Related
Hello, everyone.
Few days ago, I found Hanabank app (com.hanabank.ebk.channel.android.hananbank) detects Magisk hide. I ran strace against Hanabank app, and I got some suspicious openat(2) returns -EACCES and even some files are not filtered by Magisk Hide (returns file descriptor successfully)
Here are openat(2) calls which don't look good.
Code:
[pid 27855] openat(AT_FDCWD, "/sbin_orig/magisk", O_RDONLY|O_LARGEFILE) = 91
[pid 27855] openat(AT_FDCWD, "/dev/magisk/mirror/system", O_RDONLY|O_LARGEFILE) = -1 EACCES (Permission denied)
[pid 27855] openat(AT_FDCWD, "/magisk", O_RDONLY|O_LARGEFILE) = -1 EACCES (Permission denied)
[pid 27855] fstatat64(AT_FDCWD, "99-magisk.sh", {st_mode=S_IFREG|0755, st_size=2011, ...}, 0) = 0
Full strace log of Hanabank app:
Code:
https://pastebin.com/BUiViAbK
I think they should return -ENOENT to pass that magisk detection routine.
I'm using Magisk v14.0
BTW, why Magisk Github issue tracker is disabled?
Having the same issue but with another app.
https://forum.xda-developers.com/showpost.php?p=73968022&postcount=19348
How did you run strace? I used strace -f -p PID-o /sdcard/strace.txt but no reference to Magisk is shown.
olivercervera said:
Having the same issue but with another app.
https://forum.xda-developers.com/showpost.php?p=73968022&postcount=19348
How did you run strace? I used strace -f -p PID-o /sdcard/strace.txt but no reference to Magisk is shown.
Click to expand...
Click to collapse
First, sorry for late reply. I was on vacation.
I used this script to attach strace to fresh app process.
Code:
while true; do
while ! ps | grep -q -i $1; do :; done;
ps | grep -i $1 | while read a b c; do
strace -e open -f -e trace=file,ptrace -p $b 2>&1;
done;
done
For example, if you saved this script as /sdcard/strace.sh, The procedure I take to attach strace to the app is;
1. use killall command to kill all app process. Android pre-forks app, so we need to kill that first.
2. run script using sh /sdcard/strace.sh <app_process_name>. This will attach strace to the app and redirects strace's stderr output to stdout.
2-1. Do whatever you want (use tee or just redirect it to file, etc..) with stdout stream.
3. Analyze collected result.
That's all.
perillamint said:
First, sorry for late reply. I was on vacation.
I used this script to attach strace to fresh app process.
Click to expand...
Click to collapse
Hi
Just now I realised that I responded in the other thread. However your script never worked
I ran the script in a shell with root permission using
Code:
sh /sdcard/strace.sh com.barclays.android.barclaysmobilebanking
Unfortunately this is what I get when I try to run the script
Code:
/sdcard/strace.sh[5]: syntax error: 'done' unexpected
What have I done wrong?
EDIT: I've done this test on another device, a Nexus 5X stock 7.1.2 + Magisk v14. If I run strace it is not found, I have installed busybox but nothing! WAT??? I'll test with the other device later which has strace (Nexus 5).
EDIT2: Nope, I get the same error on the device which has strace.
olivercervera said:
Hi
Just now I realised that I responded in the other thread. However your script never worked
I ran the script in a shell with root permission using
Code:
sh /sdcard/strace.sh com.barclays.android.barclaysmobilebanking
Unfortunately this is what I get when I try to run the script
Code:
/sdcard/strace.sh[5]: syntax error: 'done' unexpected
What have I done wrong?
EDIT: I've done this test on another device, a Nexus 5X stock 7.1.2 + Magisk v14. If I run strace it is not found, I have installed busybox but nothing! WAT??? I'll test with the other device later which has strace (Nexus 5).
EDIT2: Nope, I get the same error on the device which has strace.
Click to expand...
Click to collapse
Hmm, I used sh which included in LineageOS.... I think Android's default sh couldn't handle that script's syntax properly. Default sh is quite crippled compared to GNU/Linux's one (bash, zsh, etc..)
Could you try running this script using bash instead of sh? If you don't have bash on your Android system, this Magisk module could inject bash binary into your system. https://forum.xda-developers.com/apps/magisk/module-magisk-bash-shell-t3609988
perillamint said:
Hmm, I used sh which included in LineageOS.... I think Android's default sh couldn't handle that script's syntax properly. Default sh is quite crippled compared to GNU/Linux's one (bash, zsh, etc..)
Could you try running this script using bash instead of sh? If you don't have bash on your Android system, this Magisk module could inject bash binary into your system. https://forum.xda-developers.com/apps/magisk/module-magisk-bash-shell-t3609988
Click to expand...
Click to collapse
Thanks for your suggestion. In the end I installed LOS on my test device and ran the script.
The funny thing is that I can't find a single reference to Magisk or Root...
The output is attached.
olivercervera said:
Thanks for your suggestion. In the end I installed LOS on my test device and ran the script.
The funny thing is that I can't find a single reference to Magisk or Root...
The output is attached.
Click to expand...
Click to collapse
Indeed. However the app dies shortly after reading the two property files:
/dev/__properties__/ubject_r:default_prop:s0
/dev/__properties__/ubject_r:logd_prop:s0
I would try to get the output of getprop with and without Magisk installed and see if there are any properties being leaked that could give a hint that Magisk is installed.
