Help Needed For Moving From Magisk/EdXposed to Magisk/Zygisk/whatever... - Magisk

I have an LG V40 that had been rooted for a long time with an early Magisk - cannot quite recall the version right now. But yesterday I managed to update both Magisk and Manager to v 25.2 as I was looking for a way to hide root from the Play Store app as the damn thing seems to block even visibility (no less install) of some apps on this phone - I am sure because it is rooted as I can see/install the same apps on non-rooted devices.
The V40 has also had EdXposed and a number of its modules installed for a long time. It is on v 0.4.6.1 with Manager app v 4.5.7 and has all been working well enough.
After making it to Magisk 25.2, I enabled Zygisk because that was needed to set up a deny list onto which I hoped to put Play Store app and, maybe, Play Services in my effort to hide root. It seems that in doing this EdXposed got disabled and things got strange on the device until I was somehow able to get things back to before I enabled Zygisk. So now I have Magisk 25.2 - no Zygisk - with EdXposed 0.4.6.1 and all seems stable again.
But in my reading I get the distinct impression that I should be moving to Zygisk and that in doing so I will be breaking EdXposed so will need to transition to Lsposed. And this is where I have no real idea how to proceed. First off, I have no idea if the Xposed modules I am using ( Gravity Box [P] v 9.1.3, Untoaster Xposed v 1.2.8, XDowngrader v 1.1, Xposed Edge v 5.5.6, and Secure Settings v 1.3.6u2) will even work with Lsposed. Also, I have no idea of the steps I need to take - and the order in which to take them - to make the transition.
After yesterday's roller-coaster, I thought it best to ask for pointers before I try to move on - and quite possibly shoot myself in the foot again.
So your suggestions/tips/pointers are appreciated. I need some detail as this is clearly an area in which I am far from expert. Thanks!

Flash safety net fix latest zygisk version. Uninstall ed Xposed use lsposed zygisk magisk module. Set you deny list then turn force deny list toggle off and flash shamiko module. If you need more hiding for certain games use dev opts hide Xposed module and hide my applist xposed module
GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
Google SafetyNet attestation workarounds for Magisk - GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
github.com
GitHub - LSPosed/LSPosed.github.io
Contribute to LSPosed/LSPosed.github.io development by creating an account on GitHub.
github.com
[XPosed]DevOptsHide (Hide deve - Apps on Google Play
Bypasses check of the apps which requires developer options disabled
play.google.com

Thanks. Before uninstalling EdXposed, must I disable or otherwise do anything with the Xposed modules I have installed? If just left there, will Lsposed "see" those modules? Or will I have to get them downloaded and installed again? It appears that the Xposed repo I have always used up until now is gone. And I am not clear yet if modules that worked well in EdXposed will do so in Lsposed.
Also, at what point should I engage Zygisk? Right now it is NOT enabled?
Thanks alot for all the help.

Well, I believe I managed to get through all of the changes, replaced Riru/EdXposed with Zygisk/Lsposed. I had to reconfigure Xposed modules but it seemed like my Xposed modules were pretty much working as expected under Lsposed as they did under Xposed. One exception was the Quick Tiles in Xposed Edge. The tiles are there, they work in that they toggle the states of things (BT, Mobile Data, etc) and show a toast message indicating the state change. But the tiles simply would not change their UI state as they did under EdXposed. Hmmmm.
Despite all of this and more - following directions found in several places - I still cannot seem to hide that the phone is rooted from Play Store. It simply will not show some apps as the result of my searches. Grrr!
So having taken a TWRP backup of the new situation for future consideration, I have gone back to a TWRP backup taken just before starting this entire trip. I am now back to Riru/EdXposed and all that was working before is working once again.
Cheers

