Question [ROOT] Google Wallet on PX7? - Google Pixel 7

Hi everyone! I have a rooted Pixel 7, with Magisk working perfectly. The only issue i have is with Google Wallet, even SafetyNetFix and Zygisk hide list didn't work. Can anyone with a rooted A13 device pay contactless?

Yes, it works perfectly with GPay/GWallet.
You shouldn't need to do anything else after enabling Zygisk, installing SafetyNetFix, then test if it passes the tests.
Which it should. If it doesn't, use the 2.3.1_MOD2-fix, not 2.4.0.
Had issues with 2.4.0 being inconsistent.
Download 'YASNAC' from the store, and run the test.
Does everything work?
If no, install 2.3.1_MOD2.
If yes, make sure you kill playstore and then wipe storage and buffer.
Do the same for gpay/wallet.
Reboot, and it should work.
Nothing should be added to the Zygisk hide-list.

Hi,
I also had the same problem.
Then I deleted the latest safetynetfix and used the version: v2.3.1
It works fine with this.

dmbardal said:
Yes, it works perfectly with GPay/GWallet.
You shouldn't need to do anything else after enabling Zygisk, installing SafetyNetFix, then test if it passes the tests.
Which it should. If it doesn't, use the 2.3.1_MOD2-fix, not 2.4.0.
Had issues with 2.4.0 being inconsistent.
Download 'YASNAC' from the store, and run the test.
Does everything work?
If no, install 2.3.1_MOD2.
If yes, make sure you kill playstore and then wipe storage and buffer.
Do the same for gpay/wallet.
Reboot, and it should work.
Nothing should be added to the Zygisk hide list.
Click to expand...
Click to collapse
Google Wallet still no worky after installing v2.3.1. Where can i find 2.3.1_MOD2?

LeoPeink said:
It doesn
Google Wallet still no worky after installing v2.3.1. Where can i find 2.3.1_MOD2?
Click to expand...
Click to collapse
https://forum.xda-developers.com/attachments/safetynet-fix-v2-3-1-mod_2-1-zip.5795137/
Link to comment by Displax:
MAGISK MODULE ❯ Universal SafetyNet Fix 2.4.0
Universal SafetyNet Fix Magisk module Magisk module to work around Google's SafetyNet attestation. This module works around hardware attestation and recent updates to SafetyNet CTS profile checks. You must already be able to pass basic CTS...
forum.xda-developers.com

Installed 2.3.1_mod2.
YASNAC gives me "pass" on Basic Integrity but "Fail" on CTS profile match.
Google Wallet still gives me the "your device does not meet security requirements to pay contactless".
Any further advice?
EDIT: Hide Props Configuration Module is configured to spoof the device as a Pixel 6.
EDIT 2: I will install the Feburary update on my rooted phone, I'll retry when it is up to date so i dont have to mess with fingerprints. Thank you who helped

seanho12345 said:
Did you reboot the phone after clearing it? I've been wiping it a few time but it still not seemed to work.
Click to expand...
Click to collapse
dmbardal said:
https://forum.xda-developers.com/attachments/safetynet-fix-v2-3-1-mod_2-1-zip.5795137/
Link to comment by Displax:
MAGISK MODULE ❯ Universal SafetyNet Fix 2.4.0
Universal SafetyNet Fix Magisk module Magisk module to work around Google's SafetyNet attestation. This module works around hardware attestation and recent updates to SafetyNet CTS profile checks. You must already be able to pass basic CTS...
forum.xda-developers.com
Click to expand...
Click to collapse
LeoPeink said:
Installed 2.3.1_mod2.
YASNAC gives me "pass" on Basic Integrity but "Fail" on CTS profile match.
Google Wallet still gives me the "your device does not meet security requirements to pay contactless".
Any further advice?
EDIT: Hide Props Configuration Module is configured to spoof the device as a Pixel 6.
EDIT 2: I will install the Feburary update on my rooted phone, I'll retry when it is up to date so i dont have to mess with fingerprints. Thank you who helped
Click to expand...
Click to collapse
not work with me

salamdiab said:
not work with me
Click to expand...
Click to collapse
Dont use props-modules.
Can you post your setup?
Like I've posted mine here

dmbardal said:
Dont use props-modules.
Can you post your setup?
Like I've posted mine here
Click to expand...
Click to collapse
Here's my current Magisk hidelist and module setup. I'm using Shamiko for hiding apps from root

I've had gpay working this entire time used it yesterday around 6PM EST. This morning went to the gas station and got the error the device doesn't meet the software requirements.
Just saw the update for Shimako and Safety net fix. Just ran it and cleared Gpay and Google Play. All looks good just need to test it out now.

canibuz said:
I've had gpay working this entire time used it yesterday around 6PM EST. This morning went to the gas station and got the error the device doesn't meet the software requirements.
Just saw the update for Shimako and Safety net fix. Just ran it and cleared Gpay and Google Play. All looks good just need to test it out now.
Click to expand...
Click to collapse
I'll try again later with Shimako.
To test Google Wallet, you can remove your credit card and add it back: if it does not give you the "unable to pay contactless on this device" you should be clear.

