• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

MAGISK MODULE ❯ Universal SafetyNet Fix 1.1.0

Search This thread

ReservedName

Member
Oct 29, 2014
35
42
Interesting - you needed LSPosed/XLua for AdAway?
Maybe something specific for a particular phone with 12 - sorry I was not aware of, maybe you could elborate
no I needed the systemless hosts module for AdAway. it's been awhile since I installed xprivacylua but I'm sure it must have been for fixing the Google pay issue. I really only need to tweak my phone for ad blocking in apps, wifi tether, and getting around root/safety net related issues. oh and YouTube vanced
 
  • Like
Reactions: zgfg

glaedr

Senior Member
Mar 1, 2010
68
5
Yup, here's my original notes:
https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-85125319

As mentioned, that's wrong modules folder...

Be careful if you played with Magisk lite and didn't do full Magisk Uninstall from the Magisk lite app when moving back to regular Magisk. Lite used different folder as worked very differently, especially as used whitelist mode instead of blacklist etc... I suspect Magisk database etc may also possibly be messed up for you... PW
Hi, thanks for help! Everything seems OK (like screenshot posted by you) except for "init.rc has been modified by magisk"
 

zgfg

Senior Member
Oct 10, 2016
6,351
3,767
I already have Riru, momohider, usnf. Is it compatible with these modules?
You listed tools to hide. Momo is detector. Install and try what 'root' components Momo will detect on your phone

In the Magisk General thread there were posts about what and how to hide from Momo (e.g., I posted one pretty comprehensive post two or three weeks ago, but since Search in XDA is again unusable, it might be hard to find)
 

glaedr

Senior Member
Mar 1, 2010
68
5
You listed tools to hide. Momo is detector. Install and try what 'root' components Momo will detect on your phone

In the Magisk General thread there were posts about what and how to hide from Momo (e.g., I posted one pretty comprehensive post two or three weeks ago, but since Search in XDA is again unusable, it might be hard to find)
Here's the output: if I hide momo in Magisk hide, "found Magisk" disappear.
 

Attachments

  • Screenshot_20211205-021201_Momo.jpg
    Screenshot_20211205-021201_Momo.jpg
    158.9 KB · Views: 144
Last edited:

glaedr

Senior Member
Mar 1, 2010
68
5
You listed tools to hide. Momo is detector. Install and try what 'root' components Momo will detect on your phone

In the Magisk General thread there were posts about what and how to hide from Momo (e.g., I posted one pretty comprehensive post two or three weeks ago, but since Search in XDA is again unusable, it might be hard to find)
I wasn't able to find anything. Can you help me please? Banking app doesn't work, error provided "exiting on root"
 

aLcaTr4z

Senior Member
Jul 9, 2019
51
7
Hey guys, ill stuck too on get this working. Running Magisk 23, Riru, USNF 2.1.2 but it wont do anything.

Need halp, need my bank account app to get f00d. :D

Edit: Fixed it, by running "props" on terminal. :whistle:
 
Last edited:

zgfg

Senior Member
Oct 10, 2016
6,351
3,767
I wasn't able to find anything. Can you help me please? Banking app doesn't work, error provided "exiting on root"
Sorry, no idea (even what is your particular banking app and how that app/their devs detect or guess about root)

From Magisk app, main window, bottom, there is a link to Guthub Wiki pages with instructions if certain apps detect root - maybe it can help
 

eeeemc

Senior Member
Jan 12, 2011
139
14
[ HELP SEEK]
My Redmi 9T ( aka Redmi 9 power ) banking apps kicked me out saying detected system has modified/rooted.

I've some little knowledge and already have installed what I know necessary Magisk Module , Magis Props Config , Riru , Riru-LSPosed, Universal SafetyNet Fix, SafetyNetfix 2.2.0, LSPosed & XPrivacy

( XPrivacy check mark the Google play service and those banking apps )

Magisk hided., Check SafetyNet is in Blue ( success )
Termux choose Google Pixel 6 fingerprints

Still no luck to get it work. Trying to see if any brothers here have new methods.