Related

edxposed v0.4.6.1 + EdXposed Manager = Safetynet Fail

Saw an update, thought cool finally out of beta, but upon upgrading, safetynet fails.
I didn't take a look too much into it, I did see on github that at least some users also had failing safetynet, but this was right at the same time as the google update to safetynet for magisk, so I couldn't rule that out for other users.
I've reverted back to v0.4.5.1 and edxposed installer and safetynet passes. I *think* it might be because edxposed installer has blacklist functionality. I couldn't find the equivalent setting on edxposed manager.
anonxlg said:
Saw an update, thought cool finally out of beta, but upon upgrading, safetynet fails.
I didn't take a look too much into it, I did see on github that at least some users also had failing safetynet, but this was right at the same time as the google update to safetynet for magisk, so I couldn't rule that out for other users.
I've reverted back to v0.4.5.1 and edxposed installer and safetynet passes. I *think* it might be because edxposed installer has blacklist functionality. I couldn't find the equivalent setting on edxposed manager.
Click to expand...
Click to collapse
Latest Xposed Manager try in settings menu scroll down to framework options enable:
App List mode
Pass Safetynet
To enable blacklist function - App List mode has to be enable. Then from main menu select Applications.
thanks, after some testing and restarting that did the trick.
I didn't see that the 'app list mode' is the blacklist and only turned on 'pass safetynet' thinking that was the only think I needed to do
I updated lineage and I can't get safetynet to pass again.
I verified that with edxposed disabled, it passes safetynet. I tried uninstalling/reinstalling edxposed and tried both sandhook and yahfa versions and it doesn't pass.
Scratching my head on how it doesn't working work anymore because from lineage update (my only guess).
anonxlg said:
I updated lineage and I can't get safetynet to pass again.
I verified that with edxposed disabled, it passes safetynet. I tried uninstalling/reinstalling edxposed and tried both sandhook and yahfa versions and it doesn't pass.
Scratching my head on how it doesn't working work anymore because from lineage update (my only guess).
Click to expand...
Click to collapse
In Edxposed Manager try downloading the canary release and flash through Magisk.
Also note that Google is starting to tighten it's grip in regards to Safety Net. Very basically it will fail with an unlocked bootloader.
https://mobile.twitter.com/topjohnwu/status/1237830555523149824
spawnlives said:
In Edxposed Manager try downloading the canary release and flash through Magisk.
Also note that Google is starting to tighten it's grip in regards to Safety Net. Very basically it will fail with an unlocked bootloader.
https://mobile.twitter.com/topjohnwu/status/1237830555523149824
Click to expand...
Click to collapse
I'm aware of that, but in my case, phone passed safetynet (with magisk, edxposed, and all modules the same) before updating lineage.
I should note that this is lineage 15.1 (A8.1) if it matters.
And that phones pre-pie are currently immune to that safetynet check because of old security hardware.
this work: https://repo.xposed.info/module/com.cofface.ivader
anonxlg said:
I'm aware of that, but in my case, phone passed safetynet (with magisk, edxposed, and all modules the same) before updating lineage.
I should note that this is lineage 15.1 (A8.1) if it matters.
And that phones pre-pie are currently immune to that safetynet check because of old security hardware.
Click to expand...
Click to collapse
On my spare S8 I've reinstall unofficial lineage 17.1 ( Android 10 ).
Using latest:
Stable version of magisk / manager
Edxposed manager - 4.5.7
Edxposed canary - 0.4.6.3 ( 4545 ) - Yahfa
Riru core - 19.8
This combination at the moment is passing safety net. Checked using magisk manager + two other apps from playstore. Also have Device is certified through play store. The latest play store version is 19.5.13 for my region.
Edxposed modules installed at moment
Xprivacylua
Minminguard
Resolver Activity Tweaks
installing HiddenCore Module did the trick, but i'm still curious why updating lineage broke safetynet or that using the older rirucore + edxposed passes safety net
I might have figured this problem, let me know if it helps you pass safetynet too as it did work on my device ( OP6T ):
Install everything just as the above steps,
-config magiskhide, install the fingerprints
-Install riru etc, install the canary version of sandhook
-put in airplane mode as soon as you reboot
-enable applist and blacklist google framework and services and playstore (also assuming you have done hidden these in magisk too)
-clear data from services, framework, playstore
- open playstore and check if youre logged in and its working
- Go check safetynet
Gpay is working for me flawlessly
As of april 25 this solution seems to work for me.
nousernamesorry said:
I might have figured this problem, let me know if it helps you pass safetynet too as it did work on my device ( OP6T ):
Install everything just as the above steps,
-config magiskhide, install the fingerprints
-Install riru etc, install the canary version of sandhook
-put in airplane mode as soon as you reboot
-enable applist and blacklist google framework and services and playstore (also assuming you have done hidden these in magisk too)
-clear data from services, framework, playstore
- open playstore and check if youre logged in and its working
- Go check safetynet
Gpay is working for me flawlessly
As of april 25 this solution seems to work for me.
Click to expand...
Click to collapse
I followed your order, but in magisk I have passed safetynet, but CTS and basicIntegrity is false
This the screenshot... S9 rooted + custom rom android 10 + kernel custom
Without xposed I had both positives
bmw320cd said:
I followed your order, but in magisk I have passed safetynet, but CTS and basicIntegrity is false
This the screenshot... S9 rooted + custom rom android 10 + kernel custom
Without xposed I had both positives
Click to expand...
Click to collapse
Sorry man, this solution no more works. It broke after April 27th.
So is there no current method to have edxposed/ru working while passing safetynet? Thanks
djjohnnyblaze said:
So is there no current method to have edxposed/ru working while passing safetynet? Thanks
Click to expand...
Click to collapse
At the moment still passing safety net using latest Riru core module + latest canary release of Edxposed.
System Crashes
nousernamesorry said:
I might have figured this problem, let me know if it helps you pass safetynet too as it did work on my device ( OP6T ):
Install everything just as the above steps,
-config magiskhide, install the fingerprints
-Install riru etc, install the canary version of sandhook
-put in airplane mode as soon as you reboot
-enable applist and blacklist google framework and services and playstore (also assuming you have done hidden these in magisk too)
-clear data from services, framework, playstore
- open playstore and check if youre logged in and its working
- Go check safetynet
Gpay is working for me flawlessly
As of april 25 this solution seems to work for me.
Click to expand...
Click to collapse
My system UI is crashing sometimes. Is it because of edxposed? I followed these steps and successfully passed the SafetyNet check. But my system is crashing sometimes!
I'm using sudohide module only!
romee_ahuja said:
My system UI is crashing sometimes. Is it because of edxposed? I followed these steps and successfully passed the SafetyNet check. But my system is crashing sometimes!
I'm using sudohide module only!
Click to expand...
Click to collapse
Hey, it could be that, maybe you have a module like gravitybox installed which is conflicting with your system configurations.
If not that, try disabling edxposed modules from magisk itself. If that fixes the solution, then it might be edxposed
One solution is disable module like gravitybox or update gravitybox

