Related
Within the past month Magisk can no longer pass the safetynet check. Ctsprofile fails and basicintegrity fails. I am on Magisk v20(20000) and Magisk manager v7.3.5(243). I've performed the following steps...
1. Turned off USB debug
2. Confirmed root check fails when hidden by Magisk and does NOT fail when not hidden by Magisk.
Any suggestions?
I found out it was Riru Exposed module. I went into Edexposed, enabled black/whitelist, rebooted, black listed Google play and Google play services, rebooted and safetynet check passed in Magisk.
JDubbed said:
I found out it was Riru Exposed module. I went into Edexposed, enabled black/whitelist, rebooted, black listed Google play and Google play services, rebooted and safetynet check passed in Magisk.
Click to expand...
Click to collapse
I was just about to post the same. Blacklisting those in Edxposed worked for me when nothing else did.
Does this indicate that Google is deploying countermeasures against Xposed framework?
I swapped out the Xposed installer for the Xposed manager and now the blacklist method is working at the moment. Google pay works.
gboybama said:
Does this indicate that Google is deploying countermeasures against Xposed framework?
Click to expand...
Click to collapse
Google has ALWAYS updated SafetyNet to block root users and Xposed users-- That's a large reason why both Magisk and edXposed were created, in the first place. LOL! While it's there to prevent hacking/abuse to understandably legitimate sources (banking apps, auction sites and storefronts, etc.), it's collaborated heavily with Niantic (developers of Pokémon GO) and updated a bunch of its more strict checks because of Pokémon GO.
Thanks to everyone for the tips, though!
Sent from my LG V20 (VS995), Alpha Omega ROM, Oreo 8.0, rooted (Magisk 19.3), using Tapatalk
Saw an update, thought cool finally out of beta, but upon upgrading, safetynet fails.
I didn't take a look too much into it, I did see on github that at least some users also had failing safetynet, but this was right at the same time as the google update to safetynet for magisk, so I couldn't rule that out for other users.
I've reverted back to v0.4.5.1 and edxposed installer and safetynet passes. I *think* it might be because edxposed installer has blacklist functionality. I couldn't find the equivalent setting on edxposed manager.
anonxlg said:
Saw an update, thought cool finally out of beta, but upon upgrading, safetynet fails.
I didn't take a look too much into it, I did see on github that at least some users also had failing safetynet, but this was right at the same time as the google update to safetynet for magisk, so I couldn't rule that out for other users.
I've reverted back to v0.4.5.1 and edxposed installer and safetynet passes. I *think* it might be because edxposed installer has blacklist functionality. I couldn't find the equivalent setting on edxposed manager.
Click to expand...
Click to collapse
Latest Xposed Manager try in settings menu scroll down to framework options enable:
App List mode
Pass Safetynet
To enable blacklist function - App List mode has to be enable. Then from main menu select Applications.
thanks, after some testing and restarting that did the trick.
I didn't see that the 'app list mode' is the blacklist and only turned on 'pass safetynet' thinking that was the only think I needed to do
I updated lineage and I can't get safetynet to pass again.
I verified that with edxposed disabled, it passes safetynet. I tried uninstalling/reinstalling edxposed and tried both sandhook and yahfa versions and it doesn't pass.
Scratching my head on how it doesn't working work anymore because from lineage update (my only guess).
anonxlg said:
I updated lineage and I can't get safetynet to pass again.
I verified that with edxposed disabled, it passes safetynet. I tried uninstalling/reinstalling edxposed and tried both sandhook and yahfa versions and it doesn't pass.
Scratching my head on how it doesn't working work anymore because from lineage update (my only guess).
Click to expand...
Click to collapse
In Edxposed Manager try downloading the canary release and flash through Magisk.
Also note that Google is starting to tighten it's grip in regards to Safety Net. Very basically it will fail with an unlocked bootloader.
https://mobile.twitter.com/topjohnwu/status/1237830555523149824
spawnlives said:
In Edxposed Manager try downloading the canary release and flash through Magisk.
