SafetyNet flags Z2Pro? - Lenovo Zuk Z2 Pro Questions & Answers

Hello!
The SafetyNet check was updated again - now my Zuk Z2 Pro does not pass the check anymore. The main problem here is, that I already tried a fully unroot it (before the SafetyNet update it was working fine with Magisk v6) and it is still not passing the test. So I have the suspicion, that maybe they blocked the Z2(P) completely, which wouldn‘t be that odd, because (as far as I know) several other devices from chinese manufacturers are blocked already. (The other reason would be, that I messed up my device and still have some root-leftovers remaining.)
Because of that I wanted to ask, if you could check if SafetyNet is passing for you on you Z2(P) and post the results here with your device info (Rom, unlocked?, rooted and if so, which method used?). To do this, I used the following app: SafetyNet Playground
My results:
Device: Zuk Z2 Pro
Rom: ZUI 2.1.120 ST
Unlocked: Yes
Rooted: Magisk v6 + phhsupersu and also without root
Result: Safetynet not passing
Thanks in advance for your help!

I guess you still have some some root-leftovers
Device: Zuk Z2 Pro
Rom: ZUI 2.0.048 ST (international from oppomart)
Unlocked: Yes
Rooted: unrooted
Result: Safetynet is passing

zendertrick said:
I guess you still have some some root-leftovers
Device: Zuk Z2 Pro
Rom: ZUI 2.0.048 ST (international from oppomart)
Unlocked: Yes
Rooted: unrooted
Result: Safetynet is passing
Click to expand...
Click to collapse
Thank you and you were right: I still had some leftovers on my device. Don‘t know exactly what was causing the issue, but managed to get it work by rooting my device again with the TWRP method and then unrooting it, by using the supersu app. What this does, is, to flash the stock image, that was automatically backuped before installing Supersu.
SafteyNet is working fine now! So, I can also confirm that this is not a device specific issue.

Related

Magisk 13.2, LineageOS, & SafetyNet

I have a Galaxy S5 that I recently loaded with Lineage 14.1. I'm having an issue with SafetyNet. I ran the uninstall.zip to get rid of Magisk 10, then installed Magisk 13.2. After boot up, all is well, and I pass SafetyNet check. Then I'm prompted to update Magisk Manager to 5.6.4. I allow the update, then reboot. After reboot, I no longer pass SafetyNet. Enabling Core Only Mode and rebooting does not fix the problem. I get "false" on both CTS Profile and Basic Integrity. I can't figure out what is going on. I've wiped and reloaded about 15 times now, and the same thing happens every time. As soon as I update Magisk Manager, the Safety Net fails.
install 13.3
13.2 no longer passes safetynet
Nomelas said:
install 13.3
13.2 no longer passes safetynet
Click to expand...
Click to collapse
After 13.3 auto-installed yesterday evening, everything is up and running again.
Magisk and bootloader check
Oh! The 13.3 docs clearly say MagiskHide hides unlicked bootloaders. My question below is moot, then, unless i misunderstood something. Time to.play on a Galaxy S5 before I unlock my LG V20. Sorry to waste everone's time.
This might be a stupid question, but I can find no discussion sbout Magisk and hiding the unlocked bootloader status returned by the verified boot check returned by the kernel which should be patched to not report having that feature.
I presume that is independent of what Magisk hides, or can it? It would have to know how to patch all kernels, no?
So, I look for patched kernels for specific LineageOS builds but can find no mention of such things.
Does Magisk do this, or do I have to find a patched version of the kernel, or patch it myself?
rhollan said:
Oh! The 13.3 docs clearly say MagiskHide hides unlicked bootloaders. My question below is moot, then, unless i misunderstood something. Time to.play on a Galaxy S5 before I unlock my LG V20. Sorry to waste everone's time.
This might be a stupid question, but I can find no discussion sbout Magisk and hiding the unlocked bootloader status returned by the verified boot check returned by the kernel which should be patched to not report having that feature.
I presume that is independent of what Magisk hides, or can it? It would have to know how to patch all kernels, no?
So, I look for patched kernels for specific LineageOS builds but can find no mention of such things.
Does Magisk do this, or do I have to find a patched version of the kernel, or patch it myself?
Click to expand...
Click to collapse
Magisk Hide hides it, see the source code of Magisk:
https://github.com/topjohnwu/Magisk...22b1dbb93b203/jni/magiskhide/hide_utils.c#L22
https://github.com/topjohnwu/Magisk...22b1dbb93b203/jni/magiskhide/hide_utils.c#L26
Deic said:
Magisk Hide hides it, see the source code of Magisk
Click to expand...
Click to collapse
I have verified this on a Galaxy S5 (I should really add my devices: rooted Galaxy S5 running LineageOS 14.1 and unrooted LG V20) and also verified that Magisk serves as a root gate with a root checker and that it allows SafetyNet checks to pass when installed with recent TWRP recovery and LineageOS 14.1. I have been a little reluctant yet to unlock the bootloader on the V20 since it's a one-way trip.
But. here's the weird thing: if I uninstall Magisk, SafetyNet checks still pass despite TWRP being installed along with LineageOS. Android Pay doesn't complain either (though I have not actually tried to purchase anything using it). So, what gives? Why do SafetyNet checks pass if these are installed? Maybe I should install non-systemless SuperSU and see if that makes the checks fail.
---------- Post added at 07:48 PM ---------- Previous post was at 07:43 PM ----------
Deic said:
Magisk Hide hides it, see the source code of Magisk:]
Click to expand...
Click to collapse
Oh My God! It's full of C!

