Related
I am a big idiot who can't follow directions I know and I will give many details so that someone may help me out of this situation.. please have patience.
I managed to unlock the bootloader, get custom recovery, and bypass dm verity on my new oneplus 3t a3000 running 4.5.1 stock. The issue is I rooted with supersu because that's what I'm use to and then flashed xposed into the system the old fashioned way (it's been a LONG time since I rooted and didn't really want to mess with magisk). I realize now that safety net has come to get me and I realized too late that magisk is superior.
I tried android pay and snapchat log in after rooting and flashing the 88.1 version of xposed framework and neither worked. I have everything almost but the safety net nonsense is annoying me because I use snapchat often but have to use another phone. I realize my stupid mistake in not flashing with magisk.
Besides being accustomed to supersu, you're wondering why I chose it and got xposed rather than magisk+ systemless xposed? I wanted to get certain modules such as youtube background playback and such quickly which I did but now I can't bypass safety net. I heard that even with safety net triggered, I could use Titanium Backup to move over a backed up version of snapchat that I had already logged in to my phone... problem is I had no backup and when I tried logging into my old rooted phones, snapchat refused to log in. I tried backing up snapchat on a non rooted phone through adb and moving that to the oneplus for Titanium Backup to restore but that didn't work.
So I guess my best bet is to disable root (uninstall supersu and xposed framework) and get magisk in replacement in hope that magisk hide works so I pass safety net then I can log in to snapchat and back it up. Can someone please guide me through the process? The amount I already know would imply I can figure this out but me trying to figure stuff out only caused much frustration today and yesterday.
In clarity, I want supersu gone (and xposed temporarily? I am not sure what is actually triggering snapchat to block me) and magisk in so I can pass safety net then I want (systemless xposed is what it's called? so I can add back my xposed modules). I am running blu spark twrp if that makes a difference.
Hugeee thanks to whomever can help me. Again I know I am dumb
If you want to pass safety net you will have to ditch xposrd all together. And magisk doesn't support bypassing safety net. It's one of those it may work but they are not making an active effort to get around it. Time is coming to make a choice. Mods or safety net.
Things triggering SafetyNet:
- root
- Xposed
- unlocked bootloader
- custom kernel (most of OP3/3T kernels already hide bootloader/kernel status)
- userdebug / dev-keys in build.prop
If you want to pass SN to log in to Snapchat, you have to remove root and Xposed, migrate to Magisk, log in to Snapchat and then install Xposed.
You can't use SN-enabled apps along with Xposed (although there is a module "No Device Check", which makes CTS return true, but for example Android Pay won't work still, because of basicIntegrity).
PS Look up iYTBP - this is a better version of YouTube with background playback built-in with no root needed.
Uninstall the xposed framework, login to snapchat and then reinstall xposed. You will have to repeat this process every time you logout, reinstall the app or clean flash a rom.
Edit- I see that you have supersu. I think you'll have to use magisk to pass safetynet.
i have galaxy s7 with superman rom 2.8 and rooted with magisk. I have a question in case you could help. I'm using version2.8 with magisk for root.
There are a couple of business apps like yammer and skype for bsns that I cannot use as they detect my phone is rooted and won't allow me due to root. Magisk hide doesn't seem to resolve the issue. Any other way I can hide root?
Take a look under "Hiding root from apps" in the troubleshooting guide. Might be some pointers in there that could help.
For Skype you can try this magisk module.
There is an issue with that module on magisk 18 though, root gets detected every so often and kills skype, it actually makes magisk fail safetynet. Toggling magisk hide off and back on in settings will temporarily fix it. Hopefully there's some kind of fix either from magisk or that module because it's severely annoying, but that's the only thing I've found that gets skype working with root.