Fif_ said:
Indeed. However the app dies shortly after reading the two property files:
/dev/__properties__/ubject_r:default_prop:s0
/dev/__properties__/ubject_r:logd_prop:s0
I would try to get the output of getprop with and without Magisk installed and see if there are any properties being leaked that could give a hint that Magisk is installed.
Click to expand...
Click to collapse
You are the man! You definitely spotted the method being used by this app. Thanks.
I had to leave LOS ROM because even without Magisk it would not run, so I installed another ROM. I verified the app runs, got props, installed Magisk and got new props.
There are all changes:
1. [ro.build.selinux]: [1] is changed to [ro.build.selinux]: [0] when Magisk is installed
2. [ro.runtime.firstboot] shows different values but I believe it's fine
3. The following are entirely missing when Magisk is installed
[selinux.reload_policy]: [1]
[service.adb.tcp.port]: [-1]
[sys.retaildemo.enabled]: [0]
[init.svc.clear-bcb]: [stopped]
I have the feeling that [ro.build.selinux]: [1] and [selinux.reload_policy]: [1] are key elements and Magisk is not hiding them properly. I would suppose these elements show that SELinux is not enforcing anymore. I tried changing these values, but at reboot they don't change.
I know obviously Magisk does not enforce SELinux, but hides that got set to Permissive. System thinks that is enforcing, and using command getenforce i get as a result Enforcing, but Barclays (and possibly other apps) are reading that SELinux is not actually being enforced.
Interesting. Will post these finding in the main thread.
Do you have anything to add that could be helpful?
olivercervera said:
You are the man! You definitely spotted the method being used by this app. Thanks.
I had to leave LOS ROM because even without Magisk it would not run, so I installed another ROM. I verified the app runs, got props, installed Magisk and got new props.
There are all changes:
1. [ro.build.selinux]: [1] is changed to [ro.build.selinux]: [0] when Magisk is installed
2. [ro.runtime.firstboot] shows different values but I believe it's fine
3. The following are entirely missing when Magisk is installed
[selinux.reload_policy]: [1]
[service.adb.tcp.port]: [-1]
[sys.retaildemo.enabled]: [0]
[init.svc.clear-bcb]: [stopped]
I have the feeling that [ro.build.selinux]: [1] and [selinux.reload_policy]: [1] are key elements and Magisk is not hiding them properly. I would suppose these elements show that SELinux is not enforcing anymore. I tried changing these values, but at reboot they don't change.
I know obviously Magisk does not enforce SELinux, but hides that got set to Permissive. System thinks that is enforcing, and using command getenforce i get as a result Enforcing, but Barclays (and possibly other apps) are reading that SELinux is not actually being enforced.
Interesting. Will post these finding in the main thread.
Do you have anything to add that could be helpful?
Click to expand...
Click to collapse
If you use "resetprop ro.build.selinux 1" in a root shell, does the app start?
That will disappear at reboot of course, but it's easy to add to /magisk/.core/props to make it stick until Magisk is fixed.
Now, I don't think Magisk disables SELinux, why do you have it disabled?
Fif_ said:
If you use "resetprop ro.build.selinux 1" in a root shell, does the app start?
That will disappear at reboot of course, but it's easy to add to /magisk/.core/props to make it stick until Magisk is fixed.
Now, I don't think Magisk disables SELinux, why do you have it disabled?
Click to expand...
Click to collapse
Yes, Magisk changes SELinux to Permissive and hides this status.
Although my findings would be legit and those props should be hidden, in my Bank's case is not the issue.
I have discovered that if I uninstall Magisk Manager (but not uninstall root, just the app) my bank app works. However it does not work if I use "Hide Magisk".
Since the hidden app is called Unhide Magisk Manager, probably this app is looking for Magisk keyword.
For whatever reason when I run strace the app does crash and always reports that message (crash after reading prop).
I will post these findings in the support thread.
I don't know how to do it, but I would recompile Magisk Manager changing package ID and name, in theory should work.
I am having the same issue on my Galaxy S8 with the Barclays Mobile Banking app. I have tried using every option in Magisk but nothing seems to be working. In fact, the Barclays app actually asked for SU permissions when I first ran it which is odd to me.
Did anyone find a workaround for this? I read the posts in this thread but I am not savvy enough to understand all the codes and technical information written, so please excuse my ignorance in the matter. Is reverting to a completely stock ROM my only option at this point? I really need to start using this application as soon as possible.
Thank you.
Quick update guys!
The great Topjohnwu is working on a new update that includes a key feature for us: reinstalling Magisk Manager with a random package ID.
These changes are in his Github Repo. On this thread you can find unofficial versions of Magisk compiled from Github.
I have tested Magisk-v14.4-20171102-091345.zip: HELL IT WORKS!
In Magisk Manager: go to settings and you will have the option to reinstall Magisk Manager with a random package ID
Install Barclays from Play Store
Add Barclays to Magisk Hide
Open Barclays, it will behave correctly and will work!
This solves my problem, so I will be able to use the latest version of this app very soon (will wait for public beta).
On a side note, this update should als hide /Magisk partition, which was detected by @perillamint banking app, so might be worth trying it.
