• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

MAGISK MODULE ❯ Universal SafetyNet Fix 1.1.0

Search This thread

pndwal

Senior Member
Hi, I have a Pixel 4a with magisk stable v23 and safetneyfix v2.1.1.
SafetyNet is a success and I have hidden all of my banking apps and it is working fine.
I'm from India and there is one banking app (Axis Mobile) and it is able to detect root and thus I can't use the app.

Is anyone else facing the same issue. Were you able to fix it ?
Can anyone help in maybe some way I haven't thought of. (like: some people have suggested in the past having twrp folder can also cause root detection. PS: I don't have the folder.)
Try Riru-MomoHider. 👍 PW
 

Homeboy76

Senior Member
Aug 24, 2012
2,702
1,358
Kudos to the developer of USNF (@kdrag0n) and all the XDA members that have helped with the development of USNF. They deserve all the accolades they can get for the development of the USNF module. Great job! :) :) :)
 
Last edited:
  • Like
Reactions: rhewins2268

vel_tins

Senior Member
Jun 23, 2007
315
74
Bangkok
For me it is working with:
- Magisk 23.0
- enable Magisk Hide in Settings
- Module SafetyNetFix v2.1.0 -> https://kdrag0n.dev/patreon/safetynet-fix/v2.1.0
- Module Sui v12.1.4 -> https://github.com/RikkaApps/Sui

View attachment 5403773
SafetyNet Check

View attachment 5403775
PlayStore is certified

View attachment 5403777
Google Pay is working

If it' not working with these settings, you have to delete Datastore of following Apps:
- Google Play Service
- Google Play Store
- Google Pay
and reboot.
Everything works except Gpay
Poco X3 NFC
Do I need to take some settings in one of the modules?
Or should it work ootb?
 

73sydney

Senior Member
Jul 21, 2018
1,913
1,673
Sydney
Google Pixel 2 XL
Everything works except Gpay
Poco X3 NFC
Do I need to take some settings in one of the modules?
Or should it work ootb?

Google Pay - Usual fix:

Toggle airplane mode on
Clear data of Google Pay, Google Play, Google Play Services
Reboot
Toggle airplane mode back off
Wait 5 minutes for store to recertify

Still not working?

Remove card and readd
 
Sep 20, 2021
8
5
I installed v2.1.0 on my OnePlus 8 Pro (OOS 11), it broke my fingerprint sensor. I then updated to v2.1.1, but it's still broken. I've tried removing the module, but it remains broken. So I don't know what I did, could someone help me narrow down the issue? Or is a factory reset my only option?
 

rodken

Senior Member
Jan 11, 2010
602
168
Google Pixel XL
OnePlus 8
I installed v2.1.0 on my OnePlus 8 Pro (OOS 11), it broke my fingerprint sensor. I then updated to v2.1.1, but it's still broken. I've tried removing the module, but it remains broken. So I don't know what I did, could someone help me narrow down the issue? Or is a factory reset my only option?
Reinstall version 1.2.0 and cross your fingers.
 

osm0sis

Senior Recognized Developer / Contributor
Mar 14, 2012
14,813
33,486
Halifax
GT-i9250
Nexus 7 (2013)
I've tried that, it didn't fix it sadly. If I go into the calibration test of the sensor through the dial code, it does function properly.

I am running a custom kernel, blu spark. Would that interfere? I'm running 11.0.8.8 of oxygen os.
If you've uninstalled USNF then it's kind of out of our hands here. Yeah, just start piecing your way back to full stock..

Your report reminds of when I originally fixed this for MagiskHide. We fixed it correctly (as evidenced by any Magisk version after 20414 working for you), but there were some 8 Pros that worked immediately and some that were still broken because something went weird with their fp firmware/calibration data: https://github.com/topjohnwu/Magisk/issues/2803
 
Sep 20, 2021
8
5
If you've uninstalled USNF then it's kind of out of our hands here. Yeah, just start piecing your way back to full stock..

Your report reminds of when I originally fixed this for MagiskHide. We fixed it correctly (as evidenced by any Magisk version after 20414 working for you), but there were some 8 Pros that worked immediately and some that were still broken because something went weird with their fp firmware/calibration data: https://github.com/topjohnwu/Magisk/issues/2803
MagiskHide did work indeed, thanks for that. Also thanks for helping me figure out I'm pretty much at a loss ;)

I'll just be reinstalling OOS completely clean, then root it again. Might give another go at USNF, might not. Thanks anyways!
 
  • Like
Reactions: osm0sis

osm0sis

Senior Recognized Developer / Contributor
Mar 14, 2012
14,813
33,486
Halifax
GT-i9250
Nexus 7 (2013)
MagiskHide did work indeed, thanks for that. Also thanks for helping me figure out I'm pretty much at a loss ;)

I'll just be reinstalling OOS completely clean, then root it again. Might give another go at USNF, might not. Thanks anyways!
Might need to MSM when you start clean. 🙁

USNF 2.1.1 should be fine now going forward, same as MagiskHide was after my fix.
 
