How To Guide (Guide) Install TWRP + Root + Install Magisk + Bypass Safetynet

Search This thread
By:
Advanced…
Canuck Knarf

Canuck Knarf

Senior Member
Dec 19, 2015
1,264
503
Google Pixel 6 Pro
OnePlus 10 Pro
A

amomp3

Senior Member
Mar 6, 2012
82
13
Samsung Galaxy S III I9300
OnePlus 2
Followed the guide to the letter and all, finally, came out perfect and as described.
THANKS very much for sharing knowledge.

Issues I encountered worth mentioning to help others BUT that are not related to wrong instructions:

ended up mixing driver packages and adb.exe and fastboot.exe because when device entered in fastboot mode at first was not recognized and then
when i typed:

fastboot flashing unlock

it returned the list of commands as if the fastboot.exe file doesn't recognize the "flashing" command.

So the solutions were run a windows update while device connected in fastboot mode and installed the 2016 google driver that showed up in optional updates.

Then used the official sdk platform tools: "platform-tools_r33.0.3-windows.zip". This made the "flashing" command recognizable.

THANK YOU!
 

Attachments

  • Screenshot_2023-01-25-17-43-41-58_0ecf870e1d5390b9ac21ebc76f00749d.jpg
    Screenshot_2023-01-25-17-43-41-58_0ecf870e1d5390b9ac21ebc76f00749d.jpg
    300.4 KB · Views: 36
  • Like
Reactions: Samuel Holland, Drethis, Prant and 1 other person
A

amomp3

Senior Member
Mar 6, 2012
82
13
Samsung Galaxy S III I9300
OnePlus 2
So, now i am in this state:

Whats gonna happen when an update comes?
I should NOT apply it?

do you know cool magisk modules should i try?
for exampe i love that in my rooted OP 5T with XPosed have the long press back button to kill actual app. (i read a lot of posts b4 rooting and i recall reading something about some lsposed i think?)

also control the brighness by sliding onto status bar

also a thing called nolockhome in wich you can specify to which mac address you must be connected to avoid lockscreen. This way there is no need to tell google where you are to be able to relax the security on YOUR phone...

every good tip is welcome

and sorry if you think this is a way of hijacking the subject i can gladly create another single post...

THANK You all!
 
P

PlasmaTornado

Member
Jul 31, 2018
41
66
amomp3 said:
So, now i am in this state:

Whats gonna happen when an update comes?
I should NOT apply it?

do you know cool magisk modules should i try?
for exampe i love that in my rooted OP 5T with XPosed have the long press back button to kill actual app. (i read a lot of posts b4 rooting and i recall reading something about some lsposed i think?)

also control the brighness by sliding onto status bar

also a thing called nolockhome in wich you can specify to which mac address you must be connected to avoid lockscreen. This way there is no need to tell google where you are to be able to relax the security on YOUR phone...

every good tip is welcome

and sorry if you think this is a way of hijacking the subject i can gladly create another single post...

THANK You all!
Click to expand...
Click to collapse
I would advise against updating your phone, especially not through the system updater.
You should read a guide on updating with TWRP for when major OTA updates release and you want them
To remove the annoying notification, and to prevent it install Disable Application and disable the Software Update system application.



There are plenty of cool applications, such as AdAway (Root), Swift Backup

For XPosed, it still lives, AND bypasses safetynet. As you mentioned, it is called LSPosed. Try it out, it is incredibly nice. You can find some more modules on there

I would advice you install the Magisk Manager for Recovery Mode module. In short, if any module causes you to reboot, you can disable the module from within TWRP, which is incredibly useful.

For a Magisk Repository, insall Fox's MMM, which is a huge repository of Magisk Modules for you to install.
 
