Related
I've been rooting my Android phones since about 2012, but today I got a point of sale card reader for my business and I'm not having any luck hiding root from the app (square reader app). The app wont work at all so I tried a number of options in magisk manager (magisk hide the app, hide magisk manager, enable core mode only) rebooting between each try and clearing the square reader app data and setting it up fresh each time, but still no luck
I tried to uninstall magisk but the app still didn't work. So I eventually flashed back to stock and got rid of magisk all together, now the app works but I don't have root...
I tried installing magisk again after I got the app to work and hiding root from the app before I opened it up again, but it still somehow knew the device was rooted
Can anyone suggest anything I haven't tried? Or is there an alternative to rooting the OnePlus 6 (other than magisk) and hiding root? I had a bit of a look around but didn't find anything.
Thanks
I had to go back to 18.0, heard 18.2 works as well.
qbanlinxx said:
I had to go back to 18.0, heard 18.2 works as well.
Click to expand...
Click to collapse
Thanks for your reply. I tried with 18.0, damn, it still doesn't work, it still picks up that the phone is rooted
I tried the 18.2 canary build as well (18.2-e72c6685) no luck either
This app must be looking somewhere out of the ordinary for evidence of root in the phone
I have a bank application and facing the same problem. Hope someone can help us to make applications run by hiding the root
I think recent applications are looking for if knox security is tripped !! so in this case Magisk will not help
Ooohhh had to subscribe to this as I face the exact same issue!! Been trying to get my Square reader to work for a while with root and could never figure out how they are detecting root. Using Pixel XL here
Google changed something in Safety Net in play services, it passes, yet for me, google pay fails. That COULD be the issue, though I read 18.2 fixes that. Another option I helped a friend with is if it's detecting magisk itself via the files, culprit here was pokemon go.
Try opening your Magisk settings, the tick "hide magisk manager" clear the repo cache, and rename or delete the MagiskManager folder on the root of your storage. Reboot, clear data from the square app, and try again. Keep in mind, you have to unhide magisk to update it.
Skreelink said:
Google changed something in Safety Net in play services, it passes, yet for me, google pay fails. That COULD be the issue, though I read 18.2 fixes that. Another option I helped a friend with is if it's detecting magisk itself via the files, culprit here was pokemon go.
Try opening your Magisk settings, the tick "hide magisk manager" clear the repo cache, and rename or delete the MagiskManager folder on the root of your storage. Reboot, clear data from the square app, and try again. Keep in mind, you have to unhide magisk to update it.
Click to expand...
Click to collapse
In my case, I dont think its detecting the files. The reason i say that is because I play Pokemon Go just fine with no issues. So whatever Square is doing, its something different then what PoGo is doing.
Idledev said:
In my case, I dont think its detecting the files. The reason i say that is because I play Pokemon Go just fine with no issues. So whatever Square is doing, its something different then what PoGo is doing.
Click to expand...
Click to collapse
I agree, I have no problem hiding magisk and root from other apps, the square reader app must be somehow different. I've even gone through my storage and deleted any files or folders that might suggest the phone is rooted, but still no luck...
I also went into battery optimization settings to stop magisk from being put to sleep (which might stop magisk hide from working..?), that didn't work either.
I've found a temporary workaround to my problem anyway, I realized that I can share my internet (wifi hotspot) with my ipod touch, this way square reader works as the ipod touch isn't jailbroken or modified. It just means I have to carry around my ipod touch with me, which is a better trade off for me than having a stock, non root phone
Managed to get it working today! Upgraded my Pixel XL to the Android Q beta. By doing this, I had to run Magisk canary build. Installed square, enabled Magisk hide, rebooted and it worked fine! Not sure if the Android Q beta has anything to do with it,but give the canary builds of Magisk a try
Idledev said:
Managed to get it working today! Upgraded my Pixel XL to the Android Q beta. By doing this, I had to run Magisk canary build. Installed square, enabled Magisk hide, rebooted and it worked fine! Not sure if the Android Q beta has anything to do with it,but give the canary builds of Magisk a try
Click to expand...
Click to collapse
That's awesome! What canary build did you use?
I tried the latest build a few weeks ago and it didn't work for me
Build 18120
Idledev said:
Build 18120
Click to expand...
Click to collapse
No luck for me...
I updated to the latest canary build, cleared all data from square reader app, selected magisk hide, rebooted the device. After it booted up I tried to run it and it still detected root. I have a feeling that the OnePlus OS does something that doesn't totally allow me to hide root from the square reader app. It's annoying because for other apps root can be hidden
Maybe there's something in the Android Q build that lets you hide root better
Something that seems reliable right now on 18.1, Pixel Experience and OOS :
Combine Magisk Hide with Magisk "Core Mode". This seems to do the trick for now, Google Pay is triggered with normal mode, but works in Core Mode. Same for Snapchat and banking apps like N26.
But within this, you can't use any module.
kage00 said:
I also went into battery optimization settings to stop magisk from being put to sleep (which might stop magisk hide from working..?), that didn't work either.
Click to expand...
Click to collapse
This is always a good idea, on OOS at least, Magisk being optimized sometimes prevents the granting of root rights to apps, it never reacts to kernel applications requesting root on startup for example.
