MAGISK MODULE ❯ Universal SafetyNet Fix 1.1.0

Search This thread

ineedroot69

Senior Member
  • Nov 13, 2019
    750
    1
    150
    I already tried this procedure on my Galaxy Note 9 but it didn't work.
    have your clear your Google Play services and Google Play Store apps data?

    great indication of your device being SafetyNet Certified is if you can search Netflix on Play Store and Install if not that means your device fingerprint in incorrect

    if you are sure that you have done all steps correctly there a chance that the device fingerprint provided by props config is incorrect you can also file a report via props config main thread


    edit: install this samsung version of safetynet fix by kdragon https://github.com/kdrag0n/safetynet-fix/files/5846085/safetynet-fix-v1.1.1-samsungmod.zip
     
    Last edited:

    pupido

    Senior Member
    Apr 9, 2015
    135
    9
    have your clear your Google Play services and Google Play Store apps data?

    great indication of your device being SafetyNet Certified is if you can search Netflix on Play Store and Install if not that means your device fingerprint in incorrect

    if you are sure that you have done all steps correctly there a chance that the device fingerprint provided by props config is incorrect you can also file a report via props config main thread


    edit: install this samsung version of safetynet fix by kdragon https://github.com/kdrag0n/safetynet-fix/files/5846085/safetynet-fix-v1.1.1-samsungmod.zip

    You are great!
    All I had to do was install the module you linked instead of the one I had and I was finally able to pass the Safetynet check.
    Thank you very much!
     
    • Like
    Reactions: furga

    F308

    Senior Member
    Feb 25, 2013
    308
    40
    EU
    I am sorry for disturbing, but I am lost in searches.
    I tried install safetynet-fix-v1.1.1-samsungmod.zip by installing zip in bootloader mode, but only got information that file is not signed then installation will not be performed.
    Any hint?
    Android 10 on Galaxy A41.

    BTW:
    Somewhere it was mentioned that Magisk can make TWRP file.
    If not anything else I am asking myself if it is possible to have Magisk as well in ramdisk and in recovery boot. Likely two of them. Being in recovery I eventually could play with basic system.

    One more question:
    I wanted make changes in files under /system/etc but this is problematic.
    Hence Magisk resides in ramdisk - where is real /system partition so to make changes will become permanent?
     
    Mar 2, 2018
    37
    4
    Awesome, I installed this module and now I can at least (1) open GPay (didn't before) and (2) add cards successfully.

    I haven't tried paying yet, but my main question is - why would the NFC symbol (tap to pay) above each card be greyed out?

    On stock ROM tap-to-pay works great so it's not a hardware problem. I've also enabled "Use Payment Apps" under the NFC menu in settings.

    EDIT: Even though the symbol is greyed out, tap-to-pay DOES work. Yay!


    R
     
    Last edited:

    ineedroot69

    Senior Member
  • Nov 13, 2019
    750
    1
    150
    I am sorry for disturbing, but I am lost in searches.
    I tried install safetynet-fix-v1.1.1-samsungmod.zip by installing zip in bootloader mode, but only got information that file is not signed then installation will not be performed.
    Any hint?
    Android 10 on Galaxy A41.

    BTW:
    Somewhere it was mentioned that Magisk can make TWRP file.
    If not anything else I am asking myself if it is possible to have Magisk as well in ramdisk and in recovery boot. Likely two of them. Being in recovery I eventually could play with basic system.

    One more question:
    I wanted make changes in files under /system/etc but this is problematic.
    Hence Magisk resides in ramdisk - where is real /system partition so to make changes will become permanent?
    if you read magisk installation guide on github patching twrp via magisk so it's like magisk and twrp sitting in just one partition is not recommend

    and you another question yes its possible just disable dm-verity and you can make any change to system.img thou i recommend not doing this if possible do everything "systemless".
     

    F308

    Senior Member
    Feb 25, 2013
    308
    40
    EU
    Thank you.
    I am seeking any TWRP for Galaxy A41 and there is none.

    Systemless hosts work.
    Concerning disabling drm keys - module Magisk DRM disabler (v1.3.1) caused bootloop.
    Magisk version 22100, Android 10.
    I was afraid I will have to flush ROM again but trying solutions in random way I casually booted phone into safe mode.
    That disabled installed applications from be launched, Magisk between them, then I was able to uninstall troublesome module.
    (Just writing in case others may learn this method).
     

    ineedroot69

    Senior Member
  • Nov 13, 2019
    750
    1
    150

    Thank you.
    I am seeking any TWRP for Galaxy A41 and there is none.

    Systemless hosts work.
    Concerning disabling drm keys - module Magisk DRM disabler (v1.3.1) caused bootloop.
    Magisk version 22100, Android 10.
    I was afraid I will have to flush ROM again but trying solutions in random way I casually booted phone into safe mode.
    That disabled installed applications from be launched, Magisk between them, then I was able to uninstall troublesome module.
    (Just writing in case others may learn this method).
    i didn't know samsung integrate mediatek cpu on there devices i thought they only use snapdragon and exynos
     

    Sir Neko

    New member
    Apr 14, 2021
    1
    1
    Thank you! I got it working with my Pixel 4XL
    For anyone having problems I added "MagiskHide props config"
    and "Universal safety net FIx v1.1.1" and enabled magisk hide in settings. Deleted data for gpay and play services in phone settings restarted my phone and it worked.
     
