MAGISK MODULE ❯ Universal SafetyNet Fix 2.4.0

Search This thread
By:
Advanced…
P

pndwal

Senior Member
Jun 23, 2016
6,376
7,184
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
ddrum2000 said:
Ok so what am I missing here. I cleared the storage for gpay, wallet, and play services, then rebooted. Here's what I got...
View attachment 5830633
My enabled modules
View attachment 5830637

Then the denylist...
View attachment 5830635

Then I try to add a card in wallet
View attachment 5830639

What am I missing? Thanks for the help.
Click to expand...
Click to collapse
Very suspicious USNF fork... Doesn't even credit @kdrag0n!? 😶 ... Dev doing their own thing at best...

And you seem to have missed my response to you 🙁 :
pndwal said:
Did you have this passing previously?...
Click to expand...
Click to collapse
Yes?... No?...
pndwal said:
Is ROM stock?...
Click to expand...
Click to collapse
Yes?... No?...
pndwal said:
You don't need Play Store in denylist... Keep Play Protect Service...
Click to expand...
Click to collapse
... Where did that go? Edit: Actually I mis-remembered this... Don't add this here, but you may need to clear Play Protect Service's data later to restore Play Protect Device is Certified in Play Store...
pndwal said:
Other than that, only bank and detection apps + GPay/Wallet are normally added...

Try passing PI deviceIntegrity
Click to expand...
Click to collapse
Where is Play Integrity check result?... G Pay/Wallet isn't called SafetyNet API anymore since it's depreciated...
pndwal said:
with all modules disabled other than one of @Displax's USNF Mod builds,
Click to expand...
Click to collapse
So why the dubious USNF???
pndwal said:
denylist enforced and Zygisk = Yes appearing on Magisk App home screen... PW
Click to expand...
Click to collapse
Have you checked these?... PW
 
Last edited:
D

ddrum2000

Senior Member
Feb 17, 2009
184
9
Google Nexus 10
LG Nexus 5X
pndwal said:
Very suspicious USNF fork... Doesn't even credit @kdrag0n!? 😶 ... Dev doing their own thing at best...

And you seem to have missed my response to you 🙁 :

Yes?... No?...

Yes?... No?...

... Where did that go?

Where is Play Integrity check result?... G Pay/Wallet isn't called SafetyNet API anymore since it's depreciated...

So why the dubious USNF???

Have you checked these?... PW
Click to expand...
Click to collapse
Ok so:
  • I saw a post here referring to that module. I was using the original kdrag0n for years prior to changing it today. Which do you recommend moving forward?
  • prior to a few days ago and applying the most recent Pixel 6a OTA it worked great
  • I'm using the stock Pixel ROM except for rooting to run AdAway. No other additions or changes
  • I'm getting differing feedback about the denylist but I will include gpay, wallet, play protect but remove play services from the denylist. Is that correct?
  • How should I check the PI?
  • Denylist is enforced and zygisk is yes. Magisk app is in the app drawer. I don't have it on the home screen so I'm not quite sure what you are referring to here.
Thanks for the patience and the help.
 
Nergal di Cuthah

Nergal di Cuthah

Senior Member
Sep 20, 2013
2,114
1,161
Google Pixel 6 Pro
ddrum2000 said:
I'm using the stock Pixel ROM except for rooting to run AdAway. No other additions or changes
Click to expand...
Click to collapse
Are you using any extra sources in adaway? Just for s**** and giggles try with the default hosts (no blocking) in adaway. Maybe one of the hosts sources is blocking something needed? Shot in the dark but maybe. I seem to have stable integerity with a similar setup (rooted for adaway no extra doodads, p6p) but dont google wallet/pay so I've kept quiet to this point
 
D

ddrum2000

Senior Member
Feb 17, 2009
184
9
Google Nexus 10
LG Nexus 5X
ddrum2000 said:
Ok so:
  • I saw a post here referring to that module. I was using the original kdrag0n for years prior to changing it today. Which do you recommend moving forward?
  • prior to a few days ago and applying the most recent Pixel 6a OTA it worked great
  • I'm using the stock Pixel ROM except for rooting to run AdAway. No other additions or changes
  • I'm getting differing feedback about the denylist but I will include gpay, wallet, play protect but remove play services from the denylist. Is that correct?
  • How should I check the PI?
  • Denylist is enforced and zygisk is yes. Magisk app is in the app drawer. I don't have it on the home screen so I'm not quite sure what you are referring to here.
Thanks for the patience and the help.
Click to expand...
Click to collapse
update: I figured out how to do a PI check. It passes basic but fails device and strong. What are the next steps?
 
D

ddrum2000

Senior Member
Feb 17, 2009
184
9
Google Nexus 10
LG Nexus 5X
Nergal di Cuthah said:
Are you using any extra sources in adaway? Just for s**** and giggles try with the default hosts (no blocking) in adaway. Maybe one of the hosts sources is blocking something needed? Shot in the dark but maybe. I seem to have stable integerity with a similar setup (rooted for adaway no extra doodads, p6p) but dont google wallet/pay so I've kept quiet to this point
Click to expand...
Click to collapse
Also i tired disabling Adaway, it doesn't change anything
 
P

pndwal

Senior Member
Jun 23, 2016
6,376
7,184
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
ddrum2000 said:
Ok so:
  • I saw a post here referring to that module. I was using the original kdrag0n for years prior to changing it today. Which do you recommend moving forward?
Click to expand...
Click to collapse
Any @Displax modded build (since 2.4.0 needs fixing) as I said... Check what else was said about the other fork above... @Displax contributes to official USNF and provided the basic pull request for Play Integrity deviceIntegrity fix in official USNF... That should tell you something...
ddrum2000 said:
  • prior to a few days ago and applying the most recent Pixel 6a OTA it worked great
Click to expand...
Click to collapse
You may have been passing PI deviceIntegrity before that... I do with standard USNF, but with A11+ updates especially, many devices need extra prop changes to bypass PI API's hardware based verdict enforcement...
ddrum2000 said:
  • I'm using the stock Pixel ROM except for rooting to run AdAway. No other additions or changes
Click to expand...
Click to collapse
👍
ddrum2000 said:
  • I'm getting differing feedback about the denylist but I will include gpay, wallet, play protect but remove play services from the denylist. Is that correct?
Click to expand...
Click to collapse
Actually I edited my response above on this; please check again... Generally include Pay/Wallet and bank apps only...
ddrum2000 said:
  • How should I check the PI?
Click to expand...
Click to collapse
Play Integrity API Checker... Pass deviceIntegrity, don't try to pass strongIntegrity...
ddrum2000 said:
  • Denylist is enforced and zygisk is yes.
Click to expand...
Click to collapse
👍
ddrum2000 said:
  • Magisk app is in the app drawer. I don't have it on the home screen so I'm not quite sure what you are referring to here.
Click to expand...
Click to collapse
🤔... I said check/report:
pndwal said:
denylist enforced and Zygisk = Yes appearing on Magisk App home screen...
Click to expand...
Click to collapse
... and you've now confirmed Zygisk = Yes appears on Magisk App home screen. 😜
ddrum2000 said:
Thanks for the patience and the help.
Click to expand...
Click to collapse
Welcome... PW
 
  • Like
Reactions: Bad Bimr
P

pndwal

Senior Member
Jun 23, 2016
6,376
7,184
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
ddrum2000 said:
update: I figured out how to do a PI check. It passes basic but fails device and strong. What are the next steps?
Click to expand...
Click to collapse
Go through what I suggested... Install a Display USNF build... He has a post with 3 here... Clear Google Play Services and Google Play Protect Service data then reboot... Report PI check results... PW
 
