Safety Net Fix for Custom Rom's - Samsung Galaxy A20 ROMs, Kernels, Recoveries, & Ot

Hi to all, this is my first post here on XDA.
I Was doing a little of research to get Safety Net pass on custom rom's (I Have tested this fix on Z Rom V6, Illussion OS 1.7 and Z Rom Lite v2) And by now, here is the solution, It's not a fake screen telling you that you have passed Safety net like the one you get when you use the Hidden Core Method. This is a real fix.
So now, we're using 2 Magisk modules.
1.-safetynet-fix-v1.1.1
2.-MagiskHidePropsConfig-v5.4.0
Ok, after the download of the 2 zips you need to flash through Magisk, (You need to enable MagiskHide) we'll need to use a terminal emulator to get the safety net pass, then after downloading a terminal emulator we need to follow this tutorial:
After that we need to set the new fingerprint of our device to be ''Samsung Galaxy A20 A205W'' After selecting that fingerprint we need to finish the setup, and then Reebot. after that.... Voila, now our device pass Safety Net on custom roms.
Credits to all of the creators of the modules.

Thanks for this info, will try it out once I rooted my phone again.

I cannot find safetynet-fix on magisk modules.
Did they removed it?
In theory magiskhidepropsconfig alone should do the job, sadly i cannot pass ctsProfile test on my phone that has a custom ROM (Xiaomi Mi note 10).
Not out of the box at least.
It has instructions on how to manually change the fingerprint and the security patch date so to pass the ctsProfile test but they are...complicated
I even followed the instructions on the video but still no dice.

Nadaaaaa said:
I cannot find safetynet-fix on magisk modules.
Did they removed it?
In theory magiskhidepropsconfig alone should do the job, sadly i cannot pass ctsProfile test on my phone that has a custom ROM (Xiaomi Mi note 10).
Not out of the box at least.
It has instructions on how to manually change the fingerprint and the security patch date so to pass the ctsProfile test but they are...complicated
I even followed the instructions on the video but still no dice.
Click to expand...
Click to collapse
You should use the .zip file attached to this thread bro, SafetyNet fix is for hardware attestation and unlocked bootloaders, That's why you should use MagiskHidePropsConfig + SafetyNetFix. Google play services must be enabled and not frozen in order to have SafetyNet working. Check if there is a specific fingerprint for your device. And yes, the module has been removed from magisk repository, You can find the latest version here: https://github.com/kdrag0n/safetynet-fix

@PhillipVilla , i am sorry but could you elaborate a bit more?
I have flashed Havoc 4.6 and Magisk v23 onto my Samsung S8+. I have downloaded the two files you attached. But what do you mean by "flash through Magisk"?
My Google Play Store is working fine my problem is no Netflix in Play Store and my TV provider app is not working. So i am trying to get SafetyNET to pass and possibly hide the fact that the phone is rooted.

TheGeneral said:
@PhillipVilla , i am sorry but could you elaborate a bit more?
I have flashed Havoc 4.6 and Magisk v23 onto my Samsung S8+. I have downloaded the two files you attached. But what do you mean by "flash through Magisk"?
My Google Play Store is working fine my problem is no Netflix in Play Store and my TV provider app is not working. So i am trying to get SafetyNET to pass and possibly hide the fact that the phone is rooted.
Click to expand...
Click to collapse
Magisk is an app you should install. You can search in this forum

I have a Moto G6 and I'm having trouble getting the SafetyNet to go green. Installed Magisk v23 and the SafetyNet Fix and the MagiskHidePropConfig and still no dice. Any suggestions?