I have installed this Hanabank app (hopefully is the right one!) and added it to Magisk Hide. The app opens up correctly but I can't understand anything. I see some stuff moving on screen and on the upper left I see a lock icon (to login?)
If I don't add the app to Magisk Hide it shows an incomprehensible message and closes.
Hope you find this helpful.
Please see photos below.
@olivercervera
What are your exact steps? I installed the latest version from this thread, and added barclays to magisk hide, and then in settings, clicked in hide magisk manager. When I clicked in unhide magisk manager, it asked me for root permision for something with a random name, so I guess it worked, but I couldn't get the Barclays app to run. Is that a fresh install of your phone? I remember that if it detected your root once, it would be blocked forever, until you get a new ID. Did you call barclays to get your app working again?
On top of that, I clicked on hide magisk manager again, and now I can't unhide it, the app does nothing when I click on it... :crying:
Thanks for your help in any case, and thanks for the tip regading the new functionality!
mundodisco8 said:
@olivercervera
What are your exact steps? I installed the latest version from this thread, and added barclays to magisk hide, and then in settings, clicked in hide magisk manager. When I clicked in unhide magisk manager, it asked me for root permision for something with a random name, so I guess it worked, but I couldn't get the Barclays app to run. Is that a fresh install of your phone? I remember that if it detected your root once, it would be blocked forever, until you get a new ID. Did you call barclays to get your app working again?
On top of that, I clicked on hide magisk manager again, and now I can't unhide it, the app does nothing when I click on it... :crying:
Thanks for your help in any case, and thanks for the tip regading the new functionality!
Click to expand...
Click to collapse
Yes, a fresh start from a stock Nexus 5X I have at work. I did not register the app with my account during the test, all I needed to do was to get to the Welcome Screen: if Barclays detects root you don't get anything. Probably you need to reinstall Barclays App.
Once Magisk Manager is hidden with the new ID you can't go back to the original: you don't have any option. So if you still have it means there is a problem.
mundodisco8 said:
@olivercervera
What are your exact steps? I installed the latest version from this thread, and added barclays to magisk hide, and then in settings, clicked in hide magisk manager. When I clicked in unhide magisk manager, it asked me for root permision for something with a random name, so I guess it worked, but I couldn't get the Barclays app to run. Is that a fresh install of your phone? I remember that if it detected your root once, it would be blocked forever, until you get a new ID. Did you call barclays to get your app working again?
On top of that, I clicked on hide magisk manager again, and now I can't unhide it, the app does nothing when I click on it... :crying:
Thanks for your help in any case, and thanks for the tip regading the new functionality!
Click to expand...
Click to collapse
He's talking about a new Hide Manager feature that is much improved from the current implementation. It's not yet available officially, so you'll have to build yourself from the GitHub repo, or download from the unofficial snapshots thread that @olivercervera linked.
Didgeridoohan said:
He's talking about a new Hide Manager feature that is much improved from the current implementation. It's not yet available officially, so you'll have to build yourself from the GitHub repo, or download from the unofficial snapshots thread that @olivercervera linked.
Click to expand...
Click to collapse
I didn't even consider the possibility he didn't realise I was using the unofficial/self compiled version... I even linked it!!!
Thanks
olivercervera said:
I didn't even consider the possibility he didn't realise I was using the unofficial/self compiled version... I even linked it!!!
Thanks
Click to expand...
Click to collapse
It's actually quite apparent that he's talking about the current implementation, since the updated, unreleased, feature doesn't have anything named "unhide" to click.
With the new implementation you unhide the hidden Manager by reinstalling and opening it.
Hi guys,
Yes, I installed the latest version, following the link OliverCervera linked. I hid it using the usual method of going to options/hide magisk, and I got a new app, as usual. clicking on it to unhide prompted for root permissions for an app with a random ID (as expected). The next time, I wasn't that lucky, and the whole thing crashed. Anyway, it's a nightly, so I won't complain, and I will check it later, as sadly I don't have time to do it now.
In any case, my app was marked, because I opened it with the official release of Magisk and it detected root, and once it does, it keeps the "this phone is rooted" status until you do a factory reset. I think you can call them to tell them that it was a mistake, and they can unlock it but I'm not 100% sure about this last point.
Thanks for the work, anyway!
mundodisco8 said:
Hi guys,
Yes, I installed the latest version, following the link OliverCervera linked. I hid it using the usual method of going to options/hide magisk, and I got a new app, as usual. clicking on it to unhide prompted for root permissions for an app with a random ID (as expected). The next time, I wasn't that lucky, and the whole thing crashed. Anyway, it's a nightly, so I won't complain, and I will check it later, as sadly I don't have time to do it now.
In any case, my app was marked, because I opened it with the official release of Magisk and it detected root, and once it does, it keeps the "this phone is rooted" status until you do a factory reset. I think you can call them to tell them that it was a mistake, and they can unlock it but I'm not 100% sure about this last point.
Thanks for the work, anyway!
Click to expand...
Click to collapse
If you install the correct version of the Manager you won't have an unhide app after hiding the Manager. That's changed...
Your problem is probably that the unofficial Manager has a different signature, so it won't install over the official Manager. Solution: Uninstall the official Manager before installing the unofficial snapshot.
Have you tried just clearing all data for the app after it detects root? That usually works for an app that "remembers" root. But, I've never tested the app in question so...
Didgeridoohan said:
If you install the correct version of the Manager you won't have an unhide app after hiding the Manager. That's changed...
