Hi,
Upgraded my Galaxy S7 (Exynos) to nougat (clean install).
ROM: https://forum.xda-developers.com/galaxy-s7/development/rom-android-nougat-7-0-beta-3-zpkk-odex-t3507499
Kernel: https://forum.xda-developers.com/galaxy-s7/development/kernel-superkernel-v1-0-t3389247
Used supersu with marshmellow before and stopped playing Pokemon Go when they blocked rooted phones. So I tried Magisk this time.
Installed ROM & Kernel, flashed Magisk-v11.1.zip and phh-superuser-magisk-r266-2.zip, enabled magisk-hide, added systemui, disabled USB-debugging. Everything worked, even safetynet check.
Today (two days after install), the safetynet check suddenly failed (CTS profile mismatch), and I was not able to get it working again. -> PGo did NOT work, root still did.
I tried to reinstall magisk, (flashed the uninstaller and reinstalled same way as I did the first time). Root still works, safetynet STILL fails. BUT somehow PGo works nontheless. (?!)
#1 Why did safetynet check start to fail in the first place? Only thing that changed were some app-updates. No system / security update I know of, OTA is disabled anyways.
#2 Why does PGo work atm after seemingly unsuccessful reinstall of magisk (safetynet still fails...)?
Thanks for your input.
just be happy about that u can play POGO
Related
Hi all, I'm kinda new to learning how the SafetyNet API works, after learning that Pokemon GO and Android Pay use it.
I recently updated my phone to Android 6.0.1, which brought me back to full stock. I still had all of my root apps in, but Android Pay and Pokemon GO still worked with them installed. I re-rooted my phone to change the font, then removed root through SuperSU's "Full Unroot" method. After, I was able to add a card and withdraw from my bank account with my phone, and play the game without any trouble.
Seeing how my phone was working perfectly, I decided to flash the ElementalX Kernel, since I was running it before I updated to Marshmallow. I flashed it successfully and wiped all caches, and was running the new Kernel.
But now, PKGO and Android Pay refuse to work. The logical assumption would be to assume that ElementalX triggers the Safetynet API, but the developer's page says that it works with it. I also vaguely remember that I was able to play PKGO shortly after flashing ElementalX, but I can't remember if I played the game before flashing ElementalX, or after.
What would cause the Safetynet API to trigger? Running SafetyNet Helper tells me that the CTS Profile Match failed, and SafetyNet Playground says that the API call verification failed.
timex987 said:
Hi all, I'm kinda new to learning how the SafetyNet API works, after learning that Pokemon GO and Android Pay use it.
I recently updated my phone to Android 6.0.1, which brought me back to full stock. I still had all of my root apps in, but Android Pay and Pokemon GO still worked with them installed. I re-rooted my phone to change the font, then removed root through SuperSU's "Full Unroot" method. After, I was able to add a card and withdraw from my bank account with my phone, and play the game without any trouble.
Seeing how my phone was working perfectly, I decided to flash the ElementalX Kernel, since I was running it before I updated to Marshmallow. I flashed it successfully and wiped all caches, and was running the new Kernel.
But now, PKGO and Android Pay refuse to work. The logical assumption would be to assume that ElementalX triggers the Safetynet API, but the developer's page says that it works with it. I also vaguely remember that I was able to play PKGO shortly after flashing ElementalX, but I can't remember if I played the game before flashing ElementalX, or after.
What would cause the Safetynet API to trigger? Running SafetyNet Helper tells me that the CTS Profile Match failed, and SafetyNet Playground says that the API call verification failed.
Click to expand...
Click to collapse
Okay, after doing numerous experiments, it was the ElementalX Kernel that was triggering the SafetyNet API.
Kind of a shame, because the development page for ElementalX said that it worked with Android Pay, but I guess Google's always updating it to detect any changes in phone configuration. Kinda surprising that the SafetyNet API doesn't trigger when BusyBox is installed; I would expect it to detect it since it modifies the system a bit, but I guess not.
Oh well. Pokemon GO and Android Pay are working now. Updating to Marshmallow really took away any reason for me to root my phone, so I guess I'll just be using Stock everything for now...
D:
Hi there
Two issues/problems here:
I rebranded my Oreo European MHA-L09 successfully to MHA-L29, everything went perfectly. Then I proceeded to flash RR. SafetyNet however is not helping : CTS mismatch doesn't seem to wanna go away. I tried everything I could find, Magisk does nothing, unrooting : same, can't relock bootloader (root is risk)... kindabummed as it even blocks Spotify from showing up in Play Store. After a week of proding, I'v given up.
So I go back to stock, and whaddayaknow, everything goes fine except... bootloader won't relock : root is risk. I tried reflashing using HWOTA, like, a billion times, couldn't get HiSuite to help either, can't really figure out how to use download mode - most tutorials I found were for P10 - sooooo... yeah.
Any ideas when it come to relocking bootloader (in a stock rom or nah) and passing SafetyNet when a GSI is flashed?