Cannot pass safetynet after uninstalling edxposed

This is a weird one.
To start, my phone has latest magisk, and passed safety net.
I once again am trying out edxposed (seeing if the game I'm playing still detects, and yes it does).
So, I managed to install edxposed (with hiddencore), magisk working and passing safetynet (check screenshot), however, as mentioned, game still detects something and refuses to start (another note is that the game starts without issues with just magisk and safetynet passed).
Because game doesn't work, I uninstalled hiddencore, edxposed, and riru core (in that order) and somehow magisk cannot pass safetynet anymore.
I've tried everything over again plus countless restarts to get a screenshot of my phone with edxposed and safetynet passed.
-edit-
clearing playstore data did the trick
Hi,
Did u fix your problem ?
Thanks!
Just to be clear, you have only Magisk and Edxposed WITHOUT HiddenCore module installed, and you're passing SN and your game runs fine without detecting root?
I'm a little confused about the order of events and the steps you took, because it reads like you installed edxposed and HiddenCore at the same time (HiddenCore will merely mask SN success test in magisk, it doesn't actually fix the issue as other tester apps more accurately fail to pass SN with edxposed installed. Then you describe you uninstalled all of riru/edxposed framework and hiddencore and then a screen shot of edxposed with Magisk SN test passing??? Okay so, did you reinstall hiddencore? Did you run the test after several reboots to confirm reliability? The game you mentioned, did that quit detecting edxposed? What did you do here exactly?
1. don't consider Magisk's SafetyNet as trustable. Test with other apps like org.freeandroidtools.safetynettest (SafetyNet Test 1.2.1). Or open google play and search for Netflix, and see in Setting at the bottom should say Device is/not certified. Before that clear the Google Play Store Cache и Data Storage because it will remember the previous state and will show an old state.
2. Dont need to uninstall the whole EdXposed and frameworks. Just go in Magisk and turn off the Riru Core framework. Restart. And the SafetyNet should work again. But then GravityBox (and other apps using edXposed) will stop working
3. Yes, recently it stop working for me too, coz Google did next dirty thing. Before I was passing SafetyNet. I had Riru Core 21.3 + EdXposed YAHFA v0.5.0.6 Canary + EdXposedManager v4.5.7 + GravityBox
4. I solve the problem, now I pass SafetyNet again, my GravityBox is working, Google Play show device is certified, all good, so I am happy again. What I did is:
5. Restored my old backup. If I have installed EdXposed-SandHook-v0.5.0.6 Canary I am not able to uninstall it preperly and restore the phone, so whatever I do after it always break SafetyNet. Somehow SandHook mess the phone in irreversible way so the only way out is to flash old backup. That's why I was using EdXposed YAHFA v0.5.0.6 Canary which dont mess the phone and after uninstall phone can pass SafetyNet. So maybe is was not necessary to restore the old backup...
I use LG V20 with LineageOS 17.1 Android 10
6. installed the taichi-v6.2.2.zip framework in Magisk.
https://magiskroot.net/download-xposed-for-android-10/
https://magiskroot.net/taichi-magisk-module/
https://github.com/taichi-framework/TaiChi/releases
https://virtualxposed.com/tai-chi/
https://taichi.cool/download.html
https://github.com/taichi-framework/TaiChi/issues/1153
installed TaiChi 6.4.0.apk
in Modules I enable GravityBox only. Do NOT enable HiddenCore Module because it is detected and if I enable it fail the SafetyNet
in /system/etc/hosts I put this to block connections:
127.0.0.1 techavenue.net
127.0.0.1 www.techavenue.net
127.0.0.1 chinatelecom.com.cn
127.0.0.1 www.chinatelecom.com.cn
127.0.0.1 alibaba.com
127.0.0.1 www.alibaba.com
Click to expand...
Click to collapse
I dont advice you using TaiChi blindly. I just share what I did to have GravityBox with SafetyNet working. You can Thanks me if you find my tips helpful.... But choosing TaiChi is your decision, you can take a look some controversial topic about TaiChi here https://forum.xda-developers.com/xposed/warning-taichi-t4012681

