MAGISK MODULE ❯ Universal SafetyNet Fix 2.3.1

Search This thread

zgfg

Senior Member
Oct 10, 2016
7,963
5,514
No, I meant what is gms? Is that a zip or an apk I can download?
I answered you what is GMS in my post #2029 today:
(not sure if link will open for you and would it let you to update)

I never manually installed/updated GMS - Google does that in background

You could try to install newer GMS from APK Mirror (no experience from my side)
but do not download/install Beta version
 
Last edited:
  • Like
Reactions: LedgendaryEpics

LedgendaryEpics

Senior Member
Jun 14, 2018
195
51
He mentioned that I'm on an old version of yasnac but the one I see on GitHub is from April, is there an updated repo I can search for the updated apk?
 

zgfg

Senior Member
Oct 10, 2016
7,963
5,514
I have the latest version of Google play store installed
(Google Play) SERVICES is not (Google Play) STORE

Different words (!) and hence different things

Store is an app (you need to buy/download apps and games from the Google store) but Services is the background service, with various Google APIs

Store cannot work without Services, but Services do not need Store.
Similarly, Maps need Services (but not vice versa), etc

Again, Services are kind of a core for GApps, used by various other Google apps (but not limited to apps from Google, since open APIs can be called by any other app)
 
Last edited:

pndwal

Senior Member
He mentioned that I'm on an old version of yasnac but the one I see on GitHub is from April, is there an updated repo I can search for the updated apk?
No, not old Yet Another SafetyNet Attestation Checker, but that showed old Google Play Services (pre Play Integrity Application Programming Interface) who's processes are based on Google Mobile Services in your Screenshot, so you need to update this ...

I said update Google Play Store simply because this may have been preventing use of latest Google Mobile Services, A(lso) K(nown) A(s) Google Play Services... I don't know if this necessarily results... But I'm Past Wondering... 😜

OMG!!! "gms S/N pass" 'pw" "pi api" all these abbreviated terms! I know what most of these mean now, but people looking back at this is gonna get confused how often y'all use this...
BTW, FWIW these are common / good acronyms here, and we use 'em for economy like you use OMG... 🙂 PW
 
Last edited:

13Sullo80

Member
Aug 6, 2022
9
2
So, here is my modification of USNF with Play Integrity API bypass.

It changes fingerprint to old 7.1.2 6.0 (LOL) and apply it only for GMS SafetyNet process (by Zygisk injection), so your original prints/security path level does not change. This avoids many side effects/problems with global props changing.

Updated:
Drop fingerprint to lowest possible (6.0) to ensure that no one use same Android version

Usage:
1. Delete/disable/reset MagiskHidePropsConfig (if installed).
2. Just install it over old Universal SafetyNet Fix and reboot device.

Many thanks to @1nikolas for integrity checker.

Source code: https://github.com/Displax/safetynet-fix/tree/integrity
Thx for the zip. Basic check and CTS still fails. Not sure what to configure to hide root.

Magisk is hidden. Have configured deny list to check all Google play services. Not sure what I did is right.
 

ipdev

Recognized Contributor
Feb 14, 2016
2,062
1
3,942
Google Nexus 10
Nexus 7 (2013)
OMG!!! "gms S/N pass" 'pw" "pi api" all these abbreviated terms! I know what most of these mean now, but people looking back at this is gonna get confused how often y'all use this...
Hi all. :)
Quick PSA.
[Public Service Announcement.]

API is short for "Application Programming Interface".

GMS is short for "Google Mobile Services".

SN (S/N) in this thread has become shorthand for "SafetyNet".

I am not sure if/when PI became shorthand for "Play Integrity".

pw (PW ) is @pndwal's signature. 🙃

Cheers all. :cowboy:
 

ipdev

Recognized Contributor
Feb 14, 2016
2,062
1
3,942
Google Nexus 10
Nexus 7 (2013)
No, I meant what is gms? Is that a zip or an apk I can download?
Let Google (PlayStore) update them to the current versions.
GMS, YASNAC, ...

Google will update them to the newest version that is set to your account(s).
Might be newer or older than another account.
Normally based off of the version Google set to the primary account you used to set up the device.


Cheers. :cowboy:
 

pndwal

Senior Member
Hi all. :)
Quick PSA.
[Public Service Announcement.]

API is short for "Application Programming Interface".

GMS is short for "Google Mobile Services".