Also note that Google is starting to tighten it's grip in regards to Safety Net. Very basically it will fail with an unlocked bootloader.
https://mobile.twitter.com/topjohnwu/status/1237830555523149824
Click to expand...
Click to collapse
I'm aware of that, but in my case, phone passed safetynet (with magisk, edxposed, and all modules the same) before updating lineage.
I should note that this is lineage 15.1 (A8.1) if it matters.
And that phones pre-pie are currently immune to that safetynet check because of old security hardware.
this work: https://repo.xposed.info/module/com.cofface.ivader
anonxlg said:
I'm aware of that, but in my case, phone passed safetynet (with magisk, edxposed, and all modules the same) before updating lineage.
I should note that this is lineage 15.1 (A8.1) if it matters.
And that phones pre-pie are currently immune to that safetynet check because of old security hardware.
Click to expand...
Click to collapse
On my spare S8 I've reinstall unofficial lineage 17.1 ( Android 10 ).
Using latest:
Stable version of magisk / manager
Edxposed manager - 4.5.7
Edxposed canary - 0.4.6.3 ( 4545 ) - Yahfa
Riru core - 19.8
This combination at the moment is passing safety net. Checked using magisk manager + two other apps from playstore. Also have Device is certified through play store. The latest play store version is 19.5.13 for my region.
Edxposed modules installed at moment
Xprivacylua
Minminguard
Resolver Activity Tweaks
installing HiddenCore Module did the trick, but i'm still curious why updating lineage broke safetynet or that using the older rirucore + edxposed passes safety net
I might have figured this problem, let me know if it helps you pass safetynet too as it did work on my device ( OP6T ):
Install everything just as the above steps,
-config magiskhide, install the fingerprints
-Install riru etc, install the canary version of sandhook
-put in airplane mode as soon as you reboot
-enable applist and blacklist google framework and services and playstore (also assuming you have done hidden these in magisk too)
-clear data from services, framework, playstore
- open playstore and check if youre logged in and its working
- Go check safetynet
Gpay is working for me flawlessly
As of april 25 this solution seems to work for me.
nousernamesorry said:
I might have figured this problem, let me know if it helps you pass safetynet too as it did work on my device ( OP6T ):
Install everything just as the above steps,
-config magiskhide, install the fingerprints
-Install riru etc, install the canary version of sandhook
-put in airplane mode as soon as you reboot
-enable applist and blacklist google framework and services and playstore (also assuming you have done hidden these in magisk too)
-clear data from services, framework, playstore
- open playstore and check if youre logged in and its working
- Go check safetynet
Gpay is working for me flawlessly
As of april 25 this solution seems to work for me.
Click to expand...
Click to collapse
I followed your order, but in magisk I have passed safetynet, but CTS and basicIntegrity is false
This the screenshot... S9 rooted + custom rom android 10 + kernel custom
Without xposed I had both positives
bmw320cd said:
I followed your order, but in magisk I have passed safetynet, but CTS and basicIntegrity is false
This the screenshot... S9 rooted + custom rom android 10 + kernel custom
Without xposed I had both positives
Click to expand...
Click to collapse
Sorry man, this solution no more works. It broke after April 27th.
So is there no current method to have edxposed/ru working while passing safetynet? Thanks
djjohnnyblaze said:
So is there no current method to have edxposed/ru working while passing safetynet? Thanks
Click to expand...
Click to collapse
At the moment still passing safety net using latest Riru core module + latest canary release of Edxposed.
System Crashes
nousernamesorry said:
I might have figured this problem, let me know if it helps you pass safetynet too as it did work on my device ( OP6T ):
Install everything just as the above steps,
-config magiskhide, install the fingerprints
-Install riru etc, install the canary version of sandhook
-put in airplane mode as soon as you reboot
-enable applist and blacklist google framework and services and playstore (also assuming you have done hidden these in magisk too)
-clear data from services, framework, playstore
- open playstore and check if youre logged in and its working
- Go check safetynet
Gpay is working for me flawlessly
As of april 25 this solution seems to work for me.
Click to expand...
Click to collapse
My system UI is crashing sometimes. Is it because of edxposed? I followed these steps and successfully passed the SafetyNet check. But my system is crashing sometimes!
I'm using sudohide module only!
romee_ahuja said:
My system UI is crashing sometimes. Is it because of edxposed? I followed these steps and successfully passed the SafetyNet check. But my system is crashing sometimes!
I'm using sudohide module only!
Click to expand...
Click to collapse
Hey, it could be that, maybe you have a module like gravitybox installed which is conflicting with your system configurations.
If not that, try disabling edxposed modules from magisk itself. If that fixes the solution, then it might be edxposed
One solution is disable module like gravitybox or update gravitybox
Oneplus 5
ACIP 10
Lastest magisk with magisk hide enabled
When I use the app whisper (sh. Whisper), it works fine and dandy. When I install edxposed (sandhook/yafha) it some how detects edxposed and ghosts my account, meaning I can't make posts or send DMs.
It's not detecting the edxposed manager app, because when I uninstall edxposed using the zip, it works. Even the riru module is installed and it still works.
How is this app detecting edxposed being installed and how can I hide it from the app?
I tried with the hiddencore xposed module too and it passes safetynet, Google
Pay works, but only that app detects and ceases use of the app.
ahb83 said:
... When I install edxposed (sandhook/yafha) it some how detects edxposed and ghosts my account, meaning I can't make posts or send DMs.
It's not detecting the edxposed manager app, because when I uninstall edxposed using the zip, it works. Even the riru module is installed and it still works.
Click to expand...
Click to collapse
It probably looks for the package name, or just runs keywords to detect the xposed presence.
I suggest you to install rootcloak, you can hide specific keywords and commands from an apps list you can set, usually after that it stops detecting xposed.
Be careful it probably trips safetynet, but since it's still working for you maybe it doesn't cause any hassle.
I upgraded to Magisk v23 without thinking and I am trying to reinstall 22.1 so I can continue with magisk hide, but no matter how I flash the repackaged boot.img, after reboot, installed always shows N/A. I've tried with v22 as well, and the same result.
Am I missing something about downgrading, or am I just doing something way off? Thanks in advance.
Why v22.1? Magisk v23 still has the "normal" MagiskHide...
(And just as a FYI, the new Deny list that is included in the latest Canary, 23010, works just as good to hide Magisk from what I've seen so far.)
I've tried 23 as well, I am on it as we speak, yet no matter what, I cannot get the boot to flash...
I did try the new version before rolling back and I could not add the RSA app I need for work to the deny list, rather it caught on to root and crapped out.
If I missed how to add to the deny list, I am happy to try again.
DrSeussFreak said:
I've tried 23 as well, I am on it as we speak, yet no matter what, I cannot get the boot to flash...
I did try the new version before rolling back and I could not add the RSA app I need for work to the deny list, rather it caught on to root and crapped out.
If I missed how to add to the deny list, I am happy to try again.
Click to expand...
Click to collapse
I was on Magisk 23001 (albeit on Android 12) and MagiskHide + SafetyNet worked great for me.
I'm currently on 23010, and it's still working:
V0latyle said:
So Magisk Canary was released yesterday:
Magisk 23010
Someone who is temp rooting want to patch their boot image with this and see what happens?
Also, Magisk Hide is no longer, so here's what you have to do to pass Safetynet (the check is no longer in Magisk so you'll have to use an external app)
In Magisk:
Remove Universal Safetynet Fix and Riru, if you have them installed, Reboot.
Launch Magisk again
Settings > Magisk:
Enable Zygisk
Enable Enforce Denylist
Enable for Google Play Services components: (I just enabled for all subcomponents)
com.google.android.gms
com.google.android.gms.unstable
That should be enough to pass Safetynet. Don't forget to hide other apps such as banking, GPay, DRM (Netflix, Amazon Prime Video, etc)
Click to expand...
Click to collapse
V0latyle said:
I was on Magisk 23001 (albeit on Android 12) and MagiskHide + SafetyNet worked great for me.