(edit: dammit, didn't mean to resurrect an almost year old thread, I saw January and a 9 and I got confused )
I got a problem. My Google Pay app doesn't work. I got magisk v18 with 2 modules: "universal safetynet fix v3-beta1 (magisk v17 fix)" and google face unlock. When I check the status it shows the two "ctsprofile" and "basicintegrity" as true both. In magisk hide, I selected "Google Pay" and "NFC service" apps, but also without their selection it isn't still recognized by a pos. Now, I'm really sure my payment card works, my bro one with a phone unrooted works fine.
How should I do for make pos recognize my LG H815 rooted Gpay?
Sorry my bad english
p.s. I haven't any xposed or similar installed.
On my OP6 with OOS 9.0.3, CTS returns false without any additional modules and Google Pay and other apps detect root and refuse to work. That happened with the update from 17.2 to 18.0
Unfortunately, I got no helping hint in the main support thread or in the other thread here reporting on failing banking apps.
Later... after downgrading to Magisk 17.2, MagiskHide is working again... an issue is open on Github on that.
Yeah but gpay still not working in my phone, also with magisk 17.2
theicecave said:
Yeah but gpay still not working in my phone, also with magisk 17.2
Click to expand...
Click to collapse
I'll try that when I'm next time in a shop here... but as Safetynet works, GPay should too...
akxak said:
I'll try that when I'm next time in a shop here... but as Safetynet works, GPay should too...
Click to expand...
Click to collapse
And that's the paradox. Lemme know.
Just was at a shop and paid successfully with Google Pay. 17.2 rocks.
Idk why mine is not recognized by pos. And for sure I can say that my NFC works, I use it with my headsets. It's a problem with my phone, it's rooted, and that's it. Gpay cannot be used with root, although it accepted my card payment card after I protected my ctsprofile etc. I lost hope
My OP6 is unlocked and rooted with Magisk. Back on 17.2 SafetyNet checks succeed again and I just could pay... with Magisk 18 though it failed.
What phone and how did you root?
akxak said:
My OP6 is unlocked and rooted with Magisk. Back on 17.2 SafetyNet checks succeed again and I just could pay... with Magisk 18 though it failed.
What phone and how did you root?
Click to expand...
Click to collapse
Which module do you use to protect safetynet, ctsprofile etc?
Just asking.. 'cause, as I told, also with magisk 17.2 it doesn't work.
No module, just plain Magisk and MagiskHide on Google Pay.
akxak said:
No module, just plain Magisk and MagiskHide on Google Pay.
Click to expand...
Click to collapse
No module? I need necessary to use "universal safetynet fix" to activating all 4 green checks on main page of magisk. Without it, last 2 (inside safetynet fix) are red: ctsprofile:false and basicintegrity:false.
And magisk hide with or not selecting gpay doesn't change anything.
However I'm considering the main problem is my rom, resurrection remix.
On OOS I have only two arrows...
ctsProfile and basicIntegrity
But I am on a stock rom
Yeah sorry my bad, I mean just these two.
I'm considering to flash my stock rom again. But it was Android 6. I should set nova launcher and lots of changes to modernize it : D
Also my bro used a stock one to let gpay work. Modded all ones seems not working.
I'm on Android 9 Pie... Nova is great, I use it myself.. with starting on the Oneplus, I stuck to the stock OS and had gold experiences... on the OP6 even mire as I can update it and keep it rooted from within the OS not needing TWRP anymore... allowing an easy upgrade process.
Just flashed up the stock rom of my H815. I installed magisk 17.2 (it's an android nougat). I activated MagiskHide only for Google Pay; now safety net says ctsProfile: false and basicIntegrity: true. I watched this thread and just at beginning of section Safetynet fix - changing device fingerprint seems to be my problem. But my phone hasn't fingerprint (rofl). So after installing modules MagiskHide Props Config and Busybox by osm0sis cts is still false. Watched this because seems the only well built guide about; this problem is splitted anywhere. No more ideas.
theicecave said:
Just flashed up the stock rom of my H815. I installed magisk 17.2 (it's an android nougat). I activated MagiskHide only for Google Pay; now safety net says ctsProfile: false and basicIntegrity: true. I watched this thread and just at beginning of section Safetynet fix - changing device fingerprint seems to be my problem. But my phone hasn't fingerprint (rofl). So after installing modules MagiskHide Props Config and Busybox by osm0sis cts is still false. Watched this because seems the only well built guide about; this problem is splitted anywhere. No more ideas.