There's an issue with Googlypay services apparently. You need to downgrade it (remove factory updates) so it's down to version 14.something and then it should work.
You need to disable admin rights and background data to try to prevent autoupdates as well. This thread may be useful?
https://forum.xda-developers.com/ap...e-pay-magisk-discussion-t3906703/post79155616
DaveW1972 said:
There's an issue with Googlypay services apparently. You need to downgrade it (remove factory updates) so it's down to version 14.something and then it should work.
You need to disable admin rights and background data to try to prevent autoupdates as well. This thread may be useful?
https://forum.xda-developers.com/ap...e-pay-magisk-discussion-t3906703/post79155616
Click to expand...
Click to collapse
Hmm, I'm running the magisk xXx ROM and google pay is completely debloated/removed. when I get a spare half hour I might try removing the xXx module and flashing back to stock and following the advice in that thread. I'll let you know how it goes
kage00 said:
Hmm, I'm running the magisk xXx ROM and google pay is completely debloated/removed. when I get a spare half hour I might try removing the xXx module and flashing back to stock and following the advice in that thread. I'll let you know how it goes
Click to expand...
Click to collapse
Ummm yeah.. then the problem doesn't lie within Google pay it lies within the modifications that you are using.
I have to say I have never had any issues with Google pay or Android pay or any banking app using magisk. I don't even have to hide anyting. Of course I'm also not using any modified ROMs or kernels either
Hi guys,
I have this issue for a couple years now and I just cannot find a solution!
Google Pay, and 4 banking app from two different countries work fine with my 1+6 (stock ROM OOS 9.0.9 with magisk 19.4 - 7.3.4) but Square does not.
Did anyone find a solution?
Magisk config:
Magisk hide
Two modules OOS phone record and youtube
No core mode
All banking app and Square hidden
Hi everyone,
I'm curious if anyone has gotten the SuperSU root method running on this phone. I know that magisk exists but snapchat has problems with magisk for some reason so I would prefer to use SuperSU instead. I already have the latest twrp installed if that helps at all. Flashing the SuperSU zip doesn't seem to do anything so I'm hoping somebody has figured this out already.
Thanks,
TomatoesOnBluRay
TomatoesOnBluRay said:
Hi everyone,
I'm curious if anyone has gotten the SuperSU root method running on this phone. I know that magisk exists but snapchat has problems with magisk for some reason so I would prefer to use SuperSU instead. I already have the latest twrp installed if that helps at all. Flashing the SuperSU zip doesn't seem to do anything so I'm hoping somebody has figured this out already.
Thanks,
TomatoesOnBluRay
Click to expand...
Click to collapse
just realized i put this in guides instead of questions and answers. Is there a way to move it? Serious noob here.
Do not think anyone has used SuperSU in a few years really. What is wrong with Snapchat and rooted with Magisk?
Snapchat wont get along with Supersu either. At least you could try to hide Magisk from Snapchat
I'm abit curious now, why would you prefer having supersu when magisk works the same way but even better?
schmeggy929 said:
Do not think anyone has used SuperSU in a few years really. What is wrong with Snapchat and rooted with Magisk?
Click to expand...
Click to collapse
it seems like supersu hasn't been updated in a couple years now, so you're absolutely correct. Snapchat keeps locking me out of my account for "using a third party app" even though I haven't been using a third party app. My guess is that it's detecting root somehow even when I have magisk hide enabled, magisk changed to manager, and xprivacylua restricting snapchat's access to files. I even tried using parallel space to copy snapchat into an isolated environment, but it doesn't even log in. It might have something to do with Oxygen OS, but I'm not sure. Although it's unlikely, I'm trying to see if there is a way to install SuperSU on this phone because I know snapchat works as it did on my old phone (if you log in before you root, of course). If it's not possible, I'll just have to figure something out.
TomatoesOnBluRay said:
it seems like supersu hasn't been updated in a couple years now, so you're absolutely correct. Snapchat keeps locking me out of my account for "using a third party app" even though I haven't been using a third party app. My guess is that it's detecting root somehow even when I have magisk hide enabled, magisk changed to manager, and xprivacylua restricting snapchat's access to files. I even tried using parallel space to copy snapchat into an isolated environment, but it doesn't even log in. It might have something to do with Oxygen OS, but I'm not sure. Although it's unlikely, I'm trying to see if there is a way to install SuperSU on this phone because I know snapchat works as it did on my old phone (if you log in before you root, of course). If it's not possible, I'll just have to figure something out.
Click to expand...
Click to collapse
You need to Magisk hide Snapchat. Go to menu(top left, 3 lines) click Magisk Hide. Scroll to Snapchat and check it. Clear data for Snapchat. Log back in.
schmeggy929 said:
You need to Magisk hide Snapchat. Go to menu(top left, 3 lines) click Magisk Hide. Scroll to Snapchat and check it. Clear data for Snapchat. Log back in.
Click to expand...
Click to collapse
I did this but it didn't work, it still locks my account. Snapchat seems to have some weird form of detection that can't be worked around.
TomatoesOnBluRay said:
I did this but it didn't work, it still locks my account. Snapchat seems to have some weird form of detection that can't be worked around.
