Can anyone help me get Magisk SafetyNet running properly?
Thanks in advance.
TylerDurdenK said:
Can anyone help me get Magisk SafetyNet running properly?
Thanks in advance.
Click to expand...
Click to collapse
Flash the magisk safety net fix
Thanks for the quick response.
Are you referring to this - https://forum.xda-developers.com/apps/magisk/xiaomi-safetynet-fix-t3600431
I have tried it and it hasn't helped. It does satate Magisk V14, I am running 16, is that the problem?
My apologies. I installed the latest beta of the fix and it's now working. Thanks again.
Be careful the "universal safetynet fix" will apply Mi6's fingerprint to MIX2 in default(you can change it by using "usnf" command). That might cause some issue especially if you're going to use gcam.
Why this device doesn't pass safetynet check? Basic integrity is ok but on cts profile i get false. Does your device pass safetynet check? Is there a solution?
I got the solution! If you rooted with magisk install safetypatch (v2 at least) module. It works. Cts passes
Ryder. said:
I got the solution! If you rooted with magisk install safetypatch (v2 at least) module. It works. Cts passes
Click to expand...
Click to collapse
sorry... i did it but it didn't work! :crying:
I've unlocked the bootloader. I've grabbed boot.img and patched it with Magisk, etc. and now I'm rooted. Great.
But I cannot pass SafetyNet.
I've done MagiskHide, easy enough.
But I also installed the "Universal SafetyNet Fix" module ("This is a universal fix for SafetyNet on devices with hardware attestation and unlocked bootloaders or custom verified boot keys. It defeats both hardware attestation and the new SafetyNet CTS profile updates released on January 12, 2021. The only requirement is that you can pass basic attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels.")
And I've also installed the "MagiskHide Props Config" module and run the "props" command. I've tried going through various options, changing the signature (they don't have OnePlus 9 Pro though, best I could do was OnePlus 8T Pro) and even doing full emulation. No matter what options I try, I cannot pass SafetyNet. As a result, things like Netflix won't show up in the play store.
Anybody had any luck?
In the past I've additionally installed a custom kernel, one that would hide the fact that the bootloader was unlocked and help pass safetynet. I think that's the "puzzle piece" I'm missing.
I can't stand the new xda forums. Can't easily find the kernel development threads or even the custom ROM's threads.
There's an issue with safetynet on the latest Magisk. You need the canary version to pass safetynet.
entropism said:
There's an issue with safetynet on the latest Magisk. You need the canary version to pass safetynet.
Click to expand...
Click to collapse
Really? Omg I've been fighting with SafetyNet for 2 days trying different modules and options...
Ok let me try Canary.
Son of a ... Ok, well that worked. Kind of annoyed I learned all about "Universal SafetyNet Fix" and hardware attestation and the new SafetyNet CTS profile updates released on January 12, 2021. And then I learned about
MagiskHide Props Config and props files and device fingerprints, etc.
Oh well, at least I can pass safetynet.
Should I delete this thread? Help reduce some clutter.
glitchsys said:
Son of a ... Ok, well that worked. Kind of annoyed I learned all about "Universal SafetyNet Fix" and hardware attestation and the new SafetyNet CTS profile updates released on January 12, 2021. And then I learned about
MagiskHide Props Config and props files and device fingerprints, etc.
Oh well, at least I can pass safetynet.
Should I delete this thread? Help reduce some clutter.
Click to expand...
Click to collapse
I would leave the thread so that people can search if they have the same issue. Not everyone knows to use canary (obviously... lol) and there are other good ideas in your post that may resolve other issues.
This literally happened last week, and it will be pushed to the main Magisk module shortly. I learned about it when my 7T wouldn't pass safety.
I've enabled magical hide, have added props config module and changed fingerprint to Pixel 5, and have flashed universal safetynet fix, and lastly I updated to canary build. I still don't pass CTS. Any help?
I installed this Canary version from Magisk GitHub and pass... T-Mobile variant running it with Omega Kernel.
I am passing safety net, but can't get Netflix to work. It is saying it's not compatible with my device and to update to latest version
the bolt of thunder said:
I am passing safety net, but can't get Netflix to work. It is saying it's not compatible with my device and to update to latest ve
Click to expand...