LeoPeink said:
I'll try again later with Shimako.
To test Google Wallet, you can remove your credit card and add it back: if it does not give you the "unable to pay contactless on this device" you should be clear.
Click to expand...
Click to collapse
Just tested it out and it failed.

Can confirm that the new 3.0 MOD from Displax works flawlessly. I just installed it and everything is working.
https://github.com/Displax/safetynet-fix/releases/download/v2.3.1-MOD_3.0/safetynet-fix-v2.3.1-MOD_3.0.zip

seanho12345 said:
Can confirm that the new 3.0 MOD from Displax works flawlessly. I just installed it and everything is working.
https://github.com/Displax/safetynet-fix/releases/download/v2.3.1-MOD_3.0/safetynet-fix-v2.3.1-MOD_3.0.zip
Click to expand...
Click to collapse
Ok it passes tests and lets me add a card to Google Wallet without warnings. I'll try to pay ASAP

If anyone else sees this thread, keep up to date here: https://github.com/Displax/safetynet-fix/releases
The latest version is v2.4.0-MOD_1.2 and works across all devices (not just Google Pixel) for passing safetynet / google pay etc...

Related

Advisory : Safetynet seems. to have been updated

EDIT: TOPJOHNWU IS WORKING ON A FIX RIGHT NOW, WAIT FOR MAGISK 13 RELEASE OR ENABLE CORE ONLY MODE AS A TEMP FIX.
Posting this from my phone so sorry for any errors here.
Google seems to have updated safetynet within the last few hours, on 2 devices. That previously passed with magisk. There is an easy way to fix it, that I don't really want to post here as Google probably read the forums. Let's just say it's easy to fix, but you not using modules any more. Hoping for an update soon if that's possible and I can provide any logs or details to the dev if needed.
manor7777 said:
Posting this from my phone so sorry for any errors here.
Google seems to have updated safetynet within the last few hours, on 2 devices. That previously passed with magisk. There is an easy way to fix it, that I don't really want to post here as Google probably read the forums. Let's just say it's easy to fix, but you not using modules any more. Hoping for an update soon if that's possible and I can provide any logs or details to the dev if needed.
Click to expand...
Click to collapse
Yeah, it seems like Google has updated SafetyNet, now I can't pass the check
Sent from my Pixel using Tapatalk
Same here.
Using Galaxy s6, same here.
Thanks it works
Glad to know I'm not the only one. They will probably patch what I've done later on but at least I can still use my phone with root. Can back to stock as I'm on a OP3T but I don't want to lol
So i need to uninstall my youtube ad free module?
bam099 said:
Same here.
Click to expand...
Click to collapse
Yep... may not be related, but noticed random "unable to parse data" toast messages earlier today. Later caught google play downloading. Killed download, then ran safetynet check. Failed CTS profile mismatch. Again, any of those symptoms could be unrelated. Just reporting anomalies.
bummer
Nexus 6 running Pure Nexus 7.1.2 on Magisk v12.0
SafetyNet Failed: CTS profile mismatched
Yeah, looks like another swing from Google.
how can i pass safteynet i cant get to hide my root to log into snapchat
Same here it definitely updated. Haven't done anything with my phone in a while. Suddenly failing the check
I thought i was the only one
If you can live without modules, enable 'Magisk Core Only Mode' in Settings and you'll pass SafetyNet again.
Works but..
blk_jack said:
If you can live without modules, enable 'Magisk Core Only Mode' in Settings and you'll pass SafetyNet again.
Click to expand...
Click to collapse
I have a problem with Mario run, safetynet pass And magisk hide is enabled but Mario run always give me the 804-5100 error code
Btw, it seems not all modules trigger SafetyNet. My suggestion to people is to test each module one at a time and see which are affected.
To do this:
- Disable all modules
- Enable the first module
- Reboot
- Check if SafetyNet passes
- Disable the first module and enable the second
- Reboot
- Check if SafetyNet passes
- Repeat.......
angelus_kun said:
I have a problem with Mario run, safetynet pass And magisk hide is enabled but Mario run always give me the 804-5100 error code
Click to expand...
Click to collapse
Maybe try clearing data in the game. You might have tripped a flag and the game is remembering that your device has failed.
blk_jack said:
Maybe try clearing data in the game. You might have tripped a flag and the game is remembering that your device has failed.
Click to expand...
Click to collapse
Nope, i tried that before And dosen't work, irñts very strange because on my moto G4 with magisk hide And safetynet pass i was able to play without issues until now, And i don't know why because i have the same modules like before, And i have the same issue on my galaxy Tab A6 t280 with the same modules, safetynet pass etc :\
---------- Post added at 03:10 AM ---------- Previous post was at 02:42 AM ----------
andybfmv96 said:
Same here it definitely updated. Haven't done anything with my phone in a while. Suddenly failing the check
Click to expand...
Click to collapse
Mario run work again i solved the issue deleting all modules enable magisk core And systemless host (for adaway at least) magisk hide with Mario run selected, clear Mario run data And reboot oh Well :/ bye bye to ad away OGyoutube module
angelus_kun said:
Nope, i tried that before And dosen't work, irñts very strange because on my moto G4 with magisk hide And safetynet pass i was able to play without issues until now, And i don't know why because i have the same modules like before, And i have the same issue on my galaxy Tab A6 t280 with the same modules, safetynet pass etc :\
---------- Post added at 03:10 AM ---------- Previous post was at 02:42 AM ----------
Mario run work again i solved the issue deleting all modules enable magisk core And systemless host (for adaway at least) magisk hide with Mario run selected, clear Mario run data And reboot oh Well :/ bye bye to ad away OGyoutube module
Click to expand...
Click to collapse
Did you even read OP's post? Google updated a security patch and now most of us can't pass SafetyNet.
MiuKing said:
Did you even read OP's post? Google updated a security patch and now most of us can't pass SafetyNet.
Click to expand...
Click to collapse
Yes And the solution is don't use modules anymore that work for me And you And everyone Even if you pass safetynet you need to enable magisk core to use broken apps like Mario run
I can confirm that enabling "Core Only Mode" in Magisk Settings does pass SafetyNet.
(Sigh), now magisk modules break SafetyNet. Now what do we do?

