This module hides bootloader unlock from the entire system, including GMS, meaning that stock ROMs can pass custom verification, as well as custom ROMs with magisk enabled. Module code is here. The actual code of this module (see post-fs-data.sh) can be used to pass safetynet on stock ROMs, even without magisk, provided your /system is unmodified! :angel::highfive:
The module is tested on my Honor 9 Lite, unlocked, lineageos 15.1, MM 5.6.3, Magisk 16.0
Download: Magisk Downloads page
WARNING: phhusson ROMs, as well as official Google gsi's without a fingerprint patch cannot pass safetynet without V2 or higher, or magiskhide props config
Debugging:
Please open a root shell and run
Code:
safetypatch
and select option 1 to debug.
If, in /proc/cmdline, androidboot.verifiedbootstate is green, this module is functioning correctly and some other aspect of your system is detected by safetynet.
Note: Pie ROMs might need ianmacd magisk builds to pass any kind of safetynet. In my experience you need this module and ianmacd magisk.
hackintosh5 said:
This module hides bootloader unlock from the entire system, including GMS, meaning that stock ROMs can pass custom verification, as well as custom ROMs with magisk enabled. Module code is here. The actual code of this module (see post-fs-data.sh) can be used to pass safetynet on stock ROMs, even without magisk, provided your /system is unmodified! :angel::highfive:
The module is tested on my Honor 9 Lite, unlocked, lineageos 15.1, MM 5.6.3, Magisk 16.0
Download: https://github.com/penn5/SafetyPatch/releases/tag/v1
Click to expand...
Click to collapse
Hello, thanks for your work, but i don't understand how this module, by this shell:
Code:
mount -o bind /data/local/tmp/cmdline /proc/cmdline
sed 's/ORANGE/GREEN/' /proc/cmdline > /data/local/tmp/cmdline
is supposed to fix the SN ?
Also i don't think that it could help to fix the SN if Xposed is installed ? Tell me if i'm wrong..
Rom said:
Hello, thanks for your work, but i don't understand how this module, by this shell:
is supposed to fix the SN ?
Also i don't think that it could help to fix the SN if Xposed is installed ? Tell me if i'm wrong..
Click to expand...
Click to collapse
This is not for SN, but to fix safetynet fail. Use HCU to fix SN.
Sent from my kminiltexx using XDA Labs
Doesn't Magisk itself already hides the unlocked BL state?
Sent from my Xiaomi Redmi Note 5 using XDA Labs
VincentJoshuaET said:
Doesn't Magisk itself already hides the unlocked BL state?
Click to expand...
Click to collapse
No. Magisk hides itself
Sent from my kminiltexx using XDA Labs
hackintosh5 said:
No. Magisk hides itself
Sent from my kminiltexx using XDA Labs
Click to expand...
Click to collapse
Wrong...
MagiskHide does hide a few system properties, among others an unlocked bootloader.
https://github.com/topjohnwu/Magisk...2cebb240c4/native/jni/magiskhide/hide_utils.c
If you have an additional method for hiding an unlock bootloader, that would make a great addition to MagiskHide. You could open a pull request for it to be included in a future release.
Didgeridoohan said:
Wrong...
MagiskHide does hide a few system properties, among others an unlocked bootloader.
https://github.com/topjohnwu/Magisk...2cebb240c4/native/jni/magiskhide/hide_utils.c
If you have an additional method for hiding an unlock bootloader, that would make a great addition to MagiskHide. You could open a pull request for it to be included in a future release.
Click to expand...
Click to collapse
Correct...
MagiskHide doesn't hide anything in the cmdline. If you're going to disclaim my module, at least do your research. Even in the README, I tell the commands that the module uses.
Yes, that's a good idea. I will submit a PR, thanks for the idea!
Sent from my kminiltexx using XDA Labs
hackintosh5 said:
If you're going to disclaim my module, at least do your research.
Click to expand...
Click to collapse
Calm down... There was no disclaiming of your module in my post. Just your statement that Magisk does not hide an unlocked bootloader. It does...
But of course, there are many different Android devices and there are many different ways of doing things, and they don't work the same universally. Which is why I suggested you make a PR of the method you have. :good:
I'm using a pixel xl on dp3 and this doesn't help to pass basic integrity. Both basic and cts are still failing
bkkzak said:
I'm using a pixel xl on dp3 and this doesn't help to pass basic integrity. Both basic and cts are still failing
Click to expand...
Click to collapse
Official ROMs not designed for production use will intentionally force the system to fail safetynet. This will be detected and so fail
Sent from my kminiltexx using XDA Labs
hackintosh5 said:
This module hides bootloader unlock from the entire system, including GMS, meaning that stock ROMs can pass custom verification, as well as custom ROMs with magisk enabled. Module code is here. The actual code of this module (see post-fs-data.sh) can be used to pass safetynet on stock ROMs, even without magisk, provided your /system is unmodified! :angel::highfive:
The module is tested on my Honor 9 Lite, unlocked, lineageos 15.1, MM 5.6.3, Magisk 16.0
Download: https://github.com/penn5/SafetyPatch/releases/tag/v1
WARNING: phhusson ROMs cannot pass safetynet.