Last edited:

osm0sis

Senior Recognized Developer / Contributor
Mar 14, 2012
14,813
33,486
Halifax
GT-i9250
Nexus 7 (2013)
I'm unsure what MSM means, wouldn't flashing the stock image twice to clear both partitions work?
Not necessarily.. search xda for MSM and your device and you'll find the packages. It's what OnePlus tech support installs for you to fully wipe and restore your device back to locked factory.
 
Last edited:

Top Liked Posts

  • 2
    Hello,

    Today I installed new Magisk 23010 with removed magisk hide but my banking payment app is still not working..
    Also rootbeer fresh shows the device now as rooted after the update...
    In magisk I choose Zygisk and enforce deny list and set the same apps like with magisk hide before but it will not work.
    I had Universal SafetyNetFix 1.1.1 installed. I removed that and installed newest 2.1.1 together with Riru module but in rootbeer fresh Root is still present as you can see..
    What else can I do now?

    Regards
    Have you enabled deny list for com.google.android.gms and com.google.android.gms.unstable?
    You also can't use Riru or any Riru modules with zygisk. So you need to install V1 universal safety fix. Also might need to use MPHC to reset magisk sensitive props
  • 4
    I flashed this Magisk module on my OnePlus 5T running on Android 10 with Oxygen OS. I'm still not able to pass safetynet check. What should I do?
    OnePlus 5T and 6T are old enough that they do not need this module.
    They do not have the hardware to support hardware attestation

    Make sure MagiskHide is running.
    If it is on, toggle it off and on to restart it.

    Since you are running stock OxygenOS, MagiskHide is enough to pass SafetyNet.

    If you still have problems, it would be better to ask in the Magisk General Support / Discussion - xdaThread - Link

    Cheers. :cowboy:

    PS.
    I double checked on my 5T running OOS 10.0.1 ;)
    4
    Pull request is beyond me ATM, so I submitted as an issue... 😜 PW
    Login to GitHub, go to README, press edit, it'll do the rest for you pretty much.
    3
    GitHub link from OP:
    Android versions 7–12 are supported, including OEM skins such as Samsung One UI and MIUI. This is a Riru module, so Riru must be installed in order for it to work.
    https://github.com/kdrag0n/safetynet-fix#universal-safetynet-fix

    Releases:
    v2.1.1
    Latest release
    kdrag0n released this 18 days ago

    Changes
    Fixed under-display fingerprint on OnePlus devices (@osm0sis)
    ...

    v2.1.0
    kdrag0n released this 20 days ago

    Changes
    Fixed new SafetyNet CTS profile failures as of September 2, 2021
    Added MagiskHide features that will be removed in future versions of Magisk
    ...

    v2.0.0
    kdrag0n released this 27 days ago

    Changes
    Added support for heavy OEM skins (One UI, MIUI, etc.)
    Added support for Android 12 Beta 4 and future versions
    ...
    Android 12: Fixed face unlock on Pixel 4 series
    Added support for Android 7.0 and 7.1
    Rewritten as a Riru module

    ...

    v1.1.0

    kdrag0n released this on 14 Jan

    Changes
    Added support for Android 8.0, 8.1, 9, and 10
    Increased chances of passing SafetyNet on older devices
    https://github.com/kdrag0n/safetynet-fix/releases

    👍 PW
    3
    The only requirement is that you can pass basic attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels. MagiskHide is required as a result.

    Passing basic attestation is out-of-scope for this module; this module is meant to defy hardware attestation, as well as reported "basic" attestation that actually uses hardware under-the-hood. Use MagiskHide Props Config to spoof your CTS profile if you have trouble passing basic attestation. This is a common issue on old devices and custom ROMs.
    https://github.com/kdrag0n/safetynet-fix#universal-safetynet-fix

    @kdrag0n, others -

    Just a heads up. - GitHub README.md is a bit misleading. 😜

    Devices passing basicIntegrity often lack a passing (certified) fingerprint (eg. my Mi Pad 4 w/ unofficial LOS 18.1), therefore 'basic attestation' (basicIntegrity) pass is NOT the only requirement to allow USNF to fix failed ctsProfile (work).

    Actually, 'basic attestation' (basicIntegrity) often does NOT require a valid combination including build fingerprints and security patch levels (but apparently such may be required for some devices), but this IS an additional requirement for passing ctsProfile / SafetyNet.

    While passing 'basic attestation' (basicIntegrity) is out-of-scope for this module, passing ctsProfile is ALSO out-of-scope when a valid combination including build fingerprints and security patch levels is lacking.

    And contrary to the last suggestion above, @Didgeridoohan's MHPC GitHub home page states:
    If... the CTS profile check fails while basic integrity passes, that means MagiskHide is working on your device but Google doesn't recognise your device as being certified (if basic integrity fails there is generally nothing this module can do...).
    https://github.com/Magisk-Modules-R...ices-fingerprint-to-pass-the-ctsprofile-check

    The last statement should therefore read:

    "Use MagiskHide Props Config to spoof a certified (passing) fingerprint if you have trouble passing ctsProfile after enabling Riru, this module (USNF) and MagiskHide (in Magisk settings), and have passing basicIntegrity. This is a common issue on custom and uncertified stock (China etc) ROMs."