Click to expand...
Click to collapse
Weird, never had an issue with Snapchat and was always rooted.
I used to have the same issue with snapchat until I started using the Magisk Beta versions, since then I haven't had that issue at all. Which version of Magisk are you using?
TomatoesOnBluRay said:
I did this but it didn't work, it still locks my account. Snapchat seems to have some weird form of detection that can't be worked around.
Click to expand...
Click to collapse
Get it up and running, create a backup with titanium and when you are on magisk, restore the data.
Thats how i used to do it when it wouldnt let me log in. But I havent had the issue for years with magisk. Ensure you are using the current and ensure you pass safety net.
After two years being stuck on an unrooted phone (Huawei), I'm thrilled to have everything working on OP7 x TWRP x Magisk.
On several threads I have read suggestions of Xposed modules that could be interesting, and saw that @topjohnwu published a thread with an Xposed installer apk and Xposed module for Magisk, which sounds amazing.
My question is: on OnePlus, does this work well, or would it be asking for trouble? The last thing I want now that everything is working is to make a wrong move that gets me into boot loops.
Also, if this is confirmed to work well, I see that there are several Xposed modules in the Magisk download section.
Is it "Xposed Framework, v90-beta3 created by rovo89"? Or the Tai Chi one, or the Riru ones?
Thanks for any advice!
Use edxposed, no problems so far for me
My biggest question is with Snapchat. I've read people getting banned because of using Xposed (even if no Snapchat specific module's are used).
Can anyone confirm or deny this? I just want to use it for a couple of modules like Amplify.
Its a bad idea! Snapchat thinks you use 3rd party app... Been locked out 3 times now...
In case this can help someone else, I should let you know that trying to install the "Xposed Framework v90-beta3 by rovo89" from inside Magisk has brought me a lot of heartaches (boot loop, factory reset, still struggling to get a stable system back).
Maybe the problem is not related to that module specifically, but here is what happened. It seemed to install, but when I looked at it in the "Modules" section, every section said "unknown". So I flagged it for deletion, and on reboot the phone entered a boot loop.
I tried to uninstall the module via mm, but it didn't show. So I uninstalled Magisk via Magisk-Uninstall in TWRP. The phone booted, but when I reinstalled Magisk, the boot loop restarted.
Since then, I have done two factory resets: one via the basic TWRP "Wipe", one via OOS / Settings / System. Each time, some files from before are left on the SD card. I thought that the problem was solved, but after two hours working to set up the phone (not downloading Magisk modules, just Apps from the Play Store), I got a new boot loop. Luckily this time I had done a backup. But will be looking for a way to do a more "aggressive" factory reset.
Anyhow, maybe I installed the wrong Xposed, but thought I'd share my experience.
who ah way said:
In case this can help someone else, I should let you know that trying to install the "Xposed Framework v90-beta3 by rovo89" from inside Magisk has brought me a lot of heartaches (boot loop, factory reset, still struggling to get a stable system back).
Maybe the problem is not related to that module specifically, but here is what happened. It seemed to install, but when I looked at it in the "Modules" section, every section said "unknown". So I flagged it for deletion, and on reboot the phone entered a boot loop.
I tried to uninstall the module via mm, but it didn't show. So I uninstalled Magisk via Magisk-Uninstall in TWRP. The phone booted, but when I reinstalled Magisk, the boot loop restarted.
Since then, I have done two factory resets: one via the basic TWRP "Wipe", one via OOS / Settings / System. Each time, some files from before are left on the SD card. I thought that the problem was solved, but after two hours working to set up the phone (not downloading Magisk modules, just Apps from the Play Store), I got a new boot loop. Luckily this time I had done a backup. But will be looking for a way to do a more "aggressive" factory reset.
Anyhow, maybe I installed the wrong Xposed, but thought I'd share my experience.
Click to expand...
Click to collapse
That isn't edexposed and isn't supported on pie
Arden144 said:
That isn't edexposed and isn't supported on pie
Click to expand...
Click to collapse
Thank you!
Will try edexposed on the next install, after backing up.
Ha, looking in Magisk / Downloads / Search / Xposed, I see two versions of EdXposed:
- Riru - EdXposed v0.4.5.1_beta(4463) (SandHook)
- Riru - EdXposed v0.4.5.1_beta(4463) (YAHFA)
Which one for OP7: SandHook, or YAHFA?
Thanks in advance.
who ah way said:
Ha, looking in Magisk / Downloads / Search / Xposed, I see two versions of EdXposed:
- Riru - EdXposed v0.4.5.1_beta(4463) (SandHook)
- Riru - EdXposed v0.4.5.1_beta(4463) (YAHFA)
Which one for OP7: SandHook, or YAHFA?
Thanks in advance.
Click to expand...
Click to collapse
Either. I used YAHFA with no issues for what i needed. Then i tried SandHook out of curiosity and found no difference.
Asking for trouble
Thank you both.
After TWRP backup, installed edexposed which involved three steps:
- riru exexposed core module (in Magisk)
- riru edexposed module by yahfa (Magisk)
- edexposed installer app (from GitHub)
EdXposedInstaller_v2.2.4-release.apk
https://github.com/solohsu/XposedInstaller/releases
System rebooted, SafetyNet status OK in Magisk.