Click to expand...
Click to collapse
Excuse me, how do I install the module?
Twixy13 said:
Excuse me, how do I install the module?
Click to expand...
Click to collapse
Magisk Manager -> Modules -> + -> Find the zip.
Sent from my kminiltexx using XDA Labs
Do i need a custom kernel for this to work?
It's not working on my stock honor 8. I even tried it with magiskhide props config with a honor 9 and galaxy 6 fingerprint and play store is still uncertified which means safetynet fails
JimZiii said:
play store is still uncertified which means safetynet fails
Click to expand...
Click to collapse
The two are related, yes, but one doesn't exclude the other (you can pass SafetyNet and still be uncertified).
Check SafetyNet with the Magisk Manager or a separate app. If it passes, clear data for the Play Store and reboot. That should be it...
Didgeridoohan said:
The two are related, yes, but one doesn't exclude the other (you can pass SafetyNet and still be uncertified).
Check SafetyNet with the Magisk Manager or a separate app. If it passes, clear data for the Play Store and reboot. That should be it...
Click to expand...
Click to collapse
Ok, for some reason I still can't pass. I've checked it with magisk and a separate app. Even after I factory reset my phone, flashed new firmware and the first thing I installed was magisk to try the safetynet and still I couldn't pass. First I thought it might be something in the new firmware so I tried a bunch of older firmwares which all had the same result.
JimZiii said:
Ok, for some reason I still can't pass. I've checked it with magisk and a separate app. Even after I factory reset my phone, flashed new firmware and the first thing I installed was magisk to try the safetynet and still I couldn't pass. First I thought it might be something in the new firmware so I tried a bunch of older firmwares which all had the same result.
Click to expand...
Click to collapse
This is getting slightly OT for this thread (but that's up to @hackintosh5, of course). Take a look here (start with the Basics and then move on to the SafetyNet chapter) and if you still need help after that, I think you'd better move it to the General support thread:
https://www.didgeridoohan.com/magisk/MagiskHide
And don't forget this part:
https://www.didgeridoohan.com/magisk/MagiskHideHelp
Didgeridoohan said:
This is getting slightly OT for this thread (but that's up to @hackintosh5, of course). Take a look here (start with the Basics and then move on to the SafetyNet chapter) and if you still need help after that, I think you'd better move it to the General support thread:
https://www.didgeridoohan.com/magisk/MagiskHide
And don't forget this part:
https://www.didgeridoohan.com/magisk/MagiskHideHelp
Click to expand...
Click to collapse
Ok, I think I found the problem, magiskhide don't seem to be working. I get logs so logging must be on and namespace is working because there's no error on proc_monitor or anywhere else in the magisk logs. But if I hide a root checker our another app using root they still get root.
Do you have any ideas?
JimZiii said:
Ok, I think I found the problem, magiskhide don't seem to be working. I get logs so logging must be on and namespace is working because there's no error on proc_monitor or anywhere else in the magisk logs. But if I hide a root checker our another app using root they still get root.
Do you have any ideas?
Click to expand...
Click to collapse
Is magisk hide actually turned on?
Sent from my kminiltexx using XDA Labs
hackintosh5 said:
Is magisk hide actually turned on?
Sent from my kminiltexx using XDA Labs
Click to expand...
Click to collapse
yes its on, i've added specific apps to try if they still got root and there's no difference when i check the box in magisk hide for apps
JimZiii said:
yes its on, i've added specific apps to try if they still got root and there's no difference when i check the box in magisk hide for apps
Click to expand...
Click to collapse
Apps can still detect root, even if you pass safetynet. Run the magisk inbuilt checker
Sent from my kminiltexx using XDA Labs
Related
I've been reading several threads here and in other forums as well, and I still not sure if this is possible at all, or it depends on the Xposed modules, etc.
I'm planning to do a clean install of the RR ROM, 6.0.1, try to remove all traces of root, then flash magisk and see if I can pass SafetyNet.
Does a custom kernel interfieres with that?
And if I pass it... any possibility to use Xposed (being active) and pass SafetyNet? Or at least hide it for problematic apps, like Netflix, or Mario Run?
Thanks in advance.
No, Xposed and SafetyNet is a no-go for now.
If you have a device, which ROM has security patches older than November 2016, you may try to use suhide along with Magisk and its MagiskHide, but no guarantees.
The ROM I plan to use is from september, you mean with suhide maybe SafetyNet could pass with Xposed enabled?
Thanks!
eXtremeDevil said:
I've been reading several threads here and in other forums as well, and I still not sure if this is possible at all, or it depends on the Xposed modules, etc.
