Magisk: [Request] Add support for hiding root from KonyLabs' root detector

You're welcome @ANR2ME 👍

I tried to grasp the method of Kony's root detector but their documentary seems vague:

On Android devices, root detection dialog displays when the app is launched in the foreground. The detection happens through the Kony auto-generated launcher activity using KonyMain. If a user writes custom activities using FFI and Framework, root detection does not happen.

If an app is triggered by background sources (Push, GeoFence, SMS, etc.,) root detection dialog does not display. However, a process is created in the background for this app with no application data loaded in memory.

Default Error Message: This device does not meet the minimum security requirements for this application. Please contact the app publisher for more details. The application will exit when you press OK.

You can modify the Default Error Message using the i18N string defined with key ROOT_DETECTION_MESSAGE. If you do not have an i18n string, default standard error message appears.

Visualizer tries to respect the i18N key defined in a locale which matches current device locale and then the i18N key defined in a locale which matches Visualizer/IDE set default locale and then the Default Error Message in order of preference.

The following APIs are not respected as they are available only when JavaScript is loaded and JavaScript is never loaded when rooting of a device is detected.

kony.i18n.setCurrentLocaleAsync
kony.i18n.setDefaultLocaleAsync

No source code, unlike rootBeer which can easily blocked in Root Cloak command:
rootBeer.isRooted
rootBeer.isRootedWithoutBusyBoxCheck

Simply hiding using MagiskHide + blocking isRooted using Root Cloak doesn't work.

Also this Go Mobile gives nothing other than blank gray screen then closes itself.

Source: http://docs.kony.com/konylibrary/visualizer/visualizer_user_guide/Content/ApplicationSecurity.htm#Jailbrok

/com/kony/rooted/TestRoot.java

package com.kony.rooted;

import java.io.DataOutputStream;

public class TestRoot {
    public static int isRooted() {
        try {
            Process p = Runtime.getRuntime().exec("su");
            DataOutputStream os = new DataOutputStream(p.getOutputStream());
            os.writeBytes("echo \"Do I have root?\" >/system/sd/temporary.txt\n");
            os.writeBytes("exit\n");
            os.flush();
            p.waitFor();
            if (p.exitValue() != 255) {
                return 1;
            }
            return 0;
        } catch (Exception e) {
            return 0;
        }
    }
}

/com/konylabs/ffi/N_rootdetection.java

package com.konylabs.ffi;

import com.kony.rooted.TestRoot;
import com.konylabs.libintf.JSLibrary;
import com.konylabs.libintf.Library;

public class N_rootdetection extends JSLibrary {
    public static final String isRooted = "isRooted";
    Library[] libs = null;
    String[] methods = new String[]{isRooted};

    public Library[] getClasses() {
        this.libs = new Library[0];
        return this.libs;
    }

    public Object[] execute(int index, Object[] params) {
        Object[] ret = null;
        int paramLen = params.length;
        switch (index) {
            case 0:
                if (paramLen == 0) {
                    ret = isRooted();
                    break;
                }
                return new Object[]{new Double(100.0d), "Invalid Params"};
        }
        return ret;
    }

    public String[] getMethods() {
        return this.methods;
    }

    public String getNameSpace() {
        return "rootdetection";
    }

    public final Object[] isRooted() {
        return new Object[]{new Double((double) TestRoot.isRooted()), new Double(0.0d)};
    }
}

I don't find any other file that use these 2 classes.
Seems like it's pointing to isRooted function at TestRoot.java, is it possible to change the returned value? or prevent "su" from running and triggered the exception?

Please try out the latest Canary Build with the updated MagiskHide. If it still don't work, try to uninstall Magisk Manager, and report the results after uninstalling. Thank you

Thanks for the update :)

I tried the release version of canary build (updated magisk manager and then update magisk zip from 7.3) and still have the same issue.
However, after uninstalling magisk manager Go Mobile app can run now :D so i guess it worked without magisk manager.

In this case, what step should i do so it doesn't detect Magisk Manager?

Edit: Hiding magisk manager package seems to be working now :D Great!

Btw, the canary magisk manager doesn't have toggle for systemless what does it actually do when clicked?

@ANR2ME how did you hide the Manager package?

@ANR2ME how did you hide the Manager package?

Through Magisk Manager's Settings, it will change the package name

@ANR2ME how did you hide the Manager package?

Through Magisk Manager's Settings, it will change the package name

one question: do you use Xposed as well?

@ANR2ME how did you hide the Manager package?

Through Magisk Manager's Settings, it will change the package name

one question: do you use Xposed as well?

nope, because i heard it causes safetynet to be false, and since i'm using MIUI 10 i haven't found xposed module that worked with MIUI :D

lol, so it's the root of the problem in my case.. I use xposed..

I already use the same Magisk setup as instructed here but the CIMB app is still stuck so I uses the old working one....

Now, it detects root again..

Now, it detects root again..

Yes, hide magisk manager is no longer working for CIMB GoMobile app :( did they specifically tried to detects magisk manager's files or something?