SN (S/N) in this thread has become shorthand for "SafetyNet".

I am not sure if/when PI became shorthand for "Play Integrity".

pw (PW ) is @pndwal's signature. 🙃

Cheers all. :cowboy:
Thought I'd spelt it out too... Praps I hadn't. 😜
https://forum.xda-developers.com/t/magisk-module-universal-safetynet-fix-2-3-1.4217823/post-87257633 P(ast) W(ondering) 🙃
 
Last edited:

casabel

Senior Member
Jul 17, 2013
143
16
latest magisk (zygisk)

I have google play services 22.26.15
playstore 31.7.27-21 (0) PR

the safetynetfix (last 2.3.1) does not certify the playstore
tried force stop , clear data etc
 
Last edited:

LedgendaryEpics

Senior Member
Jun 14, 2018
195
51
No, not old Yet Another SafetyNet Attestation Checker, but that showed old Google Play Services (pre Play Integrity Application Programming Interface) who's processes are based on Google Mobile Services in your Screenshot, so you need to update this ...

I said update Google Play Store simply because this may have been preventing use of latest Google Mobile Services, A(lso) K(nown) A(s) Google Play Services... I don't know if this necessarily results... But I'm Past Wondering... 😜


BTW, FWIW these are common / good acronyms here, and we use 'em for economy like you use OMG... 🙂 PW
Sorry my frustration was kinda like this --> [omg ttyl ymbf itww and btw lmk if yk me to send you my ffl to csi lol] It's confusing using it all at once is what I was getting at not passively.
 
  • Haha
Reactions: pndwal

hulyahulya

Senior Member
Feb 19, 2019
174
10
im using mi10t magisk 20.4 android 10. i tried all safetyfix didnt pass. is there and moddded version for solve ?
 

zgfg

Senior Member
Oct 10, 2016
7,963
5,514
im using mi10t magisk 20.4 android 10. i tried all safetyfix didnt pass. is there and moddded version for solve ?
There is and it was posted in this thread. Practically all posts during the last two weeks are about the same things

However, the mod version was made for Zygisk, hence it requires Magisk v25
 

hulyahulya

Senior Member
Feb 19, 2019
174
10
There is and it was posted in this thread. Practically all posts during the last two weeks are about the same things

However, the mod version was made for Zygisk, hence it requires Magisk v25
For android 10 last version magisk 20.4. if flash high magish than 20.4. android 10 bootloop
 

Top Liked Posts

  • 3
    Could you please send me the links. I couldn't find them In looking for what Kao said.

    I looked for Shamiko but it is not available on github (Genuine source)

    There are so many apps labelled as Hide Apps, Hide an app, not the one you mentioned HMA. Will appreciate if you give direct links.

    bookmark this thread, most files, including Shamiko can be found linked from the first page of the thread, and check the last few pages regularly to keep up with any changes


    Hide My Applist - theres a guide (not yet linked from that page, perhaps @ipdev wants to separate himself from the (planned) madness its devolving into) can be found here:


    But please learn to use the search too, thanks
    3
    SafetyNet fix worked for me and it shows my device is certified in PlayStore. However there are problems:
    1. Some apps like RTO says my device is rooted and my bank app is not working. Both apps use to work on Magisk 22.1 with SafetyNet fail.
    2. I forgot what this was.

    Do watch the screen record I've attached.

    May be its latest Magisk 25.2 issue.
    Not sure if this is your app (I looked on Playstore but since I'm not from India, maybe I can't see all the regional apps):

    First I install and opened, it reported the root

    I put to DenyList and rebooted - still reported the root

    I added to my Hide My Apps, hiding Magisk app, LSPosed and modules, rebooted (and cleared Cache and Data for RTO app) and there was no more root detection popup - it asked me to select language and city (screenshots)

    Maybe you don't even need HMA (eg, if you don't have LSPosed installed) but simply hiding Magisk app would work instead. You must test yourself

    How to look for instructions on how to use DenyList, HMA, etc - you got info in the previous posts

    My config:
    Xiaomi, MIUI 12.5/A11, Magisk Canary 25205, Zygisk, DenyList (configured but not enforced), Shamiko and USNF (Display mod, not only for SafetyNet but also for the new Play Integrity), LSPosed + Hide My Apps
    3
    Wow you have achieved it. Yes that is the right app. However I feel we do not have to take so many steps to make few apps work. I appreciate your will though. I wish there was some simple way like I don't like to install Lsposed and other stuff just for 2 apps.

