With latest Safetynet upgrades safety net will not pass on Android Q suddenly stopped working for me while using magisk.
If anyone is still passing it on the N9600 on OneUI 2 let me know if you have a way to fix it but most methods are not working so i will have to live without my Mcdonalds Coupons Google Pay still works though
This was a security change that'd Google made on their end thus the majority of magisk users had cts profile failing as I'm typing this seems like Google has reverted this change maybe temporarily.
I also want to know
Hy sir if you solve that problem tell me also
Related
So on my Google pixel when I had it rooted and unlocked with Xposed installed it wouldn't allow me to log in due to safetynet not passing but on my note8 I can sign in when rooted even though safety net doesn't pass and Pokemon go let me sign in for a few days even though safety net failed although Pokemon go doesn't anymore but Snapchat still does, is there a reason for this?
Starting about a week or so ago, both Magisk and any Safetynet checker app I use will either fail me, or give me an invalid response, yet apps like Google Pay and Pokemon Go work just fine. In fact I just set my phone back up from a factory reset and added my card to Google Pay.
It's been brought up quite a lot in the past few weeks actually...
https://www.didgeridoohan.com/magisk/MagiskHide#hn_The_response_is_invalid
Hi all I'm still in 2 minds whether i root my note 9, I'm not sure I wanna lose sasung pay, I'm trying to get google pay to work on my rooted S7 to make comparisons but it's not working I get errors that it's been rooted. I thought google pay works with rooted devices? I've followed the instructions such as hiding it magdisk but it fails safety net...any advice?
Thanks
Some mods will screw Safety Net and there's nothing you can do about it. For example, Xposed. You should disable all Magisk modules, and try them one at a time until you find the culprit, and see if you can live without it.
Hi, so recently I bought my Mi A2 and then decided to unlock it. All seems well, installing custom rom wasn't a problem at all.
However I find something rather annoying, so here's the thing. After unlocking the bootloader, the device build fingerprint was changed, from Jasmine_sprout into taimen, then Play Protect said my device wasn't certified. Installed Magisk, SafetyNet pass both cts and basic integrity but then nothing.
Play Protect now said my device is certified but I can't find some apps that I want to install, which on stock locked bootloader these apps appear on Play Store *such as Lens Distortions, Netflix, Torque Drift*. Then I figured out maybe the device fingerprint was the culprit, but no.
MagiskHide Props Config used, changed the fingerprint into legit Mi A2, still won't work. Trying another SafetyNet module, still won't work. It makes me wonder, why is this happening?
Previously was using Nokia 8 and it didn't have this kind of problem on the same condition e.g. unlocked and systemless root with Magisk, play protect said the device is certified yet these apps that I mentioned before still appear on Play Store.
But on Mi A2? No luck. SafetyNet does work but in the same time it doesn't. Does anyone here understand what might be the culprit of this annoying problem that I have? Tbh I'm really curious about it right now.
Wouldn't it be possible to intercept the SafetyNet check and then actually run the check on a device that still passes SN and send back the result? Since Samsung, OnePlus and Google devices are still able to pass SN with custom Software this should be possible.
I think it needs to be rerouted. Spoofed in a way that it doesn't get detected the same weight methods used in the hacking tool called Lucky patcher. And no I'm not endorsing the app. there's probably a topic about it on the actual Lucky patcher site but since we're not supposed to do really mention that type of tool even though can be used in the genuine way...
There was talk about it on Twitter about suggesting the exact same thing you're implying.
https://twitter.com/topjohnwu/status/1238514375150850048?s=09
I'm pretty sure the SafetyNet Deamon on your phone generates some sort of result that's based on your phone's fingerprint. This would mean if you'd want to pass SafetyNet on let's say a google pixel, you'd need another google pixel that generates the 'passing SN result' and then pass it to your unlocked google pixel. This may be possible but I don't have 2 identical phones for programming.
Also, the google framework is closed source and very obfuscated making it very difficult to figure out how SafetyNet actually works. SafetyNet itself checks the Zygote proccess for changes, so hooking in to your android phone to analyze a true SN pass would theoretically be impossible already. It'd be very hard to route a true safetynet result with a locked phone. But, if I can help in any way, I'll be glad to do so. Not experienced enough with how android 8 and up work to tweak them though.
bomboem said:
I'm pretty sure the SafetyNet Deamon on your phone generates some sort of result that's based on your phone's fingerprint. This would mean if you'd want to pass SafetyNet on let's say a google pixel, you'd need another google pixel that generates the 'passing SN result' and then pass it to your unlocked google pixel. This may be possible but I don't have 2 identical phones for programming.
Also, the google framework is closed source and very obfuscated making it very difficult to figure out how SafetyNet actually works. SafetyNet itself checks the Zygote proccess for changes, so hooking in to your android phone to analyze a true SN pass would theoretically be impossible already. It'd be very hard to route a true safetynet result with a locked phone. But, if I can help in any way, I'll be glad to do so. Not experienced enough with how android 8 and up work to tweak them though.
Click to expand...
Click to collapse
Here are my thoughts about this:
I'm not sure if the SN result is only valid for one device and or for one app.
Afaik the EdXposed magisk module is able to bypass SafetyNet. I tested it before this and it worked fine. Now the only thing that has been changed is that it also checks if the bootloader is unlocked in a cryptographically safe way. Afaik Samsung, OnePlus and Google devices should be able to pass that check. OnePlus and Google devices are able to relock the bootloader using a custom key of the rooted phone / custom rom. Samsung devices don't need to have to bootloader unlocked because of the Download (odin) mode. Those devices could then be used to spoof anything they want including the calling app and maybe the fingerprint of the phone.