Help magisk and google pay

I got a problem. My Google Pay app doesn't work. I got magisk v18 with 2 modules: "universal safetynet fix v3-beta1 (magisk v17 fix)" and google face unlock. When I check the status it shows the two "ctsprofile" and "basicintegrity" as true both. In magisk hide, I selected "Google Pay" and "NFC service" apps, but also without their selection it isn't still recognized by a pos. Now, I'm really sure my payment card works, my bro one with a phone unrooted works fine.
How should I do for make pos recognize my LG H815 rooted Gpay?
Sorry my bad english
p.s. I haven't any xposed or similar installed.
On my OP6 with OOS 9.0.3, CTS returns false without any additional modules and Google Pay and other apps detect root and refuse to work. That happened with the update from 17.2 to 18.0
Unfortunately, I got no helping hint in the main support thread or in the other thread here reporting on failing banking apps.
Later... after downgrading to Magisk 17.2, MagiskHide is working again... an issue is open on Github on that.
Yeah but gpay still not working in my phone, also with magisk 17.2
theicecave said:
Yeah but gpay still not working in my phone, also with magisk 17.2
Click to expand...
Click to collapse
I'll try that when I'm next time in a shop here... but as Safetynet works, GPay should too...
akxak said:
I'll try that when I'm next time in a shop here... but as Safetynet works, GPay should too...
Click to expand...
Click to collapse
And that's the paradox. Lemme know.
Just was at a shop and paid successfully with Google Pay. 17.2 rocks.
Idk why mine is not recognized by pos. And for sure I can say that my NFC works, I use it with my headsets. It's a problem with my phone, it's rooted, and that's it. Gpay cannot be used with root, although it accepted my card payment card after I protected my ctsprofile etc. I lost hope
My OP6 is unlocked and rooted with Magisk. Back on 17.2 SafetyNet checks succeed again and I just could pay... with Magisk 18 though it failed.
What phone and how did you root?
akxak said:
My OP6 is unlocked and rooted with Magisk. Back on 17.2 SafetyNet checks succeed again and I just could pay... with Magisk 18 though it failed.
What phone and how did you root?
Click to expand...
Click to collapse
Which module do you use to protect safetynet, ctsprofile etc?
Just asking.. 'cause, as I told, also with magisk 17.2 it doesn't work.
No module, just plain Magisk and MagiskHide on Google Pay.
akxak said:
No module, just plain Magisk and MagiskHide on Google Pay.
Click to expand...
Click to collapse
No module? I need necessary to use "universal safetynet fix" to activating all 4 green checks on main page of magisk. Without it, last 2 (inside safetynet fix) are red: ctsprofile:false and basicintegrity:false.
And magisk hide with or not selecting gpay doesn't change anything.
However I'm considering the main problem is my rom, resurrection remix.
On OOS I have only two arrows...
ctsProfile and basicIntegrity
But I am on a stock rom
Yeah sorry my bad, I mean just these two.
I'm considering to flash my stock rom again. But it was Android 6. I should set nova launcher and lots of changes to modernize it : D
Also my bro used a stock one to let gpay work. Modded all ones seems not working.
I'm on Android 9 Pie... Nova is great, I use it myself.. with starting on the Oneplus, I stuck to the stock OS and had gold experiences... on the OP6 even mire as I can update it and keep it rooted from within the OS not needing TWRP anymore... allowing an easy upgrade process.
Just flashed up the stock rom of my H815. I installed magisk 17.2 (it's an android nougat). I activated MagiskHide only for Google Pay; now safety net says ctsProfile: false and basicIntegrity: true. I watched this thread and just at beginning of section Safetynet fix - changing device fingerprint seems to be my problem. But my phone hasn't fingerprint (rofl). So after installing modules MagiskHide Props Config and Busybox by osm0sis cts is still false. Watched this because seems the only well built guide about; this problem is splitted anywhere. No more ideas.
theicecave said:
Just flashed up the stock rom of my H815. I installed magisk 17.2 (it's an android nougat). I activated MagiskHide only for Google Pay; now safety net says ctsProfile: false and basicIntegrity: true. I watched this thread and just at beginning of section Safetynet fix - changing device fingerprint seems to be my problem. But my phone hasn't fingerprint (rofl). So after installing modules MagiskHide Props Config and Busybox by osm0sis cts is still false. Watched this because seems the only well built guide about; this problem is splitted anywhere. No more ideas.
Click to expand...
Click to collapse
If I understand you correctly, I think you've misunderstood... It's not about a fingerprint scanner, it's the device fingerprint property that needs to change. You'll have to run the props script and select a certified fingerprint from the list (the module is not a flash and forget module). But if you're on a stock ROM I would expect the CTS check to pass, so there might be something else going on. Anyway, try changing the device fingerprint and see if anything changes.
Didgeridoohan said:
If I understand you correctly, I think you've misunderstood... It's not about a fingerprint scanner, it's the device fingerprint property that needs to change. You'll have to run the props script and select a certified fingerprint from the list (the module is not a flash and forget module). But if you're on a stock ROM I would expect the CTS check to pass, so there might be something else going on. Anyway, try changing the device fingerprint and see if anything changes.
Click to expand...
Click to collapse
Idk how to do this and where is this list. He just attached a .zip on his thread.
Or maybe I do not understand english enough. Very probably.
theicecave said:
Idk how to do this and where is this list. He just attached a .zip on his thread.
Or maybe I do not understand english enough. Very probably.
Click to expand...
Click to collapse
If you're talking about the thread you linked, the "he" is me...
Take a look in the module documentation, most things should be covered there. But basically, what you need is a Terminal emulator where you just type 'props' and press enter. After that you can just follow the ui to do the rest.
Didgeridoohan said:
If you're talking about the thread you linked, the "he" is me...
Take a look in the module documentation, most things should be covered there. But basically, what you need is a Terminal emulator where you just type 'props' and press enter. After that you can just follow the ui to do the rest.
Click to expand...
Click to collapse
Solved following this. In effect, not so different on what were you talking about in your guide. At the moment both ctsprofile and basicintegrity are true, I just need to try Google Pay in a pos.