SomeRandomEngi said:
Hi there
Two issues/problems here:
I rebranded my Oreo European MHA-L09 successfully to MHA-L29, everything went perfectly. Then I proceeded to flash RR. SafetyNet however is not helping : CTS mismatch doesn't seem to wanna go away. I tried everything I could find, Magisk does nothing, unrooting : same, can't relock bootloader (root is risk)... kindabummed as it even blocks Spotify from showing up in Play Store. After a week of proding, I'v given up.
So I go back to stock, and whaddayaknow, everything goes fine except... bootloader won't relock : root is risk. I tried reflashing using HWOTA, like, a billion times, couldn't get HiSuite to help either, can't really figure out how to use download mode - most tutorials I found were for P10 - sooooo... yeah.
Any ideas when it come to relocking bootloader (in a stock rom or nah) and passing SafetyNet when a GSI is flashed?
Click to expand...
Click to collapse
So, bootloader relock won't happen if any of the stock images don't match exactly to what the system expects. (If it does, you brick.)
On any ROM, provided it passes the basicIntegrity check, Magisk, possibly with the universal props fix module, will get SN passing. (If it doesn't pass basicIntegrity in the first place, that's another thing, and Magisk can't fix that.)
irony_delerium said:
So, bootloader relock won't happen if any of the stock images don't match exactly to what the system expects. (If it does, you brick.)
On any ROM, provided it passes the basicIntegrity check, Magisk, possibly with the universal props fix module, will get SN passing. (If it doesn't pass basicIntegrity in the first place, that's another thing, and Magisk can't fix that.)
Click to expand...
Click to collapse
Thank you so much for your answer! I already tried installing huawei props fix but it doesn't want to flash - /data/magisk is not configure proprerly even after multiple reinstalls apparently - and when it comes to MagiskHide Props Config, I can't seem to find a fingerprint for the Mate 9. Would using the Mate 10's cause issues?
SomeRandomEngi said:
Thank you so much for your answer! I already tried installing huawei props fix but it doesn't want to flash - /data/magisk is not configure proprerly even after multiple reinstalls apparently - and when it comes to MagiskHide Props Config, I can't seem to find a fingerprint for the Mate 9. Would using the Mate 10's cause issues?
Click to expand...
Click to collapse
Near as I've been able to tell, the fingerprint only makes a difference to things like SafetyNet. You can add the fingerprint for the Mate 9 if you want, obviously, but you could just as easily use one swiped from anywhere else and it would work just the same.
How are you attempting to install Magisk? I've only ever done it, personally, through Magisk Manager, using "Patch boot image" or "Direct install". With the bugs that recently appeared (Magisk Manager 5.8, Magisk 16.6, saw lots of softbricks due to direct install or install via TWRP - it was unconditionally patching something it shouldn't have), I've been telling people to use Patch Boot Image in Magisk Manager always.
irony_delerium said:
Near as I've been able to tell, the fingerprint only makes a difference to things like SafetyNet. You can add the fingerprint for the Mate 9 if you want, obviously, but you could just as easily use one swiped from anywhere else and it would work just the same.
How are you attempting to install Magisk? I've only ever done it, personally, through Magisk Manager, using "Patch boot image" or "Direct install". With the bugs that recently appeared (Magisk Manager 5.8, Magisk 16.6, saw lots of softbricks due to direct install or install via TWRP - it was unconditionally patching something it shouldn't have), I've been telling people to use Patch Boot Image in Magisk Manager always.
Click to expand...
Click to collapse
Okay, thanks! Yeah, I installed it from TWRP. Gonna redo the install then.
Also, I just noticed that Bluetooth does not work - it doesn't even activate for some reason - so I'll probably restart from ,yet another, clean flash. Thank you so much for your help!
I'm still on 47.1.A.5.51 and was having some issues with my phone frequently restarting itself and I tried updating Magisk from 14.3 to 18.0 and TWRP from 3.1.1.0 to 3.2.X.X (can't remember offhand). It seems to have stopped the rebooting issue but now DRM fix doesn't seem to work anymore. I am using the kernel and fix provided by shoey63.
I did consider updating to Pie but it seems that there's still a bunch of bugs and stuff. Also couldn't find a proper step by step guide of what the flash order is for it to not lose userdata.
Help would be much appreciated. I just need to hold on to this device for another couple of months before XZ4.
EDIT: It's Magisk that is causing the problem, updating it makes the rebooting issue disappear. Can't update because the free version of DRM fix isn't updated for the newer versions of Magisk.
EDIT2: To heck with it, I installed the DRM and kernel from Janjan's thread even though my firmware is an older version and everything seems to work. It's on Magisk 17.1 and not the latest 18.0 but as long as it doesn't reboot it's mission accomplished for now. Bonus points because now it passes SafetyNet too.
Hi. Recently my safteynet started failing. I don't remeber exactly what modifcations I did at the time to cause it. I flashed the latest OOS from OnePlus so I would have no root or mods, and safteynet continues to report failed.
