Are you using this SafetyNet fix?
How To Guide Method to upgrade every month, without wiping data and retaining root
- Thread starter gururoop
- Start date
What checker are you using? Should be checking for Device, Basic & Strong integrity with the newest Play Integrity API checker.
Play Integrity API Checker - Apps on Google Play
Get info about your Device Integrity through the Play Intergrity API
2.3.1
I use YASNAC for definitive SafetyNet checks. People that know how to detect Magisk.
For Play Store integrity, force stop and clearing the app cache and data is usually good enough.
That got my Play Store integrity passing.
The rest of the Play integrities shouldn't matter if Basic and Play Store are good.
Edit: Checking GPay/Wallet integrity. Hopefully I don't have to use the old GPay SQLite module.
I use YASNAC for definitive SafetyNet checks. People that know how to detect Magisk.
For Play Store integrity, force stop and clearing the app cache and data is usually good enough.
That got my Play Store integrity passing.
The rest of the Play integrities shouldn't matter if Basic and Play Store are good.
Edit: Checking GPay/Wallet integrity. Hopefully I don't have to use the old GPay SQLite module.
Last edited:
YASNAC checks for SafetyNet API Attestation. Since Google has pretty much deprecated SafetyNet API and replaced it with Play Integrity API, probably best to use the Play Integrity API checker going forward since it checks for Play Integrity API rather than SafetyNet API.
Google is definitely doing something something for GPay integrity. None of the old tricks are working so far.
They always slip some BS like this into a final release.
They always slip some BS like this into a final release.
What checker are you using? Should be checking for Device, Basic & Strong integrity with the newest Play Integrity API checker.
Play Integrity API Checker - Apps on Google Play
Get info about your Device Integrity through the Play Intergrity APIplay.google.com
As mentioned in my first post, am using the same app as you have listed above to check for API integrity, and Meets_Device_Integrity failed and Meets_Basic_Integrity passed and Meets_Strong_Integrity failed (as always due to unlocked bootloader). Difference is on A13 last beta, Meets_Device_Integrity used to pass with 2.3.1 without using Displax's 2.3.1 mod.
As suggested by you, I flashed Displax's 2.3.1 Mod, and now Meets_Device_Integrity passes and Wallet was able to set up correctly. Something for sure changed with A13 stable (I guess)
Please use https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD along with Shamiko 0.5.2 https://github.com/LSPosed/LSPosed.github.io/releases Do not enforce deny list in Magisk settings
Ah, you mentioned cts integrity at one point so wasn't sure which checker you were using. Glad you got everything working using Displax's mod
I might just be an idiot. I was trying to link Paypal instead of an actual card, which worked first try.
The 2.3.1 mod works but now I'm not sure if I really need it. Might try again with regular 2.3.1 but I like the Device integrity.
I only use Shamiko for Chase. Do I need it for everything?
The 2.3.1 mod works but now I'm not sure if I really need it. Might try again with regular 2.3.1 but I like the Device integrity.
I only use Shamiko for Chase. Do I need it for everything?
lol no, I use Shamiko for company portal, one drive and teams
. No harm in having it.
I've used Pixel 4a Android 10 fingerprint in MagiskHideProps Config, along with renaming the Magisk app and freezing it with Ice Box.
I've used this combination mostly for banking apps but changing the fingerprint fixed Wallet for me. This setup worked good in 12 and now after installing 13 it seems that it still hasn't detected root.
I don't know if it's temporary or if it will persist.
I've used this combination mostly for banking apps but changing the fingerprint fixed Wallet for me. This setup worked good in 12 and now after installing 13 it seems that it still hasn't detected root.
I don't know if it's temporary or if it will persist.
The only reason I carry 2 phones is because I don't trust myself to put company stuff on my personal one when I'm wiping so often. So many MFA tokens to keep in tact.lol no, I use Shamiko for company portal, one drive and teams
And I don't feel like enrolling my phone. My project manager did this and I'm just dumbfounded.
In YASNAC, my Integrity was Basic, but the Play Store said uncertified device until I did the above, now it says certified. Thanks!
Stable is fine. Actually at this moment Stable and Canary are the same version/build.
I haven't heard of this Shamiko before. Is there an advantage to using this over just Safetynet Fix and the deny list?
Tried using this method to update 12.1 to 13 stable, the update went through but I got a bootloop. Somehow I managed to get into safe mode and then rebooted and it went to the OS so I'm good. I probably messed up because I didn't disable the magisk modules before I did the update.
Thanks!
Thanks!
Utini
Senior Member
Yes, was already disabled previously (when I originall first rooted back in November 2021).
Yeah, sounds like a mod(s) caused a bootloop since you booted fine after going into safe mode. Your mods will be disabled after rebooting from safe mode.
Top Liked Posts
-
There are no posts matching your filters.
-
70Caution: I originally wrote this guide when it was necessary to disable verity and verification before flashing patched boot.img. Now Magisk has overcome this requirement and some users have reportedly flashed updates without disabling verification and verity and did not have to wipe their phones, but request everyone, who have verification and verity disabled and using this guide, make sure you backup all the data and post your results here (I suggest backing up data anyway for everyone).
Following is a guide to update Pixel 6 Pro (perhaps all Pixel devices) every month, without wiping and retaining root. I tested it on my Pixel 6 Pro from 12.0.0 (SD1A.210817.015.A4, Oct 2021) to 12.0.0 (SD1A.210817.036, Nov 2021). There is no reason that it should not work on subsequent monthly patches, but just take the backups to be sure.
1) Download the latest factory image for your device and platform-tools from the official Google site and extract them in one folder.
2) Extract the boot.img from image-raven-xxxxxxx.zip which was extracted from the image in the above step and patch it in Magisk Manager (latest canary build from https://github.com/topjohnwu/Magisk) on your phone and copy it back to the folder where you extracted the factory image and platform-tools. Rename the copied file to magisk_patched.img
3) Open flash-all.bat in notepad, add --skip-reboot and remove -w from the fastboot update line. Also add the following lines after the fastboot update line to flash the Magisk patched boot.img automatically:
fastboot reboot-bootloader
ping -n 5 127.0.0.1 >nul
fastboot flash boot magisk_patched.img
fastboot reboot
After editing, the edited part of your flash-all.bat should look something like this:
Code:fastboot --skip-reboot update [****image_name****] fastboot reboot-bootloader ping -n 5 127.0.0.1 >nul fastboot flash boot magisk_patched.img fastboot reboot echo Press any key to exit...
Note: [****image_name****] is just a placeholder and needs to be the name of zip file which was originally there in flash-all.bat, do not change that. Be careful to rename the Magisk patched boot.img to magisk_patched.img or in the alternative make appropriate modifications in the flash-all.bat
4) Open command prompt and go the folder where you extracted factory image and platform-tools. Type the following commands:
adb reboot bootloader
flash-all.bat
Your device should be upgraded to the latest factory image, while retaining root, without wiping data.
Update 1: I updated from 12.0.0 (SD1A.210817.036, Nov 2021) to 12.0.0 (SD1A.210817.037, Nov 2021) successfully using my method, without loosing data and root.
Update 2: I updated from 12.0.0 (SD1A.210817.037, Nov 2021) to 12.0.0 (SQ1D.211205.016.A1, Dec 2021) successfully using my method, without loosing data and root.
Update 3: I updated from 12.0.0 (SQ1D.211205.016.A1, Dec 2021) to 12.0.0 (SQ1D.220105.007, Jan 2022) successfully using my method, without loosing data and root.
Update 4: I updated from 12.0.0 (SQ1D.220105.007, Jan 2022) to 12.0.0 (SQ1D.220205.003, Feb 2022) successfully using my method, without loosing data and root.
Update 5: I updated from 12.0.0 (SQ1D.220205.003, Feb 2022) to Android 12L DP 3 successfully using my method, without loosing data and root.
Update 6: I updated from Android 12L DP 3 to Android 13 DP successfully using my method, without loosing data and root.8I don't know why folks continue to have issues updating when a new Android update is released. Despite Magisk having the option to install to an inactive slot for easy OTA updating, I simply avoid it and go the old-school route of updating via sideload to prevent any issues.
In hopes of putting to rest issues some of you face, here is what I do:
- Make a backup of all my important files in case something goes wrong
- Disable any Magisk modules if it makes you feel any safer
- Download the OTA image online and NOT from the system update!
- Reboot to recovery and sideload the OTA by using:
Code:adb reboot sideload- Then, in recovery I load up the file by using:
Code:adb sideload "insert OTA file name here.zip"- Once it finishes, you will be in recovery mode. Select "Reboot to system now".
