Hi.
I unlocked the bootloader and rooted the phone with magisk. I can't install the island and shelter apps. The island application returns that the security policy prevents the creation of a work profile because a custom operating system is installed on this device. The case looks identical even when there is no root.
userned said:
Hi.
I unlocked the bootloader and rooted the phone with magisk. I can't install the island and shelter apps. The island application returns that the security policy prevents the creation of a work profile because a custom operating system is installed on this device. The case looks identical even when there is no root.
Click to expand...
Click to collapse
Congratulations! You have blown a fuse and Knox will NEVER work on your phone again.
I knew all about it. However, I am interested in a way to bypass this problem and restore at least application isolation.
Should i use multidisabler ?
Isn't it simpler to ask the islander/shelter app developer a question?
multidisabler nothing changed. In general, I can't manually create a profile using adb.
Related
Hi All,
Need help of this forum in solving a problem. The problem is in two parts.
1. I need to gain root access on my 7.1.1 on Merlin.
So can i use adb to gain root access ? Learnt something like this from giving elevated access to Greenify for doze. Can someone point to the right direction so that i can learn it to do myself and not depend on third party apps.
2. I have given administrator usages to Airwatch Agent which monitors whether i have root or not. If i gain root access then i lose the service and wont be able to view configured mails. So basically i need to root and not let all the apps know i have root. Somehow hide it.
Please guide. Thanks in advance.
deepray said:
Hi All,
Need help of this forum in solving a problem. The problem is in two parts.
1. I need to gain root access on my 7.1.1 on Merlin.
So can i use adb to gain root access ? Learnt something like this from giving elevated access to Greenify for doze. Can someone point to the right direction so that i can learn it to do myself and not depend on third party apps.
2. I have given administrator usages to Airwatch Agent which monitors whether i have root or not. If i gain root access then i lose the service and wont be able to view configured mails. So basically i need to root and not let all the apps know i have root. Somehow hide it.
Please guide. Thanks in advance.
Click to expand...
Click to collapse
Well, basically you are not going to get around AirWatch knowing you are rooted, even with Magisk if their Air Watch server is relatively current... I have tried and tried this (we sell and administer Airwatch for ourselves and lots of customers). Airwatch has been specifically designed to detect King*Root, SuperSU, and Magisk (and it's iPhone equivalents), and it uses far more advanced detection schemes than just SafetyNet, so far it hasn't been bypassed that we have seen on Android 6 and higher devices... (Android 5.1 and older have a different mechanism for bypassing root detection from Airwatch that apparently isn't possible with Marshmallow and higher). Also be aware that Airwatch will flag any device on a custom ROM of any kind too (rooted or not) as an incompatible device.
I don't think there is sufficient need for a detection bypass to be implemented into Magisk for Airwatch, and I am not sure the developers would even consider it, since it would be more about getting around a corporate security policy you agreed too more than just getting around some stupid restrictions from the Play Store or an app developer, but hey, it's worth a shot to ask I guess.
Getting around most apps knowing you have root is pretty simple with Magisk, but Airwatch and some of it's competitors MDM applications are much tougher to deal with.
To be honest you are better to just let Greenify go or to get a separate cheapo device just for your corporate email and keep root on your personal device.
Thats insightful.
Thanks a lot for the comments. I however have not seen Airwatch revoking my device enrollment even when i am running a custom ROM. It just checks whether i have root or not.
And can you guide how to use Magisk to root my Nougat on merlin.
deepray said:
Thanks a lot for the comments. I however have not seen Airwatch revoking my device enrollment even when i am running a custom ROM. It just checks whether i have root or not.
And can you guide how to use Magisk to root my Nougat on merlin.
Click to expand...
Click to collapse
Download Magisk and flash it... If your running a custom ROM with SuperSU or some other root built in, might want to ask in your ROM thread to see the right process.
Odd a custom ROM doesn't do anything weird... We have tried several ROM's on our Nexus device and every one will not allow device enrollment.
Confused
acejavelin said:
Download Magisk and flash it... If your running a custom ROM with SuperSU or some other root built in, might want to ask in your ROM thread to see the right process.
Odd a custom ROM doesn't do anything weird... We have tried several ROM's on our Nexus device and every one will not allow device enrollment.
Click to expand...
Click to collapse
I flashed magisk. It rooted my device. Could use greenify with root and lucky patcher with root too. Which means i have got root access. Now comes Airwatch Agent. It asked for root access And i denied it. So now my device is not unenrolled and i am able to use configured mails successfully. Happy. But confused.
deepray said:
I flashed magisk. It rooted my device. Could use greenify with root and lucky patcher with root too. Which means i have got root access. Now comes Airwatch Agent. It asked for root access And i denied it. So now my device is not unenrolled and i am able to use configured mails successfully. Happy. But confused.