I'm currently on 23010, and it's still working:
Click to expand...
Click to collapse
Google play services is what I was missing in my earlier attempts. I cannot thank-you enough!
DrSeussFreak said:
Google play services is what I was missing in my earlier attempts. I cannot thank-you enough!
Click to expand...
Click to collapse
No problem. Google Play Services actually provides the security information for applications that depend on it, so it's one of the most important ones to hide.
Don't forget to hide other apps too. I've come across some weird ones; for example, I have a Honeywell WiFi smart thermostat, and for some odd reason the app not only checks for root, but prevents me from remotely controlling the thermostat if root is detected.
In most cases, you should be able to tell if something needs to be hidden or not; some apps just won't work (like Netflix or Amazon Prime Video).
V0latyle said:
No problem. Google Play Services actually provides the security information for applications that depend on it, so it's one of the most important ones to hide.
Don't forget to hide other apps too. I've come across some weird ones; for example, I have a Honeywell WiFi smart thermostat, and for some odd reason the app not only checks for root, but prevents me from remotely controlling the thermostat if root is detected.
In most cases, you should be able to tell if something needs to be hidden or not; some apps just won't work (like Netflix or Amazon Prime Video).
Click to expand...
Click to collapse
I just went through and re-did all my financials and streaming (plus all Amazon apps). I just forgot I had enabled it for these services.
V0latyle said:
No problem. Google Play Services actually provides the security information for applications that depend on it, so it's one of the most important ones to hide.
Don't forget to hide other apps too. I've come across some weird ones; for example, I have a Honeywell WiFi smart thermostat, and for some odd reason the app not only checks for root, but prevents me from remotely controlling the thermostat if root is detected.
In most cases, you should be able to tell if something needs to be hidden or not; some apps just won't work (like Netflix or Amazon Prime Video).
Click to expand...
Click to collapse
Sorry, 1 additional question I didn't get a clear answer from the forums. I have 4 modules active in Magisk, 3 of them related to safetynet, Riru, MagiskHide Props Config and Universal Safetynet Fix. I disabled them and everything is still working, and I am guessing I do not need them anymore, since it's a whole new setup.
Am I correct that I no longer need these modules anymore? Once again, I appreciate the help.
DrSeussFreak said:
Sorry, 1 additional question I didn't get a clear answer from the forums. I have 4 modules active in Magisk, 3 of them related to safetynet, Riru, MagiskHide Props Config and Universal Safetynet Fix. I disabled them and everything is still working, and I am guessing I do not need them anymore, since it's a whole new setup.
Am I correct that I no longer need these modules anymore? Once again, I appreciate the help.
Click to expand...
Click to collapse
Correct, I was using the same solution as you - I had Riru, USNF, MagiskHide Props Config, and Systemless Hosts. I removed everything and reenabled Systemless Hosts after a reboot. The reason this is necessary is because 23010 uses a different language to interface with modules, so a lot of modules are going to have to be rewritten.
I may end up going back to 23001 because my banking app (Navy Federal) now refuses to start.
V0latyle said:
Correct, I was using the same solution as you - I had Riru, USNF, MagiskHide Props Config, and Systemless Hosts. I removed everything and reenabled Systemless Hosts after a reboot. The reason this is necessary is because 23010 uses a different language to interface with modules, so a lot of modules are going to have to be rewritten.
I may end up going back to 23001 because my banking app (Navy Federal) now refuses to start.
Click to expand...
Click to collapse
Thank you for confirming and good luck with your banking app, I checked all mine, so far so good. New system news bugs
V0latyle said:
I was on Magisk 23001 (albeit on Android 12) and MagiskHide + SafetyNet worked great for me.
I'm currently on 23010, and it's still working:
Click to expand...
Click to collapse
Hi, gpay does not work anymore....Say system rooted....but safetynet pass....
Aldo there Is no way ti install back 23001
pippo45454 said:
Hi, gpay does not work anymore....Say system rooted....but safetynet pass....
Aldo there Is no way ti install back 23001
Click to expand...
