• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

MAGISK MODULE ❯ Universal SafetyNet Fix 1.1.0

Search This thread

okij

Senior Member
Oct 24, 2012
1,775
3,735
Düsseldorf

thunderace69

New member
Jan 8, 2016
2
0
Hi All, I have searched the net but cant seem to find a solution to fixing the safetynet check and pass the checks on my A95x F3 Air and my Tanix Tx6 box. please can someone please point me in the right direction. Thanks in advance
 

lukjod

Senior Member
Aug 12, 2004
167
22
Warsaw
after install test version 2.0 on latest dub5 samsung s20 i can get safetynet to work and all my banks app to use fingerprint safety but Google pay says card unconfigured as on screenshot. Will it work on Google pay as can't check easy now?
 

Attachments

  • Screenshot_20210221-171934_Google Play services.jpg
    Screenshot_20210221-171934_Google Play services.jpg
    358.3 KB · Views: 150
Last edited:
  • Like
Reactions: Bec07

kerpert

Senior Member
Nov 2, 2012
218
49
Milan
GT-i9250
Moto G4 Play
If you flash the factory / full ota package, yes. Otherwise if you would like to take the OTA I am currently doing it in the following way:
- flashing back the original kernel
- taking the update ota
- rebooting
- patching the new kernel with Magisk
- flashing the patched kernel
Hi, I followed your tip keeping the patched stock kernel and noticed that the freezing continues even with the only Magisk hide enabled without extensions or apps hide or systemless host, and as second attempt, even with the only systemless host enabled with all the other things at default (no extension modules, no hide at all), so dunno't but it can be some Magisk bug because keeping just Magisk with nothing other and all settings to default it worked 2 days without freezes.
 

dublea

Member
Feb 1, 2011
35
2
MS
I have a Samsung SM-T510 2019 10 inch tablet with Android 9. I have TWRP and Magisk installed w/ MagiskHide Props Config and Universal SafetyNetFix 2.0.0-test enabled and setup.

Still failing with Attestation failed, basicIntegrity (pass) ctsProfile (fail) w/ evalType HARDWARE.
 
Last edited:

Nuke1999

Member
Jun 20, 2018
11
3
In case anyone has a Pixel 4a, with Android 11 still installed, the 1.1.1 ZIP will pass SafetyNet both in Magisk as well as the "older" version of Google Pay (Google Pay, not Gpay) after it is flashed via Magisk Manager. For reference, I am using the latest Magisk Canary as of time of this post.
 
  • Like
Reactions: jcp2

Nivan0611

Member
Mar 5, 2014
24
2
Hi All . . .
I am running a Amlogic X96Air Box with Slimrom-Android 9

Can someone plz guide me on installing Magisk for Safety Net Pass on Uncertified Google Play Store "Uncertified Device"

Firstly i installed the App Manager to access if "ramdisk" is available . . it says "No"
I then uninstalled it . . then tried to go the route to flash the zip (v22) thru TWRP . . after reboot nothing showed up in all apps (no Magisk) . . not sure if I'm doing it correctly !!! . . . However, I then reset the box and also reinstalled the rom to have a clean installation.

Any guidance on installing Magisk for Safety Net Pass on Play Store to have a certified device would be greatly appreciated, if this is at all possible
Thanks :)
 

Kingstley

New member
Feb 26, 2021
2
0
I had to do an account to thank you so much.
Finally i passed safetynet at mine Xiaomi mi 10 lite 5g.

Thank you sososo much. Finally i am able to install MCDonalds app and use GpAy
 

Demax55

Member
Jan 17, 2017
10
0
Unluckily it doesn't work for me, but maybe it's normal.

Device: Asus Zenfone Max Pro M1
OS: LineageOS 16.0-20210112-microG-X00TD (basically it's lineageOS with microG)
DroidguardHelper installed, however I cannot hide it in magisk hide. If I try, next time I check in Magisk Hide it's always not hidden.

I have Magisk Manager hidden and magisk hide active on all my banking apps and safety net checker apps.