Click to expand...
Click to collapse
So latest Magisk is not seen by AirWatch... Nice. I'll have to play with it again.
But there's a new problem now.
acejavelin said:
So latest Magisk is not seen by AirWatch... Nice. I'll have to play with it again.
Click to expand...
Click to collapse
I lost the root. Dont know why. I actually tried installing supersu from playstore which asked something like- do you want to copy binaries to somwhere and i said yes. To that effect my device was unenrolled by Airwatch Agent. Then i removed supersu and i was able to enrol my device again. But the next morning i am noy rooted anymore. Lucky patcher says root is not stable. Don't know what to do.
deepray said:
I lost the root. Dont know why. I actually tried installing supersu from playstore which asked something like- do you want to copy binaries to somwhere and i said yes. To that effect my device was unenrolled by Airwatch Agent. Then i removed supersu and i was able to enrol my device again. But the next morning i am noy rooted anymore. Lucky patcher says root is not stable. Don't know what to do.
Click to expand...
Click to collapse
You can't mix SuperSU and Magisk... after you flash Magisk you need to install Magisk Manager, but it isn't in the Play Store.
And BTW, don't mention Lucky Patcher here... that is purely a pirating app and users of it are thieves.
I will not assist you with anything to do with that software.
acejavelin said:
You can't mix SuperSU and Magisk... after you flash Magisk you need to install Magisk Manager, but it isn't in the Play Store.
And BTW, don't mention Lucky Patcher here... that is purely a pirating app and users of it are thieves.
I will not assist you with anything to do with that software.
Click to expand...
Click to collapse
I am sorry if i offended the community. I installed it as a means to achieve background play of YouTube as till Marshmallow, this was beautifully done by xposed mods. But as for Nougat as xposed is still in development, i needed that app.
I was not aware of other uses of that app. Nor do i have any further intention. Actually i tried using OG Youtube and the other app which was needed but that provided for popup only. Hope you understand.
deepray said:
I am sorry if i offended the community. I installed it as a means to achieve background play of YouTube as till Marshmallow, this was beautifully done by xposed mods. But as for Nougat as xposed is still in development, i needed that app.
I was not aware of other uses of that app. Nor do i have any further intention. Actually i tried using OG Youtube and the other app which was needed but that provided for popup only. Hope you understand.
Click to expand...
Click to collapse
Not really... Background playback on YouTube is a paid service, no matter how you bypass that it's stealing.
Trust me, I don't like it either but I'm not going to steal the service
acejavelin said:
Not really... Background playback on YouTube is a paid service, no matter how you bypass that it's stealing.
Trust me, I don't like it either but I'm not going to steal the service
Click to expand...
Click to collapse
Got the message. I found it difficult to draw the line though.
Hi everyone. I just want to make it clear.
Rooting isn't bad if you know what you are doing.
First of all, there are attack methods for android as well as for PC's.
Here's how to prevent them.
NON-ROOTED:
Make sure you clear cache and dalvik once every month (This is just for the sake of free storage).
If a third-party app you downloaded doesn't have a name in the package installer, don't install it. More likely delete even the apk.
Otherwise it will probably show random webpages by using default browser.
Download any kind of Anti-Virus like Avast, AVG, CM security etc...
Don't turn Play Protect off, if you don't have root, you probably don't have apps that can be recognised as a threat.
Don't download any file from anywhere with an unknown extension.
If your phone supports it without any issues, you can use Full Device Encryption in Security Settings this will put the Normal mode lock to recovery, and even the phone can't be booted unless you type the password in, also in recovery if the atacker deletes the entire system partition, your user data partition will still be encrypted so your data is safe.
ROOTED:
First of all, to protect yourself from network-based attack vectors, install AFWall+ (Free on Play Store).
It rquires root acces bc it's modifying the device's iptable rules to prevent specified apps or app kinds from reaching differenet sort of network, if you are paranoid you can even deny the entire system from reaching any sort of network.
Second install a root privileged anti-virus (I'm pretty sure such things exist).
Third use magisk rooting instead of SuperSU or phh's Superuser, magisk has 2 very usefull mods, one is Energized Protection what blocks malwares adware etc... and the second one is Unified Hosts Adblock (i prefer thsi a bit more cause it has a GUI where you can select what must be blocked).
Also magisk rooting method doesn't corrupts your device's fingerprint so it passes SafetyNET so you still can use Snapchat and Super Mario Run even with a rooted device.
Fourth you still can use Full Device Encryption (Remember if you forget your password or something doesn't working after the encryption like the fingerprint sensor you should consider going back to stock with nand erase to get the data partition Decrypted (Causes full internal sd content loss) otherwise factory reset won't do the job.)
