Hi guys,
I'm using Miui Eu 11.0.6.0. I'm not sure what had gone wrong.Both ctsprofile and basicintegrity false. At first, I thought it was edxposed issue so I uninstall it, but it still the same issue after reboot.
Is there any way to resolve it? Appreciated.
These are my screenshots.
thomas140 said:
These are my screenshots.
Click to expand...
Click to collapse
Try disabling/ removing the magisk modules and if that doesn't work revert to stock kernel if you're using a custom kernel.
thomas140 said:
These are my screenshots.
Click to expand...
Click to collapse
Turn on magisk hide in settings and reboot.
MasterFURQAN said:
Try disabling/ removing the magisk modules and if that doesn't work revert to stock kernel if you're using a custom kernel.
Click to expand...
Click to collapse
Tried with stock miui Eu kernel but still the same. Disable all modules and still the same. Magisk hide is on. Hide magisk manager is on too. Weird.
callmebutcher101 said:
Turn on magisk hide in settings and reboot.
Click to expand...
Click to collapse
Both magisk hide and hide magisk manager is on but still both error. Funny.
thomas140 said:
Both magisk hide and hide magisk manager is on but still both error. Funny.
Click to expand...
Click to collapse
Did you hide all the google services from magisk ? Try clearing data of magisk and repeating the process. And btw MIUI EU can pass safetynet without magisk so if you really want safetyney pass you can sacrifice magisk.
callmebutcher101 said:
Did you hide all the google services from magisk ? Try clearing data of magisk and repeating the process. And btw MIUI EU can pass safetynet without magisk so if you really want safetyney pass you can sacrifice magisk.
Click to expand...
Click to collapse
Yup, I know miui Eu without magisk can definitely pass safetynet.
And ya, I have hide all related Google services and still same issue.
Just not sure what's triggering it.
But something's funny, when hide magisk manager, it still able to bypass those bank app root check although both still false status.lol
Try downgrading google play service. Run magisk from canary channel. Latest google play breaks cts
vjsanjay said:
Try downgrading google play service. Run magisk from canary channel. Latest google play breaks cts
Click to expand...
Click to collapse
Ok. That's surprising. For downgrading, I believe it is related to "uninstall updates", right?
Can disable the update once downgrade?
thomas140 said:
Ok. That's surprising. For downgrading, I believe it is related to "uninstall updates", right?
Can disable the update once downgrade?
Click to expand...
Click to collapse
Yes.. Till google makes mandatory.
vjsanjay said:
Yes.. Till google makes mandatory.
Click to expand...
Click to collapse
Update: you are correct. Once uninstalled update, status back to true.
I made few tests.
1. I tried install Edxposed, status became false.
2. In edxposed manager, blacklist Google play services and play store, still false.
3. Install hidden core module under exposed. Status became true but some government app became forced close.
4.I uninstaledl edxposed related stuff and reboot, status still false. I have to clear the data under Google play service to make status back to true.
So, it seems like edxposed is unable to hide properly like magisk does. No choice but have to abandon edxposed.
Related
This is Magisk/Xposed Module that allows for Full SafetyNet pass. All green checks with Xposed installed still. Requires Xposed installed on top of Magsik. I recommend Xposed through Magsik for dual systemless, but stand alone install of Xposed is fine. This is a first if it's kind for Magisk with Xposed for full green checks on SafetyNet Check. A game changer. Hope you enjoy . As I do what I can to help keep this epyk monster V20 alive.
Tested For 7.0. May work for others. Backup before testing.
Android 8.0 h910 works perfect.
Seems like it can't bypass logd being disabled.
Alpha Omega 8.0 w/ Magisk Hide enabled, logd disabled = fail.
Edit: Forgot to enable the module in Xposed in addition to Magisk. After enabling in Xposed, it now passes SN with the same parameters as above.
Great stuff!
Edit 2:
While there are now all green checks in Magisk's safetynet check, Google Pay still detects root/alteration.
nickthaskater said:
Seems like it can't bypass logd being disabled.