As far as y'all know is this list of modules known to work on OP7?
Wouldn't even know where to start… But curious.
Edit: when I went to do a new Backup, the TWRP menu was unusual (it asked new questions about modifying the system). Decided to backpedal and restore to before exposed installation.
In the end, I just don't know enough to understand what risks I'm taking. In the hands of an expert user, it's probably safe, in mine, it's asking for trouble.
"Can't load Android system" and "Factory data reset" tried and does not work
Hi all,
I bought a Pixel 3a, unlocked the bootloader, upgraded it to Android 10, and then tried to root it with Magisk. I must somehow have missed a step because now the phone only boots to:
Android Recovery
google/sargo/sargo
9/PQ3B.190801.002/5674421
user/release-keys
Use volume up/down and power.
Can't load Android system. Your data may be corrupt. If you continue to get this message, you may need to perform a factory data reset and erase all user data stored on this device.
Try again
Factory data reset
If I "Try again" I end up in the same place after a long time with the Google logo and a reboot. If I "Factory data reset" I also end up in the same place.
My desktop has adb and fastboot, and was able to access the phone until the failed attempt at rooting. Now it does not detect the phone despite the system "bleeping" as if it has found a new device:
>adb devices
* daemon not running; starting now at tcp:5037
* daemon started successfully
List of devices attached
>adb devices
List of devices attached
Is there a way out of this mess?
FD
You're still on P by what recovery says. 0801 image. PQ3B is P. You want QP1A. Please try downloading the recent Q image and follow the official instructions from Google in the link and try again.
https://developers.google.com/android/images
Uzephi said:
You're still on P by what recovery says. 0801 image. PQ3B is P. You want QP1A. Please try downloading the recent Q image and follow the official instructions from Google in the link and try again.
https://developers.google.com/android/images
Click to expand...
Click to collapse
Thank you very much! Using the flash-all script I have managed to get my phone back. I have flashed the original Android 9 the phone came with.
Now, one further question, are there some good (as in unlikely to brick my phone again) instructions on how to root my Pixel 3a? I believe that Android 9 is preferred when using Magisk to Android 10, and I do not mind staying with Android 9, but I would like some instructions on how to root it without bricking it again.
Again, thanks for your prompt reply.
Yours,
FD
Frederick Davies said:
Thank you very much! Using the flash-all script I have managed to get my phone back. I have flashed the original Android 9 the phone came with.
Now, one further question, are there some good (as in unlikely to brick my phone again) instructions on how to root my Pixel 3a? I believe that Android 9 is preferred when using Magisk to Android 10, and I do not mind staying with Android 9, but I would like some instructions on how to root it without bricking it again.
Again, thanks for your prompt reply.
Yours,
FD
Click to expand...
Click to collapse
I followed this guide. it's for a pixel 3 but it's exactly the same for a 3a. There is no TWRP for 10 so doing it this way is the only way for now.
https://android.gadgethacks.com/how-to/root-your-pixel-3-android-10-0200295/
Just use magisk to patch Android 10 boot IMG and Flash it and your rooted on Android 10
Frederick Davies said:
Now, one further question, are there some good (as in unlikely to brick my phone again) instructions on how to root my Pixel 3a? I believe that Android 9 is preferred when using Magisk to Android 10, and I do not mind staying with Android 9, but I would like some instructions on how to root it without bricking it again.
Again, thanks for your prompt reply.
Yours,
FD
Click to expand...
Click to collapse
I have created a (IMHO) very thorough quide on how to root your Pixel 3a. It walks you through rooting with both Android Pie and Android 10 with very clear and precise steps. If you have any questions about it, feel free to post in that thread or reach out to me via a direct message.
There is no limitation on using Magisk or rooting under Android 10. The only thing you cannot do with Android 10 is use TWRP, but that isn't a deal breaker. TWRP is good for making backups of your OS, but as you have found you can still recover from just about any situation using the Google factory images, so while a backup might be beneficial at times, it isn't a necessity. Personally I would definitely recommend using Android 10 because Pie isn't being updated by Google anymore, so you are going to be behind on security updates, etc if you stick with Pie.
Watch this video and you shouldn't have any problems
sic0048 said:
I have created a (IMHO) very thorough quide on how to root your Pixel 3a. It walks you through rooting with both Android Pie and Android 10 with very clear and precise steps. If you have any questions about it, feel free to post in that thread or reach out to me via a direct message.
Click to expand...
Click to collapse
Very detailed indeed, but I still have a question: in your instructions you seem to boot into TWRP to install Magisk, but you do NOT install TWRP itself, just boot it for the installation of Magisk. Is that correct? Why?
sic0048 said:
There is no limitation on using Magisk or rooting under Android 10. The only thing you cannot do with Android 10 is use TWRP, but that isn't a deal breaker. TWRP is good for making backups of your OS, but as you have found you can still recover from just about any situation using the Google factory images, so while a backup might be beneficial at times, it isn't a necessity. Personally I would definitely recommend using Android 10 because Pie isn't being updated by Google anymore, so you are going to be behind on security updates, etc if you stick with Pie.
