• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

MAGISK MODULE ❯ Universal SafetyNet Fix 1.1.0

Search This thread

amit_coolcampus

Senior Member
Mar 30, 2013
273
35
Delhi
Samsung Galaxy Note 9
It's already selected bro.
Updated fingerprint as welll using magiskhide config module. Magisk is renamed too. Have been using other apps and this app for last couple of years.
Its just issue with this particular app. And this app also started detecting root with the latest update.
 

BobbyHoggatt

Member
Feb 14, 2021
16
3
39
Grants pass or
OnePlus 8 Pro
What app is it?
It's already selected bro.
Updated fingerprint as welll using magiskhide config module. Magisk is renamed too. Have been using other apps and this app for last couple of years.
Its just issue with this particular app. And this app also started detecting root with the latest update.
What bank app is it.? I install it on my phone so you know if it's a app problem or your device problem
 

zgfg

Senior Member
Oct 10, 2016
5,903
3,377
I think this app is bypassing magisk hide and detecting root using some other method.
There are other methods to detect root. E.g., test with Magisk Detector:

Set it for Magisk Hide but most likely you will fail by 1 and 5 (as attached)

It's not everything in Magisk Hide and SafetyNet
 

Attachments

  • IMG_20210721_081432.jpg
    IMG_20210721_081432.jpg
    341.9 KB · Views: 73

amit_coolcampus

Senior Member
Mar 30, 2013
273
35
Delhi
Samsung Galaxy Note 9
There are other methods to detect root. E.g., test with Magisk Detector:

Set it for Magisk Hide but most likely you will fail by 1 and 5 (as attached)

It's not everything in Magisk Hide and SafetyNet
I think you're right. Attached is the screenshot from my device.
What can I do to solve it?
 

Attachments

  • SmartSelect_20210802-023014_Magisk Detector.jpg
    SmartSelect_20210802-023014_Magisk Detector.jpg
    260.9 KB · Views: 62

zgfg

Senior Member
Oct 10, 2016
5,903
3,377
I think you're right. Attached is the screenshot from my device.
What can I do to solve it?
Search in the General Magisk thread on XDA. There was a long discussion, and some ways to pass (1) and (5)

E g., if you use Magisk Lite (instead of Stable/Canary) from the same author as that Magisk Detecror (vvb2060) you should pass (1)

Also, a riru solution was discussed to pass (5)
 

amit_coolcampus

Senior Member
Mar 30, 2013
273
35
Delhi
Samsung Galaxy Note 9
Search in the General Magisk thread on XDA. There was a long discussion, and some ways to pass (1) and (5)

E g., if you use Magisk Lite (instead of Stable/Canary) from the same author as that Magisk Detecror (vvb2060) you should pass (1)

Also, a riru solution was discussed to pass (5)
I see... I will try to locate the thread and find out the solution (if exists). By any chance if you land on the same, please share. Thank you very much.
 

amit_coolcampus

Senior Member
Mar 30, 2013
273
35
Delhi
Samsung Galaxy Note 9
Search in the General Magisk thread on XDA. There was a long discussion, and some ways to pass (1) and (5)

E g., if you use Magisk Lite (instead of Stable/Canary) from the same author as that Magisk Detecror (vvb2060) you should pass (1)

Also, a riru solution was discussed to pass (5)
Thanks for giving me a direction bro.
I found a solution and I am sharing it here if someone needs it.

Install riru and riru unshare modules.
Use Magisk hide and magisk rename.
Then install 3C toolbox.
Go to app which is detecting magisk, click manage and disable the ¨detect magisk¨ service..usually the lastone in the list.. Voila
 

pndwal

Senior Member
I see... I will try to locate the thread and find out the solution (if exists). By any chance if you land on the same, please share. Thank you very much.
I see you've fixed issue for now, but here is a link / tips in the Magisk General Support / Discussion thread:
https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-85300227

Nb. I've now swapped riru-unshare module for riru-MomoHider module as it seems to be even more effective at the present time. PW
 

amit_coolcampus

Senior Member
Mar 30, 2013
273
35
Delhi
Samsung Galaxy Note 9
I see you've fixed issue for now, but here is a link / tips in the Magisk General Support / Discussion thread:
https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-85300227

Nb. I've now swapped riru-unshare module for riru-MomoHider module as it seems to be even more effective at the present time. PW
Thank you bro. Yes I had read about this option too. Had tried this a few days ago. Momo hider module didn't work for me.
 
  • Like
Reactions: pndwal

pndwal

Senior Member
  • Like
Reactions: amit_coolcampus

amit_coolcampus

Senior Member
Mar 30, 2013
273
35
Delhi
Samsung Galaxy Note 9
  • Like
Reactions: pndwal

Tianhe

Senior Member
Mar 16, 2011
677
167

Tianhe

Senior Member
Mar 16, 2011
677
167
  • Like
Reactions: pndwal

pndwal

Senior Member
Yep, Magiskhide itself is enough to hide permissive SELinux for passing Safety Net, unfortunately it cannot hide this status from some apps which then assume that the device is rooted.
Can you say how the app identifies permissive SELinux when SafetyNet is hiding it properly?