"ctsProfile: false" in Magisk Manager after August update

I know other folks had issues with earlier updates, but this is the first time I've seen this. I skipped the last few updates. Does the Magisk patch method no longer work for rooting the Pixel 4 XL? Or is there some way to fix this?
The "hardware off" module from Displax might help you.
Sent from my Google Pixel 4 XL using XDA Labs
It's hardware based so nothing you can do about it
Patching your boot image with Magisk still works. With the recent implementation of hardware attestation, apps can now recognize if your bootloader is unlocked and safetynet checks result in ctsProfile failing. Magisk Hide still works and you can still hide root from most apps but cannot hide that your bootloader is unlocked unless you use either the hardwareoff mod or the Magisk Props mod.
Lughnasadh said:
Patching your boot image with Magisk still works. With the recent implementation of hardware attestation, apps can now recognize if your bootloader is unlocked and safetynet checks result in ctsProfile failing. Magisk Hide still works and you can still hide root from most apps but cannot hide that your bootloader is unlocked unless you use either the hardwareoff mod or the Magisk Props mod.
Click to expand...
Click to collapse
I tried MagiskHide Props Config but that didn't work - unless I need to do more than just replace the fingerprint. Replacing the fingerprint did not fix the problem. It's likely the Pixel 4 XL uses hardware backed key attestation to check the bootloader state, which I think means MagiskHide Props Config won't solve the problem.
I did find and install the hardwareoff mod and that fixed the problem. Thanks everyone who mentioned that. It was not available for download in Magisk but I found it buried deep in a 4000+ post thread on XDA.
https://forum.xda-developers.com/ap...systemless-t3432382/post83028387#post83028387
fuarkgl3 said:
It's hardware based so nothing you can do about it
Click to expand...
Click to collapse
Eventually you will be right, once Google makes hardware backed key attestation permanent. But for now the hardwareoff mod works.
No work for me
Basic integrity and CTS profile remains false.
madmartian said:
I tried MagiskHide Props Config but that didn't work - unless I need to do more than just replace the fingerprint.
Click to expand...
Click to collapse
Just for clarification: you would also have had to use the "Force BASIC attestation" option. It basically does the same thing as the hardware off mod, so you're good to go already...
So I have the same problem basic integrity but the cts profile fails. Iam in the January update.
I've done anything to fix it but 0 for me. And the problem is that it just happened from nowhere it was everything ok I was passing the safety net and in a moment the gpay made me a warning about contactless payments and the problem started.
Escribis said:
So I have the same problem basic integrity but the cts profile fails. Iam in the January update.
I've done anything to fix it but 0 for me. And the problem is that it just happened from nowhere it was everything ok I was passing the safety net and in a moment the gpay made me a warning about contactless payments and the problem started.
Click to expand...
Click to collapse
Go over to the Magisk thread. It's discussed there in detail and there has been a Magisk Mod released to fix it..
Lughnasadh said:
Go over to the Magisk thread. It's discussed there in detail and there has been a Magisk Mod released to fix it..
Click to expand...
Click to collapse
Can you give me the link my friend?
Lughnasadh said:
Go over to the Magisk thread. It's discussed there in detail and there has been a Magisk Mod released to fix it..
Click to expand...
Click to collapse
Found it, thank you very much sir.
Can you share the link please?
I also woke up to Google Pay warning, an update, than lost Magisk. I've re-installed it but now failing safetynet. Been attempting to fix it for 2 hours now