This is also not working on Jack in the box which is also kony based. Seems they've changed something

No issues hiding root from CIMB here... Can't test Jack in the box though (not available in my region).

No issues hiding root from CIMB here... Can't test Jack in the box though (not available in my region).

just by hiding magisk manager?

App on the Hide list and Manager repackaged with a random package name and custom app label.

App on the Hide list and Manager repackaged with a random package name and custom app label.

not sure what's going on then, because that doesn't work for me. i just tested with go mobile and i'm getting the same thing i get with JITB.

is this with the main magisk or canary?

Current Canary build (20306/277). It's possible the app is detecting something other than Magisk, like Titanium Backup or TWRP directories/files (been very popular lately). Or something else...

i'll try moving the TWRP files off onto my computer. that's really all i have that it would detect, i don't have tibu installed and i deleted everything else i could find magisk related last night.

yup, that's what it was. removed TWRP and everything works now. thanks!

Yup, confirmed. I test it too, it was caused by TWRP folder. I renamed it into other else and it was magically working again.

Yup, confirmed. I test it too, it was caused by TWRP folder. I renamed it into other else and it was magically working again.

Is there anyway to make it works with TWRP? does renaming that folder will breaks TWRP?
I wished we can put custom file/directory path to be hidden along with the normal hide root mechanism

Yup, confirmed. I test it too, it was caused by TWRP folder. I renamed it into other else and it was magically working again.

Is there anyway to make it works with TWRP? does renaming that folder will breaks TWRP?
I wished we can put custom file/directory path to be hidden along with the normal hide root mechanism

PS: I'm using OrangeFox recovery which also have similar issue

can't you just rename the folder as you need it? i.e. rename it something different to make the app work, and then rename it back to TWRP if you need to do something in TWRP?

Instead of renaming or removing, try using this app:
https://play.google.com/store/apps/details?id=moe.shizuku.redirectstorage

Instead of renaming or removing, try using this app:
https://play.google.com/store/apps/details?id=moe.shizuku.redirectstorage

unless i'm missing something, that app won't work. i just downloaded it to try for JITB, it only works for apps that request r/w storage. JITB requests neither.

Instead of renaming or removing, try using this app:
https://play.google.com/store/apps/details?id=moe.shizuku.redirectstorage

unless i'm missing something, that app won't work. i just downloaded it to try for JITB, it only works for apps that request r/w storage. JITB requests neither.

Deleting or renaming it is then.

Instead of renaming or removing, try using this app:
https://play.google.com/store/apps/details?id=moe.shizuku.redirectstorage

Thanks it works too. Need to isolate it so it won't read the default path.

Instead of renaming or removing, try using this app:
https://play.google.com/store/apps/details?id=moe.shizuku.redirectstorage

Thanks it works too. Need to isolate it so it won't read the default path.

How did you get it to work? I can't get anything to show up in the app list because it only shows apps that request both read and write...

Instead of renaming or removing, try using this app:
https://play.google.com/store/apps/details?id=moe.shizuku.redirectstorage

Thanks it works too. Need to isolate it so it won't read the default path.

How did you get it to work? I can't get anything to show up in the app list because it only shows apps that request both read and write...

Nothing, just usual install of the storage isolation app and then the go mobile. Then setup the isolation for the app to just read inside the /Android/data/package instead of the default. It should work.

Then make sure to hide the magisk and hide the go mobile in magisk manager. The problematic twrp read should gone. I tried it in my 2 phone.

Instead of renaming or removing, try using this app:
https://play.google.com/store/apps/details?id=moe.shizuku.redirectstorage

Thanks it works too. Need to isolate it so it won't read the default path.

How did you get it to work? I can't get anything to show up in the app list because it only shows apps that request both read and write...

Nothing, just usual install of the storage isolation app and then the go mobile. Then setup the isolation for the app to just read inside the /Android/data/package instead of the default. It should work.

Then make sure to hide the magisk and hide the go mobile in magisk manager. The problematic twrp read should gone. I tried it in my 2 phone.

is this method still working? I've tried it, but go mobile still detecting root phone.

Any other solution?

THanks

This seems broken again since upgrading to magisk 20.4. all kony apps are again detecting root and won't launch.

edit: strangely enough, working again after a reboot.

This seems broken again since upgrading to magisk 20.4. all kony apps are again detecting root and won't launch.

edit: strangely enough, working again after a reboot.

i just updated to magisk 20.4 and the TWRP renaming tricks still works on Go Mobile tho, may be you have some other folders being detected

And you should always reboot when it asked you to reboot :D

This seems broken again since upgrading to magisk 20.4. all kony apps are again detecting root and won't launch.
edit: strangely enough, working again after a reboot.

i just updated to magisk 20.4 and the TWRP renaming tricks still works on Go Mobile tho, may be you have some other folders being detected

And you should always reboot when it asked you to reboot :D

Yeah, I know. This was long after I had upgraded, obviously I did the reboot after upgrading magisk. This was separate from that, it had just stopped working randomly but a reboot fixed it.