Click to expand...
Click to collapse
If I understand you correctly, I think you've misunderstood... It's not about a fingerprint scanner, it's the device fingerprint property that needs to change. You'll have to run the props script and select a certified fingerprint from the list (the module is not a flash and forget module). But if you're on a stock ROM I would expect the CTS check to pass, so there might be something else going on. Anyway, try changing the device fingerprint and see if anything changes.
Didgeridoohan said:
If I understand you correctly, I think you've misunderstood... It's not about a fingerprint scanner, it's the device fingerprint property that needs to change. You'll have to run the props script and select a certified fingerprint from the list (the module is not a flash and forget module). But if you're on a stock ROM I would expect the CTS check to pass, so there might be something else going on. Anyway, try changing the device fingerprint and see if anything changes.
Click to expand...
Click to collapse
Idk how to do this and where is this list. He just attached a .zip on his thread.
Or maybe I do not understand english enough. Very probably.
theicecave said:
Idk how to do this and where is this list. He just attached a .zip on his thread.
Or maybe I do not understand english enough. Very probably.
Click to expand...
Click to collapse
If you're talking about the thread you linked, the "he" is me...
Take a look in the module documentation, most things should be covered there. But basically, what you need is a Terminal emulator where you just type 'props' and press enter. After that you can just follow the ui to do the rest.
Didgeridoohan said:
If you're talking about the thread you linked, the "he" is me...
Take a look in the module documentation, most things should be covered there. But basically, what you need is a Terminal emulator where you just type 'props' and press enter. After that you can just follow the ui to do the rest.
Click to expand...
Click to collapse
Solved following this. In effect, not so different on what were you talking about in your guide. At the moment both ctsprofile and basicintegrity are true, I just need to try Google Pay in a pos.
So there are many apps telling me that I cannot use them due to my phone being rooted. I use magisk hide and I have the app itself hidden, yet all apps still tell me that I'm rooted. I ran a safety net test and my phone did not lass with the error "response payload validation failed". I have the magisk hide props config module, but I have no clue how to use it once I'm in the menu in the terminal. Does anybody know a solution for this? Thanks.
Sounds like your device can't get a proper response from the Google servers. Might be something wrong with your Play services. But, that you can't hide root from other apps also suggests that there's something up with MagiskHide on your device.
But, it's very hard to say anything at all since we know so little about your setup. Take a look here for things to try and what to check for when troubleshooting:
https://www.didgeridoohan.com/magisk/MagiskHide
Lastly, MagiskHide Props Config won't help unless you already have a working MagiskHide setup.
I just cannot pass safety net whatsoever on magisk on my Moto X XT1053!
I'll start saying I have been on xda for years now and this is my first post, all you guys have helped me so much through the years so I have told myself recently I really need to start posting and being more active on XDA, you guys are way more brilliant than am but I'm slowly learning through the years. My obsession with unlocking and rooting started in 2013 with the Moto X xt1058 at&t unlocked bootloader on that one with sunshine fro Jcase and I was saddened when the phone messed up on me and had to retire it, now recently I found two developer editions an XT1053 and XT1060 , I'm running CM13 on the XT1060 so of course using Super SU on that one, but on the XT1053 the T-Mobile variant my main primary phone I am on stock lollipop 5.1 and unlocked bootloader and rooted running TWRP 2.8.7.0 and everything is great but drives me crazy because I cannot pass the Safety Net Test EVER, I flashed BusyBox ndk from osmosis and before I started I unSU and SuMounted and I uninstalled BusyBox app but I've tried everything, I thought it was because there were remnants of the BusyBox by stericson left in the system/xbin and that maybe that was throwing it off , I really want to stick with Magisk but it's driving me crazy that I cannot figure this out and pass the safety net I've searched the help manual from top to bottom front to back and all the threads and I can't figure it out
@jmac052002
Some basic info is needed:
Does both CTS and basic integrity fail?