Related

SafetyNet and the Z5 Compact

So I think most of you already know about Google's strict update to their SafetyNet API, which is used by Android Pay, and Pokemon Go among other apps.
If you don't, SafetyNet is a protocol used by Google Play Services that returns whether your device has been "tampered with". Having Root Access, Xposed installed, or a custom ROM or Kernel, have been known to trip this check, which will prevent the apps that utilize SafetyNet's functionality from running on the device.
Several developers on XDA and in the rooting community have been working overtime in an attempt to find a loophole in SafetyNet's code - enter the likes of Magisk and SuHide, each of which no longer work to hide root from SafetyNet as of the date of this writing.
Now, my personal belief is that after a person has purchased an Android device (and in effect that copy of the device's software) they should be free to make any and all modifications they choose to it - at the risk of their own security of course. Additionally, with apps like Pokemon Go, which offer in-game purchases and then change user agreements through app updates which block potential users after they may have made these same in-game purchases, the argument could be made that the SafetyNet API is even promoting fraud.
It isn't my intention to convince anyone of my position, only understand it. At this time, I am trying to gain a better understanding of exactly what elements found on a device prompt SafetyNet to return that a device has been tampered with. I was once rooted, with Xposed installed, but have since uninstalled both, and even re-flashed stock firmware. Even still, the SafetyNet Helper App I have been using for research always returns a failure. For posterity, I am also unable to log into Pokemon Go on stock firmware with no root or Xposed.
If root access is enabled, I have found that the SafetyNet check itself (step 1) will fail and the app will present a red screen, whereas if root access is not installed, the SafetyNet check will pass, but the Device Signature Verification with Google (step 2) will fail, which results in an overall failure where apps like Android Pay and Pokemon Go are concerned. The most modern counter I have found to hide root from SafetyNet is found here but even it states that the device must be able to pass the SafetyNet check on its own before this modifies SuperUser can be installed, so I feel a bit stuck.
I haven't seen anyone address SafetyNet and the Xperia Z5 Compact in the same sentence, and so my question is, can the Z5C pass SafetyNet at all since its most recent update? Please, download the SafetyNet Helper App from the Play Store and run it on your Z5C. Let me know if you get a red screen (failure at first step) a blue screen (failure at second step) or a green screen (passing). Also tell me about your device, and any modifications you have made to it. Seeing as how I can no longer pass the SafetyNet check at all on newly flashed stock firmware, I worry that the Xperia Z5C may not have been given Google's "Device Signiture Verification" - like many other international Android devices.
And if anyone else can shed some light on this situation, I would be most grateful.
Blue screen error.
Krypton custom rom based on .253 with zach's kernel. xposed installed
Sent from my iPad using Tapatalk
What about downgrading Google Play Services? as far as i remember the Safetynet APi is included in this package. Don't know if it is server based or written inside the package, though.
Has anyone found a way to bypass SafetyNet for Nougat?
grayleshy said:
Has anyone found a way to bypass SafetyNet for Nougat?
Click to expand...
Click to collapse
I also want to know this, when running safetynet test it shows me a red screen, even though I already removed root and flashed stock firmware.
rolo143 said:
I also want to know this, when running safetynet test it shows me a red screen, even though I already removed root and flashed stock firmware.
Click to expand...
Click to collapse
because of unlocked bootloader
im using magisksu + magiskhide and its bypassing the safetynet
meistr91 said:
because of unlocked bootloader
Click to expand...
Click to collapse
There is a workaround?
meistr91 said:
because of unlocked bootloader
Click to expand...
Click to collapse
Can I relock it again?
https://forum.xda-developers.com/z5-compact/general/recovery-nougat-7-0-android-bootable-t3609358
rolo143 said:
Can I relock it again?
Click to expand...
Click to collapse
Magisk changes the properties and "relocks" it for you during the start up procedures.
--- previous post
NeoBeum said:
https://forum.xda-developers.com/z5-compact/general/recovery-nougat-7-0-android-bootable-t3609358
Magisk changes the properties and "relocks" it for you during the start up procedures.
Click to expand...
Click to collapse
But magisk requires root. I remove root because there are some games and apps that detect it. So I wanted to pass SafetyNet but still can't.
I have Magisk working, I'm just rebuilding the recovery project and fixing some stuff
Has one been able to patch libandroid to make suhide work on Nougat with security patches after October 2016?
I have CarbonROM 5.1 Moo installed on my Zperia Z5 compact. This along with Magisk 14.3. (And... yeah... As it seems, the Magisk module "Universal SafetyNet Fix" is also required in my case. )
With this, it all works fine. SafetyNet checks out as valid/okay. No problems.