Thanks for sharing information.
I agree with you that rooting is not bad when you know what you are doing but also you should know WHAT APPS ARE DOING.
As a Cyber Security Expert, there are alot of attacking tactics for android phone too as well as PC. These days there are lot of vulnerabilities networking and android system.
1. WPA2/PSK wireless technology is not safe as it is vulnerable to Blueborn attack
2. Newly found vulnerability in LTE networks, allowing three types of attacking methods.
3. The adware is most common in rooted phones and if it got administrator permisiions, it becomes evil.
4. MITM attack is always here
And there are lot of other methods using these days to hijack devices.
bencetari said:
Hi everyone. I just want to make it clear.
Rooting isn't bad if you know what you are doing.
First of all, there are attack methods for android as well as for PC's.
Here's how to prevent them.
NON-ROOTED:
Make sure you clear cache and dalvik once every month (This is just for the sake of free storage).
If a third-party app you downloaded doesn't have a name in the package installer, don't install it. More likely delete even the apk.
Otherwise it will probably show random webpages by using default browser.
Download any kind of Anti-Virus like Avast, AVG, CM security etc...
Don't turn Play Protect off, if you don't have root, you probably don't have apps that can be recognised as a threat.
Don't download any file from anywhere with an unknown extension.
If your phone supports it without any issues, you can use Full Device Encryption in Security Settings this will put the Normal mode lock to recovery, and even the phone can't be booted unless you type the password in, also in recovery if the atacker deletes the entire system partition, your user data partition will still be encrypted so your data is safe.
ROOTED:
First of all, to protect yourself from network-based attack vectors, install AFWall+ (Free on Play Store).
It rquires root acces bc it's modifying the device's iptable rules to prevent specified apps or app kinds from reaching differenet sort of network, if you are paranoid you can even deny the entire system from reaching any sort of network.
Second install a root privileged anti-virus (I'm pretty sure such things exist).
Third use magisk rooting instead of SuperSU or phh's Superuser, magisk has 2 very usefull mods, one is Energized Protection what blocks malwares adware etc... and the second one is Unified Hosts Adblock (i prefer thsi a bit more cause it has a GUI where you can select what must be blocked).
Also magisk rooting method doesn't corrupts your device's fingerprint so it passes SafetyNET so you still can use Snapchat and Super Mario Run even with a rooted device.
Fourth you still can use Full Device Encryption (Remember if you forget your password or something doesn't working after the encryption like the fingerprint sensor you should consider going back to stock with nand erase to get the data partition Decrypted (Causes full internal sd content loss) otherwise factory reset won't do the job.)
Click to expand...
Click to collapse
**rooted user**
What happens if I lose my phone and someone get's into the recovery and deletes the lockscreen security? How can I avoid that? Is running a custom ROM without a custom recovery safe, or is it even possible?
I'd like to add:
• Using a trusted VPN
• Possibly changing your DNS settings to use a provider that supports DNS over HTTPS
clonechill said:
**rooted user**
What happens if I lose my phone and someone get's into the recovery and deletes the lockscreen security? How can I avoid that? Is running a custom ROM without a custom recovery safe, or is it even possible?
Click to expand...
Click to collapse
Philz CWM recovery and some other custom TWRP-s has recovery lock. And with full device encryption data partition can't be reached without giving the unlock.
As the title suggest, I'm trying to bypass a root check for an app, more specifically MyMazda App. I have tried several different methods ( repacking Magisk, Root Cloak, LSposed/Xpirvacy, Unviersal SafteyFix Patch ). None seem to work, my bank, credit and stock exchange apps work completely fine along with every other app except this one. I'm running on a complete stock ROM.
I am running:
Oneplus 8 Pro
Android 11
OxygenOS 11.0.10.10.IN11AA
Magisk v24.1
This raised a few questions:
1. Is it even possible to bypass this apps root check?
2. If it is and when I do bypass it, will all the features work (ie. Remote Start/Stop, Remote Lock/Unlock, etc.)?
3. If there is no way, will downgrading Magisk to when MagiskHide was in the app?
4. And if I do need to downgrade, is there aspecific procedure for the Op8 Pro or is just like any other phone?
Sidenote: I am very new to this, I only just rooted my phone 2 days ago, without any issues thankfully, so I may have missed something important to one of the modules for it to work. Thank you in advanced!
Checking whether Android is rooted or not basically requires only 1 line of program code.
xXx yYy said:
Checking whether Android is rooted or not basically requires only 1 line of program code.
Click to expand...
Click to collapse
Interesting, then how come this app is causing so much issues compared to my banking apps and such?