LSPosed Xposed Framework [8.1-13.0]. Simple Magisk Module

Developers: LSPosed Developers
Homepage: GitHub
✱ Requirements:
• Magisk 21+
• Android 8.1-13
• Riru(NOT NEEDED) USE ZYGISK
Description: Riru module providing ART interception framework (natively for Android Pie) that provides consistent API -interfaces with OG Xposed, using YAHFA (or SandHook) interception environment, supports Android 8.1 ~ 11.
& Installation:
• Install Riru 23+
• Install Riru - LSPosed via Magisk Manager
• Install LSPosed Manager app (Note: No Saparate App and Zip, App Will be Installed Automatically)
• Reboot your device.
Download:
For stable release, please go to Github Release page For canary build use telegram.
Go to second post for latest version Download
Notes:I'm just sharing this from github, I'm not responsible if you bricked your device.
GPay and other banking apps working fine without any issue so this xposed alternative is worth trying and safer.
Note: If anyone facing bootloop issue, don't panic, hard reboot again and it will work.
Screenshot:
Download:
Flash zip file through magisk and then install LSPosed Manager app
Update 1 March 2021
V1.2.0
V1.3.7 Updated 15.May.2021
(Note: No Saparate App and Zip, App Will be Installed Automatically)
For Newer Version Changelogs and Downloads:
LsPosed Github
Changelog
Spoiler: See
Fix manager white screen
[*]Support split-apk modules (LSPosed will choose only one apk with xposed_init to load)
[*]Fix manager crash when launching an uninstalled module from notification
[*]Load modules with SharedMemory (it can speedup app cold launch) 2
[*]New manager icon
[*]Fix incorrect update notification in the first installation
[*]Fix some apps not showing in the scope list in some rare cases
[*]Show notification of module uninstallation
[*]Prevent modules from hooking inner methods (methods from XposedBridge's classloader)
Note:
Previously LSPosed only recognize modules from the primary user. However, this strategy is not good and leads to some problems: some modules require getting installed app lists for configuration but they cannot do so across users; some require reading themselves from the hooked apps but they cannot do so from non-primary users; some users want to configure modules differently on different users which is not feasible previously. Thus LSPosed now requires every module to be installed to the user on which the apps they want to hook are installed. Some devices restrict modules from installing onto some users. In such a case, you can install them from the manager (but it's recommended).
1: For some weird devices that prevent installing apps from the root user, please install the manager from /data/adb/lspd/manager.apk or manager.apk from the zip file manually.
2: Some modules get modules' apk path using reflection of its classloader, it's not recommended and unstable since the apk path from classloader no longer exists when using SharedMemory to load modules. Please use the documented way (from IXposedHookZygoteInit.StartupParam.modulePath) instead.
Reserved 2
Why it's safer than EdXposed?
QkiZMR said:
Why it's safer than EdXposed?
Click to expand...
Click to collapse
I didn't say it's safer than edxposed. I meant xposed alternatives like taichi etc.
All banking apps works, no system slowdown, i got more free ram etc.
In edxposed the hooked apps take time to open, no such issue with LSPosed.
That's why i thought it's worth trying and safer.
And +1 is safetynet passes all the time with LSPosed but, with edxposed safetynet works for some time after every reboot even with blacklisting google framework and services.
This slowdown is caused by YAHFA hook in EdXposed. On Sandhook is much better. Which hook method you use in LSposed?
And +1 is safetynet passes all the time with LSPosed but, with edxposed safetynet works for some time after every reboot even with blacklisting google framework and services
Click to expand...
Click to collapse
SafetyNet works till google patched it no matter which xposed clone you use. Before last patch SN was working fine with EdXposed. I don't needed blacklisting framework and services because EdXposed manager is doing automatically, with special option enabled. So don't say lies about EdXposed but tell us about technical differences between LSposed and EdXposed. What you change after forking EdXposed repo?
looks working good u,till now, just its annoying sometimes to have to choos which app has the module applies. a "select all" option would be welcome in a next release
How do I pass safety net? I have universal safety fix module is installed too.
Antho02 said:
looks working good u,till now, just its annoying sometimes to have to choos which app has the module applies. a "select all" option would be welcome in a next release
Click to expand...
Click to collapse
This is what i was confused about? ive never chosen before. I dont know which ones i need things like HiddenCoreModule to apply to? Everything?
It looks like this xposed clone works only in whitelist mode...
I'm quite amazed that this edxposed alternative is running much better than edxposed itself on my android 11, aosp rom, redmi k30 pro zoom. Really glad that I came across this!
Thanks for the great and awesome work devs!
Preparedtobereckless said:
This is what i was confused about? ive never chosen before. I dont know which ones i need things like HiddenCoreModule to apply to? Everything?
Click to expand...
Click to collapse
Apply to System Framework.
Hidden core module do nothing, try no device check module. BTW safetynet passes for me by default.
darashikoh said:
How do I pass safety net? I have universal safety fix module is installed too.
Click to expand...
Click to collapse
What are LSposed module we can use in A11
Im trying to ask the scope list of my modules. Firefds minminguard hiddencore and hide mock location. Anybody can help for the whitelist ??
what does mean: "select other app for each module" ?
for example for "GravitiyBox" module, which app should be enable and why?!
mrhamed said:
what does mean: "select other app for each module" ?
for example for "GravitiyBox" module, which app should be enable and why?!
Click to expand...
Click to collapse
Android System - android
Call - com.samsung.android.incallui
Camera - com.sec.android.app.camera
Contacts - com.samsung.android.contacts
Email - com.samsung.android.email.provider
Firefds Kit - sb.firefds.r.firefdskit
Messaging - com.samsung.android.messaging
MTP Application - com.samsung.android.MtpApplication
NFC - com.android.nfc
One UI Home - com.sec.android.app.launcher
Settings - com.android.settings
Smart Capture - com.samsung.android.app.smartcapture
Software Update - com.wssyncmldm
System UI - com.android.systemui
It also depends on what firmware you are using amd what features you've enabled in gravity box. Enable these according.
What I've enabled in miui are shown in image below.
a module based selection, what to hook seems a good approach of doing what you want and at the same time saving resources. a more advanced selectiin UI would be good. filter based on words and then select in the filtered list, select deselect all. in addition I have no idea what some modules are hooking like gravity box...this is just an example...I know I can find out however maybe the manager app can support to find out or tick what is recommended
I am trying LSposed on my OnePlus 7 Pro (GM-1917), OOS 10.3.8, Magisk 21.4, xXx 12.4.
I followed these instructions from the OP ...
• Install Riru 23+
• Install Riru - LSPosed via Magisk Manager
• Install LSPosed Manager app
• Reboot your device.
Click to expand...
Click to collapse
I got into what seems to be an infinite boot loop. I waited 3-5 minutes, but the boot loop continued.
Has anyone seen this behavior? If so, is there a workaround?
Thank you in advance.
UPDATE: I must have messed up one or more of the installation steps the first time around. I retried installing, and now LSPosed works for me with no boot loop.
OnePlus 7 Pro (GM-1917)
OOS 10.3.8
Magisk 21.4
Magisk Manager 8.0.7
xXx 12.4
Riru 23.4
LSPosed-v0.5.4.0-5135-release.zip (YAHFA)
LSPosedManager-v0.5.4.0-5175-release-signed.apk
Good work!
Onward!
HippoMan said:
I am trying LSposed on my OnePlus 7 Pro (GM-1917), OOS 10.3.8, Magisk 21.4, xXx 12.4.
I followed these instructions from the OP ...
I got into what seems to be an infinite boot loop. I waited 3-5 minutes, but the boot loop continued.
Has anyone seen this behavior? If so, is there a workaround?
Thank you in advance.
Click to expand...
Click to collapse
Working fine with OnePlus 7t latest beta. There might be some other issue. LSPosed doesn't seem to cause bootloop. Share logcat.

[Discussion] Magisk - The Age of Zygisk.