mushtafa said:
Can you share the link please?
I also woke up to Google Pay warning, an update, than lost Magisk. I've re-installed it but now failing safetynet. Been attempting to fix it for 2 hours now
Click to expand...
Click to collapse
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
Found the link. It works, just need to setup Google Pay again https://github.com/kdrag0n/safetynet-fix

Device not Certified [SOLVED]

I feel like I am at a loss and i need help,like 2 days ago I reverted back to stock from a custom rom on my pixel 4 xl and google play store keeps saying device not certified, now I have come across this issue before in the past and fixed it with guides posted on the internet but this time they are not working. here is everything I have done:
-registered device as per guides on the internet, cleared play store data and even play services data and rebooted. waited a literal day. rebooted and cleared data of both then rebooted again
- i redownloaded the april image and flashed it to both slots and manually wiped user data in fastboot, tried registering again and waited atleast 10 minutes before trying anything else
- downloaded march image and did everything listed above
- downloaded the android 12 dev beta and did everything listed above.
- tried making safetynet pass with magisk and stuff in between there
- checked safetynet right off the bat on a fresh flash with zero modifications and it failed too.
- as i am posting this i am flashing a fresh download of the april image + platform tools on a different computer and different cable
if anyone has any suggestions please let me know.
Did you flash the Universal SafetyNet Fix module after rooting? If not, try that. Also make sure you enable Magisk Hide in the Manager settings, clear data & cache of Play Store and reboot. Sometimes it takes a while for it to show up as certified.
MAGISK MODULE ❯ Universal SafetyNet Fix 2.4.0
Universal SafetyNet Fix Magisk module Magisk module to work around Google's SafetyNet attestation. This module works around hardware attestation and recent updates to SafetyNet CTS profile checks. You must already be able to pass basic CTS...
forum.xda-developers.com
Lughnasadh said:
Did you flash the Universal SafetyNet Fix module after rooting? If not, try that. Also make sure you enable Magisk Hide in the Manager settings, clear data & cache of Play Store and reboot. Sometimes it takes a while for it to show up as certified.
MAGISK MODULE ❯ Universal SafetyNet Fix 2.4.0
Universal SafetyNet Fix Magisk module Magisk module to work around Google's SafetyNet attestation. This module works around hardware attestation and recent updates to SafetyNet CTS profile checks. You must already be able to pass basic CTS...
forum.xda-developers.com
Click to expand...
Click to collapse
i will give that a shot in a little bit here and update
Lughnasadh said:
Did you flash the Universal SafetyNet Fix module after rooting? If not, try that. Also make sure you enable Magisk Hide in the Manager settings, clear data & cache of Play Store and reboot. Sometimes it takes a while for it to show up as certified.
MAGISK MODULE ❯ Universal SafetyNet Fix 2.4.0
Universal SafetyNet Fix Magisk module Magisk module to work around Google's SafetyNet attestation. This module works around hardware attestation and recent updates to SafetyNet CTS profile checks. You must already be able to pass basic CTS...
forum.xda-developers.com
Click to expand...
Click to collapse
Thank you so much that did the trick. I in all honesty did not know that module existed so thank you so very much! <3
Buddyjohn said:
Thank you so much that did the trick. I in all honesty did not know that module existed so thank you so very much! <3
Click to expand...
Click to collapse
No problem. Glad you got it going
Lughnasadh said:
No problem. Glad you got it going
Click to expand...
Click to collapse
I know im kinda late.. But gosh, thank you so much