Your problem is probably that the unofficial Manager has a different signature, so it won't install over the official Manager. Solution: Uninstall the official Manager before installing the unofficial snapshot.
Have you tried just clearing all data for the app after it detects root? That usually works for an app that "remembers" root. But, I've never tested the app in question so...
Click to expand...
Click to collapse
I think they keep your signature and store it on their servers. Barclays is really focused when it comes to not allowing people to use their app on rooted phones, but as I said, I would need to double check. And I kind of get why they do it, as they went all the way to avoid to pay Android to use Android Pay and they developed their own platform to pay over NFC (not judging here, it's up to them if they think it's the best solution). At the end of the day, root is exploited through a security flaw, and "the bad guys could get your moneys", and even though they could display a message at launch that says "hey, you are rooted, the bad guys could get AAAALLL of the moneys, it's up to you" people would still want to sue them if they mess up... but it's funny that they allow you to get into the online banking web on a rooted phone, where the bad guys could see your password...
Google Pay has stopped working over a week ago and i was hoping for a fix but nothing has come? Did I do something wrong?
Running Android 6.1.6 Magisk Manager
Edit
There is also a bug with the manager? When i select apps for Magisk Hide it doesn't save and when i reload the list all that apps are unticked again??
Thanks in advance
Logs?
Didgeridoohan said:
Logs?
Click to expand...
Click to collapse
Magisk doesn't show any logs, where do I go to turn on Android logging?
JoshuaM765 said:
Magisk doesn't show any logs, where do I go to turn on Android logging?
Click to expand...
Click to collapse
There's your problem...
MagiskHide uses Android logging to detect when it needs to hide from an app or process.
Have you disabled logd? Used something like Kernel Adiutor to disable logs? Etc... Turn it back on and things will start working again.
[HIDE[/HIDE]
Didgeridoohan said:
There's your problem...
MagiskHide uses Android logging to detect when it needs to hide from an app or process.
Have you disabled log's? Used something like Kernel Adiutor to disable logs? Etc... Turn it back on and things will start working again.
Click to expand...
Click to collapse
I don't ever remember disabling logs or using a kernel adiutor. Would I need to edit to turn it on and how would I go about doing this?
Just to confirm, run this in a terminal emulator:
Code:
su -c magiskhide --enable
If it reports that logs are disabled, we can keep on this track.
The question is what happened "over a week ago" that caused things to change. Did you by any chance update Magisk? From v15.4 there was a change that for some devices wrongly disables MagiskHide because it can't detect that Android logging is running. That's been fixed and should be in the next release. You could try the unofficial snapshots by @kantjer, if you're impatient... Just be aware that they might not be built from release ready code.
Didgeridoohan said:
Just to confirm, run this in a terminal emulator:
Code:
su -c magiskhide --enable
If it reports that logs are disabled, we can keep on this track.
The question is what happened "over a week ago" that caused things to change. Did you by any chance update Magisk? From v15.4 there was a change that for some devices wrongly disables MagiskHide because it can't detect that Android logging is running. That's been fixed and should be in the next release. You could try the unofficial snapshots by @kantjer, if you're impatient... Just be aware that they might not be built from release ready code.
Click to expand...
Click to collapse
It was working then I got Xposed for Magisk but that put it in a boot loop so i factory reset and rerooted with Magisk and its now stopped working. When I do the terminal emulator i get "Logb is not running, cannot run logcat"
JoshuaM765 said:
It was working then I got Xposed for Magisk but that put it in a boot loop so i factory reset and rerooted with Magisk and its now stopped working. When I do the terminal emulator i get "Logb is not running, cannot run logcat"
Click to expand...
Click to collapse
Is logcat running? You can test this by using an app like Matlog. If it shows the log, it is a matter of the Magisk v15.4+ bug of detecting logging fully. Solution in that case would be to wait for the next release, test an unofficial snapshot linked above, or revert to a Magisk version prior to v15.4.
Didgeridoohan said:
Is logcat running? You can test this by using an app like Matlog. If it shows the log, it is a matter of the Magisk v15.4+ bug of detecting logging fully. Solution in that case would be to wait for the next release, test an unofficial snapshot linked above, or revert to a Magisk version prior to v15.4.
Click to expand...
Click to collapse
Yes Matlog works, where would i get an unoffical snapshot from?
JoshuaM765 said:
Yes Matlog works, where would i get an unoffical snapshot from?
Click to expand...
Click to collapse
I linked it a few posts ago...
Oh, sorry missed those.
Thanks for all the help, i will report back if it works.
Thanks so much, it was solved using the custom Magisk update link that you posted, Thanks again
JoshuaM765 said:
Thanks so much, it was solved using the custom Magisk update link that you posted, Thanks again
Click to expand...
Click to collapse
Thank you. That's the first confirmation I've seen of anyone with this issue having things working with the current code. That means the fix works...
Next official release (likely a beta) will have the fix included.
I'm also having trouble getting Google pay to work. The app also automatically gets disabled by my phone, and i have to search for it in the play store to re enable it. Magiskhide is enabled. Might it be because I'm in Mexico right now?
basily said:
I'm also having trouble getting Google pay to work. The app also automatically gets disabled by my phone, and i have to search for it in the play store to re enable it. Magiskhide is enabled. Might it be because I'm in Mexico right now?