This is a discussion and help thread for the newer versions of Magisk.​
The main goal of this thread is to help users migrate to Magisk v24+
SafetyNet
Basic integrity Pass
CTS profile match Pass​
Play Protect certification
Device is certified​
Feel free to discuss or give links to other Magisk related issues.
Fixes for gPay, banking apps and/or other apps and games that detect a 'compromised' Android system.
Please try to restrain from discussing alternative (unofficial) Magisk builds that include changes that were removed or can not be included in the official Magisk builds. ​
Please read John's State of Magisk (medium.com)
State of Magisk: 2021
State of Magisk: 2020
Starting with the Magisk 23 (23010) canary builds.
MagiskHide is removed.
MagiskHide masked the sensitive properties of the device to hide it from SafetyNet.
Renaming (repackaging) the Magisk app is/was not part of MagiskHide.
You still have the option to Hide the Magisk app under setting.​
Magisk Module online Repo is removed.
The Magisk Module online Repo is still available and can be accessed outside of the Magisk app.​
Everything SafetyNet is removed.
This includes the SafetyNet check that was incorporated into the Magisk app.​
Zygisk is introduced.
Zygote + Magisk = Zygisk​
The Deny list replaces the Hide list.
The Hide list (more or less) hid Magisk from the process on the list.
The Deny list is similar but instead of hiding Magisk from the process, Magisk is unloaded so there is nothing to hide.​
Starting with the Magisk 23 (23017) canary builds.
Magisk supports update channels per module.
Each module can include it's own update link.​
Hide Magisk offline.
You do not need internet connection to rename (repackage) the Magisk app.​
What does this mean?
Not much.
It is just the next step in Magisk's development.
Zygisk is a big step forward. ​
Even before these changes in Magisk, the xda family and the Android community have always been active and willing to share.
Jump to Post​Magisk - Modules - Apps - Force Basic Attestation - Basic Attestation - Adjust Prop values - Notes - Points of Interest​
This is post will be updated once Magisk v24 is released.​
Magisk​The Magic Mask for Android.​
Magisk Links:
GitHub
Installation Instruction
Frequently Asked Questions
Magisk Documentation
Magisk Troubleshoot Wiki (by Didgeridoohan)
Release Notes
Download Links:
Stable and Beta releases.
GitHub
Canary
GitHub
The notes.md file is the change log.
The app-debug.apk is Magisk canary.
Click on app-debug.apk and choose View Raw or click on the Download option.​
Credits:
topjohnwu
All who contribute and support this project.
Modules​
MagiskHide Props Config
This module allows you to add, change and adjust prop values systemlessly using Magisk.​
MagiskHide Props Config Links:
GitHub
xdaThread
Download Links:
GitHub
Credits:
Didgeridoohan
All who contribute and support this project.
Universal SafetyNet Fix
It has been a year now since kdrag0n figured out how to 'trick' SafetyNet.
This 'trick' has been implemented properly into quite a few custom roms.
For custom roms that do not include it and/or stock roms, he turned it into a module.​
Universal SafetyNet Fix Links:
GitHub
xdaThread
Download Links:
GitHub
Credits:
kdrag0n
All who contribute and support this project.
Apps​
Fox's Magisk Module Manager
This app allows you to manage and install Magisk modules.
Including from an online repo.​
Fox's Magisk Module Manager Links:
GitHub
Download Links:
GitHub
Credits:
Fox2Code
All who contribute and support this project.
Play Intergrity API Checker
This app shows info about your device integrity as reported by Google Play Services.
If any of this fails could mean your device is rooted or tampered in a way (for example you have an unlocked bootloader).​
Development:
GitHub
Download Links:
PlayStore
Credits:
1nikolas
All who contribute and support this project.
YASNAC - Yet Another SafetyNet Attestation Checker
YASNAC (short for Yet Another SafetyNet Attestation Checker) is an Android app that demonstrates SafetyNet Attestation API.​
YASNAC Links:
GitHub
PlayStore
Download Links:
GitHub
PlayStore
Credits:
RikkaW
All who contribute and support this project.
Force Basic Attestation​
Newer devices are designed to support hardware attestation.
Currently there is no way to hide the sensitive device properties when checked using hardware attestation.​
To get around this, kdrag0n figured out how trick SafetyNet that the device does not support hardware attestation.
SafetyNet will then fall back to check using basic attestation.
Note:
This method will work for devices that support hardware attestation and devices that do not.
Enable Zygisk.
Install the USNF module.
Reboot
To keep posts short, the instructions are hid by spoiler tags.
Spoiler: Instructions
If you have not installed Magisk.
Follow the installation link in the Magisk post.​
Download the Universal SafetyNet Fix module.
Download link is in the Modules post.​
Enable Zygisk
Open the Magisk app.
Go to Settings.
Scroll down to the Magisk section.
Toggle Zygisk on.
Go back to the Magisk Home screen.
Go to Modules.
Select Install from storage.
Navigate to the Universal SafetyNet Fix module zip file and select it.
Reboot.
The USNF module will adjust the sensitive props that are needed to pass SafetyNet.
Depending on the device and system (ROM) configuration, you might need to adjust a few more.
See the Adjust Prop values post.​
Basic Attestation​<Reserve>
Older devices that can not support hardware attestation there are other options.
Enable Zygisk.
Enable Denylist.
Add com.google.android.gms.unstable to the Denylist.
Add com.google.android.gms to the Denylist if needed.
Reset the sensitive prop values for the device.
Click to expand...
Click to collapse
Due to other modules and methods that require DenyList to be inactive, this method is more for reference.
For ease of use and compatibility, I would recommend using the USNF module instead.
See the Force Basic Attestation post.​
This post will be updated in a few days.​
Adjust Prop values​<Reserve>
Reset sensitive prop values.
Spoiler: Instructions
Download the MagiskHide Props Config module.
Open the Magisk app and select the Modules option.
Select Install from storage option.
Navigate to where you saved the MHPC module and select it.
When the install is done, reboot.
Open a terminal app (or adb shell) and type props in the command line.
Make sure to grant root access
Select the Edit MagiskHide props (active) option.
(Currently option number 4)
It will show you the sensitive props that need to be adjusted.
If they all show (active) no changes needed.
If there is a prop value that shows as (enabled, not active) then you need to activate it by selecting it or a for all.
You will be prompted to set MagiskHide sensitive props?
Enter y(es), n(o) or e(xit):
If you are using a custom rom, you might also have to adjust the build fingerprint and security date.
From the MHPC main menu select Edit device fingerprint option.
(Currently option number 1)
Select Pick a certified fingerprint option.
(Currently option f)
Select the latest certified print for your device.
If your device is not listed, choose a device that is close to yours.​
This post will be updated soon.​
Notes​and​Common Issues​<Reserve>
Spoiler: SafetyNet
<Reserve>
Spoiler: Play Protect certification
<Reserve>
Spoiler: PlayStore App Purchases and Updates
<Reserve>
Points of Interest.​
LSPosed
Zygisk releases are now included.
Download Links:
GitHub - Releases
Shamiko
Download Links:
GitHub - Releases
Denylist Unmount
Download Links:
GitHub - Releases
Yay! I get post no. 10!
Good to see this thread up Doc! ... How are you linking / promoting it?
Want mentions in Magisk General Discussion thread, or not for now?...
I note that this thread has the advantage of having an active OP...
So what? - Means I can post rubbish and it will be cleaned! ... Love a clean house... Hope you're a good housekeeper @ipdev! PW
zputnyq said:
Hi all,
I'm on TJW's canary 23019.
Does anyone know/could explain what is/are the difference(s) with enforce denylist activated and not activated ?
Click to expand...
Click to collapse
denylist (which preserves some of MagiskHide infrastructure) is active, or not active...
Nb. For Zy-Shamiko hiding module solution to work, this needs to be deactivated for Shamiko to do the hiding itself; Shamiko just uses the same list for convenience / simplicity... PW
Edit: Lets kickstart things here!
pndwal said:
denylist (which preserves some of MagiskHide infrastructure) is active, or not active...
Nb. For Zy-Shamiko hiding module solution to work, this needs to be deactivated for Shamiko to do the hiding itself; Shamiko just uses the same list for convenience / simplicity... PW
Edit: Lets kickstart things here!
