I am currently rooted with SuperSu & BusyBox installed. After some tweaks I was able to finally get the OpenVPN app to connect but, it doesn't look like KODI is using the VPN IP. Is anyone familiar with this & have a solution?
Certified Device/SafetyNet "CTS profile mismatch" with LineageOS 14.1 and Magisk 12.0
Edit: My motivation is that I want use apps which checks Google Certified Device status and existing root. For example Netflix or Banking Apps (just examples for apps that are performing those kind of checks).
I have a Samsung Galaxy Tab 10.1 WiFi (SM-T520, picassowifi, n2awifi).
I have LineageOS 14.1 (lineage-14.1-20170518-nightly-n2awifi-signed.zip) in combination with OpenGApps (open_gapps-arm-7.1-nano-20170525.zip) and Magisk (v12) installed on the tablet.
In the Magisk settings I have...
BusyBox: disabled
Magisk Core Only Mode: disabled
Magisk Hide: Enabled
Systemless host file: Enabled
SuperUser Access: Apps and ADB
WIth "Magisk Hide" I have activate every app that Magisk Hide shows me with the app selection.
I have restartet my tablet.
I have startet Magisk Manager app and run the SafetyNet check... it shows up the error: "CTS profile mismatch".
I have startet Google Play store app and within Play store app settings the "Device Certification" status is "Not certified".
Using the very same installation procedure from my tablet, my smartphone (OnePlus 3T) showed me a green "SafetyNet passed" status. I had to install a Magisk module dedicated for my OP3T to "fix" the Google Play store certification check.
The current situation leads to two questions:
How to pass SafetyNet check?
How to "fix" Google Play store device certification check?
Edit: "Developer Mode/Tools" and ADB are disabled.
It may not help you too much but I was able to get Super Mario Run, an app notorious for not working if safety net isn't working correctly, to work by uninstalling all interations of supersu completely and then installing the latest v13 beta of Magisk. I still get the "CTS Profile Mismatch" but when using the hide option, Mario Run started working again when it wouldn't even load before. Make a TWRP backup before you change anything though.
I installed magisk, however enable magisk hide, however airwatch is detecting root. Is there anyway that i can bypass the detection by airwatch authentication
Hello everybody, this is my first post on XDA!
I have a OnePlus 5T previously on OxygenOS (Pie). I wiped then flashed ResurrectionRemix 7 (also Pie). Almost everything work well, Magisk needed additionnal files to work but is now OK.
But the Lineage "Trust" menu tell me that SELinux is set to permissive. And the SafetyNet does not pass (CTS Profile false, basicIntegrity OK), so I can't use my phone to pay with Google Pay anymore.
So, after hours of searching and testing solutions, I created the file "08setperm" into /etc/init.d folder, with the command "setenforce 0".
It worked, "Trust" show that SELinux is enabled but the SafetyNet check were still the same. And my fingerprints were not recognized anymore (the pression is detected but does not match). Same after setting SELinux to permissive mode as it was since ResurrectionRemix were installed. I tried to delete the saved fingerprints. Then, I was not able to use the fingers that I use before, but with another finger it was OK. I resolved the problem by deleting the folder /data/system/users/fpdata and settings_fingerprint.xml.
I'm stuck on this point, if someone know where the problem is..
(My apologies for my approximate english, i'm french)
Thank you all for taking time to read and help me
Hi,
I installed microG Lineage 20 on my Moto G 5G Plus. Everything works fine except that one (banking) app that complains that "Google Play Services are not Installed".
I assume that means SafetyNet?
I tried to get it to work using the path depicted here: https://forum.xda-developers.com/t/safetynet-on-lineageos-20-microg.4558065/, but no luck on this phone.
Is there anyway to get safety net to pass, ideally without rooting the phone/using magisk?
EDIT: there's a switch in the microG settings "Allow Device Attestation" but it's greyed out ...
Best,
N
Ok, first of all, you have to enable "Device Registration" in the microG settings. Didn't know that.
That way, I got to the point where I can check for device attestation, and get the notorious "CTS Profile Doesn't Match" error.
I've tried using Magisk and Zygisk, and the Univesal SafetyNet fix, but to no avail, still not passing.
EDIT: tried the modded universal safety net fix by displax, not the check says "integrity check failed" ... not sure whether I sould count that as progress or not
Hi,
I had the same problem, but I found the solution and now I successfully pass safetynet with LOS 20 microG.
You have to do 3 steps:
Enable zygisk in Magisk and configure denylist to hide root from 'microG Services Core'
Enable 'Device Registration' and 'Google SafetyNet' at microG settings
Install Magisk module MagiskHidePropsConf, reboot, then configure it in any Terminal Emulator as follows:
su (start root shell)
props (run props command line tool)
1 (edit device fingerprint)
f (choose from the list)
select any fingerprint you like, then proceed and reboot
This third step solves CTS profile mismatch error by changing the device's fingerprint to one trusted by Google.
It should work.
Edit: I did not use any 'Universal SafetyNet fix' module.
Hmm ok, I have read about it but never tried, as the page states is a deprecated project ... That'd probably mean I'd have to install an older version of Magisk, right ?
Hmm... I haven't noticed yet. Good to know.
It's working fine for me with the latest Magisk version.