  • Like
Reactions: digger16309
D

ddrum2000

Senior Member
Feb 17, 2009
184
9
Google Nexus 10
LG Nexus 5X
pndwal said:
Go through what I suggested... Install a Display USNF build... He has a post with 3 here... Clear Google Play Services and Google Play Protect Service data then reboot... Report PI check results... PW
Click to expand...
Click to collapse
  • I used his 2.4.0 selfbuild unless you are saying I should go back to 2.3.1? This is listed as by kdrag0n in the modules
  • denylist = gpay, wallet, play protect
  • I'm now failing safetynet CTS profile match
  • PI - pass basic, fails device and strong
  • I can't add a card in wallet
 
P

pndwal

Senior Member
Jun 23, 2016
6,376
7,184
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
ddrum2000 said:
  • I used his 2.4.0 selfbuild unless you are saying I should go back to 2.3.1? This is listed as by kdrag0n in the modules
Click to expand...
Click to collapse
I can't find 2.4.0 even on his GitHub... He lists v2.3.1-MOD_2.1 as latest!... Or check here:
https://forum.xda-developers.com/t/magisk-module-universal-safetynet-fix-2-4-0.4217823/post-87198517

ddrum2000 said:
  • denylist = gpay, wallet, play protect
Click to expand...
Click to collapse
Have you got G Pay and Wallet appearing together?... Did you update G Pay to Wallet from Play Store or other?...

Take Play Protect service out as discussed...
ddrum2000 said:
  • I'm now failing safetynet CTS profile match
  • PI - pass basic, fails device and strong
  • I can't add a card in wallet
Click to expand...
Click to collapse
Try above changes, then we may need to figure out fix for ctsProfileMatch and deviceIntegrity... PW
 
I

iwearthebelt

Senior Member
Aug 2, 2012
329
144
Chandler, AZ.
Google Pixel 4a 5G
Google Pixel 6 Pro
Not sure if this will help or not but for the last couple of weeks Play Protect has been harassing me about uninstalling an app that I downloaded to play video on my car's infotainment center using android auto. Ever since I updated to the February release yesterday I haven't been able to use tap and pay and also I was failing device integrity. I uninstalled the app I was using (not by choice) and now I'm passing device integrity and can use tap and pay. I haven't rebooted since getting back device integrity and although I'm going to have to I'm pretty sure it should be fine. Just thought I'd provide this information hoping it will help you figure out your issue as well.
 
  • Like
Reactions: Lagartixo
P

pndwal

Senior Member
Jun 23, 2016
6,376
7,184
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
iwearthebelt said:
Not sure if this will help or not but for the last couple of weeks Play Protect has been harassing me about uninstalling an app that I downloaded to play video on my car's infotainment center using android auto. Ever since I updated to the February release yesterday I haven't been able to use tap and pay and also I was failing device integrity. I uninstalled the app I was using (not by choice) and now I'm passing device integrity and can use tap and pay. I haven't rebooted since getting back device integrity and although I'm going to have to I'm pretty sure it should be fine. Just thought I'd provide this information hoping it will help you figure out your issue as well.
Click to expand...
Click to collapse
Some modules will break basicIntegrity and/or deviceIntegrity/old ctsProfileMatch... I don't recall apps doing that, but things change... Please say what app. 👍 PW
 
  • Like
Reactions: rodken
C

crypticc

Senior Member
Aug 22, 2009
1,248
171
London
Hi,

Similar to the chat above I used to pass safetynet and now do not. Google play and YASNTC both reports CTS profile match failure. Wallet etc don't work.

I'm this build of full stock Android... TQ1A.221205.011

I originally had this config:
  1. Magisk latest app and root (25206)
  2. Running in Zygote,
  3. USNF 2.3.1_MOD 2.1
  4. Shamiko 0.6 (126)
  5. Enforce Deny list disabled (as per Shamiko instruction)
  6. Deny list including :
  • Google Play Protect,
  • Google Play Services (I've tried both with and without this)
  • Google wallet
  • Banking and media apps
I tried updating to 2.4.0 before reading above suggestions that 2.3.1 might be better but clearing Data for above apps and then rebooting still didn't pass checks.