Alpha Omega 8.0 w/ Magisk Hide enabled, logd disabled = fail.
Edit: Forgot to enable the module in Xposed in addition to Magisk. After enabling in Xposed, it now passes SN with the same parameters as above.
Great stuff!
Edit 2:
While there are now all green checks in Magisk's safetynet check, Google Pay still detects root/alteration.
Click to expand...
Click to collapse
Idk...try using Magisk hide for that on top of this mod. I personally never use Google pay
Mysticblaze347 said:
Idk...try using Magisk hide for that on top of this mod. I personally never use Google pay
Click to expand...
Click to collapse
Have you confirmed that safetynet is actually being satisfied in any other apps that require it?
nickthaskater said:
Have you confirmed that safetynet is actually being satisfied in any other apps that require it?
Click to expand...
Click to collapse
I can only confirmed it passes in Magisk. Can't varify fully as to other uses as I really don't need full Safteynet. I just like seeing it pass and that is why I posted this. I usually don't need full Green for my use.
I do however know that it help with screenshot protection bypass for some banking apps ect.
Don't install it. It messes up with your google app and system apps. There is no turning back one you installed it, fastboot flash can only clean your mobile after that. There is a reason it was banned from official xposed modules.
atul18 said:
Don't install it. It messes up with your google app and system apps. There is no turning back one you installed it, fastboot flash can only clean your mobile after that. There is a reason it was bannejd from official xposed modules.
Click to expand...
Click to collapse
This is why it is controversial. I personally have not had any issues. This is also why I said I recommend "dual piggyback - systemless". I was sceptical myself, main reason for the Magsik mod. Systemless is better than embedded.
Mysticblaze347 said:
This is why it is controversial. I personally have not had any issues. This is also why I said I recommend "dual piggyback - systemless". I was sceptical myself, main reason for the Magsik mod. Systemless is better than embedded.
Click to expand...
Click to collapse
Someone pushing it into xda community silently.
If it was legit it will be on github. There is something wrong about this. If you have much knowledge about code I have a report file on this module. I will post it here.
---------- Post added at 07:39 PM ---------- Previous post was at 07:33 PM ----------
https://forum.xda-developers.com/xposed/modules/hiddencore-module-doing-t3903984/post79085117
Well again...this is systemless (no systematic attaching) disable at will. No footprint left behind. Once deleted its removed....it's fully gone. How can I explain systemless even further? I ment no harm with this thread as to why I made Magisk based. I just thought was sweet to pass SafetyNet in Magisk. I never thought to check SafetyNet app or even knew of stand alone apk.
If this really is as bad as you supposedly say, then I will delete this thread soon. My apologies in advanced if so.
I can't use apps that check safetynet.
It's failing in the response validation
Mysticblaze347 said:
Well again...this is systemless (no systematic attaching) disable at will. No footprint left behind. Once deleted its removed....it's fully gone. How can I explain systemless even further? I ment no harm with this thread as to why I made Magisk based. I just thought was sweet to pass SafetyNet in Magisk. I never thought to check SafetyNet app or even knew of stand alone apk.
If this really is as bad as you supposedly say, then I will delete this thread soon. My apologies in advanced if so.
Click to expand...
Click to collapse
Don't worry, the module is safe
Daved+ said:
I can't use apps that check safetynet.
It's failing in the response validation
Click to expand...
Click to collapse
Sorry it don't pass others other than Magisk it seems. Makes ya wonder where Magsiks SafetyNet is from. I personally don't know what else to say on this matter . I just ported, I didn't create the app. Just the Magsik Module is all I did. I'm in the same boat...but I'm keeping because I like seeing Magsik all Green. Also most likely due to a signature validation that was removed in my guess. Another version of a cloak if ya wanna say.
It's sad since the module removed from the repo, we can't expect update(s)
@Mysticblaze347. I'm using it with Magisk V19. Passes SafetyNet (ctsProfile + Basic System Integrity). Reported by Magisk Manager.
Tests from Any other App reports SafetyNet test Failed!!