I really don't feel like wiping my data. Does anyone have any suggestions?
The mods I have installed at some point via magisk are, edxposed, riru, and viper audio effects.
Thank You!
Nuzzlet said:
Hi. Recently my safteynet started failing. I don't remeber exactly what modifcations I did at the time to cause it. I flashed the latest OOS from OnePlus so I would have no root or mods, and safteynet continues to report failed.
I really don't feel like wiping my data. Does anyone have any suggestions?
The mods I have installed at some point via magisk are, edxposed, riru, and viper audio effects.
Thank You!
Click to expand...
Click to collapse
The safetynet fail during no root time is likely because of the still unlocked bootloader. Edxposed does no longer pass safetynet. Im currently running OOS 10.3.1 with magisk while passing safetynet
Having the same issue man.
Latest beta, with root, but failing safetynet.
not sure where to go from here. I remember having this same issue a while back but "safetypatcher" fixed me right up....but it's not on the magisk repo any more
Crom4rtie said:
The safetynet fail during no root time is likely because of the still unlocked bootloader. Edxposed does no longer pass safetynet. Im currently running OOS 10.3.1 with magisk while passing safetynet
Click to expand...
Click to collapse
How are you passing safteynet with root & unlocked bootloader?
turdbogls said:
Having the same issue man.
Latest beta, with root, but failing safetynet.
not sure where to go from here. I remember having this same issue a while back but "safetypatcher" fixed me right up....but it's not on the magisk repo any more
Click to expand...
Click to collapse
Just found this: https://github.com/kam821/safetypatch/releases/tag/v4.0.1
about to re root and flash with magisk hide. I'll update this thread. Might be worth a try for you as well.
Thanks for the idea!
Update. the SafteyPatcher above did not work. I am trying MagiskHidePropsConfig now, however I am failing BasicIntegrity and CTS, which I believe means theres probably something else going on. Not really sure what to do.
Edexposed does bypass safetynet I'm on oos 10.3.2
J0nhy said:
Edexposed does bypass safetynet I'm on oos 10.3.2
Click to expand...
Click to collapse
What did you do to make it pass? I already included GSF and Play Services from the blacklist.
All my problems resolved when i uninstall Magisk, and return to PIE....
is the manager hidden and play services in the hide list (should be by default)
also check that avb and preserve encryption are ticked on the front page. Normally these should allow you to pass.
If you are still failing then there is probably some mod/previous installation of root apps on the phone causing this to trip snet.
Hi everyone.
I have a rooted Poco F2 with magisk 21.2 and TWRP on stock MIUI rom 12.0.4.
I had passed SafetyNet by hiding magisk manager and enabling the magisk hide props module but literally one morning I woke up with a message from Google Pay saying the phone can't be used for transactions.
I checked SafetyNet again and it indeed failed. BasicIntegrity passed and evalType was set to BASIC but ctsProfile failed.
Since I've been trying to fix it by formatting the phone entirely, flashing the stock rom from scratch and re-applying everything but i still get the same issue. I've also tried several different fingerprints from the props module but ctsProfile check always fails.
Does anyone have any clue what might've happened? I didn't mess with any setting or allow any automatic updates when i got the fail message from Google Pay.
Thanks in advance!
moxalis said:
Hi everyone.
I have a rooted Poco F2 with magisk 21.2 and TWRP on stock MIUI rom 12.0.4.
I had passed SafetyNet by hiding magisk manager and enabling the magisk hide props module but literally one morning I woke up with a message from Google Pay saying the phone can't be used for transactions.
I checked SafetyNet again and it indeed failed. BasicIntegrity passed and evalType was set to BASIC but ctsProfile failed.
Since I've been trying to fix it by formatting the phone entirely, flashing the stock rom from scratch and re-applying everything but i still get the same issue. I've also tried several different fingerprints from the props module but ctsProfile check always fails.
Does anyone have any clue what might've happened? I didn't mess with any setting or allow any automatic updates when i got the fail message from Google Pay.
Thanks in advance!
Click to expand...
Click to collapse
That method doesn't work anymore.
try this https://github.com/kdrag0n/safetynet-fix/releases/tag/v1.1.0
Dadovvv said:
That method doesn't work anymore.
try this https://github.com/kdrag0n/safetynet-fix/releases/tag/v1.1.0
Click to expand...
Click to collapse
That seems to have fixed it! Thank you so much.
Is there a sub-forum somewhere where I could've been updated that the method I was using isn't working anymore?
[TUTORIAL] WORKING FIX FOR SAFETYNET / CTS PROFILE FAILED
Alright , here we go again . Steps to follow : 1. Open Magisk and select modules tab 2. Install Module for Android 11 - (https://t.me/XiaomiEUCloud/156) For Android 10 - (https://t.me/XiaomiEUCloud/158) from Storage 3. Reboot your Device Done . [emoji3544] UPDATE : NO NEED TO FLASH THIS ON...
xiaomi.eu