I've now gone back to 2.3.1_MOD 2.1, clear, reboot, clear, reboot etc. and still not working.
I've tried uninstalling updates to play protect and play store.

Finally I've since found app called com.android.systemui.globalactions.wallet but adding that doesn't do anything.

Any help appreciated,

Thanks,
Chris
 
shoey63

shoey63

Recognized Contributor
Jun 5, 2012
4,199
4,282
Somewhere in Oz...
Sony Xperia XZ2 Premium
ASUS ROG Phone 3
pndwal said:
Asus ROG Phone 3 can pass strongIntegrity verdict rooted and unlocked, so some members can!... 😁

There are always exceptions. 😝


😃 PW
Click to expand...
Click to collapse
Not anymore!
Screenshot_20230208-192227.jpgScreenshot_20230208-192216.jpg
Screenshot_20230208-200710348 (1).jpg
Had to go back to original fingerprint to get Yasnac to pass HARDWARE_BACKED attestation by disabling MHPC.

So . . .
- Fingerprint is original
- Bootloader appears locked even though it is unlocked (ROG 3 peculiarity)
- Shamiko is taking care of other sensitive props.
- GMS/GMS unstable is disabled in (hidden) deny list.

Can we conclude Google is picking up on attempts to hide other sensitive props?
 

Attachments

  • Screenshot_20230208-192227.jpg
    Screenshot_20230208-192227.jpg
    291.7 KB · Views: 91
  • Screenshot_20230208-192216.jpg
    Screenshot_20230208-192216.jpg
    115.6 KB · Views: 68
S

seanho12345

Member
Aug 6, 2018
40
17
Xiaomi Redmi 6
OnePlus 7T
I'm currently on Pixel 7. My CTS profile match and DEVICE_INTEGRITY isn't working anymore. Tried a few time clearing GAPPS with v2.3.1-MOD2.1 installed. Here are my magisk setup.
For some context, I was fiddling around with the magisk mod yesterday after seeing the new integrity api. After installing the mod, DEVICE_INTEGRITY worked but inconsistent. (At this time, I have both the modded USNF and MHPC installed) Seeing that the changes will be offically released in the original USNF. I installed back v2.4.0 USNF. After that the SN and PI api check no longer works, except it worked one time and failing immediately afterwards.
Is there any possibilities that the MHPC somehow have left some old settings on my device? I also update my OS to the latest Feb patch but still no luck.
 

Attachments

  • Screenshot_20230208-200414.png
    Screenshot_20230208-200414.png
    180.7 KB · Views: 51
  • Screenshot_20230208-200403.png
    Screenshot_20230208-200403.png
    208.7 KB · Views: 55
  • Screenshot_20230208-200353.png
    Screenshot_20230208-200353.png
    187.9 KB · Views: 53
  • Screenshot_20230208-200349.png
    Screenshot_20230208-200349.png
    187 KB · Views: 53
  • Screenshot_20230208-200213.png
    Screenshot_20230208-200213.png
    156.8 KB · Views: 59
  • Like
Reactions: paveltrufi
P

pndwal

Senior Member
Jun 23, 2016
6,376
7,184
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
shoey63 said:
Not anymore!
View attachment 5830841View attachment 5830843
View attachment 5830881
Had to go back to original fingerprint to get Yasnac to pass HARDWARE_BACKED attestation by disabling MHPC.
Click to expand...
Click to collapse
Haha! 😝 ... But your device / efforts keeps giving valuable clues!...

