-
Notifications
You must be signed in to change notification settings - Fork 54
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
V3.8 Zygote detection injected #7
Comments
I have been working with folks here for ideas on getting my phone "cleared", and through careful experimentation (& a bunch of luck), I discovered that chiteroman's BootloaderSpoofer v3.8 does not clear Integrity Check but v1.2 clears the Play Integrity Check (of course except "STRONG" as nothing clears that). I hope a downgrade to v1.2 works for you too. |
tried, but it does not help :( |
this is zygote problem, not module problem and util now, u can't hide "zygote is injected" if module lsposed is enabled. |
I have the same issue. With module disabled I don't get zygote injected. Downgrade to v1.2 did not help. |
Yeah, seems we're in a "fluid" situation. Today, I saw that I no longer passed DEVICE_INTEGRITY with my configuration that worked just a few days ago. After some research in @chiteroman /PlayIntegrityFix issues section and some tideous trial & error I discovered a configuration that passes both BASIC & DEVICE_INTEGRITY, at least as of now. For context, as of this evening, I'm currently successfully passing BASIC & DEVICE running on a Pixel 5 GD1YQ with the following: LineageOS 20.0 (dated 20240129); Magisk canary 26404; Play Integrity Fix 15.7.1 (NO pif.jason in /data/adb); Shamiko 1.0.1; LSPosed 1.9.2; BootloaderSpoofer 1.2; Hide My Applist 3.2 The one thing I think I noticed was that Play Store would not run "correctly" right away, kept getting "Try Again". Hope this works for others too. |
Kitsune did it! |
I unfortunately use KernelSU |
Definitely Doesn't Work to KITSUNE |
video_2024-03-07_07-59-20.mp4Skill issue, blame your self |
it could be. I reformatted the phone now
Where is the problem here? |
Where is the problem here? |
v3.8 I tried all versions one by one and the result is the same. |
I tried all versions one by one and the result is the same. |
It can be fixed by setting logger buffer size to Off in developer options |
I can't turn it off, it automatically becomes 64k. |
Weird |
Now I noticed that when I turn on the "LSPosed" module it automatically becomes 64K. |
Can you open the other modules and show them all in one video? There is definitely a problem here. |
Did this ever get resolved I'm having the same issue? |
Did you ever get this resolved im having the same issue |
Brother, I tried it on many phones and there doesn't seem to be a solution to this. I think the friend who claims to have done this does not activate the LPOSED module. When I told him to show all the broadcasts, his voice stopped :) I tried it on 5 different phones (V11,V12,V13)with 3 versions (Regular, Alpha, Beta Kitsune) and there is no way around it, maybe it can be on a phone with Android 10 or below, but I don't have it. |
Having the same problem using latest Kitsune Magisk on a OnePlus 11 PHB110 with Official LineageOS 21. The thing is using Zygisk to load BootloaderSpoofer will make my broken TEE fixed and unlocked Bootloader hidden, but Momo will show that Zygote is injected. |
If you set logger buffer size to Off in developer options, you will not get zygote injected detection anymore |
I tried it on 8 different phones and Android 10 11, but it definitely doesn't work. |
By the way, what you said is impossible because if you activate ZYGISK, the buffer size will automatically be 64K, you cannot turn it off even if you want. If there is another way, I don't know it technically. |
I am able to set it to Off with Kitsune Magisk |
I also use kitsune. But as I said, whenever I activate it, the buffer does not become 0. Can you record screen video and share , kitsune ver. and momo screen etc. |
https://drive.google.com/file/d/1GByvH_qNvzq8Tg3Ts4wIlt4qu72EIWMm/view?usp=drivesdk
I don't show momo because I don't have the issue anymore with both logger buffer size enabled and disabled. |
@Tobim6 Which version is it? |
1.9.3-7261 |
Where is this version of lsposed to download? |
I don't know, got it from telegram |
can you please send the lsposed that you have 7261 |
https://drive.google.com/file/d/1-vxugvuG1J5ZMySv7MVbr6QrvNhfERFa/view?usp=drivesdk |
thank you too much |
Updating to 1.9.3 fixed zygote injected ,but I had to upgrade to v3.8 for it to work v1.2 probably didn't even launch probably because I am running android 14. |
But if you use MemoryDetector to detect instead of Momo, it will still display "Found 2 suspicious anonyour memories mapping" when using lsposed |
What su provider do you have? (Magisk, KSU etc.) |
KSU(11838) and applying this module in LSPosed(1.9.3-7261) to memory detector |
Why would you apply BootloaderSpoofer to Memory Detector |
I applied the module to both detectors for one possible reason, because I wanted to check if I passed all the checks at the same time. Otherwise, what do you think is the reason why they applied this module to Momo? |
Memory Detector does not detect unlocked bootloader. As for native detector, there's no aay to fix it. |
So curious why would you install Momo and this module, if only Momo will detect the bootloader, it would be nice to uninstall Momo, Momo has no practical use for your daily life, why use this module instead of uninstalling Momo? |
Some banking apps detect unlocked bootloader. That's all this module is for. |
I know that this module is only for the purpose of patching bootoader detection, but using this module exposes another code injection detection. That's really annoying. If the app includes both detection methods, the module will be meaningless. I want to pass all known tests perfectly |
Not possible right now |
@Tobim6 Currently, I can pass all root check applications, including MOMO, without any problems. However, the application I use somehow detects that the phone is rooted. The only thing that comes to mind is the "MEETS_STRONG_INTEGRITY" check; it might be detecting it from there. As far as I know, there is no way to bypass this, and I am about to lose my mind because of this situation. Supposedly, you can do everything with a rooted phone, but we can't even simulate the data that any application gets from the phone. @chiteroman did not provide an explanation on the PlayIntegrityFix GitHub page about some devices being able to pass this. Does anyone have information about this? GitHub - chiteroman/PlayIntegrityFix |
No way you are passing native detector |
Can you give me the download link? |
MemoryDetector2.1 |
|
Thanks. Setting 'Logger buffer sizes' to 0, clearing Lsposed_mod's (by mywalkb) logs and then restarting a device clears detected injected zygote, therefore enabling to use BootloaderSpoofer's injection. Does anyone know how to bypass 'Partition mounted abnormally'? |
When you set the buffer to 0, it shouldn't actually come out. Which version of LSPOSED do you use? |
|
Native detector is the true best tester |
I'm using the latest v3.8. Before using it, momo only shows that the bootloader is unlocked. After using bootloader Spoofer, momo shows "zygote injected" can you please advise me how to fix?
The text was updated successfully, but these errors were encountered: