Passing SafetyNet with Magisk's Zygisk + DenyList.

Search This thread

CarbonGTR

Senior Member
Sep 12, 2019
265
119
(¬‿¬ )
Nokia 6.1 Plus (Nokia X6)
So, as of Magisk 24 we will no longer have Magisk Hide natively bundled with Magisk. Unless of course you use a fork of Magisk from another developer.
With Magisk Hide sunset, how do you pass SafetyNet without it?

Prequisites -

Here's how -
  1. Update to the latest magisk-canary(Read all the precautions before hand though).
  2. Open the Magisk .apk and update it.
  3. Open Magisk > Settings > Enable Zygisk & Enable Enforce DenyList.
  4. Now tap on Configure DenyList (Tip: Tap on the 3 button menu and enable 'show system apps')
  5. Now turn off your internet connections and enable Airplane Mode. Double check and ensure that Wifi is turned off after enabling Airplane Mode. Do not turn it on until later.
  6. Configure DenyList for Google Play Store and Google Play Services and all the other apps you need root hidden from.
  7. With Airplane Mode still disabled, go into the phone's settings > Apps > Clear data of all the apps you configured in the DenyList.
  8. Install the MagiskHide Props Module and reboot.
  9. Open Termux and grant root permissions by typing in
    Code:
    su
  10. Now type in
    Code:
    props
  11. Enter the 4th submenu
  12. Configure so that the
    Code:
    ro.boot.verifiedbootstate & ro.boot.flashlocked
    says active like in the screenshot.
    photo_2022-01-28_09-01-30.jpg
  13. Now Reboot
  14. After boot, connect to the internet, let the phone sit idle for 5 - 10 minutes and check SafetyNet Status. You should be passing both Basic Integrity and CtsProfile and Google Play certification.

And that's pretty much it.
😄
 
Last edited:

mGforCe

Senior Member
Dec 3, 2007
1,405
380
Mumbai
Actually there is a thread in the 'Cross development section'
And yes, Android 9 is compatible :D

Edit - I've found a way to pass SafetyNet without a custom kernel.
Edit 2 - My name's Thanuj, not Anuj :)
Thanks Thanuj :)

Ok, I got the thread. Was checking in our device only.

But for me, somehow, while bootloader unlock is fine, TWRP/LOS recovery all are disaster. So moved to Stock Pie
 

Top Liked Posts

  • There are no posts matching your filters.
  • 5
    So, as of Magisk 24 we will no longer have Magisk Hide natively bundled with Magisk. Unless of course you use a fork of Magisk from another developer.
    With Magisk Hide sunset, how do you pass SafetyNet without it?

    Prequisites -

    Here's how -
    1. Update to the latest magisk-canary(Read all the precautions before hand though).
    2. Open the Magisk .apk and update it.
    3. Open Magisk > Settings > Enable Zygisk & Enable Enforce DenyList.
    4. Now tap on Configure DenyList (Tip: Tap on the 3 button menu and enable 'show system apps')
    5. Now turn off your internet connections and enable Airplane Mode. Double check and ensure that Wifi is turned off after enabling Airplane Mode. Do not turn it on until later.
    6. Configure DenyList for Google Play Store and Google Play Services and all the other apps you need root hidden from.
    7. With Airplane Mode still disabled, go into the phone's settings > Apps > Clear data of all the apps you configured in the DenyList.
    8. Install the MagiskHide Props Module and reboot.
    9. Open Termux and grant root permissions by typing in
      Code:
      su
    10. Now type in
      Code:
      props
    11. Enter the 4th submenu
    12. Configure so that the
      Code:
      ro.boot.verifiedbootstate & ro.boot.flashlocked
      says active like in the screenshot.
      photo_2022-01-28_09-01-30.jpg
    13. Now Reboot
    14. After boot, connect to the internet, let the phone sit idle for 5 - 10 minutes and check SafetyNet Status. You should be passing both Basic Integrity and CtsProfile and Google Play certification.

    And that's pretty much it.
    😄
    1
    Thanks @CarbonGTR. Is there any known kernel with these 3 commits?
    Yep, there's Enigma Kernel, which I maintain.
    1
    Thanks Anuj :)

    Since there is no thread for this kernel, checking here - will it work on Stock Pie rom?
    Actually there is a thread in the 'Cross development section'
    And yes, Android 9 is compatible :D

    Edit - I've found a way to pass SafetyNet without a custom kernel.
    Edit 2 - My name's Thanuj, not Anuj :)