    I wrote on github magisk issue page and the so called magiskbot has closed the issue right after submitting it. Lame!

    I installed HMA, it says not activated. Is it a Lsposed module?
    HMA is LSPosed module. Please do not ask things that are described in the HMA Guide thread, please take your time and read, learn things - you were even given the link to that thread with extensive OP instructions

    I wish many things but they will not materialize

    Btw, TJW (author of Magisk), maybe already two years ago, was hired by Google and he clearly distanced himself from any root hiding. Magisk does not provide that option anymore and you can not report hiding issues for your app as a bug.
    I'm even pretty sure that on his GitHub, Issues page, it is noted that problems with hiding the root must not be reported (not sure did you read things)

    Anyway, steps I made are usually needed for 99% percent of 'banking' apps (apps that seek for 'root') and for most of them no additional steps are needed.
    Hence you need to learn on this first example and in the future you will need only five minutes to hide the root from your next banking app when you step on

    Again, we gave you hints what to read, study and learn - I'm pretty sure you didn't (hence sorry, I will no more waste time on answering you) because you don't follow and still ask for what is covered in those instructions.
    Enough from my side, good luck
    2
    Please watch the screen record I've posted (Edited post by adding video). I know zygisk in Magisk and already hide root for these 2 apps and other. Still not success.

    I wish there should be a separate flashable zip to spoof Bootloader to 'locked' when it's already Unlocked.

    Following your advice now checking Kao post etc.
    I watched your video. Btw, I also edited my previous post

    I don't use you RTO app and developers do not publish how they look for the 'root'. Hence no way that I can tell you what steps are needed to hide 'root' from that app - it can be ONLY found by experimenting

    I gave you the hints: put it to DenyList and reboot, install Shamiko and reboot, try with HMA and reboot...

    Even worse, things may differ between the phones, ROMs, Android versions. A method to hide 'root' for one particular app, that works on eg Samsung with A11 (telling arbitrary) may not be enough for Xiaomi with A12, or for the custom ROMs like LOS, etc

    Usually, before retesting, clear Data for your RTO app BCS it may remember that the previous time it found the 'root', hence your new hiding will not help

    Btw, this is out of topic for this thread (this thread is about passing SafetyNet and its new successor Play Integrity API).
    There is also a thread about hiding the 'root' with some instructions there (but not man posts following)

    Generally, search on XDA about your RTA app, maybe somebody posted.
    Maybe you will need Magisk Delta fork (it hides better than the official Magisk)

    Sorry, too many variables, but maybe the answer is very simple and straightforward if you find that somebody else already tweaked that app
    2
    Could you please send me the links. I couldn't find them In looking for what Kao said.

    I looked for Shamiko but it is not available on github (Genuine source)

    There are so many apps labelled as Hide Apps, Hide an app, not the one you mentioned HMA. Will appreciate if you give direct links.
    It was typo, it should have been "OP posts" - posts by the original poster who opened the thread (a particular thread eg with the guide for using HMA)

    Please use Google. Eg, Google for:
    XDA Magisk general
    and
    XDA Magisk Zygisk
    and
    XDA Hides my apps guide
    and
    XDA Magisk Delta
    etc

    Btw, on XDA, top-right of the pages, there is also Search

    Sorry, I really don't have time and (and don't see any need for) to do searches for you and to copy-paste the links (I'm subscribed to a dozen of interesting threads, I don't keep their links to copy/paste the handy URLs)

    And sorry, I'm also not interested into the RTO app (don't know what it is and where from to install) to investigate how to hide the root from

    Btw, if you post the installation link for your app, ppl with various phones, ROMs, Magisk configurations may test does the app open for them
  • 4

    I think you missed the part where you ask an actual question, and provide details

    We dont troubleshoot from screenshots alone here....

    Also you seem to have missed reading from any of the last dozen or so pages which would tell you that its no longer just about passing safetynet, and what the fix is...

    You should get into the habit of reading the last pages of any thread before posting a query, as generally if youre experiencing an issue (one thats usually a dramatic change) then others are too, therefore an answer probably has already been provided.

    Posting just a screenshot, no info and expecting people to jump to attention for you will not go well for you here...youre expected to do some work yourself..

    This will get you up to speed, but please, next time, dont be lazy...

