Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Root detected on ICICI iMobile app #2178

Open
osBins opened this issue Oct 31, 2024 · 16 comments
Open

Root detected on ICICI iMobile app #2178

osBins opened this issue Oct 31, 2024 · 16 comments

Comments

@osBins
Copy link

osBins commented Oct 31, 2024

Describe your problem.

Hello,

I have been using KernelSU since a year now. My mobile banking app has suddenly started detecting root. I am using Play Integrity Fix. Even with lsposed bypass root detection module it is detecting root. I have tried uninstalling KernelSU APK and its still not working.
@adi8ya
Copy link

adi8ya commented Nov 6, 2024

same here, tried using pif fix, zygisknext shamiko, still no luck, native detector also detected kernelsu
thing is that I have been using 6 months and never any issue never any module installed before today but imobile is detecting since pas 2 weeks

@osBins
Copy link
Author

osBins commented Nov 6, 2024

@adi8ya, same. Worked flawlessly since a year for me. Started giving issue recently.

What's native detector btw?

@osBins osBins changed the title ICICI iMobile app detecting root Root detected on ICICI iMobile app Nov 6, 2024
@adi8ya
Copy link

adi8ya commented Nov 6, 2024

NVM I tried installing zygisknext zygisk-assisstand even shamiko and with pif playcurl
also tried uninstalling the apk still no luck
even if native detector (Google it) shows all ok, imobile still not work

@rifsxd
Copy link
Contributor

rifsxd commented Nov 8, 2024

Install SuSFS patched kernelsu, install SuSFS userspace helper module then lsposed Irena fork, lastly install protecttai bypass Xposed module and hook ICICI mobile app, profit

@rifsxd
Copy link
Contributor

rifsxd commented Nov 8, 2024

@rifsxd or @sidex15 on telegram for more help

@IcyColdified
Copy link
Contributor

You're using Zygisk and LSPosed, this is most likely not related to KernelSU. Disable all modules you've installed and try again. Delete your banking app's data and uninstall & reinstall it.

@rifsxd
Copy link
Contributor

rifsxd commented Nov 8, 2024

You're using Zygisk and LSPosed, this is most likely not related to KernelSU. Disable all modules you've installed and try again. Delete your banking app's data and uninstall & reinstall it.

Won't help, ICICI bank will detect kernelsu either way, my way is the recommended way

@IcyColdified
Copy link
Contributor

IcyColdified commented Nov 8, 2024
edited
Loading

You're using Zygisk and LSPosed, this is most likely not related to KernelSU. Disable all modules you've installed and try again. Delete your banking app's data and uninstall & reinstall it.

Won't help, ICICI bank will detect kernelsu either way, my way is the recommended way

Well I wasn't trying to help him get around the detection but to confirm if the detection is caused by KernelSU itself. susfs is great and I do use it, too.

@rifsxd
Copy link
Contributor

rifsxd commented Nov 8, 2024

You're using Zygisk and LSPosed, this is most likely not related to KernelSU. Disable all modules you've installed and try again. Delete your banking app's data and uninstall & reinstall it.

Won't help, ICICI bank will detect kernelsu either way, my way is the recommended way

Well I wasn't trying to help him get around the detection but to confirm if the detection is caused by KernelSU itself. susfs is great and I do use it, too.

Well i debugged it before ICICI iMobile detects ksu with or without modules, but it's not a ksu issue, ICICI mobile detects multiple factors and environment, mostly unverified boot and unlocked bootloader as a starting point

@adi8ya
Copy link

adi8ya commented Nov 8, 2024

here my scenario, I was using a custom kernel with ksu, no modules ever used and only 1 app allowed root access, then suddenly 3 weeks back icici app start detecting root, on same non-updated rom/kernel-ksu
i didn't even use to check play integrity daily whether rom was passing or not
since then I tried using the stock kernel that comes with rom (non ksu, not patched)
tried using ksu on stock kernel (with and without modules mentioned in my earlier comment)
tried the custom kernel without ksu (non rooted, non ksu)
tried using ksu on custom kernel (with and without modules mentioned in my earlier comment)

but nothing seems to work, I'll try to do what you suggest if I get desperate enough. thank you!

@davx2012
Copy link

davx2012 commented Nov 10, 2024
edited
Loading

Please try to use below module. If not work, represent you need to pass stong_integrity. But the all keybox was baned from google.

  1. Zygisk next+play integrity fix+play curl next (pass device_integrity)
  2. Shamiko + zygisk assistant (hide root)
  3. Lsposed (Please use the mod fork 1.10.1) + hide my apps list + I am not a developer + bootloader spoofer (hide lsposed Module and root apps + developer mode and USB debug + bootloader unlock)

@rifsxd
Copy link
Contributor

rifsxd commented Nov 10, 2024

Please try to use below module. If not work, represent you need to pass stong_integrity. But the all keybox was baned from google.

  1. Zygisk next+play integrity fix+play curl next (pass device_integrity)
  2. Shamiko + zygisk assistant (hide root)
  3. Lsposed (Please use the mod fork 1.10.1) + hide my apps list + I am not a developer + bootloader spoofer (hide lsposed Module and root apps + developer mode and USB debug + bootloader unlock)

You are wrong very wrong shamiko will always be detected in memory please don't suggest stupid methods

@davx2012
Copy link

Please try to use below module. If not work, represent you need to pass stong_integrity. But the all keybox was baned from google.

  1. Zygisk next+play integrity fix+play curl next (pass device_integrity)
  2. Shamiko + zygisk assistant (hide root)
  3. Lsposed (Please use the mod fork 1.10.1) + hide my apps list + I am not a developer + bootloader spoofer (hide lsposed Module and root apps + developer mode and USB debug + bootloader unlock)

You are wrong very wrong shamiko will always be detected in memory please don't suggest stupid methods

Yes, you are right. Because I don't know the latest perfect hide root method is use susfs.

@sileshn
Copy link

sileshn commented Nov 15, 2024

Install SuSFS patched kernelsu, install SuSFS userspace helper module then lsposed Irena fork, lastly install protecttai bypass Xposed module and hook ICICI mobile app, profit

Doesn't work on v20

@rifsxd
Copy link
Contributor

rifsxd commented Nov 15, 2024

Install SuSFS patched kernelsu, install SuSFS userspace helper module then lsposed Irena fork, lastly install protecttai bypass Xposed module and hook ICICI mobile app, profit

Doesn't work on v20

it works for me and multiple others maybe you didnt configure right or you didn't integrate susfs correctly in the kernel or didn't integrate at all

@dathtd119
Copy link

dathtd119 commented Nov 22, 2024
edited
Loading

I dunno but tried this stack, I used these without any bank apps problem from my daily use:
KernelSU Enabled unmount modules by default
Rezygisk: Link (I tried ZygiskNext before but got detected easily)
Zygisk - Lposed 1.10.1 from Jing Matrix: Link
Zygisk Maphide: Link
Tricky Store v1.2.0
Play Integrity Fix v18.0: Somehow an app from my region detected this. Enabled it to get Play store is certified. Then disable it, remove caches from apps that detected it. Boom, no root detected(Play Store will remain certified even I disabled it)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@sileshn @adi8ya @rifsxd @dathtd119 @osBins @IcyColdified @davx2012 and others