I'm planning to do a clean install of the RR ROM, 6.0.1, try to remove all traces of root, then flash magisk and see if I can pass SafetyNet.
Does a custom kernel interfieres with that?
And if I pass it... any possibility to use Xposed (being active) and pass SafetyNet? Or at least hide it for problematic apps, like Netflix, or Mario Run?
Thanks in advance.
Click to expand...
Click to collapse
With Xposed Safetynet gone.
But you can use no device check module to pass ctsProfile True. But you can't anything about basicintegrity.
the ctsProfile in important. This mean you can play super Mario run or use Netflix in your device. But because of the basicintegrity you can't download or update this app from play store. You can download from apkmirror site.
Netflix and super Mario run in my phone.
Sent from my HTC U11 using Tapatalk
arianat said:
With Xposed Safetynet gone.
But you can use no device check module to pass ctsProfile True. But you can't anything about basicintegrity.
the ctsProfile in important. This mean you can play super Mario run or use Netflix in your device. But because of the basicintegrity you can't download or update this app from play store. You can download from apkmirror site.
Netflix and super Mario run in my phone.
Sent from my HTC U11 using Tapatalk
Click to expand...
Click to collapse
Let's see if I understood it correctly. Can I have custom ROM + Magisk + SuperSU + custom kernel + Xposed active and with this module I can use that kind of apps?
Thanks!
eXtremeDevil said:
Let's see if I understood it correctly. Can I have custom ROM + Magisk + SuperSU + custom kernel + Xposed active and with this module I can use that kind of apps?
Thanks!
Click to expand...
Click to collapse
Yes. I have custom kernel on ViperU 1.7 custom Rom in HTC U11
but I think you can't use superSu with magisk. You must use one of them. Why you want superSu? Magisk has superuser
Just install Xposed and install no device check module in Xposed installer
Sent from my HTC U11 using Tapatalk
arianat said:
Yes. I have custom kernel on ViperU 1.7 custom Rom in HTC U11
but I think you can't use superSu with magisk. You must use one of them. Why you want superSu? Magisk has superuser
Just install Xposed and install no device check module in Xposed installer
Sent from my HTC U11 using Tapatalk
Click to expand...
Click to collapse
I use an older Magisk that supports SuperSU. If I need newer Magisk for this to work, or if the module doesn't work with SuperSU, please let me know.
Thanks!
Best way really is root switch, requires reboot and disables xposed bit gets the job done.
kekistaneerefugee said:
Best way really is root switch, requires reboot and disables xposed bit gets the job done.
Click to expand...
Click to collapse
I don't want to be disabling Xposed and rebooting everytime...
eXtremeDevil said:
I use an older Magisk that supports SuperSU. If I need newer Magisk for this to work, or if the module doesn't work with SuperSU, please let me know.
Thanks!
Click to expand...
Click to collapse
The module worked with superuser and superSu
I tested
Sent from my HTC U11 using Tapatalk
Great, thanks, for now I will try MagiskSU. Just flashed ROM, removed su and SN passed. But installed boeffla kernel and not anymore. Is it normal? Can I avoid that? Gonna flash Magisk 13.3 now and check.
Thanks for everything guys!
Never mind, got SN again. But after installing Xposed systemless 87 I get bootloop Any idea why? Or is it really a very long boot? I have no Xposed modules at the time, just trying to boot it.
EDIT
Thanks to liveboot, I can see a boot error: Xposed: Can't find file.
Any clues???
Try install classic. If you don’t want disable xposed for pass basicintegrity , no need to install system less. Systemless xposed not active in my phone and I installed classic.
What’s your device? Do you wipe delvik & cache?
I flashed systemless Xposed from recovery and that did the trick.
If disabled, I pass SN. With the No device check module I pass cts profile.
But, Netflix does not work with that configuration. Maybe that app has extra checks? Thanks.
Sent from my ONE A2003 using Tapatalk
eXtremeDevil said:
I flashed systemless Xposed from recovery and that did the trick.
If disabled, I pass SN. With the No device check module I pass cts profile.
But, Netflix does not work with that configuration. Maybe that app has extra checks? Thanks.
Sent from my ONE A2003 using Tapatalk
Click to expand...
Click to collapse
What's do you mean extra configuration?
It's must work with pass ctsProfile. Just you can't update or download from play store.
Do you downloaded last version of Netflix for your device dpi and CPU architect from apkmirror?
Sent from my HTC U11 using Tapatalk
With Xposed disabled, and SafetyNet passing at 100%, Netflix says that my device is not compatible. Even installed from Google Play.
BTW, Mario Run only works if Magisk Hide is enabled for it, I guess that's normal (with Xposed active this time)
Thanks for all the clarifications, now I have a better understanding of it all
I guess this is the cause?
https://www.reddit.com/r/netflix/comments/69l2fp/all_netflix_no_longer_available_to_android/
Can anyone confirm?