So it seems like you only handled checks in setup.zip which Magisk Manager uses to report SafetyNet status!
Sorry.. I edited my Thank you post to this one.
I install it from xposed, and my exposed installed from magisk. Yes it made the magisk green, but my screen can't auto sleep. Uninstalled made normal again. From HTC U11 Android 8.0
A San said:
I install it from xposed, and my exposed installed from magisk. Yes it made the magisk green, but my screen can't auto sleep. Uninstalled made normal again. From HTC U11 Android 8.0
Click to expand...
Click to collapse
That version from Xposed itself does that, this version don't. Whole different area. Also, heads up. I just ported, not created. This also ONLY passes Magisks SafetyNet check for some reason. Why I do not know. I just made an optional port.
Already try install from this application. It won't work with my HTC U11 Android 8.0. Still red.
A San said:
Already try install from this application. It won't work with my HTC U11 Android 8.0. Still red.
Click to expand...
Click to collapse
This Magisk module was made initially for Nougat 7.0. I am running it and it's fine.
Did you check the Xposed side after Magisk install for active module?. Requires 2 reboot s total.. Magisk, then Xposed.
Best Version!
The version of this HiddenCore module is 1.3, which does not have the remaining awake bug found in version 1.7.
Mysticblaze347 said:
This is Magisk/Xposed Module that allows for Full SafetyNet pass. All green checks with Xposed installed still. Requires Xposed installed on top of Magsik. I recommend Xposed through Magsik for dual systemless, but stand alone install of Xposed is fine. This is a first if it's kind for Magisk with Xposed for full green checks on SafetyNet Check. A game changer. Hope you enjoy . As I do what I can to help keep this epyk monster V20 alive.
Tested For 7.0. May work for others. Backup before testing.
Click to expand...
Click to collapse
every few days my magisk root always gets uninstalled and had to reboot to get it back, is there any fix for it?
this happens on any custom rom, fresh install
Probably because you are using incompatible magisk library and apk.
spbx123 said:
every few days my magisk root always gets uninstalled and had to reboot to get it back, is there any fix for it?
this happens on any custom rom, fresh install
Click to expand...
Click to collapse
Apparently PlatStore is the culprit here. In the guise of checking for malignant apps, it removes Magisk. There is already information about this on XDA. I read it but am unable to locate it now. Disable Play Protect in PlayStore Menu and see if the issue is resolved.
nri_tech1183 said:
Probably because you are using incompatible magisk library and apk.
Click to expand...
Click to collapse
even though i got the zip from the magisk thread?
tnsmani said:
Apparently PlatStore is the culprit here. In the guise of checking for malignant apps, it removes Magisk. There is already information about this on XDA. I read it but am unable to locate it now. Disable Play Protect in PlayStore Menu and see if the issue is resolved.
Click to expand...
Click to collapse
I'll try this but doesnt it just enable itself again after some time?
spbx123 said:
even though i got the zip from the magisk thread?
I'll try this but doesnt it just enable itself again after some time?
Click to expand...
Click to collapse
It is sometimes enabled when PlayStore is updated. Otherwise it remains disabled, from my experience.
I just installed the app and it shows that " Launching the app on rooted device is blocked". So I uninstalled it and then reinstalled it again and used magisk hide. Also, I have hide magisk manager already enabled in magisk settings but the app still doesn't budge and somehow still detects root and thus I can't use it. Any solutions ?
I'm on MIUI EU 11.0.6 rooted with magisk 20.4
seshStation 5.1 kernel
Official latest TWRP recovery.
MasterFURQAN said:
I just installed the app and it shows that " Launching the app on rooted device is blocked". So I uninstalled it and then reinstalled it again and used magisk hide. Also, I have hide magisk manager already enabled in magisk settings but the app still doesn't budge and somehow still detects root and thus I can't use it. Any solutions ?
I'm on MIUI EU 11.0.6 rooted with magisk 20.4
seshStation 5.1 kernel
Official latest TWRP recovery.
Click to expand...
Click to collapse
Do you pass safetynet?