Click to expand...
Click to collapse
Kindly Do The Following
- Clear Data&Cache Of Google Pay
- Disable Telephone Permission Of Google Play Services
- Try To Use Google Pay
Dreamer(3MF) said:
Kindly Do The Following
- Clear Data&Cache Of Google Pay
- Disable Telephone Permission Of Google Play Services
- Try To Use Google Pay
Click to expand...
Click to collapse
Thanks for the advice, but i tried it and same result.
basily said:
Thanks for the advice, but i tried it and same result.
Click to expand...
Click to collapse
Send The Full Logcat Of Google Pay & Inform Me About The Installed Version Of Magisk.
Didgeridoohan said:
Just to confirm, run this in a terminal emulator:
Code:
su -c magiskhide --enable
If it reports that logs are disabled, we can keep on this track.
The question is what happened "over a week ago" that caused things to change. Did you by any chance update Magisk? From v15.4 there was a change that for some devices wrongly disables MagiskHide because it can't detect that Android logging is running. That's been fixed and should be in the next release. You could try the unofficial snapshots by @kantjer, if you're impatient... Just be aware that they might not be built from release ready code.
Click to expand...
Click to collapse
I have the same issue as my Google Pay doesn't work now (after 16.3). Now I am on magisk 16.4.
I tried this Terminal command, su -c magiskhide --enable which returns that hide is already enabled.
My Google Pay was working normal now not working. By the way, SafetyNet test pass through.
smohanv said:
I have the same issue as my Google Pay doesn't work now (after 16.3). Now I am on magisk 16.4.
I tried this Terminal command, su -c magiskhide --enable which returns that hide is already enabled.
My Google Pay was working normal now not working. By the way, SafetyNet test pass through.
Click to expand...
Click to collapse
If you have MagiskHide working (passing SafetyNet), there's no need to mess with the enable command. That was just to confirm if the user has an issue where Magisk couldn't detect if logging was running (that's been fixed in v16.4).
Does Google Pay still work on Magisk v16.0? Or is it a matter of an update to Google Pay? What happens if you disable Telephone permissions for Google Play Services (like users of the Tez app have to do)? Or If you add all phone services you the Hide list?
Dreamer(3MF) said:
Send The Full Logcat Of Google Pay & Inform Me About The Installed Version Of Magisk.
Click to expand...
Click to collapse
Ok, I'm trying to get a logcat using terminal, but it keeps coming out at over 1mb, and xda won't let me attach a text file over 512kb. Shall i get it with adb with some filtering? I'm not very familiar with logcats, so your suggestion would be welcome.
I'm on the latest stable magisk: v16.0. For safetynet check, it successes, but ctsProfile, and basicIntegrity false.
I'm on a Nexus 6P, fully updated.
In custom ROMs, like LOS, SafetyNet doesn't pass completely (ctsProfile: false)
With this module you can pass SafetyNet completely (Only for Xiaomi Mi A2)
This module set a valid fingerprint with security patch date
You also need "Busybox for Android NDK" module, don't forget to install it too
After installing open terminal and type:
Code:
su
updatefp
Reboot your phone, clear play store data and you are done! SafetyNet should pass
You can get latest valid fingerprint with "updatefp" command when it updated !!
It fails for me and gives me this error:
Getting latest valid fingerprint
/system/bin/fixsafetynet[29]: curl: not found
ro.build.fingerprint:
ro.build.version.security_patch:
FAILED!!
I'm using the official Pixel Experienced 9.0 rom on my Xiaomi Mi A2
Ashik_salim_ said:
It fails for me and gives me this error:
Getting latest valid fingerprint
/system/bin/fixsafetynet[29]: curl: not found
ro.build.fingerprint:
ro.build.version.security_patch:
FAILED!!
I'm using the official Pixel Experienced 9.0 rom on my Xiaomi Mi A2
Click to expand...
Click to collapse
You also need "Busybox for Android NDK" module, don't forget to install it too
S /\ E E D said:
You also need "Busybox for Android NDK" module, don't forget to install it too
Click to expand...
Click to collapse
Yes I've installed it too. Is the order of flashing important ? I had flashed this module first and then busybox (both within magisk manager) and then rebooted.
Ashik_salim_ said:
Yes I've installed it too. Is the order of flashing important ? I had flashed this module first and then busybox (both within magisk manager) and then rebooted.
Click to expand...
Click to collapse
Try the new version (1.1.9), i changed curl to wget, maybe curl only exists on LOS16 !!
Yesss.. That worked. It succeeded and safetynet passes. Thank you
Ashik_salim_ said:
Yesss.. That worked. It succeeded and safetynet passes. Thank you
Click to expand...
Click to collapse
You're welcome
Still not enough for apps like Pokemon GO and a few other banking apps which will detect root on the spot.
Yepi69 said:
Still not enough for apps like Pokemon GO and a few other banking apps which will detect root on the spot.
Click to expand...
Click to collapse
Add pokemon go to magisk hide. Works for me. Try it for the banking apps too. Mine worked even without hiding.
Ashik_salim_ said:
Add pokemon go to magisk hide. Works for me. Try it for the banking apps too. Mine worked even without hiding.
Click to expand...
Click to collapse
What worked for me was editing the fingerprint props to Mi A2 (so every app including Google identifies this ROM as a Mi A2 stock rom), ShellHide and Magisk Hide.