Thanks!
eXtremeDevil said:
With Xposed disabled, and SafetyNet passing at 100%, Netflix says that my device is not compatible. Even installed from Google Play.
BTW, Mario Run only works if Magisk Hide is enabled for it, I guess that's normal (with Xposed active this time)
Thanks for all the clarifications, now I have a better understanding of it all
Click to expand...
Click to collapse
I don't know why Netflix not work for you. I have Netflix in my phone and using every day.
What's your phone Android build?
Netflix must work on your phone.
I have U11 and installed viperU magisk version custom rom. Android 7.1.1 and August patch.
Custom kernel and classic PurifyOS Xposed with so much modules like xprivacy, appsetting, hush sms, no device check , location report enabler, chromepie, native clipboard, and ...
Sent from my HTC U11 using Tapatalk
I have Resurrection Remix 6.0.1 from september 2016.
Is there a log or something where I can check what is cause Netflix refusal to work?
Do you have Magisk Hide enabled for those apps?
Thanks.
EDIT
Actually, Mario Run is now giving me the code error screen
CTS profile is passing.
EDIT 2
Additional info:
Super Mario Run works fine only for two levels, then is error 804-5100.
Netflix above version 4 (5 and later) says it is incompatible with my device.
- Both appear on Play Store.
- Store version is 8.1.73, installed this afternoon and cleared data.
- Bootloader is unlocked (maybe I should try to relock?).
- I can't find device verification in Play Store settings (is not there), even tried this:
https://forum.xda-developers.com/oneplus-2/help/module-fix-google-play-certification-t3602629
with no luck.
- Xposed installed with modules but disabled (from Xposed Manager).
- SafetyNet passing 100%.
- Tried both and without Magisk Hide enabled for the apps.
- Disabled superuser and enabled Magisk Core only.
- Build version: 6.0.1_r66 - MOB31E (my signature is outdated).
- I had Lucky Patcher but I uninstalled it.
- Also tried this:
https://forum.xda-developers.com/apps/magisk/xiaomi-safetynet-fix-t3600431
Nothing works.
Maybe some other app(s) is being detected by Netflix? Maybe a log would help? Or a full bug report?
Is it the ROM version? Maybe is device specific? Should I open a thread on the device's forum? Am I missing something?
Thanks in advance!
EDIT 3
Android Pay seems to work. I don't have NFC, I only got to the add card screen, but I guess that's enough.
EDIT 4
Kernel is Boeffla.
you need root switch
Hi,
It's a long time that I don't use root on my Oneplus 3T.
What I want to know is that if with the latest Oxygen Os, unlocked bootloader and latest magisk root / magisk hide I will be able to use Google Pay.
I know that Google can update SafetyNet detection algorithm, so usually if that happens after how long Magisk is updated to hide root again?
Thanks!
I had a message last time that tells me that if I have my bootloader unlocked, no matter if I have Magisk or not, Google Pay won't let me pay with NFC
tetra96 said:
I had a message last time that tells me that if I have my bootloader unlocked, no matter if I have Magisk or not, Google Pay won't let me pay with NFC
Click to expand...
Click to collapse
Without hiding the status of the bootloader, for sure Google Pay won't work. But Magisk Hide, can hide root status and bootloader status.
That's what I want to know, if Magisk Hide working or not
Waiting more responses from other users
andQlimax said:
Without hiding the status of the bootloader, for sure Google Pay won't work. But Magisk Hide, can hide root status and bootloader status.
That's what I want to know, if Magisk Hide working or not
Waiting more responses from other users
Click to expand...
Click to collapse
Google Pay works fine with Magisk. You don't need to hide it or hide Magisk Manager.
Sent from my OnePlus3T using XDA Labs
BillGoss said:
Google Pay works fine with Magisk. You don't need to hide it or hide Magisk Manager.
Sent from my OnePlus3T using XDA Labs
Click to expand...
Click to collapse
Can you explain how you were able to make it work? Because whether I hide Google Pay in Magisk or not, when I try to setup my credit card in Google Pay it says "Couldn't finish setup to pay in shops. This phone can't be used to pay in shops. This may be because it is rooted or altered in some other way."
I have a OnePlus 3 Oxygen 5.0.6 and Android 8.0.0 with Magisk 17.1.
axelryder said:
Can you explain how you were able to make it work? Because whether I hide Google Pay in Magisk or not, when I try to setup my credit card in Google Pay it says "Couldn't finish setup to pay in shops. This phone can't be used to pay in shops. This may be because it is rooted or altered in some other way."
I have a OnePlus 3 Oxygen 5.0.6 and Android 8.0.0 with Magisk 17.1.
Click to expand...
Click to collapse
That's odd. I didn't have to do anything to get it working. I'm on OOS 5.0.5 and Magisk 17.1.
Two question: is your phone encrypted and do you have a pin/password set?
My phone is encrypted and I use a password.
