KernelSU icon indicating copy to clipboard operation
KernelSU copied to clipboard

Published 20 hours ago verified publisher icon tiann

Payback app detects root

Open meiser79 opened this issue 1 year ago • 14 comments

Please check before submitting an issue

  • [X] I have searched the issues and haven't found anything relevant
  • [X] I will upload bugreport file in KernelSU Manager - Settings - Report log
  • [X] I know how to reproduce the issue which may not be specific to my device

Describe the bug

The Payback app version 24.01.1800 detects root and just a message about an insecure environment.

May I ask you to have a look how it does the detection? Uninstalling the manager app or clearing app data/cache do not solve the issue.

Thanks a lot, meiser

To Reproduce

  1. Install the app
  2. See the message about insecure environment

Expected behavior

No response

Screenshots

No response

Logs

No response

Device info

  • Device: Poco F3
  • OS Version: crDroid 9.13
  • KernelSU Version: 0.7.6 (11461), manager app 0.7.6 (11458)
  • Kernel Version: 4.19.305, InfiniR alioth with modules umount patch by wx1221

Additional context

No response

meiser79 avatar Feb 01 '24 05:02 meiser79

Uninstall all modules and try again.

tiann avatar Feb 01 '24 06:02 tiann

Still the same. I disabled the modules instead of uninstalling, but this should be the same, right?

meiser79 avatar Feb 01 '24 06:02 meiser79

Did yout tried it without kernelSU? It may be a Rom problem. Try with stock boot.img

pckotzer avatar Feb 01 '24 09:02 pckotzer

It's not custom ROM related as it works with previous Payback version 23.11.1403. Just the update to version 24.01.1800 triggers the root detection.

meiser79 avatar Feb 01 '24 10:02 meiser79

Did you tryed stock kernel. If you compile kernel by yourself try without localversion in defconfig. Google ban now various kernel names including crdroid in kernel name or other popular kernel names like lineageos or whatever is used. What does your localversion or kernel name show?

pckotzer avatar Feb 01 '24 11:02 pckotzer

Sorry, but your comments are not helpful. If you read my bug report carefully, you would see the link to the used kernel tree. There, you could have checked that the LOCALVERSION is "~InfiniR_Alioth_v2.87". BTW, I do pass Google PI with device integrity. I assume, the Payback app does not use PI for root detection, but something different.

meiser79 avatar Feb 01 '24 12:02 meiser79

Am I right that any app can find KernelSU by just checking "mount". There are KSU mount names. Any chance to rename these ones?

meiser79 avatar Feb 01 '24 14:02 meiser79

Try do do backup of data and then do clean install without a kernelsu kernel to be 100% sure

pckotzer avatar Feb 01 '24 16:02 pckotzer

If I fully remove kernelsu, the app works fine.

meiser79 avatar Feb 01 '24 18:02 meiser79

Another kernel?

pckotzer avatar Feb 01 '24 18:02 pckotzer

What do you mean? I recompiled the kernel tree without kernelsu. With this kernel, the app starts fine.

meiser79 avatar Feb 01 '24 19:02 meiser79

@tiann even if I uninstall all modules by renaming the modules.img, the app detects root. So it's not the mountpoint, right?

meiser79 avatar Feb 01 '24 19:02 meiser79

Perfect, thats what i wanted to hear xd

pckotzer avatar Feb 01 '24 20:02 pckotzer

Same as the bank app Vietbank https://play.google.com/store/apps/details?id=com.vnpay.vietbank

Ksu with no module install, lastest version of the app find root Change the kernel without ksu, app start normally Still not find a way to bypass this app

goldwoods2005 avatar Feb 02 '24 01:02 goldwoods2005

Same as the bank app Vietbank https://play.google.com/store/apps/details?id=com.vnpay.vietbank

Ksu with no module install, lastest version of the app find root Change the kernel without ksu, app start normally Still not find a way to bypass this app

same here

ToucH9000 avatar Feb 03 '24 09:02 ToucH9000

Thanks so much! I really appreciate your work! I verified that it works with this commit.

meiser79 avatar Feb 03 '24 12:02 meiser79

@meiser79 How you get latest Payback working? I picked this commit and it doesn't work for me. Only downgrade Payback seems to be help.