Your module does pass in safetynet however it does not work as it should apps like netflix and asphalt 9 do not work.
Hi Folks...
can someone post me the ro.build.fingerprint= value that passed the safety net ..probably a 8.1 OS working one as pie doesn't seem to work
Seems like google play doesn't work even though CTS check says pass in magisk with hide
Regards,
Bartholomew Diaz Michael
SteveRogers26 said:
Your module does pass in safetynet however it does not work as it should apps like netflix and asphalt 9 do not work.
Click to expand...
Click to collapse
Try v1.2.4, it should works now
diazneoones82 said:
Hi Folks...
can someone post me the ro.build.fingerprint= value that passed the safety net ..probably a 8.1 OS working one as pie doesn't seem to work
Seems like google play doesn't work even though CTS check says pass in magisk with hide
Regards,
Bartholomew Diaz Michael
Click to expand...
Click to collapse
Try v1.2.4, it should works and you can access to all apps in play store!
You can get latest valid fingerprint with "updatefp" command
I tried with V1.2.4 and still google Pay does not work and says its rooted, I have Magisk hide enabled for Google Pay.
Regards,
Bartholomew Diaz Michael
diazneoones82 said:
I tried with V1.2.4 and still google Pay does not work and says its rooted, I have Magisk hide enabled for Google Pay.
Regards,
Bartholomew Diaz Michael
Click to expand...
Click to collapse
Did you run updatefp command and reboot?
Did you clear data of play store?
If you did and doesn't work too try deleting module and installing again, old files should clean
S /\ E E D said:
Did you run updatefp command and reboot?
Did you clear data of play store?
If you did and doesn't work too try deleting module and installing again, old files should clean
Click to expand...
Click to collapse
Hi,
I tried to clear data for play store, also re-inslaled te module and ran updatefp and no success.
When i access the Google Pay App..its says im rooted still after this module and magisk hide
diazneoones82 said:
Hi,
I tried to clear data for play store, also re-inslaled te module and ran updatefp and no success.
When i access the Google Pay App..its says im rooted still after this module and magisk hide
Click to expand...
Click to collapse
Which ROM and magisk modules you are using?
It's working for me perfectly
You must reboot your phone after running updatefp command + delete all similar modules that you installed before + run these commands with root user:
Code:
rm -rf /data/adb/post-fs-data.d/*
rm -rf /data/adb/service.d/*
reboot
If still not working for you send me the result of this command:
Code:
getprop > /sdcard/props.txt
S /\ E E D said:
Which ROM and magisk modules you are using?
It's working for me perfectly
You must reboot your phone after running updatefp command + delete all similar modules that you installed before + run these commands with root user:
Code:
rm -rf /data/adb/post-fs-data.d/*
rm -rf /data/adb/service.d/*
reboot
If still not working for you send me the result of this command:
Code:
getprop > /sdcard/props.txt
Click to expand...
Click to collapse
Hi,
Tried above recommended steps and still no luck with Google Pay as it says device is rooted.
Here are PROP data
diazneoones82 said:
Hi,
Tried above recommended steps and still no luck with Google Pay as it says device is rooted.
Here are PROP data
Click to expand...
Click to collapse
It seems your selinux is enforcing, mine is permissive,
Also please note that some apps only available in some countries,
If play store says your device is certified, you can try my Android Market Enabler app
Hello.
This game (GIGANTIC X) Me detects the access root Magisk, the hidden through "Magisk Hide" and when I restart it again detects me again and does not work.
https://play.google.com/store/apps/details?id=com.ActionSquare.GiganticX
D-Mak said:
Hello.
This game (GIGANTIC X) Me detects the access root Magisk, the hidden through "Magisk Hide" and when I restart it again detects me again and does not work.
https://play.google.com/store/apps/details?id=com.ActionSquare.GiganticX
Click to expand...
Click to collapse
Have you tried the v19.0 Beta ?
lahceneamine said:
Have you tried the v19.0 Beta ?
Click to expand...
Click to collapse
I just tried the V19.0 and the same thing happens.
any root-using apps installed or magisk.zip still in storage?
D-Mak said:
I just tried the V19.0 and the same thing happens.
Click to expand...
Click to collapse
Do you pass SAFETYNET with v19.0 ? If not, there's something wrong in your config.
Oh... it's using Lockin Company's Liapp(https://liapp.lockincomp.com/ )...
It's not a problem like misconfig since it detects Magisk itself. Liapp updates frequently to apply new root (especially Magisk) detection methods, so it's hard to bypass it.
(Magisk 17.3+ bypasses 5.0.0, 18.2+ bypasses 5.0.1, but 5.0.2+ cannot be bypassed currently.)
same here.cantplay it on root device,well that sucks.Im not gonna sacrifice my magisk for this game,not worth it
I made a bypass script for it (and all other apps using Liapp and UDS detection method)!
Download it on https://github.com/Ingan121/UDSBypass/blob/master/udsbypass and run 'su -c sh /sdcard/Download/udsbypass com.ActionSquare.GiganticX/com.epicgames.ue4.GameActivity'. Make sure you added this app to MagiskHide.
Ingan121 said:
I made a bypass script for it (and all other apps using Liapp and UDS detection method)!