Can't pass Safetynet test

Is anyone able to pass safety net test on their mi pad 4? If so can you let me know your set up.
I've tried many different methods of installing gapps but even on stock I can't pass it. Right now I'm on stock Chinese ROM 9.6.23.0 with gapps flashed through twrp from opengaps. Every time I try to submit a safety net request it fails, and on magisk manager checking safety net status results in an error, "the response is invalid".
I've tried Google installer apk, using a mi5 backup and twrp flashing and I'm still getting the same response. If anyone has gotten their device to pass safety net please let me know the ROM you're currently running and the method you used for flashing gapps.
unlock BL and use the xiaomu.eu beta ROM, apparently it passes safetynet (as long as you don't go ahead and root as well lol)
https://xiaomi.eu/community/threads/when-will-xiaomi-eu-be-available.45622/page-2
wintermute000 said:
unlock BL and use the xiaomu.eu beta ROM, apparently it passes safetynet (as long as you don't go ahead and root as well lol)
https://xiaomi.eu/community/threads/when-will-xiaomi-eu-be-available.45622/page-2
Click to expand...
Click to collapse
I have rooted mi pad 4 with xiaomi.eu MIUI 10 developer rom and safety net passing without any problems.

[Solved] MIUI EU 11.0.6 Safety Net: CTS profile - False

Flashed the MIUI EU 11.0.6 and cts profile is false but basic integrity shows true. Also, play store shows "device not certified"
I've already used Magisk hide for Google Play services. Tried to re-flash magisk but still the same.
ROM: MIUI 11.0.6 EU Q
Kernel: Sesh 5.1 71Hz
Recovery: Official TWRP recovery
Magisk 20.3
Solution:
https://forum.xda-developers.com/poco-f1/themes/guide-edxposed-miui-11-0-4-android-q-t4050773/page3
MasterFURQAN said:
Flashed the MIUI EU 11.0.6 and cts profile is false but basic integrity shows true. Also, play store shows "device not certified"
I've already used Magisk hide for Google Play services. Tried to re-flash magisk but still the same.
ROM: MIUI 11.0.6 EU Q
Kernel: Sesh 5.1 71Hz
Recovery: Official TWRP recovery
Magisk 20.3
Click to expand...
Click to collapse
Google changed cts from their end. No matter what rom you flash on any phone you use, it'll fail CTS now. Wait for magisk to be updated.
Daruwalla said:
Google changed cts from their end. No matter what rom you flash on any phone you use, it'll fail CTS now. Wait for magisk to be updated.
Click to expand...
Click to collapse
Just read the article. Thanks anyways.
Xposed installed? If yes you should try this module for pass the safetynet
https://forum.xda-developers.com/showpost.php?p=81982121&postcount=80
Works for me
vjbenn said:
Xposed installed? If yes you should try this module for pass the safetynet
https://forum.xda-developers.com/showpost.php?p=81982121&postcount=80
Works for me
Click to expand...
Click to collapse
I found that out some days ago. I forgot to edit the OP.
FYI this module only fakes the status of the CTS profile. You can check your "true" status by using an app called safety net checker from play store.
Tried every one of the exposed module and all fail so that is no good for me...... anything else that will work..... even stock ROMs with unlocked bootloader with out root come up as device uncertified have a realme 5 with locked bootloader and it is fine have LG v20 it's fine and a Asus Zenfone 3 ultra locked no issues have pocof1 unlocked bootloader and it fails...........
It appears it is bootloader unlocked is what the issues is......the problem is you can't lock bootloader if you want custom recovery the problem is if you have a locked bootloader and you get jacked by someone you can't recover your device.......
Or maybe that's what Google wants to happen......
stinka318 said:
Tried every one of the exposed module and all fail so that is no good for me...... anything else that will work..... even stock ROMs with unlocked bootloader with out root come up as device uncertified have a realme 5 with locked bootloader and it is fine have LG v20 it's fine and a Asus Zenfone 3 ultra locked no issues have pocof1 unlocked bootloader and it fails...........
Click to expand...
Click to collapse
Mine passes the CTS check now even without the edXposed module.
stinka318 said:
It appears it is bootloader unlocked is what the issues is......the problem is you can't lock bootloader if you want custom recovery the problem is if you have a locked bootloader and you get jacked by someone you can't recover your device.......
Or maybe that's what Google wants to happen......
Click to expand...
Click to collapse
MasterFURQAN said:
Mine passes the CTS check now even without the edXposed module.
Click to expand...
Click to collapse
Flashed no gravity kernel and my problem went away as well I believe it has something to do with how Google receives information about the bootloader in the kernel.......
It was working ok for me till today. I had the problem with cts profile : false, then it clears from itself (google change something or revert the changes) , but now I checked randomly in magisk manager and this time I got both cts profile false and basic integrity false , so think google change the things again and even more restrictive than previous time , anyone else can confirm ?