Magisk 16 Now TV detecting root

Has anyone else experienced issues with nowtv detecting root.
Now TV updated the app recently was running on magisk 15.3 fine, then started to detect a modified boot img. Its on a Samsung Galaxy a6.
I wiped the tablet and started fresh last night, stock rom, upgraded to Magisk 16, get the same message again on now tv, that its a modifed boot img.
Have it hidden within magisk hide (this used to work)
All other streaming services are working fine (Netflix, amazon)
It passes the safety net test fine.
wookieg said:
Has anyone else experienced issues with nowtv detecting root.
Now TV updated the app recently was running on magisk 15.3 fine, then started to detect a modified boot img. Its on a Samsung Galaxy a6.
I wiped the tablet and started fresh last night, stock rom, upgraded to Magisk 16, get the same message again on now tv, that its a modifed boot img.
Have it hidden within magisk hide (this used to work)
All other streaming services are working fine (Netflix, amazon)
It passes the safety net test fine.
Click to expand...
Click to collapse
Having the same issue this end too if anyone can point us in the right direction.
https://www.didgeridoohan.com/magisk/MagiskHideHidingRoot
If none of that works, maker sure to provide logs (it's described in the link).
I fixed it by repackaging/hiding the magisk app
Sorry, noob question but what do you mean?
Aaronmod said:
Sorry, noob question but what do you mean?
Click to expand...
Click to collapse
Open Magisk Manager --> Settings --> Tap On Hide Magisk Manager
liboemcrypto disabler
Hi, I found the final solution. The liboemcrypto disabler module is for us. I used it on Redmi 5 Plus with OmniROM 8.1 20180812 and Magisk 16.6. I tried everything and it seems to me crazy in SafetyNet, which perhaps does not even have to do. Then I installed the module in question, restarted and everything works perfectly. Thanks to "ianmacd".
This is the module link: https://forum.xda-developers.com/apps/magisk/magisk-liboemcrypto-disabler-drm-t3794393
ooonea said:
Hi, I found the final solution. The liboemcrypto disabler module is for us. I used it on Redmi 5 Plus with OmniROM 8.1 20180812 and Magisk 16.6. I tried everything and it seems to me crazy in SafetyNet, which perhaps does not even have to do. Then I installed the module in question, restarted and everything works perfectly. Thanks to "ianmacd".
This is the module link: https://forum.xda-developers.com/apps/magisk/magisk-liboemcrypto-disabler-drm-t3794393
Click to expand...
Click to collapse
It still works now, just tried with NowTV version 10.7.0 and it works, thanks man!
ooonea said:
Hi, I found the final solution. The liboemcrypto disabler module is for us. I used it on Redmi 5 Plus with OmniROM 8.1 20180812 and Magisk 16.6. I tried everything and it seems to me crazy in SafetyNet, which perhaps does not even have to do. Then I installed the module in question, restarted and everything works perfectly. Thanks to "ianmacd".
This is the module link: https://forum.xda-developers.com/apps/magisk/magisk-liboemcrypto-disabler-drm-t3794393
Click to expand...
Click to collapse
Hi, it doesn't work on my phone with LineageOS 14.1 on it.