You could also try hiding Magisk Manager (I haven't needed to do this) and delete any Magisk folder on you internal storage.
Sent from my OnePlus3T using XDA Labs
BillGoss said:
That's odd. I didn't have to do anything to get it working. I'm on OOS 5.0.5 and Magisk 17.1.
Two question: is your phone encrypted and do you have a pin/password set?
My phone is encrypted and I use a password.
You could also try hiding Magisk Manager (I haven't needed to do this) and delete any Magisk folder on you internal storage.
Sent from my OnePlus3T using XDA Labs
Click to expand...
Click to collapse
I have a pin set, I don't think my phone is encrypted; although when I go to the Security menu, under "Encryption" it does say "Encrypted", but I don't remember setting it up. So I guess it is!
I did try to hide Magisk Manager from their option in the settings menu, but I still got the same error in Google Pay after;
As a side note, in Magisk SafetyNet Check does "Success", but ctsProfile is false, and basicIntegrity is false too; does that matter?
axelryder said:
As a side note, in Magisk SafetyNet Check does "Success", but ctsProfile is false, and basicIntegrity is false too; does that matter?
Click to expand...
Click to collapse
Yes; SafetyNet check means that app contacted with Google server with success, but the result of your device check is false, which means that your device is not certified "secure" in its current state.
Perhaps you tampered system partition?
tetra96 said:
I had a message last time that tells me that if I have my bootloader unlocked, no matter if I have Magisk or not, Google Pay won't let me pay with NFC
Click to expand...
Click to collapse
Did you try with a custom kernel? Your kernel needs SultanXDA's patch to pass safetynet with a unlocked bootloader. There is a magisk module here, that might work if you don't want a custom kernel. There's also some commands you can run on your devices terminal here, that might work too. I only have experience with using a custom kernel but the changelog for the module does say it was patched for OP3 support.
axelryder said:
...
As a side note, in Magisk SafetyNet Check does "Success", but ctsProfile is false, and basicIntegrity is false too; does that matter?
Click to expand...
Click to collapse
You've definitely installed something that breaks SafetyNet. Xposed used to do this, though I think it's been fixed to work with Magisk.
namanjr said:
Did you try with a custom kernel? Your kernel needs SultanXDA's patch to pass safetynet with a unlocked bootloader. There is a magisk module here, that might work if you don't want a custom kernel. There's also some commands you can run on your devices terminal here, that might work too. I only have experience with using a custom kernel but the changelog for the module does say it was patched for OP3 support.
Click to expand...
Click to collapse
Both Magisk and custom kernels patch the boot image so that it doesn't trigger dm-verity and pass SafetyNet. You don't need to use a custom kernel if you're using Magisk.
Sent from my OnePlus3T using XDA Labs
My Safetynet check is successful. Yet it doesnt work with Google Pay. I am told that PAY is not supported on my device as it is rooted.
przemcio510 said:
Yes; SafetyNet check means that app contacted with Google server with success, but the result of your device check is false, which means that your device is not certified "secure" in its current state.
Perhaps you tampered system partition?
Click to expand...
Click to collapse
BillGoss said:
You've definitely installed something that breaks SafetyNet. Xposed used to do this, though I think it's been fixed to work with Magisk.
Both Magisk and custom kernels patch the boot image so that it doesn't trigger dm-verity and pass SafetyNet. You don't need to use a custom kernel if you're using Magisk.
Sent from my OnePlus3T using XDA Labs
Click to expand...
Click to collapse
I do indeed have Xposed installed, V90 beta 3. I guess maybe it's not fixed for Magisk after all :/
@przemcio510 do you use Xposed ?
axelryder said:
I do indeed have Xposed installed, V90 beta 3. I guess maybe it's not fixed for Magisk after all :/
@przemcio510 do you use Xposed ?
Click to expand...
Click to collapse
Yes, I do, Xposed breaks SafetyNet and there's nothing you can do to keep it installed and have SN passing
przemcio510 said:
Yes, I do, Xposed breaks SafetyNet and there's nothing you can do to keep it installed and have SN passing
Click to expand...
Click to collapse
Oh I see... well here's my problem I guess lol
On my Redmi note 4 From recent update of miui 10 and magisk 17.1 update google pay stopped working even though safety net check is passed. Earlier google pay was working fine.
Is there any work around?
Sahil Shaikh said:
On my Redmi note 4 From recent update of miui 10 and magisk 17.1 update google pay stopped working even though safety net check is passed. Earlier google pay was working fine.
Is there any work around?
Click to expand...
Click to collapse
This is a OnePlus 3T forum. Ask the question in the Redmi forum.
Sent from my OnePlus3T using XDA Labs
BillGoss said:
This is a OnePlus 3T forum. Ask the question in the Redmi forum.
Sent from my OnePlus3T using XDA Labs
Click to expand...
Click to collapse
Okay, don't consider redmi note 4. Still do you got any way out for one plus 3?