There's a magisk hide config module in magisk downloads if you don't.
sotosgolf said:
Do you pass safetynet?
There's a magisk hide config module in magisk downloads if you don't.
Click to expand...
Click to collapse
Yes I'm passing safety net. Both the magisk manager and the check SafetyNet app confirm the same.
MasterFURQAN said:
Yes I'm passing safety net. Both the magisk manager and the check SafetyNet app confirm the same.
Click to expand...
Click to collapse
You could flash your original boot image and see if it's related with the kernel, just in case.
sotosgolf said:
You could flash your original boot image and see if it's related with the kernel, just in case.
Click to expand...
Click to collapse
I was thinking the same. I'll reply with the results. Thanks
You could try renaming the magisk manager.
It worked for me with the McDonald's App.
You can find it in the settings from magisk manager. Give the app a random name like managerxy3 and use magisk hide option, just in case.
Maybe try core mode only, if you only need root and don't use any modules.
SpitFireXB360 said:
You could try renaming the magisk manager.
It worked for me with the McDonald's App.
You can find it in the settings from magisk manager. Give the app a random name like managerxy3 and use magisk hide option, just in case.
Maybe try core mode only, if you only need root and don't use any modules.
Click to expand...
Click to collapse
I already have that enabled (Hide magisk manager). It's in the OP. I only have busybox by osmosis installed in magisk modules.
I just installed Paytm First Games (Lite? ) and upon launching it asked to Login via OTP/Paytm. I didn't proceed any further. Magisk 20.4,crDroid 6.4.
MasterFURQAN said:
I was thinking the same. I'll reply with the results. Thanks
Click to expand...
Click to collapse
Sorry about the delay. I flashed the original stock boot from MIUI EU but the app still detects root somehow.
Any Guesses ?
amn1987 said:
I just installed Paytm First Games (Lite? ) and upon launching it asked to Login via OTP/Paytm. I didn't proceed any further. Magisk 20.4,crDroid 6.4.
Click to expand...
Click to collapse
Yup the lite version on the play store works but not the full version downloadable from their official website
So is there any solution to this??
How the paytmfirstgame (full version) deteck root after renaming magisk , passing safetynet and hiding app from magisk manager. I think magisk is now not a bigshot
Still can't open Paytm First Games even after using Magisk Hide
Any solution?
Facing the same issue. Do we have any solution on how to make the paytmfirstgames app work on rooted device?
I recently unlocked my bootloader and flashed the latest xiaomi.eu MIUI 12 stable rom for my pocophone and flashed magisk for root access as well. Everything was fine and dandy untill i attempted to open my banking app, it greeted me with a messege saying that i don't have minimum security even though my phone passes all safetynet tests, i don't know where the problem is and i wish to solve it without having to switch back to stock.
Please help.
Have u tried renaming magisk manager and hiding it from banking apps. Worked for me.
ScarAss**** said:
I recently unlocked my bootloader and flashed the latest xiaomi.eu MIUI 12 stable rom for my pocophone and flashed magisk for root access as well. Everything was fine and dandy untill i attempted to open my banking app, it greeted me with a messege saying that i don't have minimum security even though my phone passes all safetynet tests, i don't know where the problem is and i wish to solve it without having to switch back to stock.
Please help.
Click to expand...
Click to collapse
Use magisk hide and hide it from your banking apps. If that doesn't work, hide it from google apps too.
mecoromeo said:
Use magisk hide and hide it from your banking apps. If that doesn't work, hide it from google apps too.
Click to expand...
Click to collapse
Tried it but no luck, I even uninstalled magisk but it still didn't work.
sanjay0501 said:
Have u tried renaming magisk manager and hiding it from banking apps. Worked for me.
Click to expand...