And I'm betting you'll restore strongIntegrity rooted because Root of trust still returns Device locked: true w/ Verified boot state: Verified...
shoey63 said:
So . . .
- Fingerprint is original
Click to expand...
Click to collapse
This should be fine... You never needed the PI hardware-based verdict enforcement bypass that is mismatched fingerprint prop anyway. 😜... Were you changing it for some particular reason?
shoey63 said:
- Bootloader appears locked even though it is unlocked (ROG 3 peculiarity.
Click to expand...
Click to collapse
👍
shoey63 said:
- Shamiko is taking care of other sensitive props.
- GMS/GMS unstable is disabled in (hidden) deny list.

Can we conclude Google is picking up on attempts to hide other sensitive props?
Click to expand...
Click to collapse
Maybe... May need more now (and must figure out which)... Or MHPC may have handled sensitive props differently... Nb. MHPC does this by default, without configuring anything... So I'd try restoring MHPC w/o fingerprint changes...

If you only configured fingerprint, you could activate again and revert to stock print... Or if you made many MHPC changes, fully remove the module and reboot before installing and rebooting again w/o configuring anything... 'MagiskHide props' should be active by default to adjust sensitive props as needed...

You could also try disabling Shamiko (enforce denylist, but don't just deactivate Shamiko Zygisk parts this way, disable Shamiko module properly also before rebooting) after trying with MHPC in case Shamiko's sensitive prop adjustment method is the issue or part of it...

Also, sometimes clearing Play Services data is needed to fix some attestations... Do that too...

Please say/remind me of
- ROM (stock?),
- Android version,
- anything in denylist aside from 2 gms processes and banks + G Pay/Wallet?,
- all modules...

May think of other considerations later, but that's all I have for now... 🥴 PW
 
  • Like
Reactions: shoey63
You must log in or register to reply here.

Similar threads

Chainfire
[Android 2.1+][03.10.2011][v3.2] Chainfire3D [ROOT][OpenGL ES 2.0+]
Replies
3K
Views
3M
rignfool
rignfool
apb_axel
[ZIP] Synapse + Script => Universal Kernel Manager v3.8.1
Replies
3K
Views
767K
D
Dildoman
repey6
[6.0-12.0][Magisk]Dolby Digital Plus[upd.20211005]
Replies
2K
Views
746K
R
Radzią
Chainfire
[2014.05.01][ROOT] Mobile ODIN v4.20
Replies
5K
Views
3M
Zagnutty
Zagnutty
DooMLoRD
[04/Jan][ROOTING/UNROOTING] DooMLoRD's Easy Rooting Toolkit [v4.0](zergRush Exploit)
Replies
927
Views
3M
B
bishoy ashraf

Top Liked Posts

24 Hours 30 Days All time
  • There are no posts matching your filters.
  • 5
    P
    pndwal
    swer45 said:
    That's why I hate Lineage, I don't understand that "rules"...
    Click to expand...
    Click to collapse
    'Hate' is a strong word!...

    Anyway, when the original CyanogenMod bundled all proprietary GApps for one thing, Google issued their infamous "Cease And Desist" order and Steve Kondik thought his baby was dead!...

    However Google were quick to clarify that although custom OS's could not legitimately bundle GApps (Nb. other ROMs still do), users are welcome to 'sideload' the same (as devices themselves are generally certified through CTS while custom ROMs are not)...

    So OpenGapps was formed to offer legitimised seperate packages, Steve continued with CM project, users continued to use vanilla CM (and later LOS) with proprietary Google Apps, and all in the custom mod world was sweet again...

    Of course Google must have realised they nearly shot themselves in the foot with that action, but they scrambled to offer a solution / compromise that wouldn't result in the death of CM or custom ROMs as we know them...

    I think the Lineage team simply see that Google is actually the custom modders benefactor and is (in reality) supportive of them and custom mods/ROMs in general if Devs play by the rules, and LOS is simply willing to do so...

    Also, they are in the best position to get their custom ROM approved/certified in future (see my post above) by being careful 'not to subvert Google's security model' by tampering expected signals... Note that Magisk now follows this same policy, and I think that's not just because John is a Googler now; it's also a sign of his maturity as a responsible dev...

