I was wondering if there was an android 12 GSI rom out there that is not rooted but still has GAPPS installed? I am asking because I just now tried a couple of android 12 based GSI roms on my phone (lineageos 19 and octaviOS), and while both ran well, I wasn't able to run banking apps for example, or any other apps that check for rooted phones.
I tried: using magisk hide (even though it is being phased out), using zygisk on magisk 24, using shamiko on android 24, flashing an unSU script with TWRP, even manually deleting the SU binary in /system/xbin and /system/bin, and anywhere else where SU shows up, uninstalling magisk. Nothing seems to work. I even checked for no root with various rootcheck apps and while root is gone after all this, the banking, etc apps STILL don't run.
I am able to run those same apps on the rooted stock android 11 retus where magisk is hidden by zygisk with no problems. What is going on with the GSI roms?
Have you checked if the ROMs build properties are flagging the system as debug or development build? Though I'm not quite as versed in dealing with GSI, I'd consider the possibility that a flag is being set off, probably upon installing a GSI ROM would be my guess.
Related
I have the root with Magisk in Android 8.0. At first, the warning always came out asking if you wanted to grant root rights to the application that you just opened. However, this warning is no longer displayed, even though the configuration of Magisk Manager is configured in this way.
In the Magus Superuser section, I do not see any trace of the applications that I can not 'root'.
I have updated Magisk Manager, but the error continues. I also removed BusyBox, but the error continues.
I can not give root permission to any other application. But the mobile is rooted, since the first applications that I installed that require root continue to function normally. I can even deactivate the root and then activate it again.
Reinstalling the applications is not solved. With Dalvik and Caché wipe either.
That could be happening? How is it solved?
____
Magisk Manager has all the permissions of everything (memory, background, manual battery mode). I have tried to reinstall Magisk Manager and nothing.
Deactivating BusyBox (Magisk module) and Xposed and restarting still does not work.
Returning to install the Magisk image by TWRP or Fastboot is not fixed either.
I have removed all the fret that I had done to the phone (BusyBox, Xposed, root Magisk and boot modified for the root) and the problem has not been solved. I do not know what may be happening. I do not have other rare applications.
I have installed Device Control and the TWRP application. I have not gotten the root request to skip (although it has activated that option in Magisk Manager).
Definitely, it is not the fault of the new applications, which was the first question I wanted to solve.
Magisk version:
19.3 (19300)
And from Manager 7.2.0 (213), although I have also tried 7.3.2 (224).
The root is done with patching (via Magisk) of RAMDISK.IMG.
I understand that some applications are not compatible with systemless. But I'm not going any of the new ones that I'm trying. Interestingly, other applications compatible with Magisk (except those that installed the first days of the mobile) do not work either.
I have installed Magisk Manager 7.0.0 (and also 6.1.0), but the bug is still there. It seems that it does not depend on the APK.
As my Magisk file to root consists of a patch of RAMDISK.IMG created directly from Magisk Manager I do not know how to create one based on a lower version (for example, version 18.1). It only gives me the option to patch with the latest Magisk Manager version (if I have a lower one, it asks me to update the APK).
Whenever I generate the IMG of my patched RAMDISK.img it is based on 19.3.
How could I generate a patched IMG based on a lower version?
I have microG, not the GApps. Could that influence? Does Magisk need them?
Apparently, my bank updated the app with a new feature that doesn't let me access it anymore, it says that the operating system is not supported, i use a custom rom(AEX) in my Redmi 4x, i believe that the rom is the problem, the root is being hidden with MagiskHide and i have no problems with SafetyNet, maybe i can change some parameter in build.prop to make it work? i did something similar to try to run Fortnite in my phone a while ago, any ideas on what parameters may be relevant to that?
It's a brazilian bank(Banco Inter)
Need Solution for this Problem as Well
I have the same problem.
The new app version 8.4.6 is not working while up till version 8.4.5 it was working just fine.
Their support is absolutely clueless on how to help, but as @Levyks said, apparently they are blocking custom roms now.
Is it possible to make the custom rom look as an original rom from manufacturer?
Same problem.
I'm with the same problem...