Does MagiskHide work at all (test by adding a root app)?
Does your device conform to the basic requirements for MagiskHide to work?
Also, whenever trying to figure things out, it's good to provide logs:
https://www.didgeridoohan.com/magisk/MagiskHideHelp
I just cannot pass safety net whatsoever on magisk 19.0 on my Moto X XT1053!
Hey thanks for quick reply I am sorry I meant to give you that info earlier it fails both and one of the things I had forgotten was about the kernel in the basic requirements I have a 3.4.42, and I haven't posted 10 posts so it won't let me post outside links, I've always known to make questions relevant and not waste people's time is a big part of XDA so I wanted to respect that by not breaking these rules so that's why I have just began finally posting, if I can get the logs to you in another way I have them.
jmac052002 said:
Hey thanks for quick reply I am sorry I meant to give you that info earlier it fails both and one of the things I had forgotten was about the kernel in the basic requirements I have a 3.4.42, and I haven't posted 10 posts so it won't let me post outside links, I've always known to make questions relevant and not waste people's time is a big part of XDA so I wanted to respect that by not breaking these rules so that's why I have just began finally posting, if I can get the logs to you in another way I have them.
Click to expand...
Click to collapse
No need to post anything just yet. Take a look in the log and look for this:
Your kernel doesn't support mount namespace
Click to expand...
Click to collapse
If you see that there's no point in continuing the troubleshooting, because MagiskHide won't work on your device.
I just cannot pass safety net whatsoever on magisk 19.0 on my Moto X XT1053!
I checked the logs thouroughly and it never states Your kernel doesn't support mount namespace anywhere, so I think that's good news as far as the kernel goes...right?
I'm on the OP6 on latest 9.0.5 and have no issues.
Running stock as well as with nolimits mod. Franco kernel works well too
Do a clean wipe, format data, use latest Bluspark twro 9.96
You shouldn't have any issues
jmac052002 said:
I checked the logs thouroughly and it never states Your kernel doesn't support mount namespace anywhere, so I think that's good news as far as the kernel goes...right?
Click to expand...
Click to collapse
Possibly. You still haven't said anything about testing MagiskHide in general, and we'll need those logs (make sure they're from the Canary debug build).
Cannot pass Safety Net at all on Magisk 19.0 on Moto X XT1053
Sorry about that when I test it on root checker, it comes back that my phone is rooted and I checked my 3c Toolbox pro and it granted it superuser permissions so I'm assuming Magisk hide is not working, I work nights so I had to sleep but I am gonna install the canary bleeding edge and provide logs if it's still not working thanks for all your help so far
Updating on my situation, I realized my phone does indeed pass the safety et check, I forgot to hide the safety net checker. Issue is apps still I have root. I'm using the nintendo apps as a base tester.
Hello? Anyone got any ideas on what to do? Just checking back in.
Hey, I rooted my phone just yesterday, and today I went to musescore just to see that they for whatever reason don't allow rooted phones to use their app?
So I tried enabling zygisk, DenyList, and I added musescore to the denylist and restarted my phone, but somehow musescore still knows that I'm rooted.
Is it possible that vbmeta is somehow related? if so then what file exactly am I supposed to flash as vbmeta (I use custom ROM).
If not, then what can I do to hide root from the app?
YayJohn said:
Hey, I rooted my phone just yesterday, and today I went to musescore just to see that they for whatever reason don't allow rooted phones to use their app?
So I tried enabling zygisk, DenyList, and I added musescore to the denylist and restarted my phone, but somehow musescore still knows that I'm rooted.