Magisk problem with SafetyNet control

Good morning all
I just installed on my Note 9 "Guinea Pig" SM-N960F the new version of the 5DTB6 XEF rom and I have a problem with SafetyNet control.
I have this under Magisk Manager v7.5.1:
- Successful SafetyNet Control
- CtsProfile: False
- BasicIntegrity: True
And in Google Play Store, under "Settings" it says "The device is not certified"
(I deleted the data from the Google Play Store app and reboot without solving the problem)
Besides now I have the same problem with my other Galaxy Note 9 SM-N960F under 4DTA5 XEF for which SafetyNet was OK when installing this version last month.
Test 1: I reinstall Odin version 5DTB6 with CSC_xxx to reset everything, without the Root -> Identical error
Test 2: Root using the AP file patch method without TWRP -> Identical error
Test 3: Root with TWRP -> Identical error
No problem with my One + 7T Pro, SafetyNet is OK, under Google Play Store, there is the mention "The device is certified" with the same version of Magisk and Recovery Stock.
Have you noticed the same SafetyNet problem under Magisk Manager ??
Thank you for your answers and have a nice day
my previously working N9600 has SafetyNet broken as well (same thing, CTS profile false, basic integrity true). Apparently it's not just Note9s, a lot of devices are having issues. As for a fix, the best thing rn I believe is to just wait and see if it gets resolved....
I tried SafetyPatcher, magisk core only mode, and fingerprint changer with no luck. I'm restoring a backup to see if it changes (and fix some other stuff, will update if that makes a differnce)
Edit: Restoring from a previous system partition backup didn't help either but curiously PoGo (which won't work at all without safetynet I believe) works fine so idk what is wrong

Question Safetynet NOT passing on stock rom or any other custom roms that use MIUI Vendor