Click to collapse
How do i rename magisk?
https://forum.xda-developers.com/7t-pro/help/10-3-2-device-meet-minimum-security-t4084467/page2
Try this. He downloaded shelter to setup a working space for his bank apps
Use island app
I have a rooted Samsung SG10Exynos/OS9 that bypasses SafetyNet with the help of Magisk 26.0 & safetynet-fix-v2.4.0-MOD_1.2 (meets BASIC INTERGITY) that I have been using the Starling Bank app 2.92.1.79025 without an issue. I stupidly upgraded to the latest version and got the attached screenshot saying that I had 14 days to restore the device to factory settings (I was still able to use the app after pressing ok). I even more stupidly thought that I could revert back to the previous version that I was using, using Titanium Backup which failed (the app would just flash continuous on launch) and then Swift backup (where it would just repeatedly crash even even before being launched requiring a force stop)
If I wipe data/uninstall/restart phone and install fresh from google play, I now get the attached screenshot saying again to restore to factory, but the button says close app. So being a digital bank, I'm now locked out of my account.
I've tried to install previous versions from APKMirror mirror after wiping data/uninstall/restarting phone, and then just restoring my data with my Titanium/Swift backups but still no joy.
Does anyone know how to downgrade/install not the latest version of Starling Bank, which doesn't have the increased STRONG INTERGITY check?
nukescript said:
I have a rooted Samsung SG10Exynos/OS9 that bypasses SafetyNet with the help of Magisk 26.0 & safetynet-fix-v2.4.0-MOD_1.2 (meets BASIC INTERGITY) that I have been using the Starling Bank app 2.92.1.79025 without an issue. I stupidly upgraded to the latest version and got the attached screenshot saying that I had 14 days to restore the device to factory settings (I was still able to use the app after pressing ok). I even more stupidly thought that I could revert back to the previous version that I was using, using Titanium Backup which failed (the app would just flash continuous on launch) and then Swift backup (where it would just repeatedly crash even even before being launched requiring a force stop)
If I wipe data/uninstall/restart phone and install fresh from google play, I now get the attached screenshot saying again to restore to factory, but the button says close app. So being a digital bank, I'm now locked out of my account.
I've tried to install previous versions from APKMirror mirror after wiping data/uninstall/restarting phone, and then just restoring my data with my Titanium/Swift backups but still no joy.
Does anyone know how to downgrade/install not the latest version of Starling Bank, which doesn't have the increased STRONG INTERGITY check?
Click to expand...
Click to collapse
It will force you to use the latest app.
Block firebaseremoteconfig.googleapis.com
theoneofgod said:
It will force you to use the latest app.
Block firebaseremoteconfig.googleapis.com
Click to expand...
Click to collapse
Also having the same issue. Is this something I should be blocking in Zygiskhide? I can't see it there. Googling the above isn't helping me.
Undeadwolfy said:
Also having the same issue. Is this something I should be blocking in Zygiskhide? I can't see it there. Googling the above isn't helping me.
Click to expand...
Click to collapse
You could try Magisk Delta as it now acts as whitelist so you add only what you want with root. This won't bypass Starling security though. You need to also block address above.
Undeadwolfy said:
Also having the same issue. Is this something I should be blocking in Zygiskhide? I can't see it there. Googling the above isn't helping me.
Click to expand...
Click to collapse
Blocking this address (firebaseremoteconfig.googleapis.com) through AdAway has fixed it for me! That is along with all the things that were needed to run it previously.
theoneofgod said:
You could try Magisk Delta as it now acts as whitelist so you add only what you want with root. This won't bypass Starling security though. You need to also block address above.
Click to expand...
Click to collapse
I think the part where I'm stuck is, what would you suggest to block that address? I can't do that in HMA or in Denylist because it doesn't exist.
I've tried blocking in AdAway and manually adding and still getting Starling recognising root.
I've blocked anything Google Play Services, Play Protect, Wallet too. Starling is my main bank. Has only been an issue in the last couple weeks.
A13 P6 Pro running the April security update 13 (TQ2A.230405.003.E1), Magisk 26101, USNF 2.4.0 Mod 1.2, passing Safetynet Basic+ CTS.
Will look at Magisk Delta next.
marian42 said:
Blocking this address (firebaseremoteconfig.googleapis.com) through AdAway has fixed it for me! That is along with all the things that were needed to run it previously.