Sahil Shaikh said:
Okay, don't consider redmi note 4. Still do you got any way out for one plus 3?
Click to expand...
Click to collapse
I think that your problem is specific to MiUI, because on our phones it works fine
Sahil Shaikh said:
Okay, don't consider redmi note 4. Still do you got any way out for one plus 3?
Click to expand...
Click to collapse
As per the previous post, Google Pay works just fine with Magisk installed. There's no need to hide it.
Sent from my OnePlus3T using XDA Labs
andQlimax said:
Hi,
It's a long time that I don't use root on my Oneplus 3T.
What I want to know is that if with the latest Oxygen Os, unlocked bootloader and latest magisk root / magisk hide I will be able to use Google Pay.
I know that Google can update SafetyNet detection algorithm, so usually if that happens after how long Magisk is updated to hide root again?
Thanks!
Click to expand...
Click to collapse
It is reliant on safetynet AFAIK, and that passes on my device when using Magisk - havent tried Android Pay as of yet, but am aware that Safetynet passes.
I got a problem. My Google Pay app doesn't work. I got magisk v18 with 2 modules: "universal safetynet fix v3-beta1 (magisk v17 fix)" and google face unlock. When I check the status it shows the two "ctsprofile" and "basicintegrity" as true both. In magisk hide, I selected "Google Pay" and "NFC service" apps, but also without their selection it isn't still recognized by a pos. Now, I'm really sure my payment card works, my bro one with a phone unrooted works fine.
How should I do for make pos recognize my LG H815 rooted Gpay?
Sorry my bad english
p.s. I haven't any xposed or similar installed.
On my OP6 with OOS 9.0.3, CTS returns false without any additional modules and Google Pay and other apps detect root and refuse to work. That happened with the update from 17.2 to 18.0
Unfortunately, I got no helping hint in the main support thread or in the other thread here reporting on failing banking apps.
Later... after downgrading to Magisk 17.2, MagiskHide is working again... an issue is open on Github on that.
Yeah but gpay still not working in my phone, also with magisk 17.2
theicecave said:
Yeah but gpay still not working in my phone, also with magisk 17.2
Click to expand...
Click to collapse
I'll try that when I'm next time in a shop here... but as Safetynet works, GPay should too...
akxak said:
I'll try that when I'm next time in a shop here... but as Safetynet works, GPay should too...
Click to expand...
Click to collapse
And that's the paradox. Lemme know.
Just was at a shop and paid successfully with Google Pay. 17.2 rocks.
Idk why mine is not recognized by pos. And for sure I can say that my NFC works, I use it with my headsets. It's a problem with my phone, it's rooted, and that's it. Gpay cannot be used with root, although it accepted my card payment card after I protected my ctsprofile etc. I lost hope
My OP6 is unlocked and rooted with Magisk. Back on 17.2 SafetyNet checks succeed again and I just could pay... with Magisk 18 though it failed.
What phone and how did you root?
akxak said:
My OP6 is unlocked and rooted with Magisk. Back on 17.2 SafetyNet checks succeed again and I just could pay... with Magisk 18 though it failed.
What phone and how did you root?
Click to expand...
Click to collapse
Which module do you use to protect safetynet, ctsprofile etc?
Just asking.. 'cause, as I told, also with magisk 17.2 it doesn't work.
No module, just plain Magisk and MagiskHide on Google Pay.
akxak said:
No module, just plain Magisk and MagiskHide on Google Pay.
Click to expand...
Click to collapse
No module? I need necessary to use "universal safetynet fix" to activating all 4 green checks on main page of magisk. Without it, last 2 (inside safetynet fix) are red: ctsprofile:false and basicintegrity:false.
And magisk hide with or not selecting gpay doesn't change anything.
However I'm considering the main problem is my rom, resurrection remix.
On OOS I have only two arrows...
ctsProfile and basicIntegrity
But I am on a stock rom
Yeah sorry my bad, I mean just these two.
I'm considering to flash my stock rom again. But it was Android 6. I should set nova launcher and lots of changes to modernize it : D
Also my bro used a stock one to let gpay work. Modded all ones seems not working.
I'm on Android 9 Pie... Nova is great, I use it myself.. with starting on the Oneplus, I stuck to the stock OS and had gold experiences... on the OP6 even mire as I can update it and keep it rooted from within the OS not needing TWRP anymore... allowing an easy upgrade process.
Just flashed up the stock rom of my H815. I installed magisk 17.2 (it's an android nougat). I activated MagiskHide only for Google Pay; now safety net says ctsProfile: false and basicIntegrity: true. I watched this thread and just at beginning of section Safetynet fix - changing device fingerprint seems to be my problem. But my phone hasn't fingerprint (rofl). So after installing modules MagiskHide Props Config and Busybox by osm0sis cts is still false. Watched this because seems the only well built guide about; this problem is splitted anywhere. No more ideas.
theicecave said:
Just flashed up the stock rom of my H815. I installed magisk 17.2 (it's an android nougat). I activated MagiskHide only for Google Pay; now safety net says ctsProfile: false and basicIntegrity: true. I watched this thread and just at beginning of section Safetynet fix - changing device fingerprint seems to be my problem. But my phone hasn't fingerprint (rofl). So after installing modules MagiskHide Props Config and Busybox by osm0sis cts is still false. Watched this because seems the only well built guide about; this problem is splitted anywhere. No more ideas.