Note: You may want to reconsider running such a ROM / environment, ESPECIALLY with root access:

"We should stop the toxic and irresponsible mentality of releasing SELinux permissive ROMs/kernels in this community. You should never, *EVER* switch to permissive unless actually doing development/debugging." - John Wu
https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-84458833

😮 PW
 
Last edited:
  • Like
Reactions: amit_coolcampus

Top Liked Posts

  • There are no posts matching your filters.
  • 4
    I flashed this Magisk module on my OnePlus 5T running on Android 10 with Oxygen OS. I'm still not able to pass safetynet check. What should I do?
    OnePlus 5T and 6T are old enough that they do not need this module.
    They do not have the hardware to support hardware attestation

    Make sure MagiskHide is running.
    If it is on, toggle it off and on to restart it.

    Since you are running stock OxygenOS, MagiskHide is enough to pass SafetyNet.

    If you still have problems, it would be better to ask in the Magisk General Support / Discussion - xdaThread - Link

    Cheers. :cowboy:

    PS.
    I double checked on my 5T running OOS 10.0.1 ;)
    4
    Pull request is beyond me ATM, so I submitted as an issue... 😜 PW
    Login to GitHub, go to README, press edit, it'll do the rest for you pretty much.
    3
    GitHub link from OP:
    Android versions 7–12 are supported, including OEM skins such as Samsung One UI and MIUI. This is a Riru module, so Riru must be installed in order for it to work.
    https://github.com/kdrag0n/safetynet-fix#universal-safetynet-fix

    Releases:
    v2.1.1
    Latest release
    kdrag0n released this 18 days ago

    Changes
    Fixed under-display fingerprint on OnePlus devices (@osm0sis)
    ...

    v2.1.0
    kdrag0n released this 20 days ago

    Changes
    Fixed new SafetyNet CTS profile failures as of September 2, 2021
    Added MagiskHide features that will be removed in future versions of Magisk
    ...

    v2.0.0
    kdrag0n released this 27 days ago

    Changes
    Added support for heavy OEM skins (One UI, MIUI, etc.)
    Added support for Android 12 Beta 4 and future versions
    ...
    Android 12: Fixed face unlock on Pixel 4 series
    Added support for Android 7.0 and 7.1
    Rewritten as a Riru module

    ...

    v1.1.0

    kdrag0n released this on 14 Jan

    Changes
    Added support for Android 8.0, 8.1, 9, and 10
    Increased chances of passing SafetyNet on older devices
    https://github.com/kdrag0n/safetynet-fix/releases

    👍 PW
    3
    The only requirement is that you can pass basic attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels. MagiskHide is required as a result.

    Passing basic attestation is out-of-scope for this module; this module is meant to defy hardware attestation, as well as reported "basic" attestation that actually uses hardware under-the-hood. Use MagiskHide Props Config to spoof your CTS profile if you have trouble passing basic attestation. This is a common issue on old devices and custom ROMs.
    https://github.com/kdrag0n/safetynet-fix#universal-safetynet-fix

    @kdrag0n, others -

    Just a heads up. - GitHub README.md is a bit misleading. 😜

    Devices passing basicIntegrity often lack a passing (certified) fingerprint (eg. my Mi Pad 4 w/ unofficial LOS 18.1), therefore 'basic attestation' (basicIntegrity) pass is NOT the only requirement to allow USNF to fix failed ctsProfile (work).

    Actually, 'basic attestation' (basicIntegrity) often does NOT require a valid combination including build fingerprints and security patch levels (but apparently such may be required for some devices), but this IS an additional requirement for passing ctsProfile / SafetyNet.

    While passing 'basic attestation' (basicIntegrity) is out-of-scope for this module, passing ctsProfile is ALSO out-of-scope when a valid combination including build fingerprints and security patch levels is lacking.

    And contrary to the last suggestion above, @Didgeridoohan's MHPC GitHub home page states:
    If... the CTS profile check fails while basic integrity passes, that means MagiskHide is working on your device but Google doesn't recognise your device as being certified (if basic integrity fails there is generally nothing this module can do...).
    https://github.com/Magisk-Modules-R...ices-fingerprint-to-pass-the-ctsprofile-check

    The last statement should therefore read:

    "Use MagiskHide Props Config to spoof a certified (passing) fingerprint if you have trouble passing ctsProfile after enabling Riru, this module (USNF) and MagiskHide (in Magisk settings), and have passing basicIntegrity. This is a common issue on custom and uncertified stock (China etc) ROMs."