Can't get Android 12 + Magisk + SafetyNet, no matter what... All the guides seem outdated

So I'm trying to get Android 12 working with root and SafetyNet passing. I found that all the guides to be wrong or outdated. Problem with the latest Magisk canary is that it does not support MagiskHide. Problem with the latest stable Magisk (v23) is that it doesn't support Android 12. Here are the combinations I've tried:
Canary Magisk APK, Canary Magisk boot image, with Universal SafetyNet Fix v2.2.1 (Zygisk)
Result: No way to test if safety net passes within Magisk, but it doesn't seem to work.
Canary Magisk APK, Stable Magisk v23 boot image, with Universal SafetyNet Fix v2.1.3 (Riru)
Result: Does not work. MagiskHide automatically turns off after every reboot, probably because the canary boot image does not support it.
Stable Magisk v23 APK, Stable Magisk v23 boot image
Result: Device fails to boot. fast food indicates in an invalid signature. presumably happening because stable magisk v23 does not support Android 12.
Based on these test results these are my assumptions:
1. There is no way to run Magisk 23 on Android 12, and this article and its screenshot are fake:
https://www.droidwin.com/how-to-roo...k-on-android-12/#STEP_6_Boot_to_Fastboot_Mode
and this also does not work: https://krispitech.com/how-to-pass-safetynet-on-rooted-android-12/
OR
It was possible and Android 12 September 5th patch level but somehow not the latest December build?
There is no advantage to running mismatched Magisk APK and boot image versions
Both the Zygisk and Riru versions of the SafetyNet Fix do not work on the latest Android 12 builds.
The new DenyList system does nothing in allowing a SafetyNet bypass.
The ONLY working method That can possibly bypass safety net on Android 12 is using either of these 2 Magisk forks:
Custom Magisk by TheHitMan7 (Can’t find download link)
Alpha Magisk by vvb2060 (Can’t find download link)
Are these assumptions correct? Can someone please correct my misunderstandings?
You need Universal Safetynet Fix v2.2.0 or v2.2.1 which was just released 10 days ago.
To be honest, I haven't tried v2.2.1 yet, but I would imagine it will work. I'm on v2.2.0 right now.
Get it from here: https://github.com/kdrag0n/safetynet-fix
I have been using Magisk Canary 23016, USNF 2.2.0, and MagiskHide Props Config 6.1.2 on my Pixel 5 running the December Android 12 release. SafetyNet passes, GPay works.
I have DenyList blocking both GPay and Google Play Store..
Either you have something configured wrong, or you're having a unique issue. Others have been able to pass SafetyNet using a similar configuration.
No, Magisk Stable does not currently support Android 12. You MUST use Canary 23016; none of the previous builds properly handle the vbmeta flags in the boot image header.
I'm using the latest magisk canary, USNF 2.2.1 and no magisk hide props and am passing. I have Zygisk enabled, but that's about it. Install was flawless. Followed V0latyle's thread on going from A11 to A12 when the canary update dropped.
Thank you everyone, I got it working the way you said! I was super close.
-----------------------------------
V0latyle said:
I have been using Magisk Canary 23016, USNF 2.2.0, and MagiskHide Props Config 6.1.2 on my Pixel 5 running the December Android 12 release. SafetyNet passes, GPay works.
I have DenyList blocking both GPay and Google Play Store..
Either you have something configured wrong, or you're having a unique issue. Others have been able to pass SafetyNet using a similar configuration.
No, Magisk Stable does not currently support Android 12. You MUST use Canary 23016; none of the previous builds properly handle the vbmeta flags in the boot image header.
Click to expand...
Click to collapse
I only blocked play services with deny list and it worked.
One of the guides told me to flash stock vbmeta (idk what this is), and this bricked it until I re-flashed the ROM. But I guess that's not needed anymore.
flyoffacliff said:
Thank you everyone, I got it working the way you said! I was super close.
-----------------------------------
I only blocked play services with deny list and it worked.
One of the guides told me to flash stock vbmeta (idk what this is), and this bricked it until I re-flashed the ROM. But I guess that's not needed anymore.
Click to expand...
Click to collapse
Which guide?
V0latyle said:
Which guide?
Click to expand...
Click to collapse
How to Root Pixel Devices via Magisk on Android 12
In this comprehensive tutorial, we will show you detailed steps to root your Pixel device via Magisk running Android 12.
www.droidwin.com
On step 7. It says it's not necessary for some reason on newer devices but pixel 5 and older still require it. What does flashing this file actually do? Like what's the file made of?
flyoffacliff said:
How to Root Pixel Devices via Magisk on Android 12
In this comprehensive tutorial, we will show you detailed steps to root your Pixel device via Magisk running Android 12.
www.droidwin.com
On step 7. It says it's not necessary for some reason on newer devices but pixel 5 and older still require it. What does flashing this file actually do? Like what's the file made of?
Click to expand...
Click to collapse
Nothing needs to be done with vbmeta as long as you're using Magisk 23016.
I'll try to explain what it is and what it does as simply as I can but there isn't really a simple explanation...
Some components of Android system security, such as Verified Boot, incorporate a means by which the data being loaded from critical partitions is checked in real time as it is loaded. This is called "device-mapper verity". The raw data itself is read at the block device level and used to create a hash; this hash is then compared to a reference hash to determine the data has not been modified. The partition that contains this reference hash is vbmeta.
When the Android 12 beta was first released, Magisk had not yet been updated to properly handle Android 12 boot image headers. Verified Boot is disabled for the most part when the bootloader is unlocked; however some elements still remain to ensure you're booting a proper device boot image. Magisk did not preserve necessary information in the boot headers, so the device wouldn't boot; we would get a message in bootloader stating failed to load/verify boot images
We figured out a workaround for this: disable dm-verity and vbmeta verification altogether. This was done by flashing the vbmeta partition with those two options:
Code:
flash vbmeta vbmeta.img --disable-verity --disable-verification
The problem with this is it has some sort of safety interlock that prevents system from loading if verity/verification are disabled and /data isn't clean. So, rooting required wiping data. You probably discovered this during your "brick": you got a screen reading Cannot load Android system. Your data may be corrupt.
We also discovered that the vbmeta workaround had to be performed every time vbmeta was flashed - meaning no OTA updates, because if vbmeta was flashed without the disable options, we wouldn't be able to boot a patched boot image, and even if we re-disabled verity/verification, the device still wouldn't boot unless data was clean. The only way to update AND reroot AND keep data was to ensure that verity and verification were disabled every time the device was updated.
Fortunately, Magisk 23016 fixed all of this. We don't have to mess with vbmeta anymore. Magisk properly preserves the flags in the boot header, meaning that AVB recognizes it as a legitimate boot image, and the device is happy.
has anyone able to pass safety CTSprofile ?
Basic integrity is pass but CTSprofile Check isnt passed...
anybody able to pass in A12 (OnePlus Nord)
tried all effort but dint work, even Universal SafetyNet Fix v2.2.1 (Zygisk) isnt working..
its makes Basic Integrity Fail after Flash ( Universal SafetyNet Fix v2.2.1 (Zygisk).
I roll back to A11 then sadly....
shhahidxda said:
has anyone able to pass safety CTSprofile ?
Basic integrity is pass but CTSprofile Check isnt passed...
anybody able to pass in A12 (OnePlus Nord)
tried all effort but dint work, even Universal SafetyNet Fix v2.2.1 (Zygisk) isnt working..
its makes Basic Integrity Fail after Flash ( Universal SafetyNet Fix v2.2.1 (Zygisk).
I roll back to A11 then sadly....
Click to expand...
Click to collapse
You're doing something wrong. Don't overlook anything. I'm on Android 12.1 and pass safety net, Google pay works, Netflix works.
Have you configured the deny list in magisk?? If not do that then. I'd start fresh, don't connect to anything on first start. Hide everything about those Google apps. Then add your accounts etc etc. This is what worked for me no problem
thatsupnow said:
You're doing something wrong. Don't overlook anything. I'm on Android 12.1 and pass safety net, Google pay works, Netflix works.
Have you configured the deny list in magisk?? If not do that then. I'd start fresh, don't connect to anything on first start. Hide everything about those Google apps. Then add your accounts etc etc. This is what worked for me no problem
Click to expand...
Click to collapse
I would like to know, how you are able to pass? I mean It is passed using Universal safetynet fix by Kdragon?
or without fix?
as you mention in your screenshot that you have put all google services in denylist,
I've already done that..
anything else ? you done it? can you show screenshot of your safetynet pass??
shhahidxda said:
I would like to know, how you are able to pass? I mean It is passed using Universal safetynet fix by Kdragon?
or without fix?