Click to expand...
Click to collapse
I am going through all this rigmarole to be able to install XPrivacyLua through the Xposed Framework, but the instructions for Xposed (https://www.xda-developers.com/xposed-framework-hub/) seem to indicate you need TWRP as a requisite, hence I think am stuck with Android P (9.0).
On the other hand, I get conflicting information as to whether Xposed for Magisk does (https://www.xda-developers.com/xposed-framework-hub/) or does not (https://forum.xda-developers.com/xposed/unofficial-systemless-xposed-t3388268) pass SafetyNet. Most confusing...
FD
Frederick Davies said:
Very detailed indeed, but I still have a question: in your instructions you seem to boot into TWRP to install Magisk, but you do NOT install TWRP itself, just boot it for the installation of Magisk. Is that correct? Why?
FD
Click to expand...
Click to collapse
There is no need to install or boot into TWRP (btw. there is even no working TWRP for Android 10 yet) to install Magisk. It's sufficents to install Magisk Manager on your phone and patch the boot.img extracted from the factory image. Just follow the instructions which have been quoted here in the thread already.
AndDiSa said:
There is no need to install or boot into TWRP (btw. there is even no working TWRP for Android 10 yet) to install Magisk. It's sufficents to install Magisk Manager on your phone and patch the boot.img extracted from the factory image. Just follow the instructions which have been quoted here in the thread already.
Click to expand...
Click to collapse
Dear AndDisa,
As I said, I am rooting my Pixel 3a because I want to install XPrivacyLua, which requires the Xposed Framework; and to install Xposed with Magisk, it lists TWRP as a pre-requisite (see "Method 2: Magisk" in https://www.xda-developers.com/xposed-framework-hub/). Since it seems there is some kind of reluctance to use/install TWRP in this thread, I am asking why that is so. I understand it is possible to install Magisk without TWRP, I am just asking "why?"
Again, thank you all for your help.
FD
TWRP doesn't work on Android 10 at this point so you can't flash it.
Frederick Davies said:
Dear AndDisa,
As I said, I am rooting my Pixel 3a because I want to install XPrivacyLua, which requires the Xposed Framework; and to install Xposed with Magisk, it lists TWRP as a pre-requisite (see "Method 2: Magisk" in https://www.xda-developers.com/xposed-framework-hub/). Since it seems there is some kind of reluctance to use/install TWRP in this thread, I am asking why that is so. I understand it is possible to install Magisk without TWRP, I am just asking "why?"
Again, thank you all for your help.
FD
Click to expand...
Click to collapse
If you read closely in the guide sic linked, he does state the TWRP method is only for P because you can't use TWRP on 10. It is the way partitions are handled in 10 where you really can't read your internal storage and it would have to require a code rework. Until that's done, no TWRP.
Edit: quote from twrp developer about it. https://twrp.me/site/update/2019/10/23/twrp-and-android-10.html
https://github.com/ElderDrivers/EdXposed/pull/354
https://github.com/ElderDrivers/EdXposedManager/releases
You can flash xposed without TWRP. Just install edxposed by downloading and installing through magisk and install the edxposed manager. You don't need TWRP
Frederick Davies said:
Very detailed indeed, but I still have a question: in your instructions you seem to boot into TWRP to install Magisk, but you do NOT install TWRP itself, just boot it for the installation of Magisk. Is that correct? Why?
FD
Click to expand...
Click to collapse
As other have noted, TWRP does not work with Android 10. However, I also wanted to answer your question because it is valid.....
With Android Pie (9), you cannot permanently install TWRP unless you first flash a custom kernel that supports LZMA compression. Using the stock kernel, you can load TWRP using ADB and use it just like normal, but when you reboot the phone TWRP will not be loaded anymore. My instructions are about rooting the phone and not about installing TWRP permanently on the phone and therefore I provided the simplest method to accomplish that goal.
Most custom kernels have been updated with LZMA support, but you should really read the TWRP thread for more information on how to permanently install TWRP on Android Pie
Dear All,
Thank you for all your help and explanations concerning my questions.
I have now rooted my Pixel 3a running Android 9 following the instructions supplied (no TWRP installation), and It seems that Magisk is installed and happy (at least it thinks it is and FX has root access), but I am afraid that EdXposed and XPrivacyLua are not working as expected.
After Magisk, I installed the "Riru - Core" and "Riru - EdXposed (YAHFA)" modules. I then installed the "EdXposed Framework (YAHFA)" (giving the EdXposed Installer superuser privileges; EdExposed reports it is installed and active), and the XprivacyLua module inside it. But now Magisk complains that the SafetyNet checks are failing (this coincides with installing XPrivacyLua, but it is the only module I have in EdXposed), and XPrivacyLua is not actually blocking anything at all (that is, even when I supposedly block access to some functions, the apps just go ahead and use them).
Why do I get the impression Google does not want people to root their phones?
Yours,
FD
Frederick Davies said:
Dear All,
Thank you for all your help and explanations concerning my questions.
