MAGISK MODULE ❯ Universal SafetyNet Fix 2.4.0

[kdrag0n]

Universal SafetyNet Fix
Magisk module​

Magisk module to work around Google's SafetyNet attestation.

This module works around hardware attestation and recent updates to SafetyNet CTS profile checks. You must already be able to pass basic CTS profile attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels.

If you still have trouble passing SafetyNet with this module, use MagiskHide Props Config to spoof a certified device profile. This is a common issue on old devices, custom ROMs, and stock ROMs without GMS certification (e.g. Chinese ROMs).

Android versions up to 13 Beta 3 are supported, including OEM skins such as Samsung One UI and MIUI.

How does it work?
The way this workaround works is relatively low-level. An in-depth explanation, as well as source code and ROM changes, can be found on GitHub.

Ideally, this workaround should be incorporated in custom ROMs instead of injecting code with a Magisk module. See the ProtonAOSP website for more information.

Downloads
Downloads and changelogs can be found on GitHub. The topmost release is the latest.

Latest release
v2.4.0

Spoiler: Changelog

Highlights

• Play Integrity bypass without breaking device checks or causing other issues
• Disabled use of hardware attestation on Pixel 7 and newer (@anirudhgupta109)

Other changes

• Updated instructions for newer Android and Magisk versions
• Better debugging for future development

This version only supports Zygisk (Magisk 24 and newer).

It's taken a while to find a way to bypass Play Integrity that doesn't require spoofing the build fingerprint permanently, but I wanted to make sure this module doesn't cause any unnecessary breakage. Just like the original goal of Universal SafetyNet Fix, this minimizes adverse effects by spoofing dynamically at runtime only when necessary. Enjoy!

If you found this helpful, please consider supporting development with a recurring donation for rewards such as early access to updates, exclusive behind-the-scenes development news, and priority support.
Alternatively, you can also buy me a coffee. All support is appreciated

Source code

 

[Dydnlee]

Note 8 pro Android 9 and Android 10 not working

 

[tylerdurden]

Tested succesfully on Pixel 4a 5G, but Google Pay says "Your phone doesn't meet security requirements" even though PayPal can be set up.
Magisk Hide is activated.

 

[XlAfbk]

Magisk says SafetyNet passes but Google Pay still doesnt

 

[kdrag0n]

Note 8 pro Android 9 and Android 10 not working

Please test it again with this version: https://github.com/kdrag0n/safetynet-fix/archive/e82c3d0674e6452938e49bc6ee6848aa2a603c27.zip

 

[Dydnlee]

[QUOTE = "kdrag0n, gönderi: 84286879, üye: 7291478"]
Lütfen bu sürümle tekrar test edin : https://github.com/kdrag0n/safetynet-fix/archive/e82c3d0674e6452938e49bc6ee6848aa2a603c27.zip
[/ALINTI]

İnstall failed

 

[zgfg]

Thank you a lot, Universal SafetyNet Fix v1.1.0 working excellent on Xiaomi Mi 9T, Xiaomi.eu 21.1.6, MIUI 12.5 / Android 11 Beta

Device certified but not using Google Pay

 

[thomas140]

Safety net fix 1.0.2 worked for miui Eu 12.0.3.0 Android 10 for Poco F1.
Only that the ocbc bank Singapore app still able to detect the root and became unusable.
But I know that this doesn't relate to safetynet fix here because the issue already existed before the CTS false.

 

[Philnicolls89]

Tested succesfully on Pixel 4a 5G, but Google Pay says "Your phone doesn't meet security requirements" even though PayPal can be set up.
Magisk Hide is activated.

Clear app data from Google pay aswell as Google play services.

 

[MoL_82]

Tested on Samsung S9:
- 1.0.2 worked in MM, but Root Checker said 'cannot access GPS'.
- 1.1.0 fails ctsProfile in MM, but Root Checker now can access GPS, also returns ctsProfile fail.

 

[shchukax]

Massive thanks for this. Version 1.1.0 confirmed working on my device:
- Pixel 3, stock room
- Magisk 21.2, magisk manager 8.0.5
- Magisk hide enabled and magisk manager renamed

All banking apps and google pay work correctly, including contactless payments.

 

[michels3]

working on poco f2 pro,android 11,rom one os thanks

 

[AndDiSa]

Tested on Huawei Mediapad M5 with EMUI 9.1.0 and Magisk 20.4:
- 1.1.0 fails ctsProfile in MM, basic integrity is ok

 

[meriox]

Working OK on Mi Note 10 Lite, Android 10 and ROM xiaomi.eu
Thanks

 

[Drahy]

I tried this on my Samsung Galaxy A6 (official samsung firmware patched with magisk) - and even version 1.1.0 causes bootloop when using zip inside Magisk Manager - Android 10

 

[Antonio200]

Good morning. Working on Redmi Note 9 Pro xiaomi.eu 12.0.1 Android 10. No MagiskHide Props Config needed: basicIntegrity passed, ctsProfile passed, evalType BASIC.
Thank you so much

 

[MWewe]

MI10 Global with V12.2.8 xiaomi.eu , used V 1.0.2 works

Thank you!

 

[purgy]

Works on pixel 3a, last A10 patch, using magisk hide props config to force basic attestation. Was already using mhpc so not sure if it works without it. Fixed my CTS issue though, so thanks!

 

[dr4go]

@kdrag0n Thank you so much for this awesome masterpiece!

I find it a bit interesting, that I experience a problem which nobody else seems to have reported so far. I'm using a Galaxy S10 (Exynos, G973F), rooted with latest canary Magisk, no EdXposed or whatsoever...

If I enable this module, no bootloop, basic attestation, CTS passes. "Yes", so I thought...

The problem now... My bank app tries to access the keystore and crashes. This does not happen without having this module enabled... I have attached a fully logcat and hope that you have some insights...

EDIT1: re-attached file, didn't work on the first go.

EDIT2: oh... search for "easybank" or "keystore"

EDIT3: Android 11, One UI 3

 

[BenDavid]

POCO F1 user here. After flashing the module the phone stucks on the Google logo at boot.
The MHPC module didn't solve the problem either.

ROM: Pixel Experience 11 Beta (20201223)/Encrypted