Is it possible that vbmeta is somehow related? if so then what file exactly am I supposed to flash as vbmeta (I use custom ROM).
If not, then what can I do to hide root from the app?
Click to expand...
Click to collapse
After force deny list did you've deleted caches of google play and google services and reboot? check also google play store inside settings if certified, if certified then it should work for your app too.
Maybe try installing Universal SafetyNet Fix?
GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
Google SafetyNet attestation workarounds for Magisk - GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
github.com
And some applications can be extra finicky. LIke for me, Google Pay always takes its time to get persuaded about not being rooted. Also there might be other components either of this app or for system apps that might need hiding. I would generally try following guides for making banking apps work.
YayJohn said:
Hey, I rooted my phone just yesterday, and today I went to musescore just to see that they for whatever reason don't allow rooted phones to use their app?
So I tried enabling zygisk, DenyList, and I added musescore to the denylist and restarted my phone, but somehow musescore still knows that I'm rooted.
Is it possible that vbmeta is somehow related? if so then what file exactly am I supposed to flash as vbmeta (I use custom ROM).
If not, then what can I do to hide root from the app?
Click to expand...
Click to collapse
I'm not familiar with that app, but I know that some apps also check for the presence of the Magisk Manager app. If you've already tried Zygisk and the deny list, then another thing to do would be to hide the Magisk app. It the Magisk Manager, go to Settings > Hide Magisk app.
What worked for me is installing Insular ( from Fdroid) and then clone the App that complains about root to the work environment.
I just downloaded musescore and installed it. It hasn't detected root on my phone. I use Shamiko to hide root. Get Fox's magisk module manager from fdroid. Then use it to install Shamiko. Make sure you turn off Enforce Denylist in magisk so Shamiko can enforce the deny list. Hide the magisk app using the feature in magisk. It works for me.
YayJohn said:
Hey, I rooted my phone just yesterday, and today I went to musescore just to see that they for whatever reason don't allow rooted phones to use their app?
So I tried enabling zygisk, DenyList, and I added musescore to the denylist and restarted my phone, but somehow musescore still knows that I'm rooted.
Is it possible that vbmeta is somehow related? if so then what file exactly am I supposed to flash as vbmeta (I use custom ROM).
If not, then what can I do to hide root from the app?
Click to expand...
Click to collapse
Oh yes I can't seem to open musescore too even with safety net pass. But it is because I am using MicroG. I tried it on my other phone with Play Services and it works fine with hidden root (shamiko and magisk disabled) and safety net pass.
BigChungus321 said:
Oh yes I can't seem to open musescore too even with safety net pass. But it is because I am using MicroG. I tried it on my other phone with Play Services and it works fine with hidden root (shamiko and magisk disabled) and safety net pass.
Click to expand...
Click to collapse
I use MicroG as well. I can load the app and use it, I just can't subscribe because it requires GSF to make payment.
IrishJames said:
I use MicroG as well. I can load the app and use it, I just can't subscribe because it requires GSF to make payment.
Click to expand...
Click to collapse
You can open it right? But can you select and open a random piano piece or something like that. For me, the piece loads up then detects something (root, safety net idk) then just tells me I can't for root reasons. I tried using shamiko too and all the root hiding methods I know and I still couldn't open a piece. It does load the main menu for me too on MicroG+patch playstore but can't open the contents.
It's been roughly a month. Has anyone found a fix for this issue yet? There was discussion about the issue here where a dev 'fixed' the app for someone with a rooted phone. However I cant tell what the dev did because all his messages are deleted, for all I know he could of shared an apk or something, guess I'll never know. I've decided to try to get in contact with one of the people whose issue managed to get fixed, although I don't know if he'll ever respond. Apparently in the forum, he told the dev that he assumed the block was intentional. Maybe this could hint us towards a fix because maybe the block doesn't target rooted users?
BigChungus321 said:
I tried using shamiko too and all the root hiding methods I know and I still couldn't open a piece.