    • Like
    Reactions: curiousrom

    wyt18

    Senior Member
    Jun 4, 2007
    397
    177
    this stopped working for me today after working flawlessly earlier. google must have changed it's detection method?
    - Samsung S9 stock rooted
    - Using v1.1.1 - samsungmod

    on testing safetynet, shows:
    - basicIntegrity - failed
    - ctsProfile - failed
    - evalType - N/A

    anyone else have this issue? fixes to suggest?
     

    Philnicolls89

    Senior Member
    Jun 28, 2019
    595
    241
    32
    A.C.T
    this stopped working for me today after working flawlessly earlier. google must have changed it's detection method?
    - Samsung S9 stock rooted
    - Using v1.1.1 - samsungmod

    on testing safetynet, shows:
    - basicIntegrity - failed
    - ctsProfile - failed
    - evalType - N/A

    anyone else have this issue? fixes to suggest?
    Same error message on my s10+ today, with safety net API error.
     

    hachamacha

    Senior Member
    Jun 15, 2010
    1,350
    744
    I tried the app Safetynet Attest on Global OP7T magisk 22.1 and it seems to work, so whatever it is, as has been the case a few times I've seen, is the way within Magisk that it does the test maybe. I didn't find the module above (the universal fix for Magisk) to make a different within Magisk.

    Edit: Always forget something ;). I'm on "Stable V11 of OOS with Magisk 22.1 & of course bootloader unlocked / OP7T Global version)

    Screenshot_20210414-183738.jpg
     
    • Like
    Reactions: curiousrom

    Tiemichael

    Senior Member
    May 10, 2013
    371
    94
    this stopped working for me today after working flawlessly earlier. google must have changed it's detection method?
    - Samsung S9 stock rooted
    - Using v1.1.1 - samsungmod

    on testing safetynet, shows:
    - basicIntegrity - failed
    - ctsProfile - failed
    - evalType - N/A

    anyone else have this issue? fixes to suggest?
    Same here on Poco X2 Pro with stock Android 11.
    Was working for the last months ...
     

    K1196A

    Member
    Apr 10, 2011
    14
    4
    Same story - shows as failed in Magisk, but checking with multiple 3rd party apps are showing it passing. Seems to have full functionality though: apps that won't run with a fail are working and I was even able to add a new CC to GPay. IDK...
     
    • Like
    Reactions: curiousrom

    Lamantin001

    Member
    Jul 29, 2015
    24
    3
    this stopped working for me today after working flawlessly earlier. google must have changed it's detection method?
    - Samsung S9 stock rooted
    - Using v1.1.1 - samsungmod

    on testing safetynet, shows:
    - basicIntegrity - failed
    - ctsProfile - failed
    - evalType - N/A

    anyone else have this issue? fixes to suggest?
    Same here. Poco f1 stock rom but unlocked bl, root with magisk.
    Tried reinstalling the package, clearing cache, rebooting, resetting magiskhide, etc.
    None of the above seemed to work. Some apps still work as intended, but my banking app now detects root :/ Until yesterday it was working all well.
    It is strange cuz I haven't updated any apps literally, haven't even rebooted. :D
     

    Lamantin001

    Member
    Jul 29, 2015
    24
    3
    Same story - shows as failed in Magisk, but checking with multiple 3rd party apps are showing it passing. Seems to have full functionality though: apps that won't run with a fail are working and I was even able to add a new CC to GPay. IDK...
    I tried both Safetynet Checker and Safetynet Test applications, both of them shows Basic integrity pass but CTSprofile fail, while Magisk shows both of them failed. :/
     

    K1196A

    Member
    Apr 10, 2011
    14
    4
    I tried both Safetynet Checker and Safetynet Test applications, both of them shows Basic integrity pass but CTSprofile fail, while Magisk shows both of them failed. :/
    The whole situation is odd, but like others... yesterday everything was peachy in magisk. Something is definitely afoot!
     

    Attachments

    • Screenshot_20210415-061228.png
      Screenshot_20210415-061228.png
      518.1 KB · Views: 40

    Top Liked Posts

    • There are no posts matching your filters.
    • 3
      I already tried this procedure on my Galaxy Note 9 but it didn't work.
      have your clear your Google Play services and Google Play Store apps data?

      great indication of your device being SafetyNet Certified is if you can search Netflix on Play Store and Install if not that means your device fingerprint in incorrect

      if you are sure that you have done all steps correctly there a chance that the device fingerprint provided by props config is incorrect you can also file a report via props config main thread


      edit: install this samsung version of safetynet fix by kdragon https://github.com/kdrag0n/safetynet-fix/files/5846085/safetynet-fix-v1.1.1-samsungmod.zip
      3
      On twitter, @topjohnwu says it is his API key that needs updating (or something to that effect). Will be in a future update, apparently.
      3
      As far as I remember there is a limit in calling the SafetyNet API with a specific key. I suppose too many people are using Magisk's built-in SafetyNet-Check and now the contingent of calls is exceeded. That's also the reason the result of the call is 'error' and not 'failed'.
      2
      Hi,
      I'd need some help to bypass SafetyNet check.