Click to expand...
Click to collapse
Ok, I get it. Thank you.
I was confused since I use an old device which doesn't really need this part to do the hiding & on v23017 John made that part work along with the configure denylist, I mean configure denylist is greyed out when denylist part isn't active.
zputnyq said:
Ok, I get it. Thank you.
I was confused since I use an old device which doesn't really need this part to do the hiding & on v23017 John made that part work along with the configure denylist, I mean configure denylist is greyed out when denylist part isn't active.
Click to expand...
Click to collapse
You could do worse than read the first 5 posts here! PW
Thanks @ipdev
I tried to put a short help for probably the most frequent posts/questions soon to expect.
(Sorry for cross-posting, I first put to the old and cluttered General Magisk thread but this is now better place)
===
Please carefully read Magisk Changelog and OP posts in this thread
Study the Magisk documentation from the official Magisk Github page - particularly about installing Magisk (if not familiar with patching the image in Magisk app and flashing the patched img from Fastboot- different from the old school about flashing Magisk zip through TWRP)
a) No more MagiskHide. New technology instead (for more or less the same - to help hiding root): Zygisk+DenyList
b) No more built in SafetyNet checker. Install from PlayStore e g: YASNAC to check your SN
c) Modules window does no more connect to the old Modules repository.
You must download module zip files manually and "Install from local storage".
Or search for and install Fox Magisk Module Manager (Fox Mmm) app - it will connect to the new, alternative repository and the old 'official' repo, allowing you to install from both
---
0) If upgrading Magisk and if you previously did "Hide Magisk app/Mngr" from Magisk app/mngr - always "Restore Magisk app/Mngr" before upgrading Magisk
1) Make sure that both Magisk app and Magisk are installed and updated to the new version v24 version. Inspect version numbers on the main Magisk window/page
2) Make sure to uninstall all Riru modules (Riru is not compatible with Zygisk that comes with Magisk v24)
3) Settings, Enable Zygisk and reboot.
Then check on the main window does it show Zygisk Yes
4) Settings, enable Enforce DenyList.
Configure DenyList, enable filters to Show OS and System apps.
Find Google Play Services and check-in only the two processes ending with gms and gms.unstable.
You will have to check in all your banking apps and so as you used with MagiskHide.
Always reboot upon reconfiguring DenyList
5) If SafetyNet does not pass, install USNF 2.2.1 and test again.
Always reboot upon installing a module, also if/when you enable Systemless Hosts
Note: Once you install/enable USNF 2.2.1, it will remove Google Play Services from your DenyList - but don't worry, USNF takes care of GMS
6) If you are on non-certified custom ROM and you still don't pass SN - then you will need Magisk Hide Props Config module - check for and consult the MHCP thread
---
If you want to hide Zygisk, then instal Shamiko module - and you must disable Enforce DenyList (although DenyList must stay configured).
But Shamiko is really not essential (might help for some banking apps but it's irrelevant for SafetyNet)
---
Banking apps - out of scope for this post (also, this thread is about the Magisk v24 itself, not abkut the particular banking apps)
Go to Magisk Github documentation, read Wiki, there is a section with tips you should try first
If putting your banking app to DenyList (now, instead of the old Magisk Hide) and hiding Magisk app does not help, and the other tips from Wiki do not help (like renaming TWRP folder and so), search in this thread how to use Hide My Applist (Zygisk-LSPosed module)
Every time you apply another tip to your troublesome banking app - go to Settings, Apps, and delete Cache and Data for that banking app before you try to open it again (some apps will cache that they previously found the phone was rooted)
Even with HMA, there are certain banking apps that cannot be tricked (on some phones like Xiami, etc)
---
Momo - absolutely not essential for your life
When you pass SN, Momo might still detect that your Bootloader is unlocked - you cannot hide it from Momo on e.g. Xiaomi phones
Generally, treat Momo as 'banking' apps (add to DenyList and reboot)
Momo does not look for apps (Magisk app, LSPosed mngr, LSPosed modules), hence for Momo you don't need to bother with HMA
Basic tips for Momo: Remove/rename TWRP folder, disable USB Debugging - for the rest, search for Momo posts in this thread - but still, there will be findings you could not hide from Momo (not encrypted Data, custom ROM, etc)
===
PS: Magisk Alpha v24.1 (vvb2060 and her team) has departed their way (different package name, revival of MagiskHide?), hence this post is now (mainly) for the official TJW Magisk Stable and Canary v24
(Some parts do apply also to Alpha but use Alpha on your own risk and ask the other Alpha users about the Alpha status and practices)
===
Last but not the list - there night be specifics for certain phones (like flashing with Odin for Samsung, end so on)
This post is generic, for your specific practices read/search through this thread and also on your phone/model subforuns on XDA
Hello - sorry if obvious but I'm having issues getting some apps checking for root to pass. I think the issue might well be the statement related to "Google Play Services and check-in only the two processes ending with gms and gms.unstable."
Regardless of whether I tick just these two, or if I tick the whole of Google Play Services, once I reboot and if I go back into Magisk the app reports that these services are no longer hidden.
This is Pixel6Pro Stock, January update, Magisk canary (but 24001 that synced with the public build) + Zygisk + USNF 2.2.1
Thank you
Chris
@ipdev
Thread was pinned. Thx for your effort
Nice. Will we be able to run a module like fakegapps without riru/LSPosed?
crypticc said:
Hello - sorry if obvious but I'm having issues getting some apps checking for root to pass. I think the issue might well be the statement related to "Google Play Services and check-in only the two processes ending with gms and gms.unstable."
Regardless of whether I tick just these two, or if I tick the whole of Google Play Services, once I reboot and if I go back into Magisk the app reports that these services are no longer hidden.
This is Pixel6Pro Stock, January update, Magisk canary (but 24001 that synced with the public build) + Zygisk + USNF 2.2.1
Thank you
Chris
Click to expand...
Click to collapse
No, you don't need to add Play Services processes w/ Zy-USNF as I explained here:
https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-86321879
Download YASNAC and check if you pass SafetyNet, then that you have Play Protect Device is certified in Play Store settings... If you have these, Bank app is using its own custom detection methods... PW
kurtn said:
Nice. Will we be able to run a module like fakegapps without riru/LSPosed?
Click to expand...
Click to collapse
Yes, Use Zygisk-LSPosed. PW
pndwal said:
No, you don't need to add Play Services processes w/ Zy-USNF as I explained here:
https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-86321879
Download YASNAC and check if you pass SafetyNet, then that you have Play Protect Device is certified in Play Store settings... If you have these, Bank app is using its own custom detection methods... PW
Click to expand...
Click to collapse
Yes I appreciate that. I guess my question was if it is correct that after reboot USNF deselects the gms and gms.unstable
Thanks for the explanation.
FYI found what was triggering the app and got it working. Before I had just renamed Magisk (I renamed to MagicApp if that matters) but that didn't work. Also "pausing" the app wasn't enough.
I needed to actually uninstall the Magisk Manager app itself.
So the mechanism being used by the other app wasn't looking for Magisk/SU, but the app iself.
The App failing doesn't have any local file permissions so must've been something else.
Actually I found two apps failing root check and both were resolved by uninstalling the (renamed) Magisk APK.
So I wondered if the app was simply listening to debug messages.
So I reinstalled and then reproduced the failure looking into ADB logcat.
I could see during opening and just before the protection was triggered logcat events against the ".Magisk" app related to denying access. Uninstalling Magisk app stopped those messages and then the app was able to start.
Should Magisk "hiding" the magisk manager app by renaming it from ".Magisk" also have relabelled all of the messages and such related to the app?

