MAGISK MODULE ❯ Universal SafetyNet Fix 2.4.0

[Bad Bimr]

Try this
Original post updated, thanks.

Had to reboot twice but it seems to work. Keeping my fingers crossed, Tested on Pixel 7. Will attempt on Pixel 6A tomorrow. Keeping my fingers crossed.
BB

 

[stubbs95]

OnePlus 7T pro with derpfest 13 custom ROM and magisk delta, even with the 3.0 mod, cts fails.
Here my modules and settings:

 

[ProudlyTM]

No luck for me, it still fails using the modded version provided by @Displax

Related info:

• Poco F1 (Beryllium) - PixelOS (A13)
• Magisk Delta (Zgisk enabled, also HideList)
• Cleared both Google Play and Play Services data, restarted device couple times

Mod 3.0 is not working for me either unfortunately.. LineageOS 20 on Redmi Note 10 Pro

 

[AndDiSa]

Thank you, @Displax
Working on Pixel 3a with stock ROM ( Android 12 ).

 

[jknaggs]

Firstly, test this on Pixel's

Ok, just installed this morning in UK and after trying many different variations Pixel 7 pro now passes. Shamiko enabled, no enforce denylist and only cache wiped in play services & wallet. Will try payment today and report back.

 

[Bxperiaz3]

Ok, just installed this morning in UK and after trying many different variations Pixel 7 pro now passes. Shamiko enabled, no enforce denylist and only cache wiped in play services & wallet. Will try payment today and report back. View attachment 5831613

Same for me with the same setup. Displax ftw

 

[seanho12345]

Try this
Original post updated, thanks.

Did you publish the source code for the MOD3.0. I'm curious on what have you changed to make it work.

 

[Bxperiaz3]

Actually I'm still getting play store not certified and wallet gives the security standards blurb when I open. Passes playstore integrity and safety net though? I'll try a contactless payment shortly

 

[Displax]

PixelOS (A13)

PixelExperience

derpfest 13 custom ROM

LineageOS 20

Expected that it not work on ROM that manipulate system.prop himself, need to wait wix in this ROMs

Did you publish the source code for the MOD3.0.

Not now. Need some tests and improvements and than will be published.

 

[crypticc]

I do not pass CTS check either but I can add cards to Wallet without issue. Its not related for me.

What device? I'm pxl6pro and no dice.

 

[crypticc]

Ok so I

Ok so here's what I did:

1. Changed to 2.3.1 mod 2.1
2. Reboot
3. Uninstalled/uninstall updates and clear storage for: gpay, wallet, play services, play protect, and play store
4. Remove all of the above from the denylist
5. Reboot
6. reinstall/update: gpay, wallet, play services
7. Run gpay and wallet to get them to "integrate" . Wallet app did not disappear like it had previously
8. Have not added any of these back to denylist
9. Fails cts, passes basic, fails device and Strong

Am I now at the point that I'm having the same issue as everyone else?

How are you able to get both Gpay and wallet. I only see wallet in play store.

Which region are you? I recently came back from holiday in India and they were still using Gpay which was deprecated years ago I thought.

 

[crypticc]

No new fix as of yet. I'm having the same issue as you. It started after updating to the February release on my Pixel 6 Pro. There were also a few Google app updates that may have contributed to it as well. I know there are some developers working on it already but who knows how long it will be before they figure something out. Guess I'll be using my debit card instead of tap and pay for a while.

I'm still on Google TQ1A.221205.011 which I understand is January and yet over the weekend sporadic issues fixed by wiping the usual app data and reboot, but as of yesterday even that wouldn't work.
I'm thinking they did something on the quiet in FW before xmas, but unused, and just released the app capability recently.

 

[crypticc]

Some further information... I've cleared and then uninstalled wallet, rebooted. But wallet is still in toolbar and launches when clicked. It's not in the app list, even as a system app so I can't clear data. Wondering if there's another apk labelled differently and maybe it's that which is being validated. Any next steps/logs needed?

 

[Nekromantik]

What device? I'm pxl6pro and no dice.

Pixel 7 Pro

 

[inzaghi89]

How are you able to get both Gpay and wallet. I only see wallet in play store.