Click to expand...
Click to collapse
If I understand you correctly, I think you've misunderstood... It's not about a fingerprint scanner, it's the device fingerprint property that needs to change. You'll have to run the props script and select a certified fingerprint from the list (the module is not a flash and forget module). But if you're on a stock ROM I would expect the CTS check to pass, so there might be something else going on. Anyway, try changing the device fingerprint and see if anything changes.
Didgeridoohan said:
If I understand you correctly, I think you've misunderstood... It's not about a fingerprint scanner, it's the device fingerprint property that needs to change. You'll have to run the props script and select a certified fingerprint from the list (the module is not a flash and forget module). But if you're on a stock ROM I would expect the CTS check to pass, so there might be something else going on. Anyway, try changing the device fingerprint and see if anything changes.
Click to expand...
Click to collapse
Idk how to do this and where is this list. He just attached a .zip on his thread.
Or maybe I do not understand english enough. Very probably.
theicecave said:
Idk how to do this and where is this list. He just attached a .zip on his thread.
Or maybe I do not understand english enough. Very probably.
Click to expand...
Click to collapse
If you're talking about the thread you linked, the "he" is me...
Take a look in the module documentation, most things should be covered there. But basically, what you need is a Terminal emulator where you just type 'props' and press enter. After that you can just follow the ui to do the rest.
Didgeridoohan said:
If you're talking about the thread you linked, the "he" is me...
Take a look in the module documentation, most things should be covered there. But basically, what you need is a Terminal emulator where you just type 'props' and press enter. After that you can just follow the ui to do the rest.
Click to expand...
Click to collapse
Solved following this. In effect, not so different on what were you talking about in your guide. At the moment both ctsprofile and basicintegrity are true, I just need to try Google Pay in a pos.
I have pixel (sailfish) running lineage 15.1 w/ microG and I've followed the exact steps from the official Magisk install page using Magisk v18.1 with manager 7.0 only to get the same safetynet api error. Ive even tried other suggested installation methods from: https://android.gadgethacks.com/how-to/install-magisk-your-pixel-pixel-xl-0177522/
And it left me in a bootloop whereby I had to wipe and reinstall everything.
Anybody please help!
If you can get Magisk up and running, but get a SafetyNet API error when trying to check SafetyNet in the Manager, the problem lies elsewhere, most likely with your microG setup (or possibly that the Manager snet.apk hasn't downloaded properly, clear data for the Manager to fix that).
Test with a separate SafetyNet checker, and also test MagiskHide by adding a root app to the Hide list (if it can't detect root, MagiskHide works). If you get the same error with the other app we know that the problem likely isn't with Magisk.
Sorry for the newb question, but how do you clear Manager data? Thanks.
conundrew said:
Sorry for the newb question, but how do you clear Manager data? Thanks.
Click to expand...
Click to collapse
By going to the app information in the Android settings.
Still doesn't work. Getting the same message after everything you've suggested.
Even with a separate SafetyNet checker app? In that case it is very likely that it is your microG setup that isn't working. Ask for advice in your ROM thread.
Didgeridoohan said:
If you can get Magisk up and running, but get a SafetyNet API error when trying to check SafetyNet in the Manager, the problem lies elsewhere, most likely with your microG setup (or possibly that the Manager snet.apk hasn't downloaded properly, clear data for the Manager to fix that).
Test with a separate SafetyNet checker, and also test MagiskHide by adding a root app to the Hide list (if it can't detect root, MagiskHide works). If you get the same error with the other app we know that the problem likely isn't with Magisk.
Click to expand...
Click to collapse
Didgeridoohan said:
Even with a separate SafetyNet checker app? In that case it is very likely that it is your microG setup that isn't working. Ask for advice in your ROM thread.
Click to expand...
Click to collapse
Not sure exactly what I did but when I cleared Manager data and changed some microG settings, I was able to finally get SafetyNet Check Success but now it says: ctsProfile: false and basicIntegrity: false. Any advice?
conundrew said:
Not sure exactly what I did but when I cleared Manager data and changed some microG settings, I was able to finally get SafetyNet Check Success but now it says: ctsProfile: false and basicIntegrity: false. Any advice?
Click to expand...
Click to collapse
https://www.didgeridoohan.com/magisk/MagiskHide#hn_SafetyNet
Didgeridoohan said:
https://www.didgeridoohan.com/magisk/MagiskHide#hn_SafetyNet
Click to expand...