I have now rooted my Pixel 3a running Android 9 following the instructions supplied (no TWRP installation), and It seems that Magisk is installed and happy (at least it thinks it is and FX has root access), but I am afraid that EdXposed and XPrivacyLua are not working as expected.
After Magisk, I installed the "Riru - Core" and "Riru - EdXposed (YAHFA)" modules. I then installed the "EdXposed Framework (YAHFA)" (giving the EdXposed Installer superuser privileges; EdExposed reports it is installed and active), and the XprivacyLua module inside it. But now Magisk complains that the SafetyNet checks are failing (this coincides with installing XPrivacyLua, but it is the only module I have in EdXposed), and XPrivacyLua is not actually blocking anything at all (that is, even when I supposedly block access to some functions, the apps just go ahead and use them).
Why do I get the impression Google does not want people to root their phones?
Yours,
FD
Click to expand...
Click to collapse
It is most certainly the things you have installed that are breaking the SafetyNet check. I don't know anything about XprivacyLua, but I would assume there is a support thread here on XDA for it. I would read that support thread and see if there is a solution to the Safetynet issue.
Dear All,
OK, I have now rooted my Pixel 3a: I am running Android 9, and I flashed Magisk (Magisk Manager version 7.4.0; Magisk version 20.1) without installing TWRP as per the instructions. Then I installed the Riru - Core (version 10) and Riru - Ed Exposed (version 0.2.8_beta) modules, which allowed me to install EdXposedInstaller (version 2.2.5). I am currently running Xposed Framework (version 90.0-0.2.8) with XPrivacyLua (version 1.25).
The result is that XPrivacyLua is working with a few caveats: the SafetyNet Check fails both the ctsProfile and basicIntegrity checks (this is triggered by XPrivacyLua, not (Ed)Xposed), and when I limit access of WhatsApp to the Contacts list, there are constant errors whenever WhatsApp tries to read it (though it seems to work as expected). Also, the Contacts list keeps disappearing from the Contacts app itself, despite WhatsApp actually seeing those contacts in there (go figure).
Other apps that require root (like FX) are working as expected.
In the end, I have decided that since I am not interested in using my mobile for Google Pay, I will have to live with it as it is now, but I have a couple of points for others that may want to follow in my footsteps (this is not necessarily related to the method of rooting; those who helped me here are certainly not at fault for the following):
1. XPrivacyLua is in no way as capable and easy to use as XPrivacy was (XPrivacy is the main reason why I am rooting my phone). If I could install Android 4 on my Pixel 3a, I would do so and go back to XPrivacy (my venerable Nexus 5's second battery is shot, so I had to get new hardware). There is nothing in Android 9 that I actually need that was not there in Android 4.
2. We really need a Nexus Toot Toolkit for Pixel phones. The multitude of versions and steps required in rooting them successfully is too much for those like me who will root their phone for one or two apps and then leave it as it is. I know that these forums are really for tinkerers who want to extract the maximum from their hardware, and hence my point of view is not representative here, but I just want a mobile that will not spy on me, the rest is irrelevant to me.
I guess I will have to open a thread in the XPrivacyLua forums to see if I can sort out my problems, but I would like to thank you all for your help in getting me here and answering my questions (no matter how pointless they may have seemed).
Yours,
FD
Frederick Davies said:
Dear All,
OK, I have now rooted my Pixel 3a: I am running Android 9, and I flashed Magisk (Magisk Manager version 7.4.0; Magisk version 20.1) without installing TWRP as per the instructions. Then I installed the Riru - Core (version 10) and Riru - Ed Exposed (version 0.2.8_beta) modules, which allowed me to install EdXposedInstaller (version 2.2.5). I am currently running Xposed Framework (version 90.0-0.2.8) with XPrivacyLua (version 1.25).
The result is that XPrivacyLua is working with a few caveats: the SafetyNet Check fails both the ctsProfile and basicIntegrity checks (this is triggered by XPrivacyLua, not (Ed)Xposed), and when I limit access of WhatsApp to the Contacts list, there are constant errors whenever WhatsApp tries to read it (though it seems to work as expected). Also, the Contacts list keeps disappearing from the Contacts app itself, despite WhatsApp actually seeing those contacts in there (go figure).
Other apps that require root (like FX) are working as expected.
In the end, I have decided that since I am not interested in using my mobile for Google Pay, I will have to live with it as it is now, but I have a couple of points for others that may want to follow in my footsteps (this is not necessarily related to the method of rooting; those who helped me here are certainly not at fault for the following):
1. XPrivacyLua is in no way as capable and easy to use as XPrivacy was (XPrivacy is the main reason why I am rooting my phone). If I could install Android 4 on my Pixel 3a, I would do so and go back to XPrivacy (my venerable Nexus 5's second battery is shot, so I had to get new hardware). There is nothing in Android 9 that I actually need that was not there in Android 4.
2. We really need a Nexus Toot Toolkit for Pixel phones. The multitude of versions and steps required in rooting them successfully is too much for those like me who will root their phone for one or two apps and then leave it as it is. I know that these forums are really for tinkerers who want to extract the maximum from their hardware, and hence my point of view is not representative here, but I just want a mobile that will not spy on me, the rest is irrelevant to me.