Thank you very much., edmond
 
Last edited:

pndwal

Senior Member
[ HELP SEEK]
My Redmi 9T ( aka Redmi 9 power ) banking apps kicked me out saying detected system has modified/rooted.

I've some little knowledge and already have installed what I know necessary Magisk Module , Magis Props Config , Riru , Riru-LSPosed, Universal SafetyNet Fix, SafetyNetfix 2.2.0, LSPosed & XPrivacy

( XPrivacy check mark the Google play service and those banking apps )

Magisk hided., Check SafetyNet is in Blue ( success )
Termux choose Google Pixel 6 fingerprints

Still no luck to get it work. Trying to see if any brothers here have new methods.

Thank you very much., edmond
You may have other issues, but Riru and Zygisk are not (now) compatible. You need USNF 2.1.2 for Riru... 2.2.0 is a Zygisk mod...

Which Magisk version?

... You don't need MHPC / fingerprint spoofing on your device unless have custom or China region ROM... doubtful you need XPrivacy lua either... Need to have bank app in hidelist / dentist and clear it's data after you see Google Play Protect passed (Device is Certified in Play Store settings). Clear Play Store and Google Play Services data after passing SafetyNet if not certified...

These are the basics. If 'root' is still detected after achieving above, say Which bank app!...

There are different hiding methods for various apps... PW
 
Last edited:

ecvarts

Member
Jun 22, 2017
13
1
I'm not sure anybody mentioned it here already, so I'll say it:
The developer dropped support for hiding root from apps, after being hired by Google.
 
  • Haha
Reactions: pndwal

j1gga84

Senior Member
Jun 21, 2012
4,619
2,730
Bremen
www.android-hilfe.de
I just installed V2.2.0 for Zygisk because I am using latest Magisk Canary build (23016) but with rootbeer fresh I still do not pass all tests. Therefore the fingerprint for my banking app and the wireless pay app from my bank crashes when trying to open.
I checked safety net status with YASNAC and I pass both tests, also play store shows my decide as certified.
I am using a Samsung Galaxy S9 running AlexisROM, an android 10 based stock ROM.

So any ideas how I can get the rest of tests green (pass)?

Thanks in advance
 

Attachments

  • Screenshot_20211217-001249_RootbeerFresh.jpg
    Screenshot_20211217-001249_RootbeerFresh.jpg
    377.2 KB · Views: 50

Qnorsten

Senior Member
Mar 14, 2012
215
110
I just installed V2.2.0 for Zygisk because I am using latest Magisk Canary build (23016) but with rootbeer fresh I still do not pass all tests. Therefore the fingerprint for my banking app and the wireless pay app from my bank crashes when trying to open.
I checked safety net status with YASNAC and I pass both tests, also play store shows my decide as certified.
I am using a Samsung Galaxy S9 running AlexisROM, an android 10 based stock ROM.

So any ideas how I can get the rest of tests green (pass)?

Thanks in advance
Have you added rootbeer and your bank app to the deny list in magisk manager app?
 
  • Like
Reactions: j1gga84

j1gga84

Senior Member
Jun 21, 2012
4,619
2,730
Bremen
www.android-hilfe.de
Have you added rootbeer and your bank app to the deny list in magisk manager app?
That worked for the rootbeer app but my banking app and mobile pay app from my bank still do not work..
The mobile pay app crashes when trying to open and in my bank app I cannot use fingerprint for login and some functions are missing from the banking app (typical when root is detected). I set both apps to deny list.
Any other ideas?

Regards
 
That worked for the rootbeer app but my banking app and mobile pay app from my bank still do not work..
The mobile pay app crashes when trying to open and in my bank app I cannot use fingerprint for login and some functions are missing from the banking app (typical when root is detected). I set both apps to deny list.
Any other ideas?