Please clarify how denylist works with other zygisk modules

With Magisk 24 a couple of things have changed and its got me confused maybe someone here can help me understand.
Previously, with MagiskHide I could select apps for which Magisk would be hidden. In addition, I had riru/lsposed with a couple of modules, afwall+ donate and xprivacyLua for example. I selected all user installed apps for both these modules. So I basically had hidden magisk, and magisk and lsposed modules worked on selected apps.
With Magisk 24 it seems differently, but maybe I misinterpret.
With Magisk 24, I enable zygisk with enforce deny list. The description says that selected processes will have all Magisk modifications reverted.
I installed lsposed canary version which works with zygisk on Magisk 24 (on 2/2 it will be pushed to the stable channel). I installed the same modules, afwall+ and xprivacylua. Except that now all the apps that are on the zygisk denylist are marked as such in the lsposed module list. I suspect this means lsposed as a zygisk module is also reverted on apps on the denylist.
So if thats correct, basically we cannot have Magisk hidden and still have LSPosed modules applied, such as AFWall and XprivacyLUA.
Is that correct or am I misinterpreting the denylist description?
droidvark said:
With Magisk 24 a couple of things have changed and its got me confused maybe someone here can help me understand.
Previously, with MagiskHide I could select apps for which Magisk would be hidden. In addition, I had riru/lsposed with a couple of modules, afwall+ donate and xprivacyLua for example. I selected all user installed apps for both these modules. So I basically had hidden magisk, and magisk and lsposed modules worked on selected apps.
With Magisk 24 it seems differently, but maybe I misinterpret.
With Magisk 24, I enable zygisk with enforce deny list. The description says that selected processes will have all Magisk modifications reverted.
I installed lsposed canary version which works with zygisk on Magisk 24 (on 2/2 it will be pushed to the stable channel). I installed the same modules, afwall+ and xprivacylua. Except that now all the apps that are on the zygisk denylist are marked as such in the lsposed module list. I suspect this means lsposed as a zygisk module is also reverted on apps on the denylist.
So if thats correct, basically we cannot have Magisk hidden and still have LSPosed modules applied, such as AFWall and XprivacyLUA.
Is that correct or am I misinterpreting the denylist description?
Click to expand...
Click to collapse
Your misinterpreting it, deny list just denies access to zygisk to the apps you selected, you have to use LSPosed zygisk version as Rieu will not work with it. Everything else works the same
Darkaeluz said:
Your misinterpreting it, deny list just denies access to zygisk to the apps you selected, you have to use LSPosed zygisk version as Rieu will not work with it. Everything else works the same
Click to expand...
Click to collapse
Thanks! Yes I am using the Zygisk version (and I think you meant riru, rieu sounds like an autocorrect mistake ).
Maybe I didn't explain it very well. I tested it with several apps in different situations and it works like I suspected. For example, XprivacyLua can deny apps access to the clipboard. When an app is on the denylist in Zygisk and has access to the clipboard denied in XprivacyLua, it still has access to the clipboard. Once I remove the app from the denylist, XprivacyLua starts working and selected apps are denied access to the clipboard.
In other words, LSPosed modules do not work on apps that are on the denylist. During my trials I also noticed the short popup message in LSPosed saying that it might not work on apps on the denylist.
I think this is a serious regression from previous versions.
The OP has a valid question. I hope someone can answer.
I have the same query as OP. How do we configure denylist in tandem with other modules?
If any bank app is selected in the denylist, then in XPrivacyLua the same app is given a label "On denylist"
droidvark said:
With Magisk 24 a couple of things have changed and its got me confused maybe someone here can help me understand.
Previously, with MagiskHide I could select apps for which Magisk would be hidden. In addition, I had riru/lsposed with a couple of modules, afwall+ donate and xprivacyLua for example. I selected all user installed apps for both these modules. So I basically had hidden magisk, and magisk and lsposed modules worked on selected apps.
With Magisk 24 it seems differently, but maybe I misinterpret.
With Magisk 24, I enable zygisk with enforce deny list. The description says that selected processes will have all Magisk modifications reverted.
I installed lsposed canary version which works with zygisk on Magisk 24 (on 2/2 it will be pushed to the stable channel). I installed the same modules, afwall+ and xprivacylua. Except that now all the apps that are on the zygisk denylist are marked as such in the lsposed module list. I suspect this means lsposed as a zygisk module is also reverted on apps on the denylist.
So if thats correct, basically we cannot have Magisk hidden and still have LSPosed modules applied, such as AFWall and XprivacyLUA.
Is that correct or am I misinterpreting the denylist description?
Click to expand...
Click to collapse
same here :v
so much confusion lol
droidvark said:
Thanks! Yes I am using the Zygisk version (and I think you meant riru, rieu sounds like an autocorrect mistake ).
Maybe I didn't explain it very well. I tested it with several apps in different situations and it works like I suspected. For example, XprivacyLua can deny apps access to the clipboard. When an app is on the denylist in Zygisk and has access to the clipboard denied in XprivacyLua, it still has access to the clipboard. Once I remove the app from the denylist, XprivacyLua starts working and selected apps are denied access to the clipboard.
