddit user... I had updated the app, but so far has no luck finding where the detection is hiding now... I might just try turning off services one-by-one with servicely, but I'll keep you all updated if I get any success.
@Xanth0k1d since you haven't updated your singpass, can you check what are the available services and listeners currently your version is using? I want to compare the difference with the latest version.
I managed to get Singapore's GPay app to work by blocking this `com.google.android.gms.gmscompliance.ui.UncertifiedDeviceActivity`. Do your devices pass SafetyNet?
The recent Singpass update requires disabling o.InvalidRegistrarException for root detection to be circumvented.
stevenkyk said:
The recent Singpass update requires disabling o.InvalidRegistrarException for root detection to be circumvented.
Click to expand...
Click to collapse
Thanks! Can confirm that this works!
Singpass is a really weird app.
Recently google nuke the api so magisk stopped working, can't pass the safetynet. Magisk released a canary release that fix that.
Yet, singpass continue to stop working so I thought maybe I need do more? Then I coincidently force stop the app to run it again, it magically working again! That is after I reboot twice before that. So now I learn the rebooting and force stop do different things.
I didn't apply anything from this thread, it is really a weird app.
Lu5ck said:
Singpass is a really weird app.
Recently google nuke the api so magisk stopped working, can't pass the safetynet. Magisk released a canary release that fix that.
Yet, singpass continue to stop working so I thought maybe I need do more? Then I coincidently force stop the app to run it again, it magically working again! That is after I reboot twice before that. So now I learn the rebooting and force stop do different things.
I didn't apply anything from this thread, it is really a weird app.
Click to expand...
Click to collapse
The safetynet api did not get nuked, the api changed so code that use the old api won't work, even on the latest stable build safetynet will still pass when using another checker app. While I won't go into the technical details, singpass spawns a new isolated process to check for root, exploiting the fact that isolated processes are treated differently and is difficult for magisk to hide itself. So the solution is to disable the offending process and not let it spawn. There are several other requirements necessary for singpass to run, which are largely beyond the scope of discussion in this thread.
Any idea how to bypass Citibank sg root detection? I am able to use vkey method for posb and ocbc but Citibank doesn't have a vkey service
auggie246 said:
Any idea how to bypass Citibank sg root detection? I am able to use vkey method for posb and ocbc but Citibank doesn't have a vkey service
Click to expand...
Click to collapse
The trick here is to decompile the APK using apktool and inspect the Androidmanifest.xml manually. Search for "ISOLATED" and in the same line you should be able to find the name of the service to be disabled. Of course this assumes that citibank's app used a similar tactic as the other apps.
Edit: I tried the citibank sg app, magisk hide + rename package is sufficient for me to launch the app, don't have an account so I can't test any further.
stevenkyk said:
The recent Singpass update requires disabling o.InvalidRegistrarException for root detection to be circumvented.
Click to expand...
Click to collapse
I guess there's another update to Singpass that circumvent this circumvention as well lol
Apparently it's now using a service called o.ImmutableSetMultimap for checking root (confirmed by magiskhide entry) and it works for a few seconds after loading Singpass before failing again with different error message. I think it checks for both whether the service is active and found a root (gives error T0), or whether the service is running at all (gives error T-1). I think we need something else to block this.
I rooted my pixel 7 the other day, but I was surprised to discover I couldn't sync some folders in my root directory using Syncthing.
Every other device I have rooted as well as an unrootable A70 running Android 11 permits this.
Is this normal behaviour for a rooted device running Android 13 or Android 12?
Do I just need to elevate permissions for an app to access these directories, in my case "Syncthing"?
Quoddity said:
Do I just need to elevate permissions for an app to access these directories, in my case "Syncthing"?
Click to expand...
Click to collapse
yes
did it here to sync my OSMap files because permission to read/write was disabled after update to Android 11 (I think)
DHGE said:
yes
did it here to sync my OSMap files because permission to read/write was disabled after update to Android 11 (I think)
Click to expand...
Click to collapse
Sorry for the noob question, haha, but how do I elevate permissions in this context?
I haven't used UNIX or Linux in years, so I'm very rusty with bash and phones are probably a little different from regular Linux anyway.
Do I use a Magisk module?
Or is it simply something like the following in the adb shell:. pm grant <app> android.permission.INTERACT_ACROSS_USERS_FULL ?
Run syncthing as root.
settings/verhalten(behaviour?;3rd from top)