IMHO has nothing to do with fact whether it's a Custom ROM or a Stock ROM. Any app ( banking apps included ) easily can find out whether present Android OS got tampered or not.
Same problem any help? Can't use my bank app... WhatsApp also can detect I have a custom ROM, any solution?
Incomtus said:
Same problem any help? Can't use my bank app... WhatsApp also can detect I have a custom ROM, any solution?
Click to expand...
Click to collapse
Many apps like banking / payment apps today detect whether Android is got rooted or not: it's an easy for them to do so.
Same problem here in Lineage OS 18.1. My non-rooted device pass safetynet and CTS by default. But many Banking application had started detecting that I am using custom rom and don't open at all. Then I rooted my device with magisk and enabled 'magisk hide' but no success.
Hi! A solution that worked for me: use the renaming function in Magisk (you can find it in the Settings).
I had the same problem on a Redmi 4X, LOS 16, no working banking app even with Magisk hide. After renaming Magisk, I was able to log in and use it as intended. Also I left Magisk hide turned on.
My guess is that these kind of apps are looking specially for Magisk, and if it's detected, they just won't let you use them.
I mean not through magisk by user.
By developers when the build the ROM
In the first place.
As long as in Android's ecosystem the SU binary can be found, Android is considered to be rooted. It's a very primitive task for devs of banking / payment apps to search the device's Android for that file.
xXx yYy said:
As long as in Android's ecosystem the SU binary can be found, Android is considered to be rooted. It's a very primitive task for devs of banking / payment apps to search the device's Android for that file.
Click to expand...
Click to collapse
I want to know when developing custom ROM, making banking apps can run on that custom ROM is possible in the rooted phone .
I know we could do that with su in the past and now we can do with magisk. But i want to know developers can build ROM to make banking apps run in rooted phone when they are building that rom . Not through modification by users.
Btw i am asking this assuming 2015-2016year.
Wondering why you don't carefully read a post?
It is easy for anyone to determine the existence of SU: just search the internal memory for it - any 10 year old remedial student can do it.
BTW: Magisk doesn't anything other than installing SU.
Since banking apps depend on the Play Integrity API to get a good idea of a device's state and security, workarounds are required, generally by means of Magisk modules such as Shamiko or USNF mod. It is possible to build these into ROMs.
Hi everyone, i've been out from the custom rom world for a while and i noticed that some things have changed; i read that rooted devices cannot run banking or securtity apps or even applications like netflix ect ect...
I recently decided to upgrade my old poco f1 to a Android 13 rom, but i stopped because i need banking apps to work and i don't know thant much anymore about the topic, is there anyone that could help me find a rom that supports the use of banking apps or any rom is good unless the device is rooted?
Thank yall in advance.
If the ROM passes SafetyNet out of the box then there should be no issues with the majority of the banking/financial apps provided you don't root your device. If you do root your device (with Magisk) you will need to use the Shamiko Magisk module to hide root. There's 2-3 additional steps which you can easily Google. In my case I can use every such app in all my rooted devices. Root breaks SafetyNet but most apps with the exception of Google Pay work just fine. To fix SafetyNet you can flash the Universal Safetynet Fix module. I don't know about others but after flashing this module Google login doesn't work. I can't add another Gmail account for example or use my Google credentials to newly log into apps etc. Since I don't use Google Pay much it's OK and I keep the USNF module disabled. Currently I am using crDroid A12. Will switch to it's A13 flavor in the coming months.
--->This is a working method as of May 2023 to have root on any rom version for redmi k20pro.
--->This will help you root and keep root hidden along with using lsposed modules.
--->These steps work on any device and any rom
You can find extra guides for the steps you dont understand by searching on xda forums. Some of these guides are linked to at the bottom of this post
Your bootloader needs to be unlocked to follow this guide. See link at bottom for guides to do the same.