Before installing safety net fix, banking apps and fingerprints on them would work. But it would fail attestation, and I suppose that's the reason why apps like Pokemon go wouldn't work.

I installed safety net fix 1.1.1 but attestation sfill failed. But fingerprints didn't work anymore on banking apps.

I installed safety fix 2.0 test 2 and now fingerprints work again, however attestation still fails.

I haven't found much about how to fix basic integrity, however I suspect it might be related to the ROM I'm using and/or microG.

Does anyone know why this happens and if there's any way to fix it?

Thanks in advance
 

Attachments

  • AttestationFailed.png
    AttestationFailed.png
    43.6 KB · Views: 11
Last edited:

gege2307

New member
Feb 27, 2021
2
0
Hi all, tried safetynet fix 1.1.1 in Magisk 22.0. Now safetynet test is passed, but Google pay still doesn't work (your device doesn't meet....).

My phone is Xiaomi mi 10TPro with MIUI 12.1.2.

Any idea ?

Thank you in advance !
 
Last edited:

Uzephi

Recognized Contributor
Apr 20, 2012
3,438
1,889
Phoenix
Google Pixel 3a
Does anyone know why this happens and if there's any way to fix it?

Thanks in advance

You're failing basic integrity. This module is only to bypass hardware attestation. I would suggest checking to see what is making you fail basic integrity. A good guess would be your device fingerprint. MagiskHideProps is a good module to use a certified fingerprint.
 

Demax55

Member
Jan 17, 2017
10
0
You're failing basic integrity. This module is only to bypass hardware attestation. I would suggest checking to see what is making you fail basic integrity. A good guess would be your device fingerprint. MagiskHideProps is a good module to use a certified fingerprint.


Thanks for the tip. Unluckily I already have tried to change my fingerprint with the latest certified fingerprint for my device and it didn't work.

I don't have xposed. I tried to disable all magisk modules that I have (aurora services, systemizer), still didn't work.

I have quite a few apps that need root (Adaway, warden, and others) but I don't think they could cause problem, right?
 

Top Liked Posts

  • 1
    My Samsung A71 is okay with success passed all requires field and in blue color.

    However , on BANKING APPS are kicking me out say detecting device is rooted.

    is there a recent solution to that please ? On shopping site in my region used to block me due to safetynet issue is now okay to enter those site but not when using BANKING APPS.

    Thank you very much., edmond
    This may or may not work for you, but with the following modules installed, Samsung Pay is now working again on my watch:
    • Riru
    • Riru - Enhanced mode for Magisk hide
    • Universal Safety net fix
    And, of course, hiding the Magisk app.
    My phone is still triggering Momo, but at least i can correctly use my phone and watch again

    Regards
    1
    Thank you so much !!

    I have all of them except " Riru - Enhanced mode for Magisk hide "

    I can see with-in my Magisk Modules Riru - Enhanced mode for Storage Isolation., I search for it and no result to the one above.

    Where I can separately download that Riru - Enhanced mode for Magisk hide ?

    Thank you very much., edmond
    Try here : https://github.com/vvb2060/riru-unshare
  • 27
    ok so there is a solution

    get the magisk module riru

    after you get riru get LSPosed

    after you get LSPosed get xprivacylua (in the LSPosed app)

    select play services in the xprivacylua settings IN the LSPosed app

    AND in the xprivacylua app itself after you've restarted.

    clear play service data

    check safetynet in magisk - enjoy?

    I would reboot between each step just to be safe but I know it's necessary to load the xprivacylua module

    s/o to saitama_96 for discovering it or so I'm led to believe
    17
    Anyone who installs Riru, deserves everything that happens to them.

    Anyone who pays a clown for broken amateur hour nonsense, also deserves everything that happens to them.

    This project has dramatically veered into a wall, and the torrent of mockery that is sure to follow, is well deserved.
    You're way off, and have cited no proof!

    I'll mention what we know - with no citations either as these will no doubt be lost on you also. - It may help those facing issues however.