Download it on https://github.com/Ingan121/UDSBypass/blob/master/udsbypass and run 'su -c sh /sdcard/Download/udsbypass com.ActionSquare.GiganticX/com.epicgames.ue4.GameActivity'. Make sure you added this app to MagiskHide.
Click to expand...
Click to collapse
Thanks! How do i use this script? i tried in terminal but it keep saying no such file or directory
Predatorhaze said:
Thanks! How do i use this script? i tried in terminal but it keep saying no such file or directory
Click to expand...
Click to collapse
Did you download it in Download folder? Then it should be started by 'sh /sdcard/Download/udsbypass' (without quotes).
Also, you can copy it to /sbin, chmod 755, and then just run 'udsbypass'.
Ingan121 said:
Did you download it in Download folder? Then it should be started by 'sh /sdcard/Download/udsbypass' (without quotes).
Also, you can copy it to /sbin, chmod 755, and then just run 'udsbypass'.
Click to expand...
Click to collapse
I copied the text and made a text file saved .sh..or do I something wrong here
Predatorhaze said:
I copied the text and made a text file saved .sh..or do I something wrong here
Click to expand...
Click to collapse
sh /sdcard/path/to/udsbypass.sh
Ingan121 said:
sh /sdcard/path/to/udsbypass.sh
Click to expand...
Click to collapse
I am a noob with this,I don't get it.Cant get it to work.I think will uninstall magisk
Predatorhaze said:
I am a noob with this,I don't get it.Cant get it to work.I think will uninstall magisk
Click to expand...
Click to collapse
Termux can't be used for this.
Use other terminal app.
Ingan121 said:
Termux can't be used for this.
Use other terminal app.
Click to expand...
Click to collapse
It can be used if you adjust the script to check for /sbin in $PATH and then add it if it isn't already there.
Or adjust the script to use the absolute paths to the Magisk binary, but that is a lot less elegant and won't work if the paths change.
Ingan121 said:
Termux can't be used for this.
Use other terminal app.
Click to expand...
Click to collapse
well then i try material terminal.
by the way im running pie gsi.
How is the game btw? is it good? bored fast?
Predatorhaze said:
well then i try material terminal.
by the way im running pie gsi.
How is the game btw? is it good? bored fast?
Click to expand...
Click to collapse
I didn't play it, just deleted immediately after succeeding to bypass.
Alright.i really want to play this game but i cant get this bypass to work.Can someone explain more clear steps?
Ingan121 said:
Did you download it in Download folder? Then it should be started by 'sh /sdcard/Download/udsbypass' (without quotes).
Also, you can copy it to /sbin, chmod 755, and then just run 'udsbypass'.
Click to expand...
Click to collapse
I managed to run the script by putting the file in /sbin but the game is still detecting root
Ingan121 said:
I didn't play it, just deleted immediately after succeeding to bypass.
Click to expand...
Click to collapse
can u explain with a short video the game has official release yesterday
I am using oneplus 6 with latest oos magisk 19.3
Banking app like sbi anywhere, icici detecting root can't use upi.
Also adadhar app detecting root event safety net pass already done magisk hide
Can some help me there or use other versions of magisk
Please help
android_smater said:
I am using oneplus 6 with latest oos magisk 19.3
Banking app like sbi anywhere, icici detecting root can't use upi.
Also adadhar app detecting root event safety net pass already done magisk hide
Can some help me there or use other versions of magisk
Please help
Click to expand...
Click to collapse
Use Hide Magisk manager in settings or Core only mode.
Sent from my MI 8 using Tapatalk
Dexer125 said:
Use Hide Magisk manager in settings or Core only mode.
Sent from my MI 8 using Tapatalk
Click to expand...
Click to collapse
Didn't work either. I guess will have to wait for an update. I have tried so far:
Settings > Magisk Core Only More - On
Magisk Hide - Check against the banking app
Clear app cache
Reboot
Also - Magisk v19.3, Magisk Manager v7.3.1(222)
gagan007 said:
Didn't work either. I guess will have to wait for an update. I have tried so far:
Settings > Magisk Core Only More - On
Magisk Hide - Check against the banking app
Clear app cache
Reboot
Also - Magisk v19.3, Magisk Manager v7.3.1(222)
Click to expand...
Click to collapse
disable developer mode?
and you need to hide magisk manager itself.not just magisk hide.
Try executing
Code:
su -c chmod 000 /proc/net/unix
in a terminal. Several banking apps now use a very stupid and shaky root detection heuristic that is circumvented in this way.
(see https://github.com/Ingan121/UDSBypass).
A banking app on my phone (keytradebank, belgian bank) worked fine with Magisk Hide but after an update stopped working.
Disabling read access to /proc/net/unix did the trick for me!
Looked it up, this rootbeerFresh code is really brain-dead, even the presence of busybox will make isRooted() return true
No concern for false positives at all.
el_perro said:
A banking app on my phone (keytradebank, belgian bank) worked fine with Magisk Hide but after an update stopped working.
Disabling read access to /proc/net/unix did the trick for me!
Looked it up, this rootbeerFresh code is really brain-dead, even the presence of busybox will make isRooted() return true
No concern for false positives at all.
Click to expand...
Click to collapse
Remember that app says it COULD be root.
If anyone is paying attention to it yet.