I guess I will have to open a thread in the XPrivacyLua forums to see if I can sort out my problems, but I would like to thank you all for your help in getting me here and answering my questions (no matter how pointless they may have seemed).
Yours,
FD
Click to expand...
Click to collapse
Cool story bro
This is a tutorial on how to set up your phone so that you can consistently pass SafetyNet. Note that all this is from my own experience, and if what works on one device blows up another, that's not my problem and I'm not responsible for that. I will attempt to keep this tutorial as clean and simple as possible, but if you have any further questions that are more specific you are welcome to ask.
In order to be as simple as possible to understand, this guide assumes the following:
- You have a PC. Windows, Mac, the almighty Linux, it makes no difference.
- You have the android platform tools on your PC
- Your device has an unlocked bootloader.
- Your device does not have support for signature spoofing.
- Your device does not have Google's official play services on it.
- You have a working brain.
If one or more of the above is incorrect, you'll have to make more use of the last item on the list.
If the last item on the list is incorrect, you're beyond hope.
Now, the guide:
Step 1: Get some magisk on your phone
Setting up magisk is incredibly simple, and I won't be going into detail here. I would recommend installing the regular magisk app and patching your boot image, as that is what I've done.
Note that you do not need the magisk manager app for this guide at all.
I've attached the magisk app I used to this post. You'll need to install the app and make use of the "install" section of the home page.
Once magisk is installed and set up, you'll need to enable zygisk in the magisk settings. Then reboot.
Step 2: Installing MicroG
I am not going to list through all the possible way you can install microG. Instead, have a link to microG's wiki:
index - MicroG
r/MicroG: Subreddit about microG, a free-as-in-freedom re-implementation of Google’s proprietary Android user space apps and libraries. This …
www.reddit.com
Now here comes the important bit:
From everything I have seen, it appears clear that google stores information about each device that registers with it, and that this in turn will affect SafetyNet.
Therefore, the best way to prevent this leading to SafetyNet failing is to prevent connection with google completely - till the phone is ready.
Before you install microG, make sure your phone has both wifi and data turned off. Leave these off till the setup is complete. Note that only the phone needs to be disconnected, nothing else matters.
In essence, this means that google sees nothing till your device is setup correctly, and then SafetyNet has nothing to complain about.
Now that you've read every word of the above paragraph, go ahead and install microG on your phone.
Make sure you've got all the different components: Core, GSF Framework, FakeStore, and DroidGuard helper. If your installation method does not handle all of this for you, then it sucks, and you shouldn't have used it. Regardless, you can find apks for all of these at https://microg.org/
Step 3: Don't touch
As I've already made clear above, do not change any microG settings at this point. Don't enable device registration (if it's disabled), don't enable safetynet, and just generally leave microG settings alone for now. Oh yeah, and don't turn on wifi or data.
Step 4: Tricking SafetyNet
Everything up till now has just been preparation for actually tricking SafetyNet. So now that we've got all that out the way, let's get down to details:
First, downloads:
Download the latest zip: https://themagisk.com/magiskhide-props-config/
Download the latest zygisk zip: https://themagisk.com/universal-safetynet-fix/
Move these over to your phone and install them both as magisk modules.
Once these modules are installed and you've rebooted, connect your phone to your pc.
Open a terminal/command prompt in your platform tools folder, and type "adb shell props". You may need to grant the superuser permission from your phone.
Then choose option 1.
You'll then need to choose a device from the list available.
The key here is that we need to spoof our device fingerprint, so google thinks the device is certified, even if it actually isn't.
If your device is approved by google, then simply select your device model.
If not, things get a bit more unclear. Not every fingerprint will work for every device - If your device is vastly different from the one you are trying to spoof things may not always work correctly. The best advice I can give here is to choose a device that matches yours as closely as possible. As an example: if your device is made by Xiaomi but is not approved by google, I would select a fingerprint belonging to a Xiaomi device.
Keep in mind that if you try a fingerprint that does not work, you cannot simply switch it to something else and try again, as the SafetyNet history for the device has to be clean.
Once you've spoofed your device fingerprint and rebooted, you're almost ready to test out SafetyNet and google sign in. But first:
Step 5: Do you need signature spoofing?
To ensure things work as smoothly as possible, it's important to make sure you have signature spoofing working before you test SafetyNet. If you've got your own solution to that great. If not:
The first thing I have to point out is that a lot of sigspoof methods on google nowadays are outdated and semi-functional at best, working for a handful of devices. As this guide is intended to be a universal solution regardless of your device, the only answer is lsposed and fakegapps.
Download the latest zygisk zip: https://themagisk.com/lsposed/
Transfer it to your phone and install it as a magisk module.
I've attached the full lsposed manager apk to this post, as the parasitic one sucks. Install it and the fakegapps apk which I've also attached to this post.
You'll now need to enable fakegapps, and turn it on for anything that might need access to spoofing. This includes the system framework, all the microG stuff, and any app that needs to be fooled by microg. Then reboot.
Step 6: Ready to test
Everything should now be set up correctly.
Check the microG settings to make sure signatures are correctly being spoofed.
Enable device registration (if disabled).
Enable SafetyNet attestation.
