How to pass safetynet with unlocked bootloader? - Essential Phone Guides, News, & Discussion

I unlocked the bootloder and flashed the newest phhusson gsi build (AOSP 11.0 v300.j) like it is explained in the Android 11 Preview thread: https://forum.xda-developers.com/t/android-11-preview.4056465/post-83872053
Now I have the problem, that I cannot pass the "basic integrity" and "CTS profile match" check and can't use apps that require it to pass.
Does anybody know how to solve this problem on the essential phone?

Related

MIUI 10 Global Beta ROM 8.10.18 OEM Unlocking Information, Displayed Incorrectly

Hei
i updated to this version coming from Miui 10 global beta 8.7.26.
with China TWRP and MAGISK 17.3 ... works perfectly
but in the developer options i see ...
Allow OEM Unlock (is active), normally the field (icon) is grayed
and below
MI unlock status ...
the device is locked ...
I click on add account with device, i see Mi account and device are now connected .....
but OEM Unlock is 1000% open (and was on Miui 10 global beta 8.7.26 displayed as well) otherwise I would not have TWRP and Magisk
Is this a BUG, ​​or does MIUI just have a status/server problem?
Please look at your versions once what is there ... and reports
THANK YOU
Kind regards
I think it may because that Magisk will cheat your ROM that the bootloader is locked in order to pass SafetyNet.

Any way to fake a locked bootloader?

I have a (non-essential) app that I can not make to work on my new phone with the following error message:
Integrity check failed
Modifications on your phone have been detected. The app can not be used due to security reasons.
Details: The device is checked for signs of root access, respectively if the bootloader is unlocked. For these checks only local elements are used, no data is submitted to external services.
Click to expand...
Click to collapse
This is on a POCO X3 NFC with unlocked bootloader, custom ROM (ArrowOS 11) with microG (instead of Google Play Services) and stable Magisk (v22.0) with MagiskHide applied to that app. I have also already tried to freeze Magisk with AirFrozen, which is a trick that works on a problematic banking app, but that did not change anything.
The strange thing is, that the same app (and same app version) does not show that error on a OnePlus 6 with unlocked bootloader, custom ROM (LineageOS 16 for microG) and Magisk with MagiskHide applied to that app.
I have no idea what the difference may be any and how this is possible.
Any ideas?
https://github.com/kdrag0n/safetynet-fix check and download from release section if you want
etahamad said:
https://github.com/kdrag0n/safetynet-fix check and download from release section if you want
Click to expand...
Click to collapse
If you are replying to me, it's definitely not a SafetyNet issue, because my devices haven't passed SafetyNet since it stopped working with microG about a year (?) ago.

Note 10 security issue

Hi, i have not rroted my Mi note 10, but after a factory reset the phone now says im rooted/jailbroken.
This is secure banking apps and ID-apps.
Everything else works.
Root checker says i have no root, and Mi safety scan says all ok.
MIUI 13.0.1 stable (13.0.1.0 RFDEUXM)
Android: 11 RKQ1.200826.002
I tried to unlock the bootloader by following this guide: https://www.hardreset.info/devices/...-pro/faq/faq/xiaomi-bootloader-unlock-miui10/
Then Xiaomi said I had to wait 72hours. It seems like the apps think i'm rooted already, although only the waiting time has passed.
(I have not unlocked bootloader yet, nor installed any rom)
What should I do?
Heeeelp
Unlocking The Bootloader is enough of the Banking and other high profile apps to stop working on a phone in my personal experience.

OnePlus 8T Widevine Issues (L3 or L1 with bad system id)

I have an International KB2005 OnePlus 8T. I had it working great on official Evolution X, F15 firmware copied to both slots, rooted with Magisk Delta 6, passing SafetyNet, banking apps, streaming apps EXCEPT for Netflix. I turned on Netflix spoof in The Evolver settings but this only let it install, when I launched it it would just hang forever.
I checked my Widevine info with DRM info. At the time I had L1 but an invalid System ID (very long digit, way longer than 5 numbers but I don't remember.) I'm pretty sure that was the issue based on some conversations I had.
Ok so I want to fix my widevine giving it L1 with a valid system ID. So I do the "nuclear" option and msmtool back to OOS 11.0.7.9. msmtool completes successfully, bootloader is locked but now widevine is L3 with System ID 8159.
I don't have any original backup files from the phone, I also didn't try the older msmtool to the earlier OOS release. What is the correct way to not only get L1 widevine with a valid system ID on OOS, but what's the correct procedure to unlock bootloader, install a ROM and still retain L1?
TL;DR: how to get L1 widevine with valid system id on KB2005?
I was on the same page as you. I tried searching everywhere and didn't find about it anywhere. There isn't any way to fix the system id as of now. However there is a workaround to get netflix working, if thats what you are trying to do.
Step 1: MSMtool back to oos 11.0
Step 2: Unlock bootloader. (it changes the system id to 4 digit number which is L1 secrity)
Step 3: Install netflix and other apps that dont work with broken system ID. Log in your account.
Step 4: Update your rom.
System ID breaks but your apps works fine.
AstronxD said:
I was on the same page as you. I tried searching everywhere and didn't find about it anywhere. There isn't any way to fix the system id as of now. However there is a workaround to get netflix working, if thats what you are trying to do.
Step 1: MSMtool back to oos 11.0
Step 2: Unlock bootloader. (it changes the system id to 4 digit number which is L1 secrity)
Step 3: Install netflix and other apps that dont work with broken system ID. Log in your account.
Step 4: Update your rom.
System ID breaks but your apps works fine.
Click to expand...
Click to collapse
So when going from OOS 11.0 to a custom ROM, are you suggesting to dirty flash and not wipe data (I always thought this was a terrible idea)? Or still do a clean flash of the ROM then re-install those apps and it will work?
It is a terrible for some ROM
Dopamin3 said:
So when going from OOS 11.0 to a custom ROM, are you suggesting to dirty flash and not wipe data (I always thought this was a terrible idea)? Or still do a clean flash of the ROM then re-install those apps and it will work?
Click to expand...
Click to collapse
I had tried restoring with titanium backup but the results were same, they dont work. So yeah dirty flash is a terrible idea for some rom while some ROM allow dirty flashing. I have only tested on updating ROM from OOS 11 to OOS 13 and its working.
AstronxD said:
It is a terrible for some ROM
I had tried restoring with titanium backup but the results were same, they dont work. So yeah dirty flash is a terrible idea for some rom while some ROM allow dirty flashing. I have only tested on updating ROM from OOS 11 to OOS 13 and its working.
Click to expand...
Click to collapse
I've never ever ever seen a ROM that doesn't require a wipe when going from stock to the ROM. However once you're on the ROM, you can usually dirty flash updates unless the maintainer specifically says a new build requires a clean flash. Maybe this would work if there was a modified ROM based on OOS.
I appreciate your responses, but OOS 13 is the worst version of Android I've ever tried. I guess my dream of getting the 8T working with an A13 AOSP/LOS based ROM is still dead (with the valid L1 cert, otherwise it works fine).
I'm sticking with Pixels from now on. On every Pixel I've ever messed with (3a XL, 5a 5G RIP mobo, 6a, 7 Pro) I've been able to do anything- unlock the bootloader, try any custom ROM and/or kernel, use a custom recovery, have safetynet passing or failing and the valid L1 widevine cert just persists. Seems like a silly reason to dump OnePlus, but I need that valid L1 cert and I'm not willing to stay on the good, outdated OOS 11 or use the terrible, new OOS 13.

Question Pixel 7 pro

Pixel 7 pro running Android 13 device fingerprint for migisk hide props
Wut?
I need to pass the cts profile match on my device running a custom rom on Android 13. i tried the magisk hide props module but unfortunately there's no device fingerprint with Android 13.After a bit of research i came to know I can add a custom fingerprint, that's why I need a device fingerprint which has Android 13 running on it.
I hope you understand.
If you need SafetyNet to pass install SafetyNet Fix Magisk module. No idea why fingerprint doesn't work, works fine on Stock ROM. Im pretty sure you to read the OP from the custom ROm you are using, it will say Fingerprint works or not.

Categories

Resources