Click to collapse
Did you clear data and cache for the play store and also Magisk hide all the Google Play Service information.. it's working for me..
I cleared data and cache for Netlfix only. I did Magisk hide all the Google Play Services. Unfortunately I unrooted and re-locked my bootloader. I will root again maybe after some time. Very sad.
the bolt of thunder said:
I am passing safety net, but can't get Netflix to work. It is saying it's not compatible with my device and to update to latest version
Click to expand...
Click to collapse
I had to uninstall all updates to Netflix and then update again in the Play Store to get it working again. Before the last OTA I had to install a standalone APK over the system Netflix because Play Store version didn't work at all. Netflix does work on rooted devices, it's just a bit of a hassle for some reason.
entropism said:
There's an issue with safetynet on the latest Magisk. You need the canary version to pass safetynet.
Click to expand...
Click to collapse
thanks
glitchsys said:
Son of a ... Ok, well that worked. Kind of annoyed I learned all about "Universal SafetyNet Fix" and hardware attestation and the new SafetyNet CTS profile updates released on January 12, 2021. And then I learned about
MagiskHide Props Config and props files and device fingerprints, etc.
Oh well, at least I can pass safetynet.
Should I delete this thread? Help reduce some clutter.
Click to expand...
Click to collapse
Did you uninstall magisk and all the modules? Having the same issue won't pass CTS profile match.
I installed Android 13 yesterday and had some trouble getting GPay/Wallet contactless payments working. Here's what eventually worked for me:
Magisk 25.2 (Github, XDA)
Hide Magisk app
Enable Zygisk
Enforce DenyList
Add the usual suspects to DenyList (Google Play Store, Google Services Framework, Google Play Protect Service, Wallet/GPay app)
Install @Displax Universal SafetyNet Fix Mod as a Magisk module (kdrag0n's unmodded original did not work for me)
Clear storage/cache from GPay/Wallet, Play Store, and Play Services
Reboot
And that's it. No messing around with hiding props configs or anything like that.
I used a couple of apps to check my Safetynet/Play Integrity status: YASNAC (Github, Play Store) and Integrity Checker by @1nikolas (Play Store). On YASNAC, you need to pass Basic integrity and CTS profile match. On Integrity Checker, you need MEETS_DEVICE_INTEGRITY (which I didn't have with the standard Universal Safetynet Fix; I needed Displax's mod) and MEETS_BASIC_INTEGRITY. I don't have MEETS_STRONG_INTEGRITY; it's my understanding that you can't get that with root/unlocked bootloader at the moment. However, it appears you can get contactless payments working without it.
I hope having all this information together helps others, as I had a bit of trouble hunting it down.
Bringing from the kernel thread so we keep the off-topic to a minimum there.
triggerhappy_ said:
Reinstalling SafetyNet Fix 2.3.1 in Magisk Modules seems to be working fine.
Spoiler: YASNAC CTS profile check
View attachment 5687621
But still I haven't DEVICE_INTEGRITY in Play Integrity API checker. upd. after cleaning cache, now it doesn't have even BASIC.
Spoiler: API checker
View attachment 5687635
The app is probably corrupted, others are just doing fine. Anyway.
Spoiler: SafetyNet checker
View attachment 5687649
Click to expand...
Click to collapse
The newer Mod version of 2.3.1 Universal Safety Net fix referenced in the OP fixed the device integrity for me just now. I uninstalled the original fix (didn't reboot yet), then installed the new fix, rebooted, and I got device integrity passed.
direwolf1 said:
Add the usual suspects to DenyList (Google Play Store, Google Services Framework, Google Play Protect Service, Wallet/GPay app)
Click to expand...
Click to collapse
You don`t need to add all this stuff to DenyList when using USNF.
Weird that some don't work and others do *typical of Google though I guess lmao*. I've been using mine fine since the moment I first flashed it without any of above hassle. The Wallet might be bank related but integrity I dunno what would be the difference
This worked for me. I followed the same procedure in the exact order and experienced the same thing all the way through. Thanks very much for taking the time to make this post, I was absolutely dreading this and you made it easy for me!