Regards
Make sure anything that detects root is in the deny list. Then clear the cache and maybe even the storage of said apps and reboot the phone.
 

wrongway213

Recognized Dev & Contributor / Retired Forum Mod
Jul 27, 2014
5,073
8,825
33
Canton, OH
I just installed V2.2.0 for Zygisk because I am using latest Magisk Canary build (23016) but with rootbeer fresh I still do not pass all tests. Therefore the fingerprint for my banking app and the wireless pay app from my bank crashes when trying to open.
I checked safety net status with YASNAC and I pass both tests, also play store shows my decide as certified.
I am using a Samsung Galaxy S9 running AlexisROM, an android 10 based stock ROM.

So any ideas how I can get the rest of tests green (pass)?

Thanks in advance
This is Universal SafetyNet Fix and you're passing SafetyNet. I'm not sure if a solution to your problem exists or not, but it's definitely outside the scope of this module, given you're passing SafetyNet and that's all this module is meant to do is make you pass SN.
 
  • Like
Reactions: vandyman

pndwal

Senior Member
I just installed V2.2.0 for Zygisk because I am using latest Magisk Canary build (23016) but with rootbeer fresh I still do not pass all tests. Therefore the fingerprint for my banking app and the wireless pay app from my bank crashes when trying to open.
I checked safety net status with YASNAC and I pass both tests, also play store shows my decide as certified.
I am using a Samsung Galaxy S9 running AlexisROM, an android 10 based stock ROM.

So any ideas how I can get the rest of tests green (pass)?

Thanks in advance
If anyone has an app failing due to detecting broken TEE after both achieving "Device is certified" Play Protect result in Play Store, adding the app to denylist / hidelist and then clearing the apps data, advice will be app-specific as many security centric apps are using various custom detection methods rather than the (currently); flawed SafetyNet API...

No-one can help w/o much unnecessary guesswork if you don't state what app you / we are dealing with...

I just put some general information about customised detection and solutions here:
https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-86111153

😝 PW
 
  • Like
Reactions: wrongway213

Top Liked Posts

  • There are no posts matching your filters.
  • 3
    DIdn't test with 2.2.0.
    From what I understand, LineageOS 18.1 will never pass SafetyNet.
    I'd like to be wrong...

    (Magisk Canary = Zygisk)
    LineageOS is very strict when it comes to what is added.
    This is not a bad thing but, it also means hacks and tricks are not permitted.
    LineageOS - GitHub - Charter - Link

    Looking at lake, the build fingerprint used was last updated Sep. 20th.
    LineageOS - GitHub - android_device_motorola_lake - Link

    The current lineage official builds have been updated to Dec. security date.

    Unless Motorola re-certifies that fingerprint with the Dec. security date, it will fail.

    Solution is to use a matching fingerprint and security date.
    Easiest way is to use Didgeridoohan's MHPC Module.
    [MODULE] MagiskHide Props Config - SafetyNet, prop edits, and more - v6.1.2 - xdaThread - Link

    Quick look, MHPC does not contain lake but it does have some G7 prints.
    river, ocean and channel. (Apparently they were on a water kick with the G7)

    Along with the 2.2.x USNF module, you should be good to pass. ;)

    Cheers. :cowboy:
    2
    LineageOS is very strict when it comes to what is added.
    This is not a bad thing but, it also means hacks and tricks are not permitted.. :cowboy:
    Just to qualify this a little, official LineageOS won't ship with such hacks / tricks incl. fingerprint spoofing, integrated Universal SafetyNet Fix etc, signature spoofing and so on, but many unofficial builds will pass SafetyNet natively.

    Users are permitted (not prevented) from adding such hacks / tricks after installation hovever, and many are available using Magisk, eg USNF, MHPC etc, as noted.