Click to collapse
That is what i saw. I've been rooted for almost a decade and I've never seen this issue before with magisk. I don't use gpay often, so that is ok, but i appreciate the info.
pippo45454 said:
Hi, gpay does not work anymore....Say system rooted....but safetynet pass....
Aldo there Is no way ti install back 23001
Click to expand...
Click to collapse
Did you use DenyList to hide both GPay, Google Play Services, and Google Play Store?
GPay works for me, but I am getting a CTS profile mismatch on Magisk 23010, so there's more work to be done. For now, I've downgraded to 23001.
I'll confirm gpay working, i hadn't checked earlier, but I'd marked it for the deny list earlier
How you downgrade to 23001?could you write entire procedure please?
I pur all exclusion, in Witch way you obtain CTS profile?
V0latyle said:
The reason this is necessary is because 23010 uses a different language to interface with modules, so a lot of modules are going to have to be rewritten.
Click to expand...
Click to collapse
Not quite true. 23010 introduces Zygisk that gives module developers way more options on how to create advanced modules. We'll now be able to have Xposed style Magisk mods. Really cool. Old modules still work just as fine though...
V0latyle said:
I am getting a CTS profile mismatch on Magisk 23010
Click to expand...
Click to collapse
Could be because you removed the modules that can help you pass CTS...
MagiskHide Props Config if you need a certified print on a custom ROM (no need on the stock ROM) or if you need to reapply sensitive prop changes that are no longer included in Magisk (although these are also included in Universal SafetyNet Fix v2.1+).
Universal SafetyNet Fix to get around hardware backed key attestation and spoofing model props for Play Services (although currently Magisk Canary 23010 isn't compatible with Riru, so you'll probably have to use an older USNF release for now, and spoof props with MHPC).
I passeri CTS profile with safetynet but anytime i try ti add my card on gpay the band Will block automatically mi credito card...seems that they found that the phone Is not secure do to root....how i can go back ti 23001?
pippo45454 said:
I passeri CTS profile with safetynet but anytime i try ti add my card on gpay the band Will block automatically mi credito card...seems that they found that the phone Is not secure do to root....how i can go back ti 23001?
Click to expand...
Click to collapse
Go into Magisk and tap Uninstall > Restore Images, then Uninstall Completely. Allow Magisk to reboot the phone. When it reboots, Magisk and root will be gone.
Install Magisk 23.0. Manually patch the boot image, reboot to bootloader, and flash the patched boot image. Reboot again and you should come back into root with 23.0.
Didgeridoohan said:
Not quite true. 23010 introduces Zygisk that gives module developers way more options on how to create advanced modules. We'll now be able to have Xposed style Magisk mods. Really cool. Old modules still work just as fine though...
Click to expand...
Click to collapse
Thank you for the explanation. I was under the impression that most modules would have to be rewritten to work with Zygisk.
Didgeridoohan said:
Could be because you removed the modules that can help you pass CTS...
MagiskHide Props Config if you need a certified print on a custom ROM (no need on the stock ROM) or if you need to reapply sensitive prop changes that are no longer included in Magisk (although these are also included in Universal SafetyNet Fix v2.1+).
Universal SafetyNet Fix to get around hardware backed key attestation and spoofing model props for Play Services (although currently Magisk Canary 23010 isn't compatible with Riru, so you'll probably have to use an older USNF release for now, and spoof props with MHPC).
Click to expand...
Click to collapse
Well, I tried USNF 2.0.0, CTS profile still failed, so I removed Magisk and went back to the last version that worked for me, 23001. I only use 4 modules: USNF, Riru to support it, MagiskHide Props, and Systemless Hosts. I'm on the stock ROM. I'll just wait until USNF is updated to work with Zygisk.
I have Redmi Note 7.
It was running on xiaomi.eu_multi_HMNote7_V11.0.6.0.PFGCNXM_v11-9. I had magisk installed, there were no problems with root detection.
I installed xiaomi.eu_multi_HMNote7_V11.0.7.0.PFGCNXM_v11-9 using OrangeFox Recovery.