Which region are you? I recently came back from holiday in India and they were still using Gpay which was deprecated years ago I thought.

You need to install universal safetynet modified by @Displax . Afair it's on page 91 this thread. For me it works.

 

[shoey63]

Haha! ... But your device / efforts keeps giving valuable clues!...

And I'm betting you'll restore strongIntegrity rooted because Root of trust still returns Device locked: true w/ Verified boot state: Verified...

This should be fine... You never needed the PI hardware-based verdict enforcement bypass that is mismatched fingerprint prop anyway. ... Were you changing it for some particular reason?

Well yes. Had to change it from original stock 12 to stock 10 to get the PI hardware-based verdict enforcement. Now that doesn't work, even Yasnac hardware backed attestation fails unless I use the original 12 stock fingerprint.

Maybe... May need more now (and must figure out which)... Or MHPC may have handled sensitive props differently... Nb. MHPC does this by default, without configuring anything... So I'd try restoring MHPC w/o fingerprint changes...

If you only configured fingerprint, you could activate again and revert to stock print... Or if you made many MHPC changes, fully remove the module and reboot before installing and rebooting again w/o configuring anything... 'MagiskHide props' should be active by default to adjust sensitive props as needed...

You could also try disabling Shamiko (enforce denylist, but don't just deactivate Shamiko Zygisk parts this way, disable Shamiko module properly also before rebooting) after trying with MHPC in case Shamiko's sensitive prop adjustment method is the issue or part of it...

Also, sometimes clearing Play Services data is needed to fix some attestations... Do that too...

Tried the lot. Even HuskyDG's prop reset module. No change.

Please say/remind me of
- ROM (stock?),
- Android version,
- anything in denylist aside from 2 gms processes and banks + G Pay/Wallet?,
- all modules...

May think of other considerations later, but that's all I have for now... PW

ROG Phone 3 (ZS661KS)
WW-31.0210.0210.258 (Stock android 12)

 

[digger16309]

Taken from the changelog:

Cheers

I'm thinking they did something on the quiet in FW before xmas, but unused, and just released the app capability recently.

I'm on the December update and failing CTS. Maybe it's the Play Services January update (which I have).

 

[jknaggs]

Ok, just installed this morning in UK and after trying many different variations Pixel 7 pro now passes. Shamiko enabled, no enforce denylist and only cache wiped in play services & wallet. Will try payment today and report back. View attachment 5831613

OK, have carried out a couple of transactions on Gipsy all went without a hitch. However on initial opening of Gpay I had device unsafe warning. Exited, ran YASNAC and passed. Reopened Gpay , no warning and payment successful.

 

[straumli]

So, here is my modification of USNF with Play Integrity API bypass.

It changes fingerprint to old 7.1.2 6.0 (LOL) and apply it only for GMS SafetyNet process (by Zygisk injection), so your original prints/security path level does not change. This avoids many side effects/problems with global props changing.

Updated 3.0:
No words needed, you understand everything yourself

Updated 2.1:
Hide "Enable OEM Unlock" setting

Updated 2.0:
Bypassing DEVICE_INTEGRITY for devices that shipped with Android 13+ (Pixel`s 7 )

Updated:
Drop fingerprint to lowest possible (6.0) to ensure that no one use same Android version

Usage:
1. Delete/disable/reset MagiskHidePropsConfig (if installed).
2. Just install it over old Universal SafetyNet Fix and reboot device.
3. You may be needed to wipe GMS data (not cache) if there is no result immediately.

Many thanks to @1nikolas for integrity checker.

Source code: https://github.com/Displax/safetynet-fix/tree/integrity

Wrt Magisk Modules view: I am able to select and install the old and known v2.4.0.zip but I cannot select this mod. It is greyed out somehow? Could somebody advise what I am doing wrong?

 

[inzaghi89]

Wrt Magisk Modules view: I am able to select and install the old and known v2.4.0.zip but I cannot select this mod. It is greyed out somehow? Could somebody advise what I am doing wrong?

View attachment 5831721

The file size is different than mine. I'm not sure but I think that it might be downloaded wrong. Please try with my mirror

https://dl.keepmind.eu/safetynet-fix-v2.3.1-MOD_3.0.zip