    And ensuring that the main custom mods (ROM, root/overlay framework) comply in no way prevents "those passionate about hiding" from "doing their job"!... Both history and you are proving that.

    Personally I think LOS is great and follows a great tradition! 🙃 PW
    View
    3
    ipdev
    ipdev
    emlo16 said:
    Tested with all my devices with different ROMs. PE, OctaviOS, AncientOS, EvolutionX and Bootleggers 😉
    Click to expand...
    Click to collapse
    swer45 said:
    <SNIP>
    Also, that roms already have a fix hardcoded. @kdrag0n said it's better:
    View attachment 5910631
    Click to expand...
    Click to collapse
    pndwal said:
    Yeah... Maybe most custom ROMs now integrate SNF (per Proton model) or other spoofing... But what about Stock ROM users... 😉
    <SNIP>
    Click to expand...
    Click to collapse

    Just to mention, official LineageOS builds are not allowed to include 'hacks' like this.

    LineageOS Charter - [Github] - SafetyNet
    "- All devices MUST NOT alter SafetyNet validation responses."

    Cheers. :cowboy:
    View
    3
    P
    pndwal
    Essentrix said:
    Hi,
    I can pass safelynet on YASNAC but not Play integrity API checker.
    Most bank apps work except one.
    Currently using Magisk 26.1, hidden, no enforce list, Shamiko, USNF 2 4.0 mod 1.2.
    Noticed you mentioned Magisk alpha. How is this different to Magisk 26.1 and can I go back to 26.1 afterwards if it makes no difference?
    I'm using rooted stock 13, no TWRP.
    Click to expand...
    Click to collapse
    Alpha works because after disabling Zygisk (which you need to do ATM) you have MagiskHide (old style) restored...

    You need to hide root from Starling but you cannot use Denylist or Shamiko as both require Zygisk, and even with native bridge loaded Zygisk (already implemented in Alpha, but still not fully hidable as is evident by Starling detections) injection/hooking is detected by memory scanning (or other means?)...
    antonioxerez said:
    Thanks a lot, it finally worked with Magisk alpha so, because it has worked this way, I tried to uninstall magisk alpha and normal magisk and reinstalling normal magisk and it is working as well without any module installed ... so I do not know what happened in the first place... could be that it just needed to make the initial bank app start without rooting and, after this first start, root the device and apply "denylist" in Magisk...
    Thanks all of you for your support :)
    Click to expand...
    Click to collapse
    Some have reported that Starling app gives you a week's grace from when it detects root until it fails to open... Just a guess on my part, but you may need a non-Zygisk hide solution again when/if that occurs.

    🤠 PW
    View
    2
    shoey63
    shoey63
    swer45 said:
    Uninstall old apk and try this:

    And add the app in Magisk list to hide root
    Click to expand...
    Click to collapse
    Already hidden.
    Still FC with or without TEE hide.
    But why am I testing?I don't need TEE hide
    On Rog phone3.
    Screenshot_20230512-102333_1.jpg
    View
    2
    zgfg
    zgfg
    sakun-ice said:
    Can somebody help me? I can't get past safety net. I have installed the xiaomi.eu rom on my xiaomi 13. I have Magisk 26.1 with Zygisk. I have installed the modules universal safetynet fix 2.4 mod 1.2 and lsposed. I have added to the deny list: google play services, google play and google play framework. I have deleted the data from those apps and from the bank apps. I have also tried to install the Alpha app instead of Magisk and to hide the magisk app from the settings. But nothing works.

    The strange thing is that before installing the xiaomi.eu rom it worked.
    Click to expand...
    Click to collapse
    Xiaomi.eu ROMs can pass Play Integrity (once again, PI is now of interest, SN is deprecated, and if you pass PI you will also pass SN) since they have the spoof built-in

    Cannot guarantee for all Xiaomi.eunROMs

    Hence, have you tried Play Integrity checker prior than you installed Magisk?