I've fastboot flashed the official stock rom, MIUI EU and others. They all don't pass safetynet the CTS profile mismatch which means my device isn't certified in google play store. Other OSS roms like arrowOS works and passes.
How can I fix it
Found a potential fix here. Testing it in a few. Will update. https://droidholic.com/fix-safetynet-failed-cts-profile-false/
TechV said:
I've fastboot flashed the official stock rom, MIUI EU and others. They all don't pass safetynet the CTS profile mismatch which means my device isn't certified in google play store. Other OSS roms like arrowOS works and passes.
How can I fix it
Click to expand...
Click to collapse
Download and enable "MagiskHide Props Config" module from the magisk modules section. Reboot. The method provided from droidholic did not work for me on Motorola G Power 2021 Boost Mobile USA variant Magisk rooted. Nor did MagiskHide props. However, My play store and certain easily triggered apps still work thanks to the Magisk Hide props module.
DrRoxxo said:
Download and enable "MagiskHide Props Config" module from the magisk modules section. Reboot. The method provided from droidholic did not work for me on Motorola G Power 2021 Boost Mobile USA variant Magisk rooted. Nor did MagiskHide props. However, My play store and certain easily triggered apps still work thanks to the Magisk Hide props module.
Click to expand...
Click to collapse
I don't want to use magisk. My phone can't be rooted because of work related reasons. I flashed the latest fastboot rom and it still doesn't pass CT profile check. My play store says device is not certified.
How can this be?
TechV said:
I don't want to use magisk. My phone can't be rooted because of work related reasons. I flashed the latest fastboot rom and it still doesn't pass CT profile check. My play store says device is not certified.
How can this be?
Click to expand...
Click to collapse
Unlocked bootloader
Why you flash stock without to wanna root, instead only update original fw if it's a company phone?
You can try to lock the bootloader again with miflash but I recommend to read exactly the manuals before locking again.
DrRoxxo said:
Found a potential fix here. Testing it in a few. Will update. https://droidholic.com/fix-safetynet-failed-cts-profile-false/
Click to expand...
Click to collapse
This fix worked for me. Thank you!
Sweet + OctaviOS 2.8
Koerschgen said:
This fix worked for me. Thank you!
Sweet + OctaviOS 2.8
Click to expand...
Click to collapse
I am absolutely ecstatic to hear that!
TechV said:
I don't want to use magisk. My phone can't be rooted because of work related reasons. I flashed the latest fastboot rom and it still doesn't pass CT profile check. My play store says device is not certified.
How can this be?
Click to expand...
Click to collapse
I am no expert, but I do believe once the bootloader is unlocked, it triggers a flag at boot level. It does warn against unlocking the bootloader on most devices prior to unlocking. I'd say that once anything is flashed, another flag is triggered. It's like Knox, but for the boot level I think. If you check the bootloader, there is usually some red and yellow colored text output that helps to diagnose the current state of the device. I am no pro, so I hope this makes sense and provides answers.
DrRoxxo said:
I am no expert, but I do believe once the bootloader is unlocked, it triggers a flag at boot level. It does warn against unlocking the bootloader on most devices prior to unlocking. I'd say that once anything is flashed, another flag is triggered. It's like Knox, but for the boot level I think. If you check the bootloader, there is usually some red and yellow colored text output that helps to diagnose the current state of the device. I am no pro, so I hope this makes sense and provides answers.
Click to expand...
Click to collapse
No unlocked bootloader has nothing to do with it. Google broke safetynet for almost all ROMS starting sep 2 I think. The latest Arrow OS ROM and a few other ROMS that just released new builds pass safetynet once again.
hi
I have A video on it all Necessary information and modules are in a single zip file to pass safety net, follow v the video and pass Safetynet
link here
@TechV did you find a solution to this?

How to root OSS and still pass safetynet checks (2022)

So I just bought a OnePlus 7T Pro McClaren Edition and its great
But I would really like to have it rooted.
I currently finally have stock rom installed again (after many frustrating hours) and am now passing the safetynet check.
I can:
1. Install Magisk (as an apk),
2. Patch boot.img
3. Unlock oem
4. Flash the patched img file
This works and I can have root access.
So far, unless I flash the original boot.img and wipe data again, I cannot lock OEM again (without seeing the corrupted data message).
Also, without locking oem, I'd keep getting the boot warning about bootloader being unlocked (which I guess is not so bad).
Seems like unless I have stock rom flashed, the safetynet check CTS test fails.
Anyways, I'm trying to find a way to root OOS and still pass the safetynet checks.
Thanks.
You need to enable Zygisk in Magisk, configure DenyList (walletfcrel, walletnfrćrelrimes_lifeboat and gapps and gservices), clear all data from Play Store, Play Services and GPay and reboot
Hi, Gpay updated to Google Wallet this method no longer works.
slapman said:
Hi, Gpay updated to Google Wallet this method no longer works.
Click to expand...
Click to collapse
Hi, yes, it does, i can confirm on both Oneplus 7 and Oneplus 7t Pro. You need to install universalsafetynetfix magisk module additionally and don't forget to wipe the data of gpay, google play and play services
DartGerion said:
Hi, yes, it does, i can confirm on both Oneplus 7 and Oneplus 7t Pro. You need to install universalsafetynetfix magisk module additionally and don't forget to wipe the data of gpay, google play and play services
Click to expand...
Click to collapse
At the time it didn't, and I had to find the the updated safetnet fix especially after updating to Android 12 and I custom ROM crDroid 13.
What Android version /oos version are you using ?

Categories

Resources