Click to collapse
So I did a clean install of LineageOS 16 only (no microG) and then installed Magisk following installation instructions and when I opened up Magisk Manager I don't see the option to do SafetyNet Check anymore. When I ran SafetyNet Test it said "GooglePlayServices is not available on this device". I was given the impression that microG was the problem which is why I installed LineageOS without microG, but it's still not working. Please help!
If you have neither Gapps or MicroG installed there's no way you can use anything SafetyNet related. It's Google's system, so you're going to have to install one or the other...
Didgeridoohan said:
https://www.didgeridoohan.com/magisk/MagiskHide#hn_SafetyNet
Click to expand...
Click to collapse
Didgeridoohan said:
If you have neither Gapps or MicroG installed there's no way you can use anything SafetyNet related. It's Google's system, so you're going to have to install one or the other...
Click to expand...
Click to collapse
Thank you!
Is there any benefit or even necessary to install a custom kernel, like ElementalX, for getting Magisk to work properly? Thanks.
conundrew said:
Thank you!
Is there any benefit or even necessary to install a custom kernel, like ElementalX, for getting Magisk to work properly? Thanks.
Click to expand...
Click to collapse
No.
I know other folks had issues with earlier updates, but this is the first time I've seen this. I skipped the last few updates. Does the Magisk patch method no longer work for rooting the Pixel 4 XL? Or is there some way to fix this?
The "hardware off" module from Displax might help you.
Sent from my Google Pixel 4 XL using XDA Labs
It's hardware based so nothing you can do about it
Patching your boot image with Magisk still works. With the recent implementation of hardware attestation, apps can now recognize if your bootloader is unlocked and safetynet checks result in ctsProfile failing. Magisk Hide still works and you can still hide root from most apps but cannot hide that your bootloader is unlocked unless you use either the hardwareoff mod or the Magisk Props mod.
Lughnasadh said:
Patching your boot image with Magisk still works. With the recent implementation of hardware attestation, apps can now recognize if your bootloader is unlocked and safetynet checks result in ctsProfile failing. Magisk Hide still works and you can still hide root from most apps but cannot hide that your bootloader is unlocked unless you use either the hardwareoff mod or the Magisk Props mod.
Click to expand...
Click to collapse
I tried MagiskHide Props Config but that didn't work - unless I need to do more than just replace the fingerprint. Replacing the fingerprint did not fix the problem. It's likely the Pixel 4 XL uses hardware backed key attestation to check the bootloader state, which I think means MagiskHide Props Config won't solve the problem.
I did find and install the hardwareoff mod and that fixed the problem. Thanks everyone who mentioned that. It was not available for download in Magisk but I found it buried deep in a 4000+ post thread on XDA.
https://forum.xda-developers.com/ap...systemless-t3432382/post83028387#post83028387
fuarkgl3 said:
It's hardware based so nothing you can do about it
Click to expand...
Click to collapse
Eventually you will be right, once Google makes hardware backed key attestation permanent. But for now the hardwareoff mod works.
No work for me
Basic integrity and CTS profile remains false.
madmartian said:
I tried MagiskHide Props Config but that didn't work - unless I need to do more than just replace the fingerprint.
Click to expand...
Click to collapse
Just for clarification: you would also have had to use the "Force BASIC attestation" option. It basically does the same thing as the hardware off mod, so you're good to go already...
So I have the same problem basic integrity but the cts profile fails. Iam in the January update.
I've done anything to fix it but 0 for me. And the problem is that it just happened from nowhere it was everything ok I was passing the safety net and in a moment the gpay made me a warning about contactless payments and the problem started.
Escribis said:
So I have the same problem basic integrity but the cts profile fails. Iam in the January update.
I've done anything to fix it but 0 for me. And the problem is that it just happened from nowhere it was everything ok I was passing the safety net and in a moment the gpay made me a warning about contactless payments and the problem started.
Click to expand...
Click to collapse
Go over to the Magisk thread. It's discussed there in detail and there has been a Magisk Mod released to fix it..
Lughnasadh said:
Go over to the Magisk thread. It's discussed there in detail and there has been a Magisk Mod released to fix it..
Click to expand...
Click to collapse
Can you give me the link my friend?
Lughnasadh said:
Go over to the Magisk thread. It's discussed there in detail and there has been a Magisk Mod released to fix it..
Click to expand...
Click to collapse
Found it, thank you very much sir.
Can you share the link please?
I also woke up to Google Pay warning, an update, than lost Magisk. I've re-installed it but now failing safetynet. Been attempting to fix it for 2 hours now
mushtafa said:
Can you share the link please?
I also woke up to Google Pay warning, an update, than lost Magisk. I've re-installed it but now failing safetynet. Been attempting to fix it for 2 hours now
Click to expand...
Click to collapse
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
Found the link. It works, just need to setup Google Pay again https://github.com/kdrag0n/safetynet-fix