Nergal di Cuthah
- Sep 20, 2013
Works fine as far as i can tellDoes the modded version work with Magisk v23 do you know?
Works fine as far as i can tellDoes the modded version work with Magisk v23 do you know?
Does it need to be installed with the kdrag0n original mod or should I remove that one first?Works fine as far as i can tell
If you are downgrading i suppose best practice is to remove the newer, don't know if it is necessary though. If you're on older than 2.4.0 then you should be able to install over (but don't follow the update button after as it will upgrade you to 2.4.0)Does it need to be installed with the kdrag0n original mod or should I remove that one first?
Ok thanks I'll try it again. I'm using older version as I'm on magisk v23 and need the Riru version of safety net fixIf you are downgrading i suppose best practice is to remove the newer, don't know if it is necessary though. If you're on older than 2.4.0 then you should be able to install over (but don't follow the update button after as it will upgrade you to 2.4.0)
I'm sorry i think I misread your magisk version. I think I'm on 25Ok thanks I'll try it again. I'm using older version as I'm on magisk v23 and need the Riru version of safety net fix
This is probably off-topic and if so, can anyone please point me to where should I post to ask for advice about general apps root avoidance?
Since its latest update, I've been unable to open this app (the app's apk is attached just in case it's exclusive to my region) because it detects that my phone is insecure. My phone passes PI until basic integrity so maybe someone with strong integrity verdict can help me check if the app requires it.
View attachment 5820903
For information, I've tried HMA and DenyList with Shamiko.
Thank you in advance.
No... It's a Zygisk module so needs 24.0+.Does the modded version work with Magisk v23 do you know?
Works fine as far as i can tell
Please see post above... PWDoes it need to be installed with the kdrag0n original mod or should I remove that one first?
Yes, but you have to uninstall UNSF and give up official magisk. Also even you switch to another unofficial magisk, installing USNF will make it detects again. That's your choice ¯\_(ツ)_/¯Sorry for bumping but can anyone help me with this, please?
OuchYes, but you have to uninstall UNSF and give up official magisk. That's your choice ¯\_(ツ)_/¯
Also check this:
[Suggestion] Bypass Safetynet without using resetprop · Issue #253 · kdrag0n/safetynet-fixWe have few apps that detect dirty props change done by Magisk resetprop. This will make it is impossible to use these apps and make Safetynet passed on stock ROM. We need to change necessary props...github.com
Try uninstalling xprivacylua and delete all the folders it created in system and sdcard. That was what tripped integrity checker for me beforeOn Google Pixel 5, I installed january update last weekend. Since today only, I can't pass integrity check anymore.
I followed V0latyle and Homeboy76 guides, tried with Kdrag0n(2.4) and Displax's (3 available versions) modules. Each time I flashed in Magisk then wiped Play Store, Play services and Wallet cache and data.
Deny list is configured but not enforced since I use Shamiko. I tried both ways tho, but unsuccessful in both.
No changes in my modules since I updated so I don't think one of them caused it, but here's the lists:
My modules in magisk are
- AOSP Mods Full 2.6.0
- Builtin Busybos 1.0.4
- Debloater 17.3.3
- Magisk Bootloop protector 1.5
- mindetach 2.3
- Shamiko 06
- Universal SafetyNet Fix 2.4.0 (Kdrag0n)
- Youtube Revanced 18.03.36
- Zygist Lsposed 1.8.5 mod
In Lsposed, modules are :
- AOSP mods
- Let me downgrade
Any idea what I'm missing and what could be a fix?
Holy Moly you made me happy!Try uninstalling xprivacylua and delete all the folders it created in system and sdcard. That was what tripped integrity checker for me before
I tried everything and at some point deleted all my magisk and xposed modules to test individuallyHoly Moly you made me happy!
I didn't find any folder to delete, but first try with Displax latest mod + clear data from Play Store, Play service and Wallet did the job.
I reinstalled XprivacyLUA, so far so good Still have to go out and test the wallet.
Thanks Captain! May I ask how did you find out?
Update: I have tried again to simply delete the data of GW, GPS and PS and wallet started working againHi again guys
thanks to the help of @pndwal I was able to have wallet working, simply adding com.google.android.gms.unstable and com.google.android.gms to magisk denylist with no USNF magisk module at all.
Until now everything was working preatty fine and i was using wallet for paymenti without any problem, but now I have just opened wallet and again the same poup up saying my device doesn't meet safety requirements.
One Plus 9 eith EvolutionX ROM (ROM seems to have some tricks to pass safetny net on its own)
No magisk module installed
i am able to get MEETS _DEVICE_INTEGRITY and MEETS_BASIC_INTEGRITY
how can you tell this? I am now out of nowhere not passing integrity check, and I have no idea why, and I'm not sure ow to troubleshoot to determine the cause.Try uninstalling xprivacylua and delete all the folders it created in system and sdcard. That was what tripped integrity checker for me before
try uninstalling all your xposed / magisk modules and see if that workshow can you tell this? I am now out of nowhere not passing integrity check, and I have no idea why, and I'm not sure ow to troubleshoot to determine the cause.
will disabling them do the same trick?try uninstalling all your xposed / magisk modules and see if that works
A number of modules will break basicIntegrity even for S/N API, more for PI API... Some configurations in modules like XPrivacyLUA will also break ctsProfileMatch etc... Disabling all modules other than USNF is the correct approach for diagnosing issues...will disabling them do the same trick?
edit: disabled XPL and rebooted. now im passing safety net. wth!? I guess I will have to see what google apps I restricted the last couple days and undo that? is that the proper course of action?