    4
    Lo siento mucho, subí las capturas de mi celular para no pasarlas a la PC, estaba pensando en editar para agregar información, pero tuve un problema físico y no podía usar la PC, ahora vi la notificacion y se que hice mal, hasta la proxima que tenga el texto no subire las fotos

    gracias por la advertencia
    Please, this is English forum, use Translate if necessary to post in English
    4
    Still, can you pls post what is the package name of that Google Play Protect Service
    "com. google. android. odad."
    3
    Wow you have achieved it. Yes that is the right app. However I feel we do not have to take so many steps to make few apps work. I appreciate your will though. I wish there was some simple way like I don't like to install Lsposed and other stuff just for 2 apps.

    I wrote on github magisk issue page and the so called magiskbot has closed the issue right after submitting it. Lame!

    I installed HMA, it says not activated. Is it a Lsposed module?
    HMA is LSPosed module. Please do not ask things that are described in the HMA Guide thread, please take your time and read, learn things - you were even given the link to that thread with extensive OP instructions

    I wish many things but they will not materialize

    Btw, TJW (author of Magisk), maybe already two years ago, was hired by Google and he clearly distanced himself from any root hiding. Magisk does not provide that option anymore and you can not report hiding issues for your app as a bug.
    I'm even pretty sure that on his GitHub, Issues page, it is noted that problems with hiding the root must not be reported (not sure did you read things)

    Anyway, steps I made are usually needed for 99% percent of 'banking' apps (apps that seek for 'root') and for most of them no additional steps are needed.
    Hence you need to learn on this first example and in the future you will need only five minutes to hide the root from your next banking app when you step on

    Again, we gave you hints what to read, study and learn - I'm pretty sure you didn't (hence sorry, I will no more waste time on answering you) because you don't follow and still ask for what is covered in those instructions.
    Enough from my side, good luck
    3
    All Apps > 3 dots > Show System
    Xiaomi, A12

    I have five apps and services containing the word Play in the name (including system ones - otherwise Google Play Services will not show), but none with the name Google Play Protect Service - screenshot(s)

    And I've never seen that one

    Please provide its package name?

    However, I've found something about:

    and accordingly, the package name seems should be:
    com.google.android.odad

    but I don't have a package with that name installed

    Actually, I've searched in the Terminal emulator for all similar packages by:
    su
    pm list packages -f | grep protect
    pm list packages -f | grep play
    pm list packages -f | grep services
    pm list packages -f | grep odad
    ...


    and it finds Google Play Store app, Google Play Services app, etc, but nothing like Google Play Protect Services

    Btw, do you happen to have Pixel (and maybe Android 13)?

    PS: Google Play Protect Service can be found on ApkMirror
  • 282
    Universal SafetyNet Fix
    Magisk module​

    Magisk module to work around Google's SafetyNet attestation.

    This module works around hardware attestation and recent updates to SafetyNet CTS profile checks. You must already be able to pass basic CTS profile attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels.

    If you still have trouble passing SafetyNet with this module, use MagiskHide Props Config to spoof a certified device profile. This is a common issue on old devices, custom ROMs, and stock ROMs without GMS certification (e.g. Chinese ROMs).

    Android versions up to 13 Beta 3 are supported, including OEM skins such as Samsung One UI and MIUI.

    How does it work?
    The way this workaround works is relatively low-level. An in-depth explanation, as well as source code and ROM changes, can be found on GitHub.

    Ideally, this workaround should be incorporated in ROMs instead of overriding part of the ROM in a Magisk module. The ROM changes for it are linked above for ROM developers to use.

    Downloads
    Downloads and changelogs can be found on GitHub. The topmost release is the latest.

    Latest release
    v2.3.1

    Highlights
    • Fixed fingerprint on OxygenOS/ColorOS 12 (@osm0sis)
    • Support for Magisk 24+ module updates (@benjibobs)
    • Restored support for Android 7
    Other changes
    • Spoofed OnePlus OEM unlock status for futureproofing (@osm0sis)
    • Minor code improvements
    This version only supports Zygisk (Magisk 24 and newer).

    Source code

    If this helped you, please consider donating to support development: recurring donation for sustainable support or buy me a coffee. Thank you for your support!
    175
    So, here is my modification of USNF with Play Integrity API bypass.

    It changes fingerprint to old 7.1.2 6.0 (LOL) and apply it only for GMS SafetyNet process (by Zygisk injection), so your original prints/security path level does not change. This avoids many side effects/problems with global props changing.