    This fix seems to be working well on all but some custom ROMs like Pixel Experience etc. that already manipulate props in custom utils; these will apparently need fixing by their devs internally, and @Displax has already supplied a needed commit on GitHub. This and other issues may in part be why official LineageOS and many other custom OS's don't manipulate / spoof etc as a matter of policy... And who knows?, dev may also find an external solution for this yet!

    Other custom ROM users should find this works fine, but will likely need to set a certified fingerprint in MagiskHide Props Config module in addition.

    Riru's inject into zygote ability allows USNF to be more powerful, eg to target only Google Play Services with changed props to trigger the needed fallback to basic attestation, and not make the change global, which is causing many issues for users of other fixes that change model props etc, such as loss of device / OEM specific functionality (Galaxy Store, backup solutions, camera functions etc etc).

    In any case, it seems Riru is just a stop-gap solution and that this dev will move to John's new Zygisk asap or practical.

    The dev, @kdrag0n has clearly invested much time and effort in these S/N fixes. Most have been using them for a good while for free and would be pretty much up the creek without a paddle w/o them. No-one made him supply them as Magisk modules for all either; They were originally developed for his Proton ROMs...

    The new 'early releases' for his Patreon supporters will clearly generate only token recompense for his effort, and have so far become public and free in short order in any case.

    If you took the time to check facts, you would discover that these fixes are not only the best of the bunch, but are professionally coded and avoid the issues of most if not all others. A boon for the modding community.

    @kdrag0n deserves accolades and thanks from any modders worth their salt... He has mine.

    Sorry if this seems like a torrent of retorts, but I think they are well deserved... and I ain't mocking...

    It would be big of you to take back your .......... words. PW
    17
    v2.1.0 is officially released and open sourced now, so everyone can stop being ****ing babies. 😏👍

    12
    Hi, I install ver. 2.1.0 and riru only in magisk 23. Safetynet check in magisk pass basic. Google Play in about tell me is certifed device, but Google pay not work with contactless card. Other bank app tell me the device is rooted

    You need to force stop and clear all data on Play Services, Play Store and Pay, then all will work again once you set it up.

    Can confirm that latest version breaks fingerprint reader for me on OP7T 11.0.3.1

    Does that mean it will work in a later version? I can't tell if that post just mentions the issue or resolves it.

    Should do - pull request contains solution but requires reviews etc, however my hunch is the OP may push a build with a fix quickly due to issue found... Here's hoping! PW

    While we wait for @kdrag0n to merge my PR, I developed and tested it on my 8T with OOS and it's working well, so you can download my updated service.sh and system.prop from my PR GitHub and update the v2.1.0 files in /data/adb/modules/safetynet-fix to get it working in the meantime.

    Simply "View file" then "View raw" to download from here: https://github.com/kdrag0n/safetynet-fix/pull/90/files

    ...

    Riru hooks zygote, Magisk will directly replace Riru soon too with Zygisk, and there will always be tinfoil hatted people about stuff like that, probably best to ignore them going forward.

    Open source and code review is good, especially for things that hook this deeply, but a developer can also build up trust and keep such things closed, for example Chainfire and SuperSU. kdrag0n's credentials are solid as a ROM, kernel and mod developer in my opinion, so there shouldn't be any worry, especially where this isn't actually closed.

    Some people are just anti-closed source and will freak out, but the early pre-release sponsored testers scheme here isn't overly problematic. I mean, think it through.. It wouldn't be a very solid business model to identity theft or Bitcoin mine only your private paid sponsors/testers then release a clean free version publicly. 🙄😄
  • 214
    Universal SafetyNet Fix
    Magisk module​

    This is a universal fix for SafetyNet on devices with hardware attestation and unlocked bootloaders. It defeats both hardware attestation and the new SafetyNet CTS profile updates released on January 12, 2021. The only requirement is that you can pass basic attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels.

    Passing basic attestation is mostly out-of-scope for this module; this module is meant to defy hardware attestation, as well as reported "basic" attestation that actually uses hardware under-the-hood. Nonetheless, it features a few basic attempts at helping pass basic attestation on some devices, especially older devices and devices running stock ROMs.