Displax said:
You don`t need to add all this stuff to DenyList when using USNF.
Click to expand...
Click to collapse
Thanks! Appreciate the tip and the great work on the mod!
You can also install Shamiko for banking apps that need to be hidden. Mark but disable the deny list.
For those that have done this, is all DRM related stuff working with Widevine L1, etc (Netflix, Hulu, Peacock, etc)...
I can confirm for Hulu, works perfectly well with Displax's mod of USNF 2.3.1 and Shamiko.
Is it weird I'm still passing Integrity and Safetynet after the Android 13 update with the original kdrag0n module? Or is this one of those slow rollout things that will eventually affect me?
Thanks for this! Did the exact steps as the OP and everything works perfectly!
HereticBG said:
Is it weird I'm still passing Integrity and Safetynet after the Android 13 update with the original kdrag0n module? Or is this one of those slow rollout things that will eventually affect me?
Click to expand...
Click to collapse
Until I used the SafetyNet v1.31 MOD version, I only passed basic integrity in the Integrity Checker app. After I installed the MOD version, I then passed Device Integrity as well.
direwolf1 said:
I installed Android 13 yesterday and had some trouble getting GPay/Wallet contactless payments working. Here's what eventually worked for me:
Magisk 25.2 (Github, XDA)
Hide Magisk app
Enable Zygisk
Enforce DenyList
Add the usual suspects to DenyList (Google Play Store, Google Services Framework, Google Play Protect Service, Wallet/GPay app)
Install @Displax Universal SafetyNet Fix Mod as a Magisk module (kdrag0n's unmodded original did not work for me)
Clear storage/cache from GPay/Wallet, Play Store, and Play Services
Reboot
And that's it. No messing around with hiding props configs or anything like that.
I used a couple of apps to check my Safetynet/Play Integrity status: YASNAC (Github, Play Store) and Integrity Checker by @1nikolas (Play Store). On YASNAC, you need to pass Basic integrity and CTS profile match. On Integrity Checker, you need MEETS_DEVICE_INTEGRITY (which I didn't have with the standard Universal Safetynet Fix; I needed Displax's mod) and MEETS_BASIC_INTEGRITY. I don't have MEETS_STRONG_INTEGRITY; it's my understanding that you can't get that with root/unlocked bootloader at the moment. However, it appears you can get contactless payments working without it.
I hope having all this information together helps others, as I had a bit of trouble hunting it down.
Click to expand...
Click to collapse
Thanks so much for your detailed instructions.
Could you please be so kind as to check whether Xprivacylua works with your settings?
Looking forward to your comments
bush911 said:
Thanks so much for your detailed instructions.
Could you please be so kind as to check whether Xprivacylua works with your settings?
Looking forward to your comments
Click to expand...
Click to collapse
I don't use Xposed, so unfortunately I can't test that for you.
roirraW edor ehT said:
Until I used the SafetyNet v1.31 MOD version, I only passed basic integrity in the Integrity Checker app. After I installed the MOD version, I then passed Device Integrity as well.
Click to expand...
Click to collapse
That's what's weird, I pass both Basic and Device Integrity without the new MOD version, just using the old kdrag0n module. I guess it'll just hit me eventually lol
bush911 said:
Thanks so much for your detailed instructions.
Could you please be so kind as to check whether Xprivacylua works with your settings?
Looking forward to your comments
Click to expand...
Click to collapse
try to use shamiko if you use lspoed
LLStarks said:
You can also install Shamiko for banking apps that need to be hidden. Mark but disable the deny list.
Click to expand...
Click to collapse
also a blank whitelist file in /data/adb/shamiko will hide all rooted things from the system you can chack rooted status with MOMO app
Druboo666 said:
try to use shamiko if you use lspoed
Click to expand...
Click to collapse
Thank you for the input, I use Xpivacy mainly for hooking location as well other items, but shamiko is for hiding root?
bush911 said:
Thank you for the input, I use Xpivacy mainly for hooking location as well other items, but shamiko is for hiding root?
Click to expand...
Click to collapse
shamiko should hide both lspoed and root.not sure give it a try
It worked perfect on Pixel 6 with Android 12 thanks!