EDIT#2: Cant seem to get safety net to pass if XPL is active at all. Is there cache or data in certain folders I need to delete or rename? I'm on A13 on a p7p with the latest security update. I have magisk 25.2 and lsposed 1.8.6. I'm using universal safety net fix 2.4.0.
EDIT #3: so it seems restricting gboard with XPL causes safetynet to trip. I will post a 4th edit, but I believe there is a specific restriction on gboard that is causing this.
For the beginning see many previous posts - why people move to the fork safetynet-fix-v2.4.0-MOD_1.2.zip and try insteadHi there. Can anybody help me?
After last google services update, google pay is stop to work.
I have official magisk 25.2 instaled with:
Tried magisk delta, but it didn't help me.
What can you advise me?
Thank you. Trying this now. I don't have any other modules installed, Not sure what Nb means, but I think it worked.Same as above... And if deviceIntegrity doesn't pass, try with all modules disabled except modded USNF...
Nb. SafetyNet API is deprecated now and most banks have moved on to Play Integrity API... Modders need to keep up too... PW
NB = Nota bene (Latin), like Take a noteThank you. Trying this now. I don't have any other modules installed, Not sure what Nb means, but I think it worked.
Thanks again boss.
From your screenshots, it doesn't look like all the selections in the sub-selection/drop-down are ticked...you need every single one of them to be ticked...Device: Realme GT2 pro (RMX 3301)
Android 13 (Realme UI 4.0 version - c13)
you might want to check out Post #3223, for Pixel 6 & Pixel 7 particularly, that mod works out real well...
And of course the obligatory clear cache & data of Google Play Protect, Google Framework, Google Play Services, Wallet, Gpay, all these apps' ticks in their respective sub-menu is ticked in MagiskHide, and be sure to restart (personal experience; I did all that and couldn't add card, but after restart I could). Also, I passed safetynet and successfully added card, but had to call the banks on two cards to get it working without error at a store...
It works as you first described
Magisk Hide+SafetyNetFix Mod, no zygisk or shamiko, no enforce deny list
Denied wallet+play services+framework+protect, deleted all datas and reboot
Wallet works and no root detected, thanks!!
Yes! I was trying to find the link for that mod. This worked. Thanks!With Integrity and CTS do you refer to the deprecated SafetyNet or the 'new' Play Integrity API?
Also, are you using USNF from this thread or the newer/better safetynet-fix-v2.4.0-MOD_1.2 from the other thread?
Look into the other USNF thread from Displax and find more info in the thread about GPay
Btw, banking apps do not rely only on PI API - they try many other detections od root, hence you might need (things vary from app to app) Shamiko, Hide My Applist or even the Magisk Delta fork
The best would be to search through the Magisk related threads here on XDA, how the other user(s) solved the root detection from your particular banking or similar app
Ok, so NOT intermittently passing only basicIntegrity verdict...Yes. Device and basic passes.
I use the phone for 2 hrs
I run the checker again and device and basic integrity fails.
Reboot. It then starts passing again
Edit: restarting gms fixes it too.
With Integrity and CTS do you refer to the deprecated SafetyNet or the 'new' Play Integrity API?so I'm on android 13, pixel 6a. Got Integrity and CTS match and also Play Store as Certified. Although, still no google pay or banks access. Any hints to get this working or it this fix not fully functional on 13 as of yet?
Please make 'Universal Play Integrity Fix' ... #204
Fixes to expand 'Universal SafetyNet Fix' to become a 'Universal Play Integrity Fix' are needed.
The SafetyNet Attestation API is deprecated and has been replaced by the Play Integrity API.
New Play Integrity API is rolling out from June 2022, and evidently Google Play Store and Google Pay/Wallet are already using its verdict.
June 2023 is the Migration Deadline for app developers. This will also allow their older app versions to continue working with SafetyNet API for a limited time.
June 2024 is the End of life for SafetyNet API; its attestation will no longer work for any app version, and apps will receive an error.
The new Integrity API has more strict requirements for passing attestation, and this seems to be enforced in Android 11+ particularly.
Currently (evidently due to this), device security issues are detected by
I'm guessing that the 'passing' messages based on the old SafetyNet API are likely to realigned soon.
- Google Pay/Wallet, which may state "You can't pay contactless with this device...(Your phone doesn't meet software standards)" on updating or attempting to add a card despite in-app Contactless setup stating "You're ready to pay contactless with your phone (Your phone meets security requirements)", and
- Google Play Store, which may no longer show apps like Netflix w/ Android 11+ (developers can 'exclude devices from their app's distribution based on their device integrity . Device exclusion is based on the latest device integrity verdict that the Play Store app receives from the Play Integrity API') despite in-app settings showing Play Protect 'Device is certified' result.
A workaround that evidently allows Play Integrity API attestation to pass (and solve Wallet / Play Store issues also) has been discovered. It involves spoofing an earlier certified ROM, generally by using MagiskHide Props Config module to change fingerprint prop to one for Android 10 or earlier.
Undoubtedly other apps will begin to detect broken TEE etc / fail as they migrate or begin integrating the Play Integrity API.
A 'Universal Play Integrity Fix' will evidently require more understanding / research into how the fingerprint prop is used, and possibly other new behaviours.