  • Like
Reactions: TheNewHEROBRINE, amomp3 and Canuck Knarf
R

RicoMartins

Senior Member
Jul 10, 2018
84
13
Asus ROG Phone 6 / 6 Pro
Hello everybody! I followed the procedure correctly and I was successful... however despite keeping the widvine in L1 no application like Netflix, HBO, and Disney works. I have safeftnet, banks and wallet from Google works correctly. Can anyone tell me if you can use these after streaming?
 
A

amomp3

Senior Member
Mar 6, 2012
82
13
Samsung Galaxy S III I9300
OnePlus 2
PlasmaTornado said:
I would advise against updating your phone, especially not through the system updater.
You should read a guide on updating with TWRP for when major OTA updates release and you want them
To remove the annoying notification, and to prevent it install Disable Application and disable the Software Update system application.



There are plenty of cool applications, such as AdAway (Root), Swift Backup

For XPosed, it still lives, AND bypasses safetynet. As you mentioned, it is called LSPosed. Try it out, it is incredibly nice. You can find some more modules on there

I would advice you install the Magisk Manager for Recovery Mode module. In short, if any module causes you to reboot, you can disable the module from within TWRP, which is incredibly useful.

For a Magisk Repository, insall Fox's MMM, which is a huge repository of Magisk Modules for you to install.
Click to expand...
Click to collapse
Thank you for the tips!

Installed the advised Module.

So, if i end up in a bootloop i should leave volume down key pressed till it enters in bootloader and then select to enter recovery?
(in my 5T i can do it with volume up key but here on 10 pro nothing happens)
 
A

amomp3

Senior Member
Mar 6, 2012
82
13
Samsung Galaxy S III I9300
OnePlus 2
PlasmaTornado said:
I would advise against updating your phone, especially not through the system updater.
You should read a guide on updating with TWRP for when major OTA updates release and you want them
To remove the annoying notification, and to prevent it install Disable Application and disable the Software Update system application.



There are plenty of cool applications, such as AdAway (Root), Swift Backup

For XPosed, it still lives, AND bypasses safetynet. As you mentioned, it is called LSPosed. Try it out, it is incredibly nice. You can find some more modules on there

I would advice you install the Magisk Manager for Recovery Mode module. In short, if any module causes you to reboot, you can disable the module from within TWRP, which is incredibly useful.

For a Magisk Repository, insall Fox's MMM, which is a huge repository of Magisk Modules for you to install.
Click to expand...
Click to collapse

So... I am stuck on boot animartion already!! jaja very quick isn't it?

I messed with some google stuff and a lot of apps started to crash.

After got root i made a full TWRP back up.
Then i installed more apps and did a second.

So i tried to restore this second one and it gets stuck on booting.

When i did the restore TWRP said that pin was on so i rebooted and deactivated the pin and all security.
Then, TWRP did not say anything so i proceeded with the restore.
After the restore i rebooted and i am stuck on boot animation...

Could it be that i made a TWRP backup of a pin protected installation ?

i have just tried to restore the first backup and also stuck on boot animation (i don't remember if i had enrolled the pin also in that first backup, i think yes...)

TWRP IS working OK.

So... if because of the backup creation with pin this backups are useless... should i take advantage of this situation and try to convert my NE2215 to a 2213 ? (i think this should work in South America).

Please Help!
 
A

amomp3

Senior Member
Mar 6, 2012
82
13
Samsung Galaxy S III I9300
OnePlus 2
amomp3 said:
So... I am stuck on boot animartion already!! jaja very quick isn't it?

I messed with some google stuff and a lot of apps started to crash.

After got root i made a full TWRP back up.
Then i installed more apps and did a second.

So i tried to restore this second one and it gets stuck on booting.

When i did the restore TWRP said that pin was on so i rebooted and deactivated the pin and all security.
Then, TWRP did not say anything so i proceeded with the restore.
After the restore i rebooted and i am stuck on boot animation...

Could it be that i made a TWRP backup of a pin protected installation ?

i have just tried to restore the first backup and also stuck on boot animation (i don't remember if i had enrolled the pin also in that first backup, i think yes...)

TWRP IS working OK.

