MAGISK MODULE ❯ Universal SafetyNet Fix 2.4.0

[73sydney]

I thought I read somewhere: Turn ON airplane mode, Clear cache and data of the apps, Reboot and Turn OFF airplane mode before running the apps again.

some of us recommend doing the airplane mode thing for Google Play Store/Google Play Services when trying to pass the Integrity test after installing Magisk

not necessary for the average app

 

[m0han]

Which telegram channel?

 

[Arealhooman]

So, here is my modification of USNF with Play Integrity API bypass.

It changes fingerprint to old 7.1.2 6.0 (LOL) and apply it only for GMS SafetyNet process (by Zygisk injection), so your original prints/security path level does not change. This avoids many side effects/problems with global props changing.

Updated 2.0:
Bypassing DEVICE_INTEGRITY for devices that shipped with Android 13+ (Pixel`s 7 )

Updated:
Drop fingerprint to lowest possible (6.0) to ensure that no one use same Android version

Usage:
1. Delete/disable/reset MagiskHidePropsConfig (if installed).
2. Just install it over old Universal SafetyNet Fix and reboot device.
3. You may be needed to wipe GMS data (not cache) if there is no result immediately.

Many thanks to @1nikolas for integrity checker.

Source code: https://github.com/Displax/safetynet-fix/tree/integrity

Is this better than original

 

[Arealhooman]

@pndwal is it?

 

[zgfg]

@pndwal is it?

Did you read what you quoted?
It was developed to pass Play Integrity API when Google switched from SN to PI.
For many, it was needed to pass PI

Besides, you can easily switch back and force from the 'original' to this one. Modules are systemless - you disable or uninstall, all their changes will be gone

Hence nothing is stopping you to try. Btw, if the 'original' works for you, why changing the winning team.
But if you're not passing PI, then definitely try

 

[73sydney]

@pndwal is it?

He's possibly still asleep as its 5:30AM Sydney time, or starting his walk up his belltower on the way to work

USNF MOD v.2: Bypassing DEVICE_INTEGRITY for devices that shipped with Android 13+ (Pixel`s 7 )

It functionally makes no dfifference if youre

a) already passing with the non-modded one

or

b) whether you use v1.0 or v2.0 of the Modded version, if the non-modded one doesnt work, unless youre on a device launching with A13...

All the above will be moot within days when kdrag0n rolls out his updated official one

 

[Arealhooman]

He's possibly still asleep as its 5:30AM Sydney time, or starting his walk up his belltower on the way to work

USNF MOD v.2: Bypassing DEVICE_INTEGRITY for devices that shipped with Android 13+ (Pixel`s 7 )

It functionally makes no dfifference if youre

a) already passing with the non-modded one

or

b) whether you use v1.0 or v2.0 of the Modded version, if the non-modded one doesnt work, unless youre on a device launching with A13...

All the above will be moot wihin days when kdrag0n rolls out his updated official one

Wait this module will be updated ”within days”?

 

[73sydney]

Wait this module will be updated ”within days”?

Think of the impending new release as the "one to worry about next time you flash or have an issue with root detection".

In the meantime use the modded v2.0 one if youre still fence sitting

 

[Arealhooman]

Think of the impending new release as the "one to worry about next time you flash or have an issue with root detection".

In the meantime use the modded v2.0 one if youre still fence sitting

Okay! Will the release be announced here?

 

[zgfg]

Okay! Will the release be announced here?

Will it rain next year on the same day?

Btw, if/when the new official or unofficial will be released, users will start discussing it here

But I really think you should not install because that may cause a thermonuclear war

 

[varunpilankar]

I'm trying to make Paytm Tap to pay work using Mod2.. But still no luck.

Check the screenshots.

 

[pndwal]

I'm trying to make Paytm Tap to pay work using Mod2.. But still no luck.

Check the screenshots.

You may be missing the point of this module.

It's simply to allow you to pass PI deviceIntegrity when you don't!... If you already pass, updating won't help you further (except that it does help OnePlus and some other device users with other issues however, but I believe only if running A12+ w/ official USNF which combination can break fingerprint scanners etc; the @Displax mod builds some updated fixes for these devices/issues connected with spoofing props), and in your case running A10, it may not be needed at all as many devices pass PI deviceIntegrity w/ A10 or less and official USNF...

To put it simply, if you weren't passing deviceIntegrity before installing, then the @Displax USNF mod/fork is doing its job perfectly... There are simply other detected traces of root or apps, folders or other signals associated with custom modding that are being detected by your app and need addressing...

The basics are:
- Zygisk = Yes on Magisk home screen.
- (Bank/other) app in denylist. (Enforce DenyList enabled.)
- PI deviceIntegrity passing.
- Full Magisk App replaced with hidden stub App

Next things to try:
- Shamiko module. (Enforce DenyList disabled.)
- LSPosed module and configure Hide My Applist Xposed module properly.
- Check for and remove/rename folders associated with TWRP etc.
- Run detection apps like Momo to determine what else may be detected on your device...

Nb. Clear app's data after any detection/failure and before any new test...

Hope it helps. PW

 

[Arealhooman]

I'm trying to make Paytm Tap to pay work using Mod2.. But still no luck.

Check the screenshots.

There is no way to pass strong integity ona rooted device.

 

[pndwal]

There is no way to pass strong integity ona rooted device.

... Unless you have an Asus ROG Phone 3 (others?)... PW

 

[Arealhooman]

... Unless you have an Asus ROG Phone 3 (others?)... PW

Im surprised it wasn’t fixed

 

[pndwal]

Im surprised it wasn’t fixed

... By whom?... PW

 

[Arealhooman]

... By whom?... PW

Google? The company that made the phone? Isn’t it software?

 

[shoey63]

Im surprised it wasn’t fixed

Hang on, I'll just check

 

[shoey63]

Still all good on rooted ROG 3

 

[pndwal]

Google? The company that made the phone? Isn’t it software?

Very low level firmware... Looks like broken droidguard implementation to me, but OEM is responsible to implement keymaster functions...

Rog Phone 3 seems to be unique in allowing strongIntegrity to pass (specifically AVB always reports Device Locked = True / Bootloader Locked)...

Many others have broken keymaster implementations, most famously OnePlus, and I'm not aware of any that have been fixed with updates!... This appears, at least in part, to be the reason for Google's apparent whitelisted-device based system of bypassing hardware based verdict enforcement which, of course, is the only reason we can thwart integrity attestations on our modded devices!...

It seems that the recent emphasis on Google projects like Treble, Mainline and others, with all their GSI/GKI/other complexities (ostensibly to address fragmentation and improve compatibility for Long-Term Supported updates, uninhibited Android platform release upgrades, ability to contribute kernel changes back to upstream Linux etc) may also be to facilitate easier fixes for broken / buggy droidguard, keymaster implementations, Widevine DRM, generic TrustyTEE or custom TEE OS and any number of other critical firmware components however... Time will tell, but it's precisely the time all this takes that is giving modders the extra leases-of-life we are enjoying!...

I, for one, am in no hurry to see such 'issues' fixed! PW