    No device-specific features (such as the new Pixel-exclusive Google Assistant design or screen-off voice match) will be lost with this fix.

    Android versions 8–11 are supported. Heavy OEM skins are not officially supported, but they may work depending on your luck and the particular ROM in question. Please do not report problems on such ROMs.

    How does it work?
    The way this workaround works is relatively low-level. An in-depth explanation, as well as source code and ROM changes, can be found on GitHub.

    Ideally, this workaround should be incorporated in ROMs instead of overriding part of the ROM in a Magisk module. The ROM changes for it are linked above for ROM developers to use.

    Downloads
    Downloads and changelogs can be found on GitHub. The topmost release is the latest.

    Telegram group
    Source code

    If this helped you, please consider donating to support development: recurring donation for sustainable support or buy me a coffee. Thank you for your support!
    27
    ok so there is a solution

    get the magisk module riru

    after you get riru get LSPosed

    after you get LSPosed get xprivacylua (in the LSPosed app)

    select play services in the xprivacylua settings IN the LSPosed app

    AND in the xprivacylua app itself after you've restarted.

    clear play service data

    check safetynet in magisk - enjoy?

    I would reboot between each step just to be safe but I know it's necessary to load the xprivacylua module

    s/o to saitama_96 for discovering it or so I'm led to believe
    22
    I managed to fix the 3rd party app fingerprint issue on my Samsung w/ Android 10 (commented on this Github issue too). Basically the AOSP keystore is not fully compatible with the Samsung one so I decided to binary patch the one on my phone and ended up with this module. Now both fingerprint and SafetyNet works.
    Notes:
    - This disables key attestation for every app, idk if it breaks anything, nothing broke so far
    - Only change is the replaced system_sdk29/bin/keystore with the Samsung one (8 bytes modified)
    - Only works on Android 10
    - Might or might not work for you, use at your own risk.
    17
    Anyone who installs Riru, deserves everything that happens to them.

    Anyone who pays a clown for broken amateur hour nonsense, also deserves everything that happens to them.

    This project has dramatically veered into a wall, and the torrent of mockery that is sure to follow, is well deserved.
    You're way off, and have cited no proof!

    I'll mention what we know - with no citations either as these will no doubt be lost on you also. - It may help those facing issues however.

    This fix seems to be working well on all but some custom ROMs like Pixel Experience etc. that already manipulate props in custom utils; these will apparently need fixing by their devs internally, and @Displax has already supplied a needed commit on GitHub. This and other issues may in part be why official LineageOS and many other custom OS's don't manipulate / spoof etc as a matter of policy... And who knows?, dev may also find an external solution for this yet!

    Other custom ROM users should find this works fine, but will likely need to set a certified fingerprint in MagiskHide Props Config module in addition.

    Riru's inject into zygote ability allows USNF to be more powerful, eg to target only Google Play Services with changed props to trigger the needed fallback to basic attestation, and not make the change global, which is causing many issues for users of other fixes that change model props etc, such as loss of device / OEM specific functionality (Galaxy Store, backup solutions, camera functions etc etc).

    In any case, it seems Riru is just a stop-gap solution and that this dev will move to John's new Zygisk asap or practical.

    The dev, @kdrag0n has clearly invested much time and effort in these S/N fixes. Most have been using them for a good while for free and would be pretty much up the creek without a paddle w/o them. No-one made him supply them as Magisk modules for all either; They were originally developed for his Proton ROMs...

    The new 'early releases' for his Patreon supporters will clearly generate only token recompense for his effort, and have so far become public and free in short order in any case.

    If you took the time to check facts, you would discover that these fixes are not only the best of the bunch, but are professionally coded and avoid the issues of most if not all others. A boon for the modding community.

    @kdrag0n deserves accolades and thanks from any modders worth their salt... He has mine.

    Sorry if this seems like a torrent of retorts, but I think they are well deserved... and I ain't mocking...

    It would be big of you to take back your .......... words. PW
    17
    v2.1.0 is officially released and open sourced now, so everyone can stop being ****ing babies. 😏👍