So... if because of the backup creation with pin this backups are useless... should i take advantage of this situation and try to convert my NE2215 to a 2213 ? (i think this should work in South America).

Please Help!
Click to expand...
Click to collapse

Should i flash this with my working TWRP ?

1675144013105.png
 
A

amomp3

Senior Member
Mar 6, 2012
82
13
Samsung Galaxy S III I9300
OnePlus 2
Bootloader: Unlocked AND Working OK
Recovery: TWRP working OK
System not booting after restoring TWRP backups that i made just right after step 2 and another after step 3 of this guide.

So, maybe to clarify without having to know all the history the questions would be:

a) is there a flashable rom/image that i can flash with TWRP to make the phone boot into system ?

b) is there something i can do through bootloader ?

c) should i make a sort of complex combinaiton of various methods?

I think it must be because i will not call it a brick since Bootloader and Recovery are working am i right ?

PLEASE HELP, I'm panicking here !!

Thank You!
 
A

amomp3

Senior Member
Mar 6, 2012
82
13
Samsung Galaxy S III I9300
OnePlus 2
Canuck Knarf said:
Another question..where you on android 13...NE2215...?
Click to expand...
Click to collapse

Yes. My device is NE2215 and before rooting i updated to android 13.

Then unlocked bootloader and flashed TWRP in slot A and B as readed in this guide (step 2.B).
Then booted android 13 (still without root), so before rooting rebooted into recovery and did a full TWRP backup.
Then flashed latest Magisk (step 3.B) , booted, installed Magisk app and got root.
Then installed a few things, rebooted, started using the phone normally. Few days later did another TWRP to have kinda snapshotas (i was believing that i was able to use the 2 backups to succesfully restore)...

So i installed Module that messed up with some google integration and my apps started to crash so i decided to restore the second TWRP backup:
Stuck on oneplus animation.

Restored the first TWRP backup: same.

So this is where i am now... Help please!

Thank You!
 
You must log in or register to reply here.

Similar threads

g96818
How To Guide OnePlus 10 Pro NE2215 ***ROOTED*** - No Longer Being Updated - OTA instructions inside
Replies
675
Views
92K
spevil07
spevil07
dlads
How To Guide NO LONGER BEING UPDATED (Guide) Rooting, payload dumper, magisk_patched guides NE2213
Replies
564
Views
56K
dlads
dlads
empty.cad
General Oneplus 10 Pro Global Rom India / eu
Replies
355
Views
74K
S
safwanp
VovaHouse
How To Guide Root Oneplus 10 Pro (Color OS - Oxygen OS)
Replies
197
Views
53K
M
mortenloveyou
A
How To Guide Enable Native Call Recording + OP Stock Dialer on OnePlus 10 Pro
Replies
174
Views
62K
0
0verd0sed

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 18
    P
    PlasmaTornado
    Please note, the TWRP image used IS NOT the official TWRP image.
    I am not responsible for any any harm, such as bricking, or bootloops, which may happen to your device. This is what worked for me.

    Warning
    As stated by @beatbreakee , do not flash anything on a T-Mobile related device.
    Please read beatbreakee's comment regarding this.

    Warning
    This has only been tested on Android 13. This guide may not work for other Android versions.

    Prerequisites
    1. Unlocked Bootloader
    2. Magisk 25.2 Installation ZIP (see attached files)
    3. TWRP Image (download from GDrive)
    4. ADB and Fastboot tools are installed on your machine. Please see this guide
    5. Android 13
    Step 1 - Unlocking Bootloader:
    1.A - Enable OEM Unlocking:
    1. Open Settings Application -> About device -> Version -> Tap on Build Number 7 times
    2. Open Settings Application -> Additional Settings -> Developer Options
    3. Enable OEM Unlocking
    4. Enable USB Debugging

    1.B - Entering Bootloader
    The bootloader must be unlocked in order to flash the recovery.
    Ensure the device is connected to the computer via ADB by entering the following command
    Code: 
    adb devices

