The Ultimate Guide to Rooting: Magisk, KernelSU, and SafetyNet
Root access is the equivalent of Administrator privileges on Windows. It allows you to modify system files, remove bloatware, block ads system-wide, and install powerful kernels. In 2026, rooting has evolved beyond simple "SuperSU" zips. We now use systemless root methods like Magisk and KernelSU to maintain the integrity of the system partition and pass safety checks.
What is Systemless Root?
Traditional rooting modified the /system partition. This broke OTA updates and tripped Google's SafetyNet immediately. Systemless root (pioneered by Magisk) modifies the boot image (kernel ramdisk) to inject root access without touching the system files. This allows you to hide root from banking apps and games while still enjoying full privileges.
The Contenders: Magisk vs. KernelSU vs. APatch
The root landscape is more diverse than ever. Understanding which tool fits your needs is crucial before you start flashing files.
| Feature | Magisk | KernelSU (KSU) | APatch |
|---|---|---|---|
| Mechanism | Patches boot.img ramdisk. |
Directly modifies the Kernel. | Patches the Kernel Image (hybrid). |
| Installation | Flash patched boot via Fastboot. | Flash custom kernel (GKI) via Fastboot. | Flash patched kernel via Fastboot. |
| Detection | Harder to hide (userspace hook). | Extremely stealthy (kernel space). | Very stealthy (similar to KSU). |
| Modules | Huge library (Zygisk). | Supports most Zygisk modules. | Supports KPM (Kernel Patch Modules). |
| Compatibility | Almost all Android devices. | Requires Kernel 5.10+ (GKI devices). | Requires Kernel 5.10+ (GKI devices). |
Why Choose Magisk?
Magisk remains the king because of its universality. It works on Android 6.0 all the way up to Android 15. It doesn't require a specific kernel version. If you have an older device or a non-GKI device (like most Samsungs before the S21), Magisk is your only option. Its "Zygisk" feature allows modules to inject code into apps, which is essential for detailed customization.
Why Choose KernelSU?
KernelSU is the future. By operating entirely within the kernel, it is invisible to userspace applications. Banking apps that detect "su" binaries or "magisk" package names simply cannot see KernelSU because it doesn't modify the system partition or the boot ramdisk in a detectable way. However, it requires a device that supports Generic Kernel Images (GKI), which mostly means devices launched with Android 12 or later.
Method 1: Rooting with Magisk (Universal)
This is the standard method for 99% of devices.
Step 1: Obtain Your Stock Boot Image
You need the boot.img file from your current firmware. You can get this by:
- Downloading the "Factory Image" zip for your device and extracting it.
- Using a payload dumper tool if the firmware is a payload.bin file (OnePlus/Xiaomi).
Step 2: Patch the Image
- Install the Magisk app (APK) on your phone.
- Copy the
boot.imgto your phone's storage. - Open Magisk > Install > Select and Patch a File.
- Select your
boot.img. Magisk will create amagisk_patched.imgin your Downloads folder. - Copy this patched file back to your computer.
Step 3: Flash the Patched Image
Reboot your phone to Fastboot mode and run:
fastboot flash boot magisk_patched.imgReboot your phone. Open the Magisk app. It may ask to complete additional setup (rebooting once more). You are now rooted.
Method 2: Rooting with KernelSU (Advanced)
If you have a modern device (Pixel 6+, Galaxy S23+, etc.) that uses a GKI (Generic Kernel Image), you can use KernelSU for superior stealth.
- Download the KernelSU Manager app.
- Download a GKI kernel compatible with your device that has KSU integrated.
- Flash the kernel via Fastboot:
fastboot flash boot boot-gki-ksu.imgThe beauty of KSU is that you grant root access to apps directly in the kernel. Apps that are not granted root cannot even "see" that su exists.
Passing SafetyNet / Play Integrity
Rooting often breaks banking apps (Google Wallet, Netflix, Pokémon GO). To fix this, you need to play a cat-and-mouse game with Google's Play Integrity API. This API checks if your device software is trustworthy. Unlocked bootloaders and root access cause this check to fail.
Understanding the Attestation Levels
There are three levels of integrity checks:
- MEETS_BASIC_INTEGRITY: The environment is not tampered with. Most rooted devices fail this without modules.
- MEETS_DEVICE_INTEGRITY: The software matches a certified Android version. This is what most banking apps require.
- MEETS_STRONG_INTEGRITY: The bootloader is locked and verified by hardware. This is nearly impossible to pass with root.
The Fix: Play Integrity Fix Module
To pass DEVICE_INTEGRITY, you must spoof your device fingerprint to match an older, certified device that didn't support hardware-backed attestation. The "Play Integrity Fix" module automates this.
- Download the "Play Integrity Fix" module zip (by chiteroman or similar fork).
- Open Magisk > Modules > Install from Storage.
- Select the zip file and reboot.
Hiding Root (Zygisk & DenyList)
Even with the integrity fix, apps can detect root by looking for the Magisk app itself or open ports. To hide it:
- Open Magisk Settings.
- Tap "Hide the Magisk App" and give it a random name (e.g., "Settings").
- Enable Zygisk (Zygote injection).
- Enable Enforce DenyList.
- Configure DenyList: Check Google Play Services (uncheck everything inside it except `com.google.android.gms` and `com.google.android.gms.unstable`), Google Play Store, and your target banking apps.
- Clear data for the Play Store and Google Wallet, then reboot.
The Risks: Bricking and Bootloops
Rooting is safer than ever, but things can still go wrong. A "Bootloop" occurs when a bad module or incompatible patch prevents Android from starting. If this happens:
- Safe Mode: Boot into Safe Mode (usually hold Volume Down during the boot animation) to disable all Magisk modules temporarily. Then open Magisk and remove the bad module.
- ADB Wait-For-Device: If you have USB Debugging enabled, you can run
adb wait-for-device shell magisk --remove-modulesto clear all modules from your computer. - Reflash Boot Image: If all else fails, reflash the stock
boot.imgvia Fastboot to remove root entirely and restore the system to a bootable state.
Conclusion
Rooting gives you complete control. You can install AdAway for system-wide ad blocking, Viper4Android for superior audio, or countless customization modules. With Magisk and KernelSU, the risks are minimal, and the rewards are massive. Welcome to the true Android experience.
Need to go back? Check our Fastboot Guide to learn how to flash stock firmware.