    Updated 2.0:
    Bypassing DEVICE_INTEGRITY for devices that shipped with Android 13+ (Pixel`s 7 )

    Updated:
    Drop fingerprint to lowest possible (6.0) to ensure that no one use same Android version

    Usage:
    1. Delete/disable/reset MagiskHidePropsConfig (if installed).
    2. Just install it over old Universal SafetyNet Fix and reboot device.
    3. You may be needed to wipe GMS data (not cache) if there is no result immediately.

    Many thanks to @1nikolas for integrity checker.

    Source code: https://github.com/Displax/safetynet-fix/tree/integrity
    31
    Folks, the SafetyNet API was depreciated last Month with 'full turndown' slated for June 2024 and the introduction of the new Play Integrity API. It has also become clear that Google apps are simply the first to adopt the long foretold Play Integrity API; all responsible banks are bound to follow suit in short order, and at least before the June 2023 migration deadline.

    This means (assuming fully deployed Hardware Key Attestation doesn't come first 😬) that the need for a 'Universal Play Integrity Fix' has become quite urgent.

    We currently have workarounds involving using older fingerprint props by means of MHPC module (similar to fix needed for uncertified ROMs), but success/mileage varies per device and users of regular bank apps / gamers etc on stock devices will all soon be forced to experiment with MHPC prints also... This is hardly ideal.

    So I've made an issue report/request on USNF GitHub as follows. This information may be insightful to users here also...

    Please let me know here if I have missed anything important, or add any technically relevant details there...

    PLEASE DON'T spam that issue with unimportant details or queries... (The previous issue is already burgeoning w/ OT.) That's what this thread is for... 😛 :

    Please make 'Universal Play Integrity Fix' ... #204

    Fixes to expand 'Universal SafetyNet Fix' to become a 'Universal Play Integrity Fix' are needed.

    The SafetyNet Attestation API is deprecated and has been replaced by the Play Integrity API.
    https://developer.android.com/training/safetynet/deprecation-timeline

    New Play Integrity API is rolling out from June 2022, and evidently Google Play Store and Google Pay/Wallet are already using its verdict.

    June 2023 is the Migration Deadline for app developers. This will also allow their older app versions to continue working with SafetyNet API for a limited time.

    June 2024 is the End of life for SafetyNet API; its attestation will no longer work for any app version, and apps will receive an error.

    The new Integrity API has more strict requirements for passing attestation, and this seems to be enforced in Android 11+ particularly.

    Currently (evidently due to this), device security issues are detected by

    1. Google Pay/Wallet, which may state "You can't pay contactless with this device...(Your phone doesn't meet software standards)" on updating or attempting to add a card despite in-app Contactless setup stating "You're ready to pay contactless with your phone (Your phone meets security requirements)", and
    2. Google Play Store, which may no longer show apps like Netflix w/ Android 11+ (developers can 'exclude devices from their app's distribution based on their device integrity . Device exclusion is based on the latest device integrity verdict that the Play Store app receives from the Play Integrity API') despite in-app settings showing Play Protect 'Device is certified' result.
    I'm guessing that the 'passing' messages based on the old SafetyNet API are likely to realigned soon.

    A workaround that evidently allows Play Integrity API attestation to pass (and solve Wallet / Play Store issues also) has been discovered. It involves spoofing an earlier certified ROM, generally by using MagiskHide Props Config module to change fingerprint prop to one for Android 10 or earlier.

    Undoubtedly other apps will begin to detect broken TEE etc / fail as they migrate or begin integrating the Play Integrity API.

    A 'Universal Play Integrity Fix' will evidently require more understanding / research into how the fingerprint prop is used, and possibly other new behaviours.

    Here's hoping... 🙃 PW
    28
    ok so there is a solution

    get the magisk module riru

    after you get riru get LSPosed

    after you get LSPosed get xprivacylua (in the LSPosed app)

    select play services in the xprivacylua settings IN the LSPosed app

    AND in the xprivacylua app itself after you've restarted.

    clear play service data

    check safetynet in magisk - enjoy?

    I would reboot between each step just to be safe but I know it's necessary to load the xprivacylua module

    s/o to saitama_96 for discovering it or so I'm led to believe
    26
    Some useless statistics:
    My MOD was downloaded over 2k times.
    1,5k from XDA
    800 from GitHub

    I'm glad i made 2000+ people happier :) Thank you!