    The output should be something similar to this:
    1671914597202.png

    (note the device name on the left will not be the same)

    Reboot into the bootloader by entering the following command:
    Code: 
    adb reboot bootloader

    1.C - Unlock
    Once entered, enter the following command:
    Code: 
    fastboot flashing unlock
    WARNING: THIS WILL WIPE ALL DATA ON THE DEVICE

    Use the volume keys to select unlocking, and then use the power button to confirm.
    Once complete, enter the following command:
    Code: 
    fastboot reboot

    You will now have to go through the device setup.
    Repeat steps 1.A and 1.B to enter back into the bootloader

    Step 2 - Flashing TWRP:
    2.A - Entering Bootloader
    Repeat steps 1.A and 1.B to re-enter the bootloader

    2.B - Flashing TWRP:
    Again, this IS NOT the official TWRP image. I am not responsible for any harm which this may cause to this device. That being said, it appears to be functional.
    The image used is from a leak found on this XDA post

    This is not a bootable image. You must flash. fastboot boot img will not work
    Enter the following commands to flash the TWRP image:
    Code: 
    fastboot flash recovery_a twrp.img
    Code: 
    fastboot flash recovery_b twrp.img
    Code: 
    fastboot reboot recovery

    You should notice you are in TWRP.
    You may need to change the language to English.

    2.C - Changing TWRP Language:
    1. Tap on the button on the Second column, Third Row
    2. Tap on the World icon
    3. Select your language
    4. Tap on the button on the bottom right corner of your display.

    2.D - Booting into your phone
    1. Select Reboot
    2. Select System
    You should now have successfully booted in the system with TWRP installed as your recovery

    Step 3 - Flashing Magisk:
    3.A Preparing the Device:
    1. Move the Magisk-v25-2.zip to your device
    2. Reboot into your recovery / TWRP
    This can be done by entering the following ADB command:
    Code: 
    adb reboot recovery

    3.B - Flashing Magisk:
    1. Tap Install
    2. Select the Magisk-v25-2.zip
    3. Swipe to flash (this may take some time)
    4. Tap Reboot
    5. Tap System
    You should now enter the device

    3.C - Installing Magisk APK
    Install the Magisk APK, click here to download the APK.
    Install the APK, and you should have root!

    If you encounter a createTarFork() exited with error 255, do the following:
    1. Reboot into TWRP
    2. Select File Manager
    3. Navigate to /data
    4. Copy /data/fonts into /sdcard/
    5. Copy /data/nandswap into /sdcard/
    6. Delete /data/fonts
    7. Delete /data/nandswap

    The error should now be resolved
    The deleted files should not cause any issues. If any issues do occur, then promptly restore them using the backups made to /sdcard/.

    Step - Bypassing Safetynet:
    This is optional; however, highly recommend
    Note, due to the nature of Safetynet, this can change at anytime and may begin failing in the future.
    A - Repackaging Magisk
    1. Launch Magisk Manager
    2. Tap Settings Icon (Top Right Corner)
    3. Tap "Hide The Magisk App"
    4. Enter New Application Name
    5. Click OK and wait
    6. Uninstall original Magisk APK if it has persisted

    B - Enable Zygisk & Deny List
    1. Launch Magisk Manager
    2. Tap Settings Icon (Top Right Corner)
    3. Enable "Zygisk"
    4. Enable "Enforce Deny List"

    C - Configure Deny List
    it is recommended to add any application you would like to hide from Magisk here
    1. Launch Magisk Manager
    2. Tap Settings Icon (Top Right Corner)
    3. Tap "Configure DenyList"
    4. Tap the 3 dots in the top right and select "Show System Apps"
    5. Select the following applications:
    ~ Android System
    ~ Google Play Store
    ~ Google Play Services
    ~ Google Services Framework
    D - Delete App Data
    1. Launch Settings Application
    2. Select Apps
    3. Select App Management
    4. Clear data for the following apps:
    ~ Google Play Store
    ~ Google Play Services
    ~ Google Services Framework
    5. Reboot the device