    For PI, you should pass Basic and Device Integrity but you cannot pass Strong Integrity (with the unlocked Bootloader)

    ---

    If you switch from Magisk official to Magisk Alpha or Delta, it is not enough (actually, it's then almost as if you did not switch) to install Alpha or Delta app, but after that you also have to install Magisk Alpha or Delta (like through the app, Install, patch and flash the boot img or Direct Install but after reboot you then also have to configure your Magisk Alpha or Delta)
    View
  • 324
    kdrag0n
    kdrag0n
    Universal SafetyNet Fix
    Magisk module​

    Magisk module to work around Google's SafetyNet attestation.

    This module works around hardware attestation and recent updates to SafetyNet CTS profile checks. You must already be able to pass basic CTS profile attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels.

    If you still have trouble passing SafetyNet with this module, use MagiskHide Props Config to spoof a certified device profile. This is a common issue on old devices, custom ROMs, and stock ROMs without GMS certification (e.g. Chinese ROMs).

    Android versions up to 13 Beta 3 are supported, including OEM skins such as Samsung One UI and MIUI.

    How does it work?
    The way this workaround works is relatively low-level. An in-depth explanation, as well as source code and ROM changes, can be found on GitHub.

    Ideally, this workaround should be incorporated in custom ROMs instead of injecting code with a Magisk module. See the ProtonAOSP website for more information.

    Downloads
    Downloads and changelogs can be found on GitHub. The topmost release is the latest.

    Latest release
    v2.4.0
    Highlights
    • Play Integrity bypass without breaking device checks or causing other issues
    • Disabled use of hardware attestation on Pixel 7 and newer (@anirudhgupta109)
    Other changes
    • Updated instructions for newer Android and Magisk versions
    • Better debugging for future development
    This version only supports Zygisk (Magisk 24 and newer).

    It's taken a while to find a way to bypass Play Integrity that doesn't require spoofing the build fingerprint permanently, but I wanted to make sure this module doesn't cause any unnecessary breakage. Just like the original goal of Universal SafetyNet Fix, this minimizes adverse effects by spoofing dynamically at runtime only when necessary. Enjoy!

    If you found this helpful, please consider supporting development with a recurring donation for rewards such as early access to updates, exclusive behind-the-scenes development news, and priority support.
    Alternatively, you can also buy me a coffee. All support is appreciated ❤️

    Source code
    View
    222
    Displax
    Displax
    So, here is my modification of USNF with Play Integrity API bypass.

    It changes fingerprint to old 7.1.2 6.0 (LOL) and apply it only for GMS SafetyNet process (by Zygisk injection), so your original prints/security path level does not change. This avoids many side effects/problems with global props changing.

    Updated 3.0:
    No words needed, you understand everything yourself 😜

    Updated 2.1:
    Hide "Enable OEM Unlock" setting

    Updated 2.0:
    Bypassing DEVICE_INTEGRITY for devices that shipped with Android 13+ (Pixel`s 7 )

    Updated:
    Drop fingerprint to lowest possible (6.0) to ensure that no one use same Android version

    Usage:
    1. Delete/disable/reset MagiskHidePropsConfig (if installed).
    2. Just install it over old Universal SafetyNet Fix and reboot device.
    3. You may be needed to wipe GMS data (not cache) if there is no result immediately.

    Many thanks to @1nikolas for integrity checker.

    Source code: https://github.com/Displax/safetynet-fix/tree/integrity
    View
    58
    Displax
    Displax
    So, here is my new modification of USNF with Play Integrity API bypass.

    It is now based on top of original v2.4.0 codebase instead of v2.3.1, with adding new hiding algorithm for current realities and some code refreshing.

    Changelog:

    Version 1.2
    * Fix crash and endless tests loop/failing on Android < 9.0 (bug from original version 2.4.0).
    * Do not unpatch (revert) changes. To prevent possible tests failing after a while on some ROMs (cross conflicts).