Niemandausduisburg avatar Feb 17 '24 16:02 Niemandausduisburg

@Niemandausduisburg You have to either freeze the manager app with e.g. Ice Box or deinstall it.

meiser79 avatar Feb 17 '24 17:02 meiser79

@meiser79 Don't work for me

Niemandausduisburg avatar Feb 18 '24 21:02 Niemandausduisburg

You might be right, I just got a broken Payback app again. It seems that KernelSU_v0.7.6-55-g20c19d7_11513-release.apk broke it again, but KernelSU_v0.7.6-51-gabf0dac_11509-release.apk works fine.

Which version do you run exactly (kernel and app)?

meiser79 avatar Feb 18 '24 22:02 meiser79

Screenshot_20240219-064049_KernelSU @meiser79

Niemandausduisburg avatar Feb 19 '24 05:02 Niemandausduisburg

@meiser79 The issue isn't KernelSU. Payback is looking if you have unlocked your bootloader (custom ROM).

Niemandausduisburg avatar Feb 21 '24 11:02 Niemandausduisburg

@meiser79 The issue isn't KernelSU. Payback is looking if you have unlocked your bootloader (custom ROM).

I guess no. I was using the def KSU kernel on my device. After flashing any module the Yono app crashes. If there was an issue with unlocked BL it would have been detected earlier.

sd535682 avatar Mar 04 '24 07:03 sd535682

You might be right, I just got a broken Payback app again. It seems that KernelSU_v0.7.6-55-g20c19d7_11513-release.apk broke it again, but KernelSU_v0.7.6-51-gabf0dac_11509-release.apk works fine.

Which version do you run exactly (kernel and app)?

have you tried Shamiko?

sd535682 avatar Mar 04 '24 07:03 sd535682

You might be right, I just got a broken Payback app again. It seems that KernelSU_v0.7.6-55-g20c19d7_11513-release.apk broke it again, but KernelSU_v0.7.6-51-gabf0dac_11509-release.apk works fine. Which version do you run exactly (kernel and app)?

have you tried Shamiko?

Shamiko user here, doesn't work on LineageOS 20. :(

hummermann87 avatar May 04 '24 16:05 hummermann87

You might be right, I just got a broken Payback app again. It seems that KernelSU_v0.7.6-55-g20c19d7_11513-release.apk broke it again, but KernelSU_v0.7.6-51-gabf0dac_11509-release.apk works fine. Which version do you run exactly (kernel and app)?

have you tried Shamiko?

Shamiko user here, doesn't work on LineageOS 20. :(

It finally works! I have used the module posted here: https://github.com/Magisk-Modules-Alt-Repo/ezme-nodebug/issues/1

hummermann87 avatar May 05 '24 08:05 hummermann87

Latest Payback app (version 24.04.2501) detects root running KernelSU version 11848.

Payback app version 24.04.1101 is the latest working version.

meiser79 avatar May 16 '24 09:05 meiser79

Latest Payback app (version 24.04.2501) detects root running KernelSU version 11848.

Payback app version 24.04.1101 is the latest working version.

I have the same issue. Payback was working fine before update playcurl

Niemandausduisburg avatar May 21 '24 12:05 Niemandausduisburg

Got it working by using a different app to freeze/hide the manager app.

meiser79 avatar May 21 '24 12:05 meiser79

Got it working by using a different app to freeze/hide the manager app.

Which app do you use to hide/freeze the manager? I tried Icebox without any luck

Niemandausduisburg avatar May 21 '24 13:05 Niemandausduisburg