Open dimustriz opened 3 years ago
Hi Team,
The Magisk Hide option allows to bypass the root check.
Please find a description from our Penetration test result:
Open the Magisk Manager application and navigate to "Settings" option. https://www.xda-developers.com/how-to-use-magisk/ Enable "Magisk Hide" option and restart the application. Checkmark the application under "Magisk Hide" activity. Now, open the application, log in and browse all the functionalities. Now, connect your rooted Android device with local system. Run the following command using adb: adb shell $ su # ps | grep com.deloitte.dnmobile.deloitteconnect.uat # id Observe that the application is running on the rooted device as a process.
adb shell $ su # ps | grep com.deloitte.dnmobile.deloitteconnect.uat # id
Observe that the application is running on the rooted device as a process.
I have found a suggestion on this: https://darvincitech.wordpress.com/2019/11/04/detecting-magisk-hide/ (see the implementation here: https://github.com/darvincisec/DetectMagiskHide/blob/master/app/src/main/c/native-lib.c)
Could you try to check and fix the issue?
Thank you in advance, Dmitry
@nmilcoff
mina5500
commented
3 years ago mina5500
commented
3 years ago
Hi Team,
The Magisk Hide option allows to bypass the root check.
Please find a description from our Penetration test result:
I have found a suggestion on this: https://darvincitech.wordpress.com/2019/11/04/detecting-magisk-hide/ (see the implementation here: https://github.com/darvincisec/DetectMagiskHide/blob/master/app/src/main/c/native-lib.c)
Could you try to check and fix the issue?
Thank you in advance, Dmitry