    E - Flash Universal Safetynet Fix
    1. Download the Universal Safetynet Fix
    2. Launch Magisk
    3. Select Modules
    4. Select "Install From Storage"
    5. Select Universal Safetynet Fix
    6. Wait for Flashing to complete
    7. Reboot

    F - Test Safetynet
    1. Install YASNAC
    2. Grant Super User rights
    3. Select "Run Safetynet Attestation"
    If both checks pass, you successfully have passed Safetynet!
    IMG_20221227_204604.jpg
    View
    6
    P
    PlasmaTornado
    beatbreakee said:
    i wouldnt advise ANYONE with an original TMOBILE device, ANY attempt to flash ANY firmware from the official builds just yet. Tmobile embedded a VERY WELL HIDDEN check into the EFS partition that only appeared in builds after 11_A.14 ... This check forcefully activates a lock triggered by the CarrierDevicePolicy.xml in the efs system... and if the Region and model does not match the original build that it came with, all of your apps will be completely disabled and there is nothing accessible but the settings button. It also disables ADB/USB debugging completely, and deauthorizes your computer from the adb wireless keys too... then it removes the USB DEBUGGING toggle from settings, followed by a persistent message that your phone is "Violating Contract Policy... Please contact after sales for support" ... Tmobile cannot remove this warning... and even them sending an UNLOCK request to your phone for APPROVED will get ignored by your phone. You can hear ringing, but cannot accept calls... hear emails but not open them,.. and you dialer is in emergency calls only!...

    At this point you will think panic is the only option, but instead just Pull your sim card, and use your buttons to force reboot and enter recovery .... Then do a Format Data ,,,, followed by a reboot, but do not put your sim back in... Until you go thru the whole setup wizard, enable usb debugging, and then flash a rollback package to a fw earlier than the one i listed above, your phone will INSTANTLY lock again any time you insert ANY sim card.

    Im very sure that there is a system process that can be disabled which will at least block the lockout.... but i dont have that knowledge as to which process(es) are calling it! A logcat generated about 15 screens on my computer as soon as i plugged a sim in... so that was too much for me to sift thru. This is present on both the 10 Pro and 10 T so be warned.... If you are already not using your original T-MO firmware, but you also have been loading other regions with no problem, that does not matter.... I have found an exact reference to the ORIGINAL FW build and Model # that was loaded by TMO at the factory level, in several different TXT and XML files inside the EFS part. So this is truly an android 12 function that was put in place for Carrier benefit ONLY. Another strike against 1+
    Click to expand...
    Click to collapse
    Absolutely despicable and such an anti-consumer technique.
    This stands against everything OnePlus was. It's sad to see OnePlus turn into such an anti-developer phone
    A Carrier should never have this much power over a device. It is absurd
    View
    4
    beatbreakee
    beatbreakee
    also everyone should know, that EVERY fw on the internet no matter whether it is labeled, 2213, or 2215... 2217, as well as 2413-2419 ALL have EVERY other model's manifest built in and all of the restrictions / bloatware that each region comes with, saved into the OFP extracted files.... so there really is nothing that expressly was bricking your phones by simply flashing a different labeled FW..... the brick came from the manifest reading the region identifiers that the manifests are labeled under.... it is a file that is again picked by some random hidden check inside the TMO EFS, and as soon as your phone tries to boot the newly flashed FW, the TMO Lock is what bricks your phone, to either a bootloop state, or if you continue to force a flash by using Fastboot , you will have a non responsive phone, thanks to this stupid security issue. If unresponsive, the only way out is MSM Tool... and i can help you locate your test points if your buttons dont work.

    I cannot publicly post a picture nor a description of where the test points lie inside the 10T , because i already got a cease and desist letter from BBK and i dont know if they have said anything to the mods here about posting Undisclosed hardware access points.... but ive been a member here almost 10 years, and i aint risking a ban from a tattle tale company! There are test points on the 10 t though,.. just well hidden!