    Refs:
    - https://wiki.lineageos.org/faq#my-device-doesnt-pass-safetynet
    - https://www.lineageos.org/Safetynet/

    😛 PW
    2
    I have been running one variant or another (currently on v2.2.1 (Zygisk) since the beginning. Somehow, after the last update my Osmosis Busybox module disappeared. Is there a direct link to the module .zip file so I can sideload it?
    [TOOLS][ZIPS][SCRIPTS] osm0sis' Odds and Ends [Multiple Devices/Platforms] - xdaThread - Link
    The current version is UPDATE-Busybox.Installer.v1.34.1-ALL-signed.zip and can be installed using Magisk's module installer or TWRP.​

    Cheers. :cowboy:

    Edit:
    If you install it in TWRP without Magisk, it will install BB into system.
    1
    Which version of Magisk are you using? There are three variations of 23.0. It will make a difference in your Magisk setup options.
    You will need the Stable version for current setup.

    Magisk stable 23.000
    Magisk Canary 23. 016
    Magisk alpha 23
    My Magisk version is 23.0 stable
    1
    I have been running one variant or another (currently on v2.2.1 (Zygisk) since the beginning. Somehow, after the last update my Osmosis Busybox module disappeared. Is there a direct link to the module .zip file so I can sideload it?
    Google for Fox Mmm
  • 236
    Universal SafetyNet Fix
    Magisk module​

    This is a universal fix for SafetyNet on devices with hardware attestation and unlocked bootloaders. It defeats both hardware attestation and the new SafetyNet CTS profile updates released on January 12, 2021. The only requirement is that you can pass basic attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels.

    Passing basic attestation is mostly out-of-scope for this module; this module is meant to defy hardware attestation, as well as reported "basic" attestation that actually uses hardware under-the-hood. Nonetheless, it features a few basic attempts at helping pass basic attestation on some devices, especially older devices and devices running stock ROMs.

    No device-specific features (such as the new Pixel-exclusive Google Assistant design or screen-off voice match) will be lost with this fix.

    Android versions 8–11 are supported. Heavy OEM skins are not officially supported, but they may work depending on your luck and the particular ROM in question. Please do not report problems on such ROMs.

    How does it work?
    The way this workaround works is relatively low-level. An in-depth explanation, as well as source code and ROM changes, can be found on GitHub.

    Ideally, this workaround should be incorporated in ROMs instead of overriding part of the ROM in a Magisk module. The ROM changes for it are linked above for ROM developers to use.

    Downloads
    Downloads and changelogs can be found on GitHub. The topmost release is the latest.

    Telegram group
    Source code

    If this helped you, please consider donating to support development: recurring donation for sustainable support or buy me a coffee. Thank you for your support!
    28
    ok so there is a solution

    get the magisk module riru

    after you get riru get LSPosed

    after you get LSPosed get xprivacylua (in the LSPosed app)

    select play services in the xprivacylua settings IN the LSPosed app

    AND in the xprivacylua app itself after you've restarted.

    clear play service data

    check safetynet in magisk - enjoy?

    I would reboot between each step just to be safe but I know it's necessary to load the xprivacylua module

    s/o to saitama_96 for discovering it or so I'm led to believe
    22
    I managed to fix the 3rd party app fingerprint issue on my Samsung w/ Android 10 (commented on this Github issue too). Basically the AOSP keystore is not fully compatible with the Samsung one so I decided to binary patch the one on my phone and ended up with this module. Now both fingerprint and SafetyNet works.
    Notes:
    - This disables key attestation for every app, idk if it breaks anything, nothing broke so far
    - Only change is the replaced system_sdk29/bin/keystore with the Samsung one (8 bytes modified)
    - Only works on Android 10
    - Might or might not work for you, use at your own risk.
    21
    It's in progress.

    Worth noting when @kdrag0n does publish the new Zygisk rewrite of USNF then gms and unstable will actually need to be removed from the DenyList for the module to function correctly, not added like some people are doing now to get previous USNF versions working.
    18
    v2.1.0 is officially released and open sourced now, so everyone can stop being ****ing babies. 😏👍