    Hope this helps / README.md can be made clearer. 😃 PW
    3
    Hey @kdrag0n I noticed that your module breaks At a glance on Android 12 and it seems to mess up with Continued conversation and maybe other Google Assistant things. Can you please look into that? Thanks!
    Pretty sure he's already aware of the issue as it was mentioned on his GitHub issue tracker 3 days ago https://github.com/kdrag0n/safetynet-fix/issues/108. No response from OP yet on GitHub or XDA but I'm sure he's aware and brainstorming possible solutions. We might just need to wait a few more days.
  • 219
    Universal SafetyNet Fix
    Magisk module​

    This is a universal fix for SafetyNet on devices with hardware attestation and unlocked bootloaders. It defeats both hardware attestation and the new SafetyNet CTS profile updates released on January 12, 2021. The only requirement is that you can pass basic attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels.

    Passing basic attestation is mostly out-of-scope for this module; this module is meant to defy hardware attestation, as well as reported "basic" attestation that actually uses hardware under-the-hood. Nonetheless, it features a few basic attempts at helping pass basic attestation on some devices, especially older devices and devices running stock ROMs.

    No device-specific features (such as the new Pixel-exclusive Google Assistant design or screen-off voice match) will be lost with this fix.

    Android versions 8–11 are supported. Heavy OEM skins are not officially supported, but they may work depending on your luck and the particular ROM in question. Please do not report problems on such ROMs.

    How does it work?
    The way this workaround works is relatively low-level. An in-depth explanation, as well as source code and ROM changes, can be found on GitHub.

    Ideally, this workaround should be incorporated in ROMs instead of overriding part of the ROM in a Magisk module. The ROM changes for it are linked above for ROM developers to use.

    Downloads
    Downloads and changelogs can be found on GitHub. The topmost release is the latest.

    Telegram group
    Source code

    If this helped you, please consider donating to support development: recurring donation for sustainable support or buy me a coffee. Thank you for your support!
    28
    ok so there is a solution

    get the magisk module riru

    after you get riru get LSPosed

    after you get LSPosed get xprivacylua (in the LSPosed app)

    select play services in the xprivacylua settings IN the LSPosed app

    AND in the xprivacylua app itself after you've restarted.

    clear play service data

    check safetynet in magisk - enjoy?

    I would reboot between each step just to be safe but I know it's necessary to load the xprivacylua module

    s/o to saitama_96 for discovering it or so I'm led to believe
    22
    I managed to fix the 3rd party app fingerprint issue on my Samsung w/ Android 10 (commented on this Github issue too). Basically the AOSP keystore is not fully compatible with the Samsung one so I decided to binary patch the one on my phone and ended up with this module. Now both fingerprint and SafetyNet works.
    Notes:
    - This disables key attestation for every app, idk if it breaks anything, nothing broke so far
    - Only change is the replaced system_sdk29/bin/keystore with the Samsung one (8 bytes modified)
    - Only works on Android 10
    - Might or might not work for you, use at your own risk.
    18
    v2.1.0 is officially released and open sourced now, so everyone can stop being ****ing babies. 😏👍

    17
    Anyone who installs Riru, deserves everything that happens to them.

    Anyone who pays a clown for broken amateur hour nonsense, also deserves everything that happens to them.

    This project has dramatically veered into a wall, and the torrent of mockery that is sure to follow, is well deserved.
    You're way off, and have cited no proof!

    I'll mention what we know - with no citations either as these will no doubt be lost on you also. - It may help those facing issues however.

    This fix seems to be working well on all but some custom ROMs like Pixel Experience etc. that already manipulate props in custom utils; these will apparently need fixing by their devs internally, and @Displax has already supplied a needed commit on GitHub. This and other issues may in part be why official LineageOS and many other custom OS's don't manipulate / spoof etc as a matter of policy... And who knows?, dev may also find an external solution for this yet!

    Other custom ROM users should find this works fine, but will likely need to set a certified fingerprint in MagiskHide Props Config module in addition.

    Riru's inject into zygote ability allows USNF to be more powerful, eg to target only Google Play Services with changed props to trigger the needed fallback to basic attestation, and not make the change global, which is causing many issues for users of other fixes that change model props etc, such as loss of device / OEM specific functionality (Galaxy Store, backup solutions, camera functions etc etc).

    In any case, it seems Riru is just a stop-gap solution and that this dev will move to John's new Zygisk asap or practical.

    The dev, @kdrag0n has clearly invested much time and effort in these S/N fixes. Most have been using them for a good while for free and would be pretty much up the creek without a paddle w/o them. No-one made him supply them as Magisk modules for all either; They were originally developed for his Proton ROMs...

    The new 'early releases' for his Patreon supporters will clearly generate only token recompense for his effort, and have so far become public and free in short order in any case.

    If you took the time to check facts, you would discover that these fixes are not only the best of the bunch, but are professionally coded and avoid the issues of most if not all others. A boon for the modding community.

    @kdrag0n deserves accolades and thanks from any modders worth their salt... He has mine.

    Sorry if this seems like a torrent of retorts, but I think they are well deserved... and I ain't mocking...

    It would be big of you to take back your .......... words. PW