    The 2nd pic is of the 2217 Unpacked OFP , yet the build prop shows a 2210-2211 base in one and a 2413-2415 base in the.... with NO 2217 in either prop,or manifest file, yet when my phone was flashed back from Brick status, THIS is the FW that was used, and my phone identifies as a 2217 NA now..... can oneplus be any more clear that they have completely turned against us, by straight SHOWING US that they are being super cryptic and sneaky in something as common as the BUILD.PROP files?!?
    View
    4
    P
    PlasmaTornado
    kouzelnik3 said:
    I wonder about any major issues with this TWRP as of now. Updating ZIP OOS13 with flashing magisk direclty is working etc.? :)
    Click to expand...
    Click to collapse
    Following the method created by @dladz should still work perfectly fine!
    There could still be issues with this TWRP as this is not an official image.
    AFAIK Switching ROM is still untested, but decryption, backups and flashing are all confirmed working, which for me makes me feel significantly more comfortable
    View
    4
    beatbreakee
    beatbreakee
    i wouldnt advise ANYONE with an original TMOBILE device, ANY attempt to flash ANY firmware from the official builds just yet. Tmobile embedded a VERY WELL HIDDEN check into the EFS partition that only appeared in builds after 11_A.14 ... This check forcefully activates a lock triggered by the CarrierDevicePolicy.xml in the efs system... and if the Region and model does not match the original build that it came with, all of your apps will be completely disabled and there is nothing accessible but the settings button. It also disables ADB/USB debugging completely, and deauthorizes your computer from the adb wireless keys too... then it removes the USB DEBUGGING toggle from settings, followed by a persistent message that your phone is "Violating Contract Policy... Please contact after sales for support" ... Tmobile cannot remove this warning... and even them sending an UNLOCK request to your phone for APPROVED will get ignored by your phone. You can hear ringing, but cannot accept calls... hear emails but not open them,.. and you dialer is in emergency calls only!...

    At this point you will think panic is the only option, but instead just Pull your sim card, and use your buttons to force reboot and enter recovery .... Then do a Format Data ,,,, followed by a reboot, but do not put your sim back in... Until you go thru the whole setup wizard, enable usb debugging, and then flash a rollback package to a fw earlier than the one i listed above, your phone will INSTANTLY lock again any time you insert ANY sim card.

    Im very sure that there is a system process that can be disabled which will at least block the lockout.... but i dont have that knowledge as to which process(es) are calling it! A logcat generated about 15 screens on my computer as soon as i plugged a sim in... so that was too much for me to sift thru. This is present on both the 10 Pro and 10 T so be warned.... If you are already not using your original T-MO firmware, but you also have been loading other regions with no problem, that does not matter.... I have found an exact reference to the ORIGINAL FW build and Model # that was loaded by TMO at the factory level, in several different TXT and XML files inside the EFS part. AND my 10T and 10 Pro BOTH have been fully bricked, then formatted and flashed thru an authorized MSM Account.... Doing an ERASE ENTIRE FILE SYSTEM, thru msm, did not get rid of this file, so i doubt a twrp level wipe will do it either... MAYBE an "unlock Critical" in Fastboot, followed by a "Fastboot wipe", "DM-verity disable", and "VB-Meta erasure" MIGHT take out this crazy security system, but i know this .... if you flash an original FW using TWRP, it has protections in it to keep IT (twrp) from being overwritten, so you might find yourself in bootloop territory if you region hop.... cuz the fw might notice the changes to the partitions... For now, until someone is brave enough to challenge the Android 12 kernel and remove these trapdoors, I would just be happy you have TWRP, and wait for the person who finds and slays the Tmobile Dragon hidden in our phones! But this is truly an android 12 function that was put in place for Carrier and Manufacturer benefit ONLY. Another strike against 1+
    View

New posts