as you mention in your screenshot that you have put all google services in denylist,
I've already done that..
anything else ? you done it? can you show screenshot of your safetynet pass??
Click to expand...
Click to collapse
I'm using the latest safetynet fix v2.2.1 Kdragon
thatsupnow said:
I'm using the latest safetynet fix v2.2.1 Kdragon
Click to expand...
Click to collapse
Yes, you are able to pass both .. but i am having issue with OnePlus Nord A12..
On A11 i was able to pass without Universal fix..
but as I applied OTA of A12...
I lose safetynet pass.
let me know do you have any workaround?
I've applied Universal fix by Kdragon.. but before flashing Universal fix of Zygisk I was able to pass Basic Integrity but as soon as I flash Kdragon Universal fix of Zygisk both CTS profile & Basic Integrity gets failed... !!!!
I am still looking for solution to fix this issue..!! if you have any work around.. let me know.. I will do my best.. may be i need to modify device fingerprints with Security patch.? what you say?
shhahidxda said:
Yes, you are able to pass both .. but i am having issue with OnePlus Nord A12..
On A11 i was able to pass without Universal
I've applied Universal fix by Kdragon.. but before flashing Universal fix of Zygisk I was able to pass Basic Integrity but as soon as I flash Kdragon Universal fix of Zygisk both CTS profile & Basic Integrity gets failed... !!!!
Click to expand...
Click to collapse
shhahidxda said:
Yes, you are able to pass both .. but i am having issue with OnePlus Nord A12..
On A11 i was able to pass without Universal fix..
but as I applied OTA of A12...
I lose safetynet pass.
let me know do you have any workaround?
I've applied Universal fix by Kdragon.. but before flashing Universal fix of Zygisk I was able to pass Basic Integrity but as soon as I flash Kdragon Universal fix of Zygisk both CTS profile & Basic Integrity gets failed... !!!!
I am still looking for solution to fix this issue..!! if you have any work around.. let me know.. I will do my best.. may be i need to modify device fingerprints with Security patch.? what you say?
Click to expand...
Click to collapse
You do realise that your posting on the pixel 5 forum right?? I'd maybe go checkout what they are doing on the OnePlus side of the tracks
thatsupnow said:
You do realise that your posting on the pixel 5 forum right?? I'd maybe go checkout what they are doing on the OnePlus side of the tracks
Click to expand...
Click to collapse
Yes, I knew i am posting in Pixel 5 and this topic isnt mention on Oneplus section..
I am looking for a solution of this issue.. but nobody has mention it till now.
Android 12.1 + Magisk 25.1 + Zygisk + Google Play services on enforced Denylist > Works charmingly
Note 1: Enforce Denylist for all the Google Play services modules on Magisk.
Note 2: After reboot, clear data of Google Play services and Play Store to make a fresh start.
pseudokawaii said:
Android 12.1 + Magisk 25.1 + Zygisk + Google Play services on enforced Denylist > Works charmingly
Note 1: Enforce Denylist for all the Google Play services modules on Magisk.
Note 2: After reboot, clear data of Google Play services and Play Store to make a fresh start.
Click to expand...
Click to collapse
I have the same running on a Galaxy S10, but every time I put Google Play Services on the enforce Denylist and reboot it no longer shows there. I'm trying to be able to use my banking app, it worked charmingly on magisk 24 but not anymore. Any advice?
El3ssar said:
I have the same running on a Galaxy S10, but every time I put Google Play Services on the enforce Denylist and reboot it no longer shows there. I'm trying to be able to use my banking app, it worked charmingly on magisk 24 but not anymore. Any advice?
Click to expand...
Click to collapse
What do you mean by "it no longer shows there"? Does the Google Play services disappear after putting on denylist? Did you enable the "Enforce Denylist" option? Did you do a retest of SafetyNet after reboot?
El3ssar said:
I have the same running on a Galaxy S10, but every time I put Google Play Services on the enforce Denylist and reboot it no longer shows there. I'm trying to be able to use my banking app, it worked charmingly on magisk 24 but not anymore. Any advice?
Click to expand...
Click to collapse
Yea and it won't stick I've tried that too. You don't need to add Google Play services to the deny list anyway
thatsupnow said:
Yea and it won't stick I've tried that too. You don't need to add Google Play services to the deny list anyway
Click to expand...
Click to collapse
If you're using Universal Safetynet Fix, Play Services is blocked out of the box. I had the same thing happen in one of the newer releases and thought it was an issue. It isn't. Play Services is blocked even though it doesn't show it.

Categories

Resources