****************************
I am not responsible for any data loss or damage. Follow at your own Risk
****************************
1. Install twrp or orangefox recovery on your phone.
2. Flash Magisk 25.2 (Version 26 has many issues. This version is better to use)
3. Reboot, install magisk apk(rename magisk.zip file to magisk.apk and install)
4. In magisk modules, install shamiko
5. In magisk modules, install safetynet 2.4.0
6. Add any app you want to hide root from in denylist of magisk. Additionally add Google play Services, Google play store, google services framework and google play protect to denylist(enable show system apps option in menu available on top right of denylist)
(IMP: Do not enable enforce denylist, Shamiko does this function)
7. If you have already logged into google play store and it shows device not certified in about section of play store -remove google account from phone and clear data of play store, play services, google services framework. Reboot amd try again. It will show certified status after about 10 minutes of logging in
8. Some custom roms may have device fingerprints which will get detected as custom rom. If that happens, use hide user debug and lineage props magisk module. Note: This version from github can only be flashed in Androidacy Fox Module Manager due to issue in zip packaging. Download this file which is just a properly repackaged version that can be flashed in any magisk manager.
Next install Reset Sensitive props magisk module. A combination of simply installing these modules will fix custom rom detection on any custom rom.(Example on opening whatsapp or GPay for first time)
Additional step(not necessary): Your rom may have additional build.prop entries that indicate a custom rom. Look for such build properties by opening build.prop in root browser on your device, then change any that have a custom rom name in them using magiskhideprops(Refer instructions to use magiskhideprops in the link)
9. Now, hide the magisk app in magisk app settings(set name to something like setting or app)
10. Freeze magisk manager app using link2sd/swift backup/ airfrozen or any other similar app. You can enable app when you need to install or disable modules or grant superuser access to new apps. You can also use Androidacy Fox MMM manager to find, install and remove magisk modules
_____________________________________________________________________________
Done, you can stop at this stage if you dont need lsposed.
Be warned that youw ill need to re-add any app you uninstall and reinstall in denylist.
If you want to use lsposed, continue with below steps after skipping step 10.
_____________________________________________________________________________
11. Install lsposed module 1.8.6 zygisk version
12. Install hide my appslist. Follow instructions in this link to learn how to correctly configure and hide magisk manager, lsposed and any other root apps you have.
You will need dataisolation enable magisk module if using android 10 and below for hidemyapplist to fully work.
13. Install Ruru and 'Play Integirty API Checker'.
Run Ruru and watch it pass all tests.(almost no banking app uses the level of detection used by ruru) Use play integrity api checker to check safetynet status - should pass basic integrity and cts profile.
Momo shows some messages like abnormal environement and TEE but that is ok.
Remember that you should enable denylist and Hide my applist for Ruru/Momo similar to how you enable for banking apps to hide.
Your root access is perfectly hidden now.
_____________________________________________________________________________
If you want to hide Developer Options_____________________________________________________________________________
You have a few options for this.
1. I personally turn usb debugging off in settings and use WADB app to enable wireless adb. I am using this on android 11 as other options dont fully hide or trigger xposed hook detection(which does not cause issues with the banking apps I have tested so far)This is not detected by any apps.
2. If on android 10 or lower, you can use hide user debug magisk module by huskydg which you can get from this telegram channel. I dont know if it can be linked here .
This effectively hides user debug without trigerring any root/xposed detection. Ruru may show 1 entry for usb debugging enabled but that is fine. If it doesnt work, it will show 2-3 detected entries for debugging mode.
I have uploaded the file here but dont know if it will last
3. If above options dont work,use devoptshide app, enable it in lsposed for apps you want to hide user debug from.This method will trigger xposed hook detection in Ruru but none of the banking apps i tested so far have an issue with that. Ruru may show 1 entry for usb debugging enabled but that is fine. If it doesnt work, it will show 2-3 detected entries for debugging mode.
4. I have not personally tested this but this module is an updated version of hide userdebug module by huskydg and it might help hide usb debugging on android 11 and up.You will have to try it yourself for now.I expect it to work.
GitHub - Magisk-Modules-Alt-Repo/ezme-nodebug: Change some props and "remove" LineageOS ones.