Rooted therefore lost Secure Folder.
Is there any way to get the Secure Folder working again whilst rooted? (I think some custom ROMs manage to do this...?)
Or is there a (preferably System level) reliable App lock alternative?
elmor0 said:
Rooted therefore lost Secure Folder.
Is there any way to get the Secure Folder working again whilst rooted? (I think some custom ROMs manage to do this...?)
Or is there a (preferably System level) reliable App lock alternative?
Click to expand...
Click to collapse
No. Secure Folder is tied to Knox. Rooting breaks Knox. Even if you go back to stock, it still won't work.
I understand about root breaking Knox.
But I've seen previous Samsung posts about getting Secure Folder to work with build prop editor mod/ Magisk fix module/ custom ROMs with working Secure Folder etc.
So just wondering if any expert or experienced person on this topic.....
as to having back knox, I think is not posible, but, I recall reading somewhere about hiding the rooted state to make some apps to work
Secure folder is working on both rooted VN and Dr. Ketan's rom. S22U 908E
I've hidden root successfully for relevant banking/ monitoring Apps, which otherwise wouldn't have worked if root not hidden.
Exactly my point, if custom ROMs can make Secure Folder work (Knox is still tripped), then is it possible to port this component over to rooted s22u - to have a working SF?
There is a TWRP group on Telegram for this device. Just look for afaneh92 Magisk modules. Secure folder is working fine on rooted Phone with this magisk module.
Afaneh92 Magisk Modules
You can view and join @afaneh92_magisk_modules right away.
t.me
Hi, I use root in all my devices from a lot of time but now I'm 41yo and no more interested in this.
I use root "now only" for
1) call recording (BCR);
2) SwifthBackup;
3) Revanced.
So, call recorder seems to be installed also without root: just put apk in system app directory!
... but, how I can move an apk in system directory without root or twrp, and with locked bootloader?
SwifthBackup can work without root? I don't remember but I can search.
Revanced isn't a problem, I can use with microG.
----
Any help about my doubts?
I want try also because VPN not work, and after a months of email with support "seems" can be related to unlocked/rooted device.
I want just try.
Ty.
Without root, Swift Backup can backup app APK files, but not the app data. It does allow you to grant adb permissions through Shizuku, but I never figured out what [if anything] that allows it to do. I wasn't able to backup app data with ADB privelages.
I don't know the answer to the Call Recording issue.
lupastro82 said:
Hi, I use root in all my devices from a lot of time but now I'm 41yo and no more interested in this.
I use root "now only" for
1) call recording (BCR);
2) SwifthBackup;
3) Revanced.
So, call recorder seems to be installed also without root: just put apk in system app directory!
... but, how I can move an apk in system directory without root or twrp, and with locked bootloader?
SwifthBackup can work without root? I don't remember but I can search.
Revanced isn't a problem, I can use with microG.
----
Any help about my doubts?
I want try also because VPN not work, and after a months of email with support "seems" can be related to unlocked/rooted device.
I want just try.
Ty.
Click to expand...
Click to collapse
I imagine that, once you move that .apk to the system app directory (while rooted), once you unroot, it should still stay there and probably be accessible; but I'm unsure whether successfully running it will be possible -- it depends on the call recording app and if the app requires root to run. If it doesn't and it simply needs root just to be inserted, then I imagine it would probably work if you unroot.
But I have never heard of this method of getting a mod or add-on to work by inserting it in the system app directory...it's fascinating...
Like you said, ReVanced doesn't necessarily need root to work; it just works better with it. Swift Backup will only in a basic way be able to back your device up without root access.
But if you are simply just trying to get a certain VPN to work -- and in the end you don't want to lose root -- you could try doing the numerous root-hiding methods. There are many games, banking apps, and streaming apps that won't work with root (without even giving you a warning that it's because of root detection sometimes) that, once you hide root successfully, are able to run it. It sounds like that could possibly be the case for your VPN.
There are these you can try (if you haven't yet); Zygisk Deny List, UniversalSafetyNetFix (Displax mod works best with P7P), Shamiko, HideMyApp, Magisk Delta, etc.
Also, please be aware (or reminded if you know already) that while unrooting will not wipe and reset your device, locking your bootloader requires wiping the device and you losing everything! You'll be able to get some stuff restored through Google One Backup/Sync, but most everything will need to be set back up and/or lost. And if all you are seeking is to get a VPN to work, I really highly doubt that the app/service goes so far as to detect if you have an unlocked bootloader; it seems there are some banking apps that go that far, but most apps out there don't go that far, and hearing a VPN does would be a first...
Good luck!
Just Google VPN. Do not work anymore from about two months and seems can be a root/unlocked issue.
Anyway, u're right. Ty so much.