OOS 10.0.8, Magisk and SafetyNet

Hey there, yesterday I've updated my phone to OOS 10.0.8. Everything went fine, phone is running, but since I've installed that update SafetyNet keeps failing in both, basicIntegrity and ctsProfile.
I have installed Magisk 20.4 and Magisk Manager 7.5.1.
Magisk hide is enabled. I have no modules installed.
Anyone else having this issue or know how to fix it?
Yep, same problem here. Can't seem to fix it either.
Exentric90 said:
Yep, same problem here. Can't seem to fix it either.
Click to expand...
Click to collapse
Do some reading ... https://twitter.com/topjohnwu/status/1237656703929180160
(and for me it is still OK)
foobar66 said:
Do some reading ... https://twitter.com/topjohnwu/status/1237656703929180160
(and for me it is still OK)
Click to expand...
Click to collapse
Yeah I've updated to the beta. So that might be it.
Anyway that sucks. So we're basically screwed if we'd like to have the latest security updates and still keep root.
Sajito said:
Hey there, yesterday I've updated my phone to OOS 10.0.8. Everything went fine, phone is running, but since I've installed that update SafetyNet keeps failing in both, basicIntegrity and ctsProfile.
I have installed Magisk 20.4 and Magisk Manager 7.5.1.
Magisk hide is enabled. I have no modules installed.
Anyone else having this issue or know how to fix it?
Click to expand...
Click to collapse
i have exactly the same configuration, and my safetynet test passes both, cts and basic, as it was before the update
foobar66 said:
Do some reading ... https://twitter.com/topjohnwu/status/1237656703929180160
(and for me it is still OK)
Click to expand...
Click to collapse
I've read about that. I know that since those changes Magisk Hide is not enabled in default installation, that's why I made sure it is enabled on my device. Also as far as I know, those changes should only affect ctsProfile, but not basicIntegration. For me both is failing.
kaiowas82 said:
i have exactly the same configuration, and my safetynet test passes both, cts and basic, as it was before the update
Click to expand...
Click to collapse
But since it's working for you two: Do you use any modules?
Sajito said:
But since it's working for you two: Do you use any modules?
Click to expand...
Click to collapse
systemless hosts and google dialer framework
kaiowas82 said:
systemless hosts and google dialer framework
Click to expand...
Click to collapse
kaiowas82 said:
i have exactly the same configuration, and my safetynet test passes both, cts and basic, as it was before the update
Click to expand...
Click to collapse
I toggled the Magisk hide button in settings and rebooted and it passed both. But, if you click on safetynet a second time it fails. So far I haven't received notification of Google Pay software issue I'm assuming it's good. Guess I'll find out when I go to pay for something at the store.
slapman said:
I toggled the Magisk hide button in settings and rebooted and it passed both. But, if you click on safetynet a second time it fails. So far I haven't received notification of Google Pay software issue I'm assuming it's good. Guess I'll find out when I go to pay for something at the store.
Click to expand...
Click to collapse
just done the test 3 times in a row and always passes, i think you have some other underlying issue
kaiowas82 said:
just done the test 3 times in a row and always passes, i think you have some other underlying issue
Click to expand...
Click to collapse
I have no idea what it could be unless when I did
OTA update from local storage and then restored images on Magisk and installed to inactive slot (after ota). Maybe I should redo the whole thing and use 10.0.8 patched boot.img besides that I have no clue before update had no issues. Anyway I have Viper4android installed OOS native call recording YouTube Vanced and a slew of other modules working so if I can't pay with GP no big deal but it would be nice to have everything working. Be safe stay home and God bless.
I've tried several things that came to my mind, but they all don't work.
So I'll list what I've done, maybe anyone has an idea how to pass SafetyNet again without having to factory reset.
I got the OTA notification, so I downloaded and installed it. Before rebooting I went to Magisk Manager and installed Magisk to the inactive slot.
I forgot to disable the Riru Core and EdXposed Module, but the update went fine.
After the reboot I've noticed that SafetyNet test is failing. I know for sure SafetyNet was succeeding before the udate, since I was playing Pokemon Go before the update. That's impossible while SafetyNet fails.