Click to expand...
Click to collapse
This isn't working for me :/. Can you share what other modules you're running/how you've set up Magisk?
I followed the directions in this video.
I didn't do the final step where he renames the Magisk app, seems that it isn't necesary.
The YASNAC app shows that the device passes "Basic integrity" and "CTS profile match".
Also remember that blocking firebaseremoteconfig.googleapis.com might break other apps that use this domain (I've found one so far).
Undeadwolfy said:
I think the part where I'm stuck is, what would you suggest to block that address? I can't do that in HMA or in Denylist because it doesn't exist.
I've tried blocking in AdAway and manually adding and still getting Starling recognising root.
I've blocked anything Google Play Services, Play Protect, Wallet too. Starling is my main bank. Has only been an issue in the last couple weeks.
A13 P6 Pro running the April security update 13 (TQ2A.230405.003.E1), Magisk 26101, USNF 2.4.0 Mod 1.2, passing Safetynet Basic+ CTS.
Will look at Magisk Delta next.
Click to expand...
Click to collapse
It's a recent update that broke it.
Try Magisk 26.1, enable Zygisk and enforce deny list. Add systemless hosts. Add only Starling to the deny list.
Install safetynet fix 2.4.0 mod 1.2 by displax.
Add the domain I posted to adaway blocklist. Make sure its enabled and in root mode.
theoneofgod said:
It's a recent update that broke it.
Try Magisk 26.1, enable Zygisk and enforce deny list. Add systemless hosts. Add only Starling to the deny list.
Install safetynet fix 2.4.0 mod 1.2 by displax.
Add the domain I posted to adaway blocklist. Make sure its enabled and in root mode.
Click to expand...
Click to collapse
That's exactly how I have it running now. No change.
Undeadwolfy said:
That's exactly how I have it running now. No change.
Click to expand...
Click to collapse
It's the domain that did it for me. Working fine as of now.
theoneofgod said:
It's the domain that did it for me. Working fine as of now.
Click to expand...
Click to collapse
Thanks for updating. I have both of these in my AdAway too
Code:
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
Nothing doing
Undeadwolfy said:
Thanks for updating. I have both of these in my AdAway too
Code:
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
Nothing doing
Click to expand...
Click to collapse
Clean install for Starling? I'm trying to think if I did something else.
Oh. Have you "hidden" Magisk?
Just to weigh in here, I can confirm blocking:
firebaseremoteconfig.googleapis.com
Does indeed allow the Starling app to work. Yes blocking Firebase is going to stop some applications working, but you could always pause AdAway until you are done using the problematic app then resume AdAway when you want to use Starling.
Many thanks @theoneofgod
Not working
Reverting the Starling app back to version 2.95.1.79953 fixes things - just don't forget to re-add it to the Deny List.
I'll probably stay on this version until a new fix is found for the current version 2.96.0.80202.
darsh said:
Reverting the Starling app back to version 2.95.1.79953 fixes things - just don't forget to re-add it to the Deny List.
I'll probably stay on this version until a new fix is found for the current version 2.96.0.80202.
Click to expand...
Click to collapse
Wild, even this didn't work for me. No idea why I'm having issues.
Hi All
Quick update - Can confirm that rolling back to 2.95.1.79953 does fix things for now
This is using adaway to block the Firebase URLs in a custom host file and using enforce denylist. It doesnt work beyond that for now.
I swapped over to Magisk Alpha for now but i dont know what Starling are doing in the background to see that you have root at this point. Its very annoying
- Edit 2
They seem to be detecting the Enforce Denylist in Magisk (In any form)
Disabling it on version 2.95.1 shows the app can see root. Enabling it allows the app to proceed as if you are not rooted.
Give KernelSU a try if you can. No modules or any workarounds required.
theoneofgod said:
Give KernelSU a try if you can. No modules or any workarounds required.
Click to expand...
Click to collapse
Isnt that the same as the setting in magisk that hides root from everything not on the su list. Which also doesnt work.