Also
https://www.didgeridoohan.com/magis...and_other_apps_wont_install_or_doesnt_show_up
Busybox
Some apps detect Busybox and see this as a sign of your device being compromised (rooted). Magisk should be able to hide any Busybox installed as a Magisk module. osm0sis has a great Busybox module available in the Magisk repo (install from the Magisk Manager, under "Downloads").
Figuring out if an app has dependencies, looks for "sensitive props", Busybox, etc
It can be tricky figuring out if an app is dependent on another app or process for detecting root, expects certain prop values, doesn't like Busybox or whatever is triggering a root warning within the app. Apart from trying one thing/prop at a time, finding this out could mean you have to decompile the apk to look at the source code (use search), grab a logcat when the app is detecting root, etc.
Detecting apps requiring root
There are apps that detect known apps that require root and refuse to work properly or even start if that is the case. Usual suspects include (but aren't limited to) busybox apps, Xposed installer, root hiding apps, etc.
This can be worked around by uninstalling or possibly freezing (Titanium Backup can do this, among others) the offending root app when you need to use an app detecting root apps and reinstalling/unfreezing it afterwards. Cumbersome, but it might work. There are also some Xposed modules that can hide apps from other apps, but having Xposed installed might cause other issues with tampering detection...
@mrspeccy Thank you for pointing out that workaround. Works for me too for the Keytrade app
el_perro said:
A banking app on my phone (keytradebank, belgian bank) worked fine with Magisk Hide but after an update stopped working.
Disabling read access to /proc/net/unix did the trick for me!
Looked it up, this rootbeerFresh code is really brain-dead, even the presence of busybox will make isRooted() return true
No concern for false positives at all.
Click to expand...
Click to collapse
How did you do that?
su -c chmod 000 /proc/net/unix didn't work for me.
robuser007 said:
How did you do that?
su -c chmod 000 /proc/net/unix didn't work for me.
Click to expand...
Click to collapse
yes, in a terminal on your phone or using 'adb shell'
be aware it's not a permanent fix, a reboot will restore the old permissions on /proc/net/unix
so you have to remove read access after every reboot.
Quite clumsy.
To make this easier on the go, I installed termux, created in the home directory a small file 'hide' with the one-liner,
Code:
su -c chmod 440 /proc/net/unix
Note: 000 works just as well, but 440 is closer to the original permission and works too.
so after a reboot i open termux terminal and type the command
Code:
. hide
gagan007 said:
Didn't work either. I guess will have to wait for an update. I have tried so far:
Settings > Magisk Core Only More - On
Magisk Hide - Check against the banking app
Clear app cache
Reboot
Also - Magisk v19.3, Magisk Manager v7.3.1(222)
Click to expand...
Click to collapse
Thanks it work...
Got that app working successfully today. Hiding Magisk itself worked I guess. I locked bootloader also.
android_smater said:
I am using oneplus 6 with latest oos magisk 19.3
Banking app like sbi anywhere, icici detecting root can't use upi.
Also adadhar app detecting root event safety net pass already done magisk hide
Can some help me there or use other versions of magisk
Please help
Click to expand...
Click to collapse
Try these...
1. From your magisk, install these 2 modules: Riru - Core, and Riru - EdXposed (Sandbox or Yahfa is okay]
2. Reboot your device to activate both modules.
3. Install Xposed Installer APK by DVDandroid. You can get it here: https://dl-xda.xposed.info/modules/d...v33_36570c.apk
4. Reboot to activate the Xposed Installer app
5. Inside Xposed Installer app, go to downloads and install the HiddenCore Module.
6. Reboot and go back to Magisk, and hide.
7. Test to see if everything is now okay.
wittymav said:
Try these...
1. From your magisk, install these 2 modules: Riru - Core, and Riru - EdXposed (Sandbox or Yahfa is okay]
2. Reboot your device to activate both modules.
3. Install Xposed Installer APK by DVDandroid. You can get it here: https://dl-xda.xposed.info/modules/d...v33_36570c.apk
4. Reboot to activate the Xposed Installer app
5. Inside Xposed Installer app, go to downloads and install the HiddenCore Module.
6. Reboot and go back to Magisk, and hide.
7. Test to see if everything is now okay.
Click to expand...
Click to collapse
Nope! It Doesn't Work With SBI YONO Or BHIM.
My Cofidis app also keeps detecting root.
Have latest version magisk, latest version of magiskmanager and renamed it. Magisk is hidding. App is in magisk hide list.
chmod suggestion did not work
Running latest version of lineageos on my htc u11. I think the issues started when I installed the latest build (11/08).
Any suggestions to fix this?
Same issue here with this app:
https://play.google.com/store/apps/details?id=eu.mobeepass.nfcniceticket
Is there any way to troubleshoot what triggers the root detection?
Ps24u said:
Same issue here with this app:
https://play.google.com/store/apps/details?id=eu.mobeepass.nfcniceticket
Is there any way to troubleshoot what triggers the root detection?
Click to expand...
Click to collapse
Using my app VD INFOS you can see every detectable thing. (Root/Magisk/Xposed/Riru/and others.)
And then you can fix what needs to be fixed.
[APP][v1.10] VD Infos (Package: com.vitaodoidao.vdinfos)
(Para quem fala PORTUGUÊS, o próximo post está totalmente traduzido !) VD Infos v1.10 As we all know, Android is a super powerful and super versatile operating system. What nobody tells you is that all your personal details and confidential...
forum.xda-developers.com