      … and yet I can't bypass the SafetyNet check:
      "SafetyNet API Error:
      basicIntegrity Ꝋ
      ctsProfile Ꝋ
      evalType: N/A".

      What am I missing?
      Seems you're missing today's posts before yours, debating about the same SafetyNet API error (supposing you're talking about Magisk's integrated SafetyNet check), and testing with the alternative
      SN checker(s) instead 🥸
      2
      how did you update it? did you receive a push notification? that it still doesn't work for me
      Canary Channel was updated. He'll push to Beta & Stable after a few more bug fixes.
    • 170
      Universal SafetyNet Fix
      Magisk module​

      This is a universal fix for SafetyNet on devices with hardware attestation and unlocked bootloaders. It defeats both hardware attestation and the new SafetyNet CTS profile updates released on January 12, 2021. The only requirement is that you can pass basic attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels.

      Passing basic attestation is mostly out-of-scope for this module; this module is meant to defy hardware attestation, as well as reported "basic" attestation that actually uses hardware under-the-hood. Nonetheless, it features a few basic attempts at helping pass basic attestation on some devices, especially older devices and devices running stock ROMs.

      No device-specific features (such as the new Pixel-exclusive Google Assistant design or screen-off voice match) will be lost with this fix.

      Android versions 8–11 are supported. Heavy OEM skins are not officially supported, but they may work depending on your luck and the particular ROM in question. Please do not report problems on such ROMs.

      How does it work?
      The way this workaround works is relatively low-level. An in-depth explanation, as well as source code and ROM changes, can be found on GitHub.

      Ideally, this workaround should be incorporated in ROMs instead of overriding part of the ROM in a Magisk module. The ROM changes for it are linked above for ROM developers to use.

      Downloads
      Downloads and changelogs can be found on GitHub. The topmost release is the latest.

      Telegram group
      Source code

      If this helped you, please consider donating to support development: recurring donation for sustainable support or buy me a coffee. Thank you for your support!
      21
      I managed to fix the 3rd party app fingerprint issue on my Samsung w/ Android 10 (commented on this Github issue too). Basically the AOSP keystore is not fully compatible with the Samsung one so I decided to binary patch the one on my phone and ended up with this module. Now both fingerprint and SafetyNet works.
      Notes:
      - This disables key attestation for every app, idk if it breaks anything, nothing broke so far
      - Only change is the replaced system_sdk29/bin/keystore with the Samsung one (8 bytes modified)
      - Only works on Android 10
      - Might or might not work for you, use at your own risk.
      13
      Universal SafetyNet Fix v1.1.1 is now available.

      Changes
      • Removed security patch fixup to fix CTS profile mismatches on some devices

      Download

      Some devices will now need to use MagiskHide Props Config in addition to this module in order to pass CTS profile checks as part of basic attestation. Altering the CTS profile is no longer in scope for this module as it breaks more devices than it fixes.

      If this module helped you, please consider a recurring donation for sustainable support, or alternatively buy me a coffee. Everything helps, but a recurring donation is the best way to keep the project alive in the long term.

      Issues on heavy OEM skins
      This is a reminder that heavy OEM skins are not officially supported. They may happen to work depending on your luck and the particular ROM in question, but nothing is guaranteed. Please do not report problems on such ROMs. It's surprising that it works at all on them; I wouldn't expect everything to be fully working. I will not provide more support for issues related to heavy OEM skins.

      The compatibility issue does not lie in the SafetyNet fix itself, but rather how the Magisk module is built. It's possible to make the Magisk module version of the fix slightly more portable, but I have no interest in supporting heavy OEM skins, nor do I have any devices running such ROMs.

      You will always have the best luck with a ROM not too far from AOSP, e.g. most custom ROMs and Pixel stock ROMs.
      6
      Everyone having issues passing basic attestation after installing the module, please try the attached versions.

      There have been quite a few reports of fingerprint unlocking in apps breaking on One UI. This is not something that is planned to be fixed, because One UI is a heavy OEM skin that is not officially supported. It's surprising that it works on One UI to begin with.
      4
      There is no need to delete the whole Data, but go to Settings, Apps and delete Data for Google Play, Google Play Services, Google Services Framework, and probably Google Pay (not using, hence cannot tell for sure).
      Go to Airplane mode before deleting, after deleting reboot and turn Airplane off
      Deleting data of Google services framework acts as a partial factory reset and it might cause late/missing notifications of many apps. I would definitely advise to avoid doing it. 🙂

      It is enough to wait a little, Google play store should "recertify" device after some time automatically if it meets the criteria. Cache or data cleaning of Google play store app should speed up this process, but it's not mandatory in my experience.
    Our Apps
    Get our official app!
    The best way to access XDA on your phone
    Nav Gestures
    Add swipe gestures to any Android
    One Handed Mode
    Eases uses one hand with your phone