- Once the system reboots, I unlock the device and let it finish completing the update before anything else.
- Getting the NEW boot.img file from the full factory image
- Copy it to my mobile device
- Open up Magisk and patch the boot.img file
- Copy the patched file to my PC
- Reboot into bootloader using:
Code:adb reboot bootloader
Then, patch the new boot.img using:
Code:fastboot flash boot "patched_boot.img"
Reboot / Done.
I have not had it fail once using this process on stable Magisk and NO "disable" tags. The only reason I can see for anyone to use Canary versions of Magisk or "disable" tags, is if its absolutely required for some modules, ROMs, or kernels you are using. If it's not needed, just leave it alone.
You could technically just dirty flash the entire full factory image using the Android Flash Tool or flash-all.bat script on your PC, but the script file is where I find most folks mess up because they copy and pasted instructions improperly, or there's a line of code they forgot to add or remove without proofreading before running the script. I'd rather take matters into my own hands, even if it means completing more steps to make sure things go smoothly.
Anyway, I hope this helps someone!7So I notice there are some people, like me, that are a bit confused on how to exactly do this process. I like to be nice every once in a while, so this is my time. I will try to do a step by step process with exactly how I did after reading, and re-reading all the comments on how to do it (with pictures cuz I need pictures to learn haha).
These are the exact steps I took when I updated from .36 to .37
I downloaded the .37 zip, the one for your phone, mine is an unlocked version.
Slapped the .37 zip file into a folder by itself so I can extract it inside that same folder. It should look like this once its extracted inside the same folder.
Then I opened another folder/window with the Platform-tools so I can easily navigate between the 2 folders.
Then I opened the flash-all.bat from the zipped folder, to see what it contains, noticed that it flashes 3 files/images.
“bootloader-raven-slider”
“radio-raven”
“Image-raven-sd1a”
Then close the file as we dont need it right now.
So with this I know that I will need to add those 3 files to the platform-tools folder when I go to actually run the command.
I actually took the .37 boot.img and copied it into my pixel with version .36 still running.
The boot.img is inside the zipped folder and when you extracted it, it will now be viewable along with other files and the zipped folder still there.
copy this boot into the main folder of the pixel
On your Pixel, open Magisk and click install then select patch file, navigate to the boot.img file in your internal storage.
Patch it with Magisk and then take the patched boot.img (which that file will actually be in your downloads folder in your Pixel) and copied it back to my computer.
So as of now, it seems we are able to patch boot.img with current build without having to update then patch then flash. We can just patch on the current build then copy the patch to the computer and run the rest of the steps.
Now that I have the patched boot.img on my computer, I will take all the highlighted files in the picture, plus the patched boot.img over to the Platforms-tools folder and just copy them in that folder.
Here, I’m not sure how everyone else has their folder since I rarely use those tools, so I just add the files and then delete them after I’m done flashing. See picture of all copied in files. (dont forget your patched boot.img)
Now I will open the flash-all.bat that's inside the Platform-tools using Notepad ++ (personal preference).
Edit this file exactly like in the picture. Add the lines exactly how it shows in the picture.
**NOTE** that you need to type the exact patched boot file in there. So, like in this picture, but with YOUR patched "magisk_patched" file as this will have your own ID after 23014.
once you made the edits on this file, dont forget to save it before you run the commands!
Now plug in your phone to the computer.
Make sure you have USB debugging turned on.
Press shift and right click inside the Platform-tools folder and open Command Prompt.
run these 2 commands:
adb reboot bootloader
flash-all.bat
When it's all done, your phone will boot up and you will be on the new .37
Nothing else to add here as it will literally run through everything for you and boot up and you're done.
Hope this helps someone, as I am a visual learner myself.7
holy poop that worked!! i was scared to try it myself but since i have a backup phone with all my data on it, it wouldnt be so bad to wipe the pixel if i messed it up doing it this way! But hey, it actually worked!!
here is the modified flash-all and yes you will need the "ping" line after the update line.
so with this, no need to type extra stuff, just add it all in the flash-all file and run the first 2 commands:
adb reboot bootloader
flash-all.bat
and thats it, the only time consuming part is patching the boot, putting it in the folder with the platform-tools.