Then my problems with Magisk began. I uninstalled magisk completely via orangefox recovery and install again v21.4 as zip. Finally I updated magisk manager and magisk module with success and now it is latest version 25.2. I can't check safetynet via magisk app, cuz there is no option, so I used app called YSNAC. It shows: Basic integrity: failed, CTS profile match: failed. I perform hide Magisk app, named new app as "Settings", but the old Magisk icon did not disappear (I don't know if it's ok).
I activate Zygisk and enforce deny list and set deny list (banking apps, play services, google play store).
I installed modules like MagiskHide Props Config and Universal SafetyNet Fix.
BTW. Why there is no more online searching modules via magisk manager?
Root working ok.
I don't know what can I do more. My banking apps detects that I have root.
mcichy10 said:
I have Redmi Note 7.
It was running on xiaomi.eu_multi_HMNote7_V11.0.6.0.PFGCNXM_v11-9. I had magisk installed, there were no problems with root detection.
I installed xiaomi.eu_multi_HMNote7_V11.0.7.0.PFGCNXM_v11-9 using OrangeFox Recovery.
Then my problems with Magisk began. I uninstalled magisk completely via orangefox recovery and install again v21.4 as zip. Finally I updated magisk manager and magisk module with success and now it is latest version 25.2. I can't check safetynet via magisk app, cuz there is no option, so I used app called YSNAC. It shows: Basic integrity: failed, CTS profile match: failed. I perform hide Magisk app, named new app as "Settings", but the old Magisk icon did not disappear (I don't know if it's ok).
I activate Zygisk and enforce deny list and set deny list (banking apps, play services, google play store).
I installed modules like MagiskHide Props Config and Universal SafetyNet Fix.
BTW. Why there is no more online searching modules via magisk manager?
Root working ok.
I don't know what can I do more. My banking apps detects that I have root.
Click to expand...
Click to collapse
I have the same issue since today on Galaxy s21 Ultra!
I decided to uninstall completely Magisk. Unfortunately SafetyNet still doesn't pass, banking aps not working. Only thing I can do is wipe all data, format to factory and install MIUI again. Maybe I'll try MIUI 12.
mcichy10 said:
I decided to uninstall completely Magisk. Unfortunately SafetyNet still doesn't pass, banking aps not working. Only thing I can do is wipe all data, format to factory and install MIUI again. Maybe I'll try MIUI 12.
Click to expand...
Click to collapse
try using Shamiko together with Zygisk and without forcing the denylist
I tried this before with zero success
With the MagiskHide Props config, you need to open a terminal, enter "su" and then "props". Then set the fingerprint to the certified one.
neelchauhan said:
With the MagiskHide Props config, you need to open a terminal, enter "su" and then "props". Then set the fingerprint to the certified one.
Click to expand...
Click to collapse
yup, I did that. Didn't work for me.
I performed "Format Data", flashed latest MIUI for my device, installed Magisk, Hided Magisk, activated Zygisk, Forced deny list and it's working well.
i tried like 4 different ways and NONE work
Universal SafetyNet Fix (didnt work)zydisk (didnt work)
denylist (didnt work)
magiskhide proops config (didnt work)
i have a mi 9 with miui 13+android 12
EDIT: it just takes trial and error, had to try a couple of different devices and one that worked for me was mi 9 europe
I can pass safety net on magisk 25.2 . I don't install magisk hide props. I have few things installed and a modified Verison of universal safety fix and I am using zygisk.
Alot times I forget about messages on here . Telegram me if I don't get back to u on @Assassin4Hire
GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
Google SafetyNet attestation workarounds for Magisk - GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
github.com
Flash this.
Enjoy.
yot2703 said:
GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
Google SafetyNet attestation workarounds for Magisk - GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
github.com
Flash this.
Enjoy.
Click to expand...
Click to collapse
I tried this workaround in my Samsung SM-G531H with Android 7.1 and I tested it with the previously mentioned YASNAC app, and the SafetyNet Attestation tests (Basic Integrity and CTS profile match) PASSED!
Now, I'm able to use my bank app (BBVA) Thanks.