As I said the weird thing is, both tests are failing, not just ctsProfile. First I made sure Magisk Hide was on and set for all required apps. Also toggled the setting, to make sure it's active. Root hiding is working fine btw.
So I thought maybe having EdXposed installed broke something. I uninstalled EdXposed completely, toggled everything again and rebooted. No luck.
I downloaded the OOS 10.0.8 Update again and installed it through "Locale Update", installed Magisk to inactive partition and rebooted. This time no modules installed at all. Still no luck.
I uninstalled Magisk (completely, not just the manager), rebooted and installed Magisk again. Got root, but the test still failing.
I've not used any module except EdXposed and there's only one Xposed Module I use, to enable background playback for YouTube.
Any ideas what's broken?
I really don't want to factory reset. Alongside Google Pay I use an App from my bank called "Mobiles Bezahlen". It's similar to Google Pay, but it's like using the physical card. Problem with that app is, a card can only be registered 7 times before the app will deny to register that card again. The only way to be able to register my card again is to order a new physical card.
I have not found a way to make a backup of that virtual card.
man i swear i tried somthing and it worked and i pass SafetyNet right now. i'am not a professional and i dont know what exactly i did that fixed the problem. but i will tell you what i did.
- i had some problems with my phone so i did MSM-flashtool it to get it back to clean
- then i installed latest magisk application 7.5.1 from github.
-patched my boot image and flashed it
-i got safetynet check failed.
-i then removed magisk by installing the stock boot image again.
-then i downloaded an older version of magisk which is 7.4.0.
-flashed the same patched boot image again.
WALLAH! i passed safteynet and magisk hide works with bank and google pay apps agian ! <3
-then i updated magisk from the app both manager and magisk zip
-rebooted
-still my safetynet passes! try it and tell me guys!
mastrok said:
man i swear i tried somthing and it worked and i pass SafetyNet right now. i'am not a professional and i dont know what exactly i did that fixed the problem. but i will tell you what i did.
- i had some problems with my phone so i did MSM-flashtool it to get it back to clean
- then i installed latest magisk application 7.5.1 from github.
-patched my boot image and flashed it
-i got safetynet check failed.
-i then removed magisk by installing the stock boot image again.
-then i downloaded an older version of magisk which is 7.4.0.
-flashed the same patched boot image again.
WALLAH! i passed safteynet and magisk hide works with bank and google pay apps agian ! <3
-then i updated magisk from the app both manager and magisk zip
-rebooted
-still my safetynet passes! try it and tell me guys!
Click to expand...
Click to collapse
Very cool, I did something else cause I really like my setup and to tell you the truth I didn't want to go through the whole process again. I did a Google search and found a tutorial on YouTube using edxposed. I followed the tutorial and I passed Safety net I already tested like 5 times but wait a minute... I just tried still passed. Wasn't sure if we can post from other sites but if we can just reply and I will post the link to the video.
mastrok said:
man i swear i tried somthing and it worked and i pass SafetyNet right now. i'am not a professional and i dont know what exactly i did that fixed the problem. but i will tell you what i did.
- i had some problems with my phone so i did MSM-flashtool it to get it back to clean
- then i installed latest magisk application 7.5.1 from github.
-patched my boot image and flashed it
-i got safetynet check failed.
-i then removed magisk by installing the stock boot image again.
-then i downloaded an older version of magisk which is 7.4.0.
-flashed the same patched boot image again.
WALLAH! i passed safteynet and magisk hide works with bank and google pay apps agian ! <3
-then i updated magisk from the app both manager and magisk zip
-rebooted
-still my safetynet passes! try it and tell me guys!
Click to expand...
Click to collapse
How did you install Magisk using 7.4.0? I've installed Magisk Manager 7.4.0, but it doesn't allow me to install Magisk itself without updating first to 7.5.1.
slapman said:
Very cool, I did something else cause I really like my setup and to tell you the truth I didn't want to go through the whole process again. I did a Google search and found a tutorial on YouTube using edxposed. I followed the tutorial and I passed Safety net I already tested like 5 times but wait a minute... I just tried still passed. Wasn't sure if we can post from other sites but if we can just reply and I will post the link to the video.