In other words, LSPosed modules do not work on apps that are on the denylist. During my trials I also noticed the short popup message in LSPosed saying that it might not work on apps on the denylist.
I think this is a serious regression from previous versions.
Click to expand...
Click to collapse
In order to make this work before what you need to do is configure the dentist and enforce toggle on. Reboot phone. Search Magisk alpha thread on telegram. Download latest Shamiko Magisk module. Toggle the enforce toggle off then flash the Shamiko module and reboot. all will work like before
Ps riru doesn't work on zygisk yet as far as I know and there is lsposed zygisk version you will need to run attached below. Remove riru core and old lsposed prior to flashing new one
Also if you need more hiding ability use hidemyapplist xposed module for other stuff
toolhas4degrees said:
In order to make this work before what you need to do is configure the dentist and enforce toggle on. Reboot phone. Search Magisk alpha thread on telegram. Download latest Shamiko Magisk module. Toggle the enforce toggle off then flash the Shamiko module and reboot. all will work like before
Ps riru doesn't work on zygisk yet as far as I know and there is lsposed zygisk version you will need to run attached below. Remove riru core and old lsposed prior to flashing new one
Click to expand...
Click to collapse
Thanks gonna try this out.
edit: everything works fine. thanks!
looks like shamiko takes the denylist and enforces it while preserving the ability for the same list to be accessible for lsposed modules. nice thing.
EGYPT2021 said:
Thanks gonna try this out.
edit: everything works fine. thanks!
looks like shamiko takes the denylist and enforces it while preserving the ability for the same list to be accessible for lsposed modules. nice thing.
Click to expand...
Click to collapse
Been using it this way for 3 plus months
Shamiko is actually a zygisk hide itself
Thank you guys for offering a possible solution but after the tests i took i think this shamiko module is just a visual module. To share one of my test results i installed this app Device info pro and on the system tab it says root management app Magisk....
So there is no solution yet i think to have zygisk deny list configured for the some app and use for example xprivacylua lua on this app and have them both working toghether properly..
okwhateverok said:
Thank you guys for offering a possible solution but after the tests i took i think this shamiko module is just a visual module. To share one of my test results i installed this app Device info pro and on the system tab it says root management app Magisk....
So there is no solution yet i think to have zygisk deny list configured for the some app and use for example xprivacylua lua on this app and have them both working toghether properly..
Click to expand...
Click to collapse
Shamiko is not a visual mod... It hides zygisk.... Maybe read a little. Also did you turn denylist toggle off before flashing shamiko.
Exactly, if shamiko v0.4.3 was not a visual mod (at least on system level) i should not be able to see what app does provide root if i got this app enabled on the magisk denylist and got this same app completely blocked by xprivacylua using Lsposed 1.7.2 zygisk.
This means that this is a pure cosmetic mod, but thanks to the developers anyway.
I think i had done a little more than only read a little haha...
Nvm
Hi, I have a similar question. I use SeftyNet from kdrag0n, works fine with a banking app (denyList + enforce)
Can I add programs preventively? For example most of Google, all banking apps (before I run them)?
Could this slow down the system? Or make the applications will not work properly?
After reading this thread, I have a question. I wonder whether to use SeftyNet from kdrag0n, or Shamiko ?
PS I've had a lot of work lately and a long pause on Android systems, And I'm just catching up.
okwhateverok said:
Exactly, if shamiko v0.4.3 was not a visual mod (at least on system level) i should not be able to see what app does provide root if i got this app enabled on the magisk denylist and got this same app completely blocked by xprivacylua using Lsposed 1.7.2 zygisk.
This means that this is a pure cosmetic mod, but thanks to the developers anyway.
I think i had done a little than only read a little haha...
Click to expand...
Click to collapse
Did you find an answer? Lsposed modules + Denylist enforced or somehow else?
I did not find a solution nor the developers did so far...
This all while running the latest version of Shamiko v0.5.0 and Lsposed Zygisk v1.8.3.
But still i want to thank the developers for their hard work because it is actually the manufacturers android developers who does close these doors for their users to modify and control their own devices.
No delta anymore
FYI .... I found out that for some funny reason one banking app with a wierd name like /data/data/com.uniken.r2fa4a.boi will not add via GUI . If you add it to denylist via GUI it will auto uncheck. Its aint a system app why then does Magisk ( latest as I type ) refuse to add it ? Go Figure. In the meantime , found a workaround by using ---denylist add < package > on command line. So far it seemed to have worked. But dunno why GUI would'nt take my commands
huskydg said:
I have a fork that restore MagiskHide from DenyList. MagiskHide can be enabled no matter Zygis is enabled or disabled. After enable MagiskHide, zygisk module will still be loaded on denylist. I also add hide zygisk, hide for isolated process and app zygote into MagiskHide.
Where is this?
Click to expand...
Click to collapse
magiskhide is already inc in the magisk --denylist command just that there is no seperate bin for that in the new one .
Thanks @toolhas4degrees ! I also use XPrivacyLua and wanted to maintain security/privacy restrictions while also hiding root for certain apps. The Shamiko mod works!

Categories

Resources