    Hope this helps / README.md can be made clearer. 😃 PW
    3
    Hey @kdrag0n I noticed that your module breaks At a glance on Android 12 and it seems to mess up with Continued conversation and maybe other Google Assistant things. Can you please look into that? Thanks!
    Pretty sure he's already aware of the issue as it was mentioned on his GitHub issue tracker 3 days ago https://github.com/kdrag0n/safetynet-fix/issues/108. No response from OP yet on GitHub or XDA but I'm sure he's aware and brainstorming possible solutions. We might just need to wait a few more days.
  • 219
    Universal SafetyNet Fix
    Magisk module​

    This is a universal fix for SafetyNet on devices with hardware attestation and unlocked bootloaders. It defeats both hardware attestation and the new SafetyNet CTS profile updates released on January 12, 2021. The only requirement is that you can pass basic attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels.

    Passing basic attestation is mostly out-of-scope for this module; this module is meant to defy hardware attestation, as well as reported "basic" attestation that actually uses hardware under-the-hood. Nonetheless, it features a few basic attempts at helping pass basic attestation on some devices, especially older devices and devices running stock ROMs.

    No device-specific features (such as the new Pixel-exclusive Google Assistant design or screen-off voice match) will be lost with this fix.

    Android versions 8–11 are supported. Heavy OEM skins are not officially supported, but they may work depending on your luck and the particular ROM in question. Please do not report problems on such ROMs.

    How does it work?
    The way this workaround works is relatively low-level. An in-depth explanation, as well as source code and ROM changes, can be found on GitHub.

    Ideally, this workaround should be incorporated in ROMs instead of overriding part of the ROM in a Magisk module. The ROM changes for it are linked above for ROM developers to use.

    Downloads
    Downloads and changelogs can be found on GitHub. The topmost release is the latest.

    Telegram group
    Source code

    If this helped you, please consider donating to support development: recurring donation for sustainable support or buy me a coffee. Thank you for your support!
    28
    ok so there is a solution

    get the magisk module riru

    after you get riru get LSPosed

    after you get LSPosed get xprivacylua (in the LSPosed app)

    select play services in the xprivacylua settings IN the LSPosed app

    AND in the xprivacylua app itself after you've restarted.

    clear play service data

    check safetynet in magisk - enjoy?

    I would reboot between each step just to be safe but I know it's necessary to load the xprivacylua module

    s/o to saitama_96 for discovering it or so I'm led to believe
    22
    I managed to fix the 3rd party app fingerprint issue on my Samsung w/ Android 10 (commented on this Github issue too). Basically the AOSP keystore is not fully compatible with the Samsung one so I decided to binary patch the one on my phone and ended up with this module. Now both fingerprint and SafetyNet works.
    Notes:
    - This disables key attestation for every app, idk if it breaks anything, nothing broke so far
    - Only change is the replaced system_sdk29/bin/keystore with the Samsung one (8 bytes modified)
    - Only works on Android 10
    - Might or might not work for you, use at your own risk.
    18
    v2.1.0 is officially released and open sourced now, so everyone can stop being ****ing babies. 😏👍

    17
    Anyone who installs Riru, deserves everything that happens to them.

    Anyone who pays a clown for broken amateur hour nonsense, also deserves everything that happens to them.

    This project has dramatically veered into a wall, and the torrent of mockery that is sure to follow, is well deserved.
    You're way off, and have cited no proof!

    I'll mention what we know - with no citations either as these will no doubt be lost on you also. - It may help those facing issues however.

    This fix seems to be working well on all but some custom ROMs like Pixel Experience etc. that already manipulate props in custom utils; these will apparently need fixing by their devs internally, and @Displax has already supplied a needed commit on GitHub. This and other issues may in part be why official LineageOS and many other custom OS's don't manipulate / spoof etc as a matter of policy... And who knows?, dev may also find an external solution for this yet!

    Other custom ROM users should find this works fine, but will likely need to set a certified fingerprint in MagiskHide Props Config module in addition.

    Riru's inject into zygote ability allows USNF to be more powerful, eg to target only Google Play Services with changed props to trigger the needed fallback to basic attestation, and not make the change global, which is causing many issues for users of other fixes that change model props etc, such as loss of device / OEM specific functionality (Galaxy Store, backup solutions, camera functions etc etc).

    In any case, it seems Riru is just a stop-gap solution and that this dev will move to John's new Zygisk asap or practical.

    The dev, @kdrag0n has clearly invested much time and effort in these S/N fixes. Most have been using them for a good while for free and would be pretty much up the creek without a paddle w/o them. No-one made him supply them as Magisk modules for all either; They were originally developed for his Proton ROMs...

    The new 'early releases' for his Patreon supporters will clearly generate only token recompense for his effort, and have so far become public and free in short order in any case.

    If you took the time to check facts, you would discover that these fixes are not only the best of the bunch, but are professionally coded and avoid the issues of most if not all others. A boon for the modding community.

    @kdrag0n deserves accolades and thanks from any modders worth their salt... He has mine.

    Sorry if this seems like a torrent of retorts, but I think they are well deserved... and I ain't mocking...

    It would be big of you to take back your .......... words. PW