Click to expand...
Click to collapse
What EdXposed Module are you using? HiddenCore Module? I've tried that. After enabling it the test in Magisk Manager will succeed, but any other SafetyNet Checker fails. Still no Pokemon Go and SafetyNet for me
Sajito said:
How did you install Magisk using 7.4.0? I've installed Magisk Manager 7.4.0, but it doesn't allow me to install Magisk itself without updating first to 7.5.1.
What EdXposed Module are you using? HiddenCore Module? I've tried that. After enabling it the test in Magisk Manager will succeed, but any other SafetyNet Checker fails. Still no Pokemon Go and SafetyNet for me
Click to expand...
Click to collapse
bro just remove any rooting method you have right now. install the old 7.4.0 version. patch your boot image and if you cant try to find the patched image on the internet. flash it via fast boot and your root is successful. now update magisk and you are done
m4str0k said:
bro just remove any rooting method you have right now. install the old 7.4.0 version. patch your boot image and if you cant try to find the patched image on the internet. flash it via fast boot and your root is successful. now update magisk and you are done
Click to expand...
Click to collapse
I tried exactly that, but I can't patch the boot image with 7.4.0, since it tells me I have to update to 7.5.1 first.
edxposed it's the reason why you cannot pass safetynet
kaiowas82 said:
edxposed it's the reason why you cannot pass safetynet
Click to expand...
Click to collapse
As I already said in first post, EdXposed is not installed anymore. I could pass SafetyNet even with EdXposed before the update though.
Also SafetyNet passes with EdXposed installed on my LG G6.
10.3.2 - Device does not meet the minimum security requirements for this application
Hello, there.
I badly need your assistants. I'm not able to use a bank application as it states as "This device does not meet the minimum security requirements for this application", I flashed patched recovery for Magisk Maanger (7.5.1)& the SafetyNet Check shows as "Success". Both ctsProfile & basicIntegrity is green with true against it.
I repacked the Magisk Manager to different and enabled Magisk Hide option; also under "Magisk Hide" section, I have enabled the said bank application but still the above said error message popups. I badly want to access this application. I also face same issue with other gov application.
NOTE: I have other bank app which works perfectly by hiding it under "Magisk Hide" section but some Gov & this bank application doesn't work.
Please help.
vinu4u4ever said:
Hello, there.
I badly need your assistants. I'm not able to use a bank application as it states as "This device does not meet the minimum security requirements for this application", I flashed patched recovery for Magisk Maanger (7.5.1)& the SafetyNet Check shows as "Success". Both ctsProfile & basicIntegrity is green with true against it.
I repacked the Magisk Manager to different and enabled Magisk Hide option; also under "Magisk Hide" section, I have enabled the said bank application but still the above said error message popups. I badly want to access this application. I also face same issue with other gov application.
NOTE: I have other bank app which works perfectly by hiding it under "Magisk Hide" section but some Gov & this bank application doesn't work.
Please help.
Click to expand...
Click to collapse
Use another SafetyNet Checker app to see if SafetyNet really passes on your device.
If it passes then please create another thread for your problem, since it's not related to this thread at all.

Question Magisk 24.1, Safetynet on new ROM

Hello Everyone,
I recently buyed a Realme GT with China stock ROM and went to Indian ROM with all that proceess by Qiurigao (I buyed it to learn changing ROM's and all that stuff). It worked perfectly, didn't brick my phone on the process beacause I followed every step. I'm really happy with my learning journey but I want to know: Is there a way to bypass Safetynet with the new Magisk version (24.1)? I can't acess Google Play store even after doing the google service framework thing, still showing Google Play Protect screen.
I installed Magisk 24.1, Shamiko and SafetyNet Fix by kdrag0n but CTS profile doesn't pass.
Well, I'm new to this world so if I did something wrong let me know.
Solved. Ended it with Magisk Props Configuration. Just let someone who has the same problem I had know.

Categories

Resources