    Version 1.1
    * Fix KeyStore hook desynchronization (tests randomly failing problem).


    Usage:
    1. Delete/disable/reset MagiskHidePropsConfig (if installed).
    2. Just install it over old Universal SafetyNet Fix and reboot device.
    3. You may be needed to wipe GMS data (not cache) if there is no result immediately.

    Source code: https://github.com/Displax/safetynet-fix/tree/dev
    View
    33
    Displax
    Displax
    So, created separate thread for my mod. Welcome)

    [MODULE] [MOD] Universal SafetyNet Fix

    Universal SafetyNet Fix [MOD] Magisk module...
    forum.xda-developers.com forum.xda-developers.com
    View
    31
    P
    pndwal
    Folks, the SafetyNet API was depreciated last Month with 'full turndown' slated for June 2024 and the introduction of the new Play Integrity API. It has also become clear that Google apps are simply the first to adopt the long foretold Play Integrity API; all responsible banks are bound to follow suit in short order, and at least before the June 2023 migration deadline.

    This means (assuming fully deployed Hardware Key Attestation doesn't come first 😬) that the need for a 'Universal Play Integrity Fix' has become quite urgent.

    We currently have workarounds involving using older fingerprint props by means of MHPC module (similar to fix needed for uncertified ROMs), but success/mileage varies per device and users of regular bank apps / gamers etc on stock devices will all soon be forced to experiment with MHPC prints also... This is hardly ideal.

    So I've made an issue report/request on USNF GitHub as follows. This information may be insightful to users here also...

    Please let me know here if I have missed anything important, or add any technically relevant details there...

    PLEASE DON'T spam that issue with unimportant details or queries... (The previous issue is already burgeoning w/ OT.) That's what this thread is for... 😛 :

    Please make 'Universal Play Integrity Fix' ... #204

    Fixes to expand 'Universal SafetyNet Fix' to become a 'Universal Play Integrity Fix' are needed.

    The SafetyNet Attestation API is deprecated and has been replaced by the Play Integrity API.
    https://developer.android.com/training/safetynet/deprecation-timeline

    New Play Integrity API is rolling out from June 2022, and evidently Google Play Store and Google Pay/Wallet are already using its verdict.

    June 2023 is the Migration Deadline for app developers. This will also allow their older app versions to continue working with SafetyNet API for a limited time.

    June 2024 is the End of life for SafetyNet API; its attestation will no longer work for any app version, and apps will receive an error.

    The new Integrity API has more strict requirements for passing attestation, and this seems to be enforced in Android 11+ particularly.

    Currently (evidently due to this), device security issues are detected by

    1. Google Pay/Wallet, which may state "You can't pay contactless with this device...(Your phone doesn't meet software standards)" on updating or attempting to add a card despite in-app Contactless setup stating "You're ready to pay contactless with your phone (Your phone meets security requirements)", and
    2. Google Play Store, which may no longer show apps like Netflix w/ Android 11+ (developers can 'exclude devices from their app's distribution based on their device integrity . Device exclusion is based on the latest device integrity verdict that the Play Store app receives from the Play Integrity API') despite in-app settings showing Play Protect 'Device is certified' result.
    I'm guessing that the 'passing' messages based on the old SafetyNet API are likely to realigned soon.

    A workaround that evidently allows Play Integrity API attestation to pass (and solve Wallet / Play Store issues also) has been discovered. It involves spoofing an earlier certified ROM, generally by using MagiskHide Props Config module to change fingerprint prop to one for Android 10 or earlier.

    Undoubtedly other apps will begin to detect broken TEE etc / fail as they migrate or begin integrating the Play Integrity API.

    A 'Universal Play Integrity Fix' will evidently require more understanding / research into how the fingerprint prop is used, and possibly other new behaviours.
    Click to expand...
    Click to collapse

    Here's hoping... 🙃 PW
    View

New posts