Hello I'm trying to make Magisk work on my Honor 7 device.
Installed ROM without xposed
Unrooted with superSu
Installed magisk manager
installed Magisk v10.2 +phh's SuperSu
After that I get a CTS profile mismatch. How can I make it work? Also is there other method I could use to bypass safety net?
Hey Everyone I want a nougat ROM which does not have root and is stable to pass safetynet and best for gaming
If you lock your bootloader & flash Recovery etc with this trick you can install LineageOS & have it pass SafetyNet. This doesn't fool SafetyNet, as the kernel correctly reports the bootloader as locked.
I just noticed that my kenzo bypasses safetynet on lineage os 15.1 20180323 build by lokmansiu. I can install Netflix from playstore, run super Mario run and pokemon go without any problems, also tested on safetynet test app. But I cant understand how is this possible provided I didnt even install magisk.
though I have not rooted the rom,
my bootloader is locked(used edl mode to flash twrp and then the rom)
can anyone plz tell if this is even normal??
@[email protected] said:
I just noticed that my kenzo bypasses safetynet on lineage os 15.1 20180323 build by lokmansiu. I can install Netflix from playstore, run super Mario run and pokemon go without any problems, also tested on safetynet test app. But I cant understand how is this possible provided I didnt even install magisk.
though I have not rooted the rom,
my bootloader is locked(used edl mode to flash twrp and then the rom)
can anyone plz tell if this is even normal??
Click to expand...
Click to collapse
No root = no problem.
You only fail SafetyNet if you use SuperSU to root your phone or forget to use Magisk Hide when rooting using Magisk.
SafetyNet also fails if you use Xposed Framework
Noter2017 said:
No root = no problem.
You only fail SafetyNet if you use SuperSU to root your phone or forget to use Magisk Hide when rooting using Magisk.
SafetyNet also fails if you use Xposed Framework
Click to expand...
Click to collapse
But i always use custom ROMs without root and still the safetynet test still always failed
The only difference between this and previous scenario is that my bootloader is locked and the selinux in this ROM is hopefully enforcing...are they the reason?
how did you install twrp in edl mode with bootloader locked?
arnabbandopadhyay said:
how did you install twrp in edl mode with bootloader locked?
Click to expand...
Click to collapse
Follow the instruction from this video:
https://www.youtube.com/watch?v=xExKvog5RP4
Tip: You can install twrp version of your choice. Just download twrp of your choice and rename it to recovery.img and place it in TWRP_ZCX/images folder (delete existing recovery.img file inside the image folder).
This method doesnot unlock the bootloader.
Nabin Pokhrel said:
Follow the instruction from this video:
Tip: You can install twrp version of your choice. Just download twrp of your choice and rename it to recovery.img and place it in TWRP_ZCX/images folder (delete existing recovery.img file inside the image folder).
This method doesnot unlock the bootloader.
Click to expand...
Click to collapse
I don't know why but it didn't work for me. Still uncertified.
I recommend you flash Magisk to enable root access. Then use it with its "hide detection" feature (it is the default setting). It will mask your root access and unlocked bootloader from SafetyNet detection. Have a try.
@[email protected] said:
I just noticed that my kenzo bypasses safetynet on lineage os 15.1 20180323 build by lokmansiu. I can install Netflix from playstore, run super Mario run and pokemon go without any problems, also tested on safetynet test app. But I cant understand how is this possible provided I didnt even install magisk.
though I have not rooted the rom,
my bootloader is locked(used edl mode to flash twrp and then the rom)
can anyone plz tell if this is even normal??
Click to expand...
Click to collapse
Because selinux is finally set as enforcing. Probably next updates of other roms will be enforcing too
arnabbandopadhyay said:
I don't know why but it didn't work for me. Still uncertified.
Click to expand...
Click to collapse
Because new build comes with selinux = enforcing
That means you are good to go
If that is permissive then you'll get error in bypassing safety net without magisk.
May I ask if use this method and later on want to revert back to a completely stock Miui ROM how do I do that on my kenzo device. Do I just use the mi flash tool and flash the original stock ROM back?
Hi, I had unlocked the bootloader of my Poco F1 and had been using custom ROMs but since they had bugs, I went back to MIUI through fastboot method but didn’t let its bootloader get locked again. My device is having neither ROOT, nor TWRP.
And I also haven’t updated the MIUI to the latest version. (Because the latest version drains battery)
But the question is, why does my phone not pass SafetyNet check and not having play store device certification? Is it because the bootloader is unlocked? And is it safe to continue using this?
You device is uncertified most probably because it does not pass SafetyNet either ctsProfile or both. If your device is already UB just flash magisk use magisk module to fix that. I got same problem on unlocked poco running latest miui, I had to use magisk to solve it to use any banking app.
1) Setup your fingerprint
2) Install Busybox for Android NDK on magisk module
3) Install MagiskHide Props Coonfig on magisk module
4) Run terminal emulator android and type the command
su (to grant terminal emulator access to root)
props
5) Select number 1 to edit device fingerprint
6) Then enter f to pick a certified fingerprint
7) Choose your device by selecting Xiaomi and Pocophone on next selection
8) Once done reboot, you will have your SafetyNet passed
didn’t let its bootloader get locked again
Click to expand...
Click to collapse
That is the problem. Phone with unlocked bootloader will always fail the checks.
Install magisk.
MFAR198 said:
You device is uncertified most probably because it does not pass SafetyNet either ctsProfile or both. If your device is already UB just flash magisk use magisk module to fix that. I got same problem on unlocked poco running latest miui, I had to use magisk to solve it to use any banking app.
1) Setup your fingerprint
2) Install Busybox for Android NDK on magisk module
3) Install MagiskHide Props Coonfig on magisk module
4) Run terminal emulator android and type the command
su (to grant terminal emulator access to root)
props
5) Select number 1 to edit device fingerprint
6) Then enter f to pick a certified fingerprint
7) Choose your device by selecting Xiaomi and Pocophone on next selection
8) Once done reboot, you will have your SafetyNet passed
Click to expand...
Click to collapse
Got it.
Ya_SG said:
Got it.
Click to expand...
Click to collapse
To specifically know your problem, it is ctsProfile that's failed and this is due to the Device's fingerprint is not matched to your device (commonly happening to Custom Roms and MIUI Stock Rom with Magisk installed) that's why it MagiskHide Props is effective to this problem. It uses the latest and updated ro.device.fingerprint to perfectly matches the device (Pocophone F1) you are using.
Next time you occur this problem, MagiskHide Props to the rescue.
How can I bypass this?
I would recommend to flash a custom ROM and flash Magisk, then enable Magisk's hide feature to pass SafetyNet certification again.
Not sure if Magisk can also be flashed on top of stock MIUI, maybe some expert can answer this.