Change some props and "remove" LineageOS ones. Contribute to Magisk-Modules-Alt-Repo/ezme-nodebug development by creating an account on GitHub.
github.com
_____________________________________________________________________________
If an app detects root accidentally and refuses to run on your device again even if root is not detected again/ Spoof device ID for apps_____________________________________________________________________________
1. Now you need to use android faker lsposed module to randomize imei, max adress, android device id,hardware id.
Enable android faker in lsposed only for the app you want to change id for. Dont enable it for android system or android framework(Goal is to change id for a single app).Before doing these steps you need to clear data of play store, play services and google services framework, remove your google account from device settings and reboot. This will reset your gsf id.
This will give xposed hook detection in butbank apps dont seem to look for it.
2. If the above method does not work, use Xprivacylua. Enable for the app you want to change id, only use setting for device identifiers,use tracking, telephony data, analytics, get applications. Xprivacylua is not properly hidden even by Hide My Applist but apps dont look for it.So use this if above options does not work.
_____________________________________________________________________________
If you need to disable Widevine L1 DRM protection to use scrcpy screen mirroring etc
_____________________________________________________________________________
Install the liboemcryptodisabler module in magisk.Do note that widevine will drop to L3 but uninstallation brings it back to L1.
NOTE: Drm content cannot be mirrored on scrcpy if you are using android 12 or 13. Use roms with android version upto 11 if you need to watch drm protected content through scrcpy.(at your own risk. I do not advise illegal activity.)
Spoiler: liboemcryptodisabler
Magisk Modules Repository By Androidacy - Androidacy
This is the Androidacy Magisk Modules Repository, where you can search, browse, and download your favorite Magisk modules right now.
www.androidacy.com
Enjoy your properly hidden rooted device with all functionalities.
___________________________________________________________________________________________________________________________________
___________________________________________________________________________________________________________________________________
I have added a few useful posts by other members if you dont know how to do any of the above mentioned steps. Any others steps can be learned with guides from XDA -Use search
1. Simple guide to flashing on K20 Pro
His advice on not using orangefox for custom roms other than stock miui/ xiaomi.eu roms may be right, I have not tried it. Orangefox personally works best for me.
2. Guide to flashing custom roms, changing between miui and custom roms
3. Bootloader unlock, twrp, root instructions and rom links
4. Common issues with Redmi K20 Pro | fingerprint unlock | ghost touch | Dim display | sensor issues | bluetooth and calling
Confirmed working in May 2023.
Guide will be eventually updated with Magisk Delta which is better for root hiding
I am amazed how smoothly my update went from old magisk version that started having issues. I followed first part of this tutorial (without lsposed), I downloaded newest versions of everything (magisk 26.1 - had to directly install magisk in magisk too, Shamiko-v0.7.1-166-release, rest same as in tutorial) and it just worked. No more problems with old magisk. Deny list is working flawlessly!, safetynet is passing, Google Play Store says that device is certified. Thank you so much for this tutorial!
czacha994 said:
I am amazed how smoothly my update went from old magisk version that started having issues. I followed first part of this tutorial (without lsposed), I downloaded newest versions of everything (magisk 26.1 - had to directly install magisk in magisk too, Shamiko-v0.7.1-166-release, rest same as in tutorial) and it just worked. No more problems with old magisk. Deny list is working flawlessly!, safetynet is passing, Google Play Store says that device is certified. Thank you so much for this tutorial!
Click to expand...
Click to collapse
As of right now, magisk 25.2 works much better than magisk 26.1. You can continue to use it if you dont face any issues.
I believe I followed all the steps correctly including downgrading to magisk 25.2, the only step that I might not have followed correctly would be using hidemyapplist, but I'm getting CTS profile mismatch in microG safetynet attestation test. I have an LE2115 with lineageos 20 (specifically lineage-20.0-20230514-nightly-lemonade-signed.zip). I do get the "orange state" warning when I turn on my phone, I could make that go away by flashing an older version something (I forgot what but I've done it before) in TWRP but I wanted to avoid that since the only APPARENT effect is the orange state warning and I don't know if it will break later in LOS as they keep updating. I'd appreciate any help you could give me to fix this.
EDIT: just used magiskhidepropsconf and edit fingerprint and set it to htc exodus and now I pass all tests.