Click to expand...
Click to collapse
If thats the case then perhaps the app isin't checking for root? Theres no way musescore has more sophisticated anti-root software than some banking apps out there. Perhaps it's detecting the os that the user uses instead? I can confirm this because my samsung s7 edge with the same lineage os version as my Xiaomi doesn't want to play any scores either. This issue also happens to people who have no custom rom or even no root, it has to do with the os that you use rather than being an issue with root.
So what, did I type 2 paragraphs on a one month old forum just to rant? No. I will find the issue (well, I already found the reason in the text above), and I will try to fix it, not by making any workarounds such as cloning the app but getting the app to reliably work on a rooted / custom rom phone.
EDIT: Maybe using something to spoof the OS to make apps think it's a different OS?
POTENTIAL FIX: So in new versions of magisk, the developer decided to remove magiskhide. Turns out that having magiskhide turned on makes musescore actually be able to function. I tested this on my samsung s7 edge (didn't want to brick my Xiaomi phone by accident just yet and it worked. However I labelled this 'POTENTIAL' as downgrading magisk isin't really a plausible fix and could still be considered a workaround.
RoboNinjaR said:
It's been roughly a month. Has anyone found a fix for this issue yet? There was discussion about the issue here where a dev 'fixed' the app for someone with a rooted phone. However I cant tell what the dev did because all his messages are deleted, for all I know he could of shared an apk or something, guess I'll never know. I've decided to try to get in contact with one of the people whose issue managed to get fixed, although I don't know if he'll ever respond. Apparently in the forum, he told the dev that he assumed the block was intentional. Maybe this could hint us towards a fix because maybe the block doesn't target rooted users?
If thats the case then perhaps the app isin't checking for root? Theres no way musescore has more sophisticated anti-root software than some banking apps out there. Perhaps it's detecting the os that the user uses instead? I can confirm this because my samsung s7 edge with the same lineage os version as my Xiaomi doesn't want to play any scores either. This issue also happens to people who have no custom rom or even no root, it has to do with the os that you use rather than being an issue with root.
So what, did I type 2 paragraphs on a one month old forum just to rant? No. I will find the issue (well, I already found the reason in the text above), and I will try to fix it, not by making any workarounds such as cloning the app but getting the app to reliably work on a rooted / custom rom phone.
EDIT: Maybe using something to spoof the OS to make apps think it's a different OS?
Click to expand...
Click to collapse
Its not opening for me because I'm using MicroG. Like banking apps, MuseScore checks for specific Play Services version. Since microg uses idk android4.4 play services, it will fail to load any Banking Apps or apps of the same kind that uses that check regardless of root 'cause that version's too old and a potential for security. For the OS check, I guess it does check it too. I tried on two emulators and both failed to load a piece as well (might be because of safetynet cuz emulators can't pass it). There are xposed and magisk modules that can spoof OS and even prevent the app from seeing user installed apps. I haven't tried that method because I switched ROM now and got MuseScore working fine even without hiding root.
BigChungus321 said:
Its not opening for me because I'm using MicroG. Like banking apps, MuseScore checks for specific Play Services version. Since microg uses idk android4.4 play services, it will fail to load any Banking Apps or apps of the same kind that uses that check regardless of root 'cause that version's too old and a potential for security. For the OS check, I guess it does check it too. I tried on two emulators and both failed to load a piece as well (might be because of safetynet cuz emulators can't pass it). There are xposed and magisk modules that can spoof OS and even prevent the app from seeing user installed apps. I haven't tried that method because I switched ROM now and got MuseScore working fine even without hiding root.
Click to expand...
Click to collapse
Weird. I have microG and I managed to get musescore working without switching roms. All I did was use safety net fix, enabled zygisk and added it to the deny list. Tried it before and it didn't work, probably because I didn't install safetynet fix. Who knows, maybe it's related to what type of GApps you install. I guess this issue is fixed for now.