At this point your phone should still be completely disconnected from the internet.
If you're happy everything is set up correctly, turn on your wifi or data, and test SafetyNet attestation.
Step 7: Done.
Hopefully you now have working SafetyNet and google sign in. If this does work for you, it means that safetynet is now stable on your device, and you are free to install whatever you want on it.
If it didn't work, keep in mind that this hasn't been tested on every device in existence. All I know is that this consistently works for me.
If your phone doesn't turn on, you probably need to charge it.
If your phone has exploded, you probably have a Samsung.
Thanks everyone for reading my guide, I hope you enjoyed! (Maybe it even worked)
RESERVED FOR STUFF
Your guide is well made but I have some things I would change.
1) Since everything has to be done offline and adb is used in linux installation at least I would recommend adding an tip with adb push ~/Downloads/safetynet-tools.zip /storage/emulated/0/Downloads.
Furthermore cause of it I recommend attaching a single zip with
tools so they can be moved easily to the device.
2) there is missing Information: you said in the guide that safety net trips extremely easily. During the entire process the device cant be connected to the internet but what if you want to install another app. For example what if you want to install another app later lets say Netflix for example. I know for a fact it requires safetynet. It would be configured automatically will it? This would conclude to permanetley lock safety net till its reinstalled.
hypethetime said:
Your guide is well made but I have some things I would change.
1) Since everything has to be done offline and adb is used in linux installation at least I would recommend adding an tip with adb push ~/Downloads/safetynet-tools.zip /storage/emulated/0/Downloads.
Furthermore cause of it I recommend attaching a single zip with
tools so they can be moved easily to the device.
Click to expand...
Click to collapse
Hi, I think you may have misunderstood slightly. Only the phone has to be offline, you can still connect it to a PC and download the files on the PC. The only important thing is that the device doesn't communicate with google till you are ready for it to.
hypethetime said:
2) there is missing Information: you said in the guide that safety net trips extremely easily. During the entire process the device cant be connected to the internet but what if you want to install another app. For example what if you want to install another app later lets say Netflix for example. I know for a fact it requires safetynet. It would be configured automatically will it? This would conclude to permanetley lock safety net till its reinstalled.
Click to expand...
Click to collapse
Once the process is complete, you can install whatever else you want and safetynet will not stop working. The main thing is that the process of setting up the device so that it can be approved is very easy to mess up, so that part has to be done carefully.
I'll edit the guide to make these points more clear.
Sense_101 said:
Hi, I think you may have misunderstood slightly. Only the phone has to be offline, you can still connect it to a PC and download the files on the PC. The only important thing is that the device doesn't communicate with google till you are ready for it to.
Click to expand...
Click to collapse
I knew you always were able to use pc and you miss understood me. I at least often had the problem with transferring files for some reseason and for this adb push is extremey helpful.
Regarding instaling more apps thank you for the answer and how quickly it came.
Sense_101 said:
This is a tutorial on how to set up your phone so that you can consistently pass SafetyNet. Note that all this is from my own experience, and if what works on one device blows up another, that's not my problem and I'm not responsible for that. I will attempt to keep this tutorial as clean and simple as possible, but if you have any further questions that are more specific you are welcome to ask.
In order to be as simple as possible to understand, this guide assumes the following:
- You have a PC. Windows, Mac, the almighty Linux, it makes no difference.
- You have the android platform tools on your PC
- Your device has an unlocked bootloader.
- Your device does not have support for signature spoofing.
- Your device does not have Google's official play services on it.
- You have a working brain.
If one or more of the above is incorrect, you'll have to make more use of the last item on the list.
If the last item on the list is incorrect, you're beyond hope.
Now, the guide:
Step 1: Get some magisk on your phone
Setting up magisk is incredibly simple, and I won't be going into detail here. I would recommend installing the regular magisk app and patching your boot image, as that is what I've done.
Note that you do not need the magisk manager app for this guide at all.
I've attached the magisk app I used to this post. You'll need to install the app and make use of the "install" section of the home page.
Once magisk is installed and set up, you'll need to enable zygisk in the magisk settings. Then reboot.
Step 2: Installing MicroG
I am not going to list through all the possible way you can install microG. Instead, have a link to microG's wiki:
index - MicroG
r/MicroG: Subreddit about microG, a free-as-in-freedom re-implementation of Google’s proprietary Android user space apps and libraries. This …
www.reddit.com
Now here comes the important bit:
From everything I have seen, it appears clear that google stores information about each device that registers with it, and that this in turn will affect SafetyNet.
Therefore, the best way to prevent this leading to SafetyNet failing is to prevent connection with google completely - till the phone is ready.
Before you install microG, make sure your phone has both wifi and data turned off. Leave these off till the setup is complete. Note that only the phone needs to be disconnected, nothing else matters.
In essence, this means that google sees nothing till your device is setup correctly, and then SafetyNet has nothing to complain about.
Now that you've read every word of the above paragraph, go ahead and install microG on your phone.
Make sure you've got all the different components: Core, GSF Framework, FakeStore, and DroidGuard helper. If your installation method does not handle all of this for you, then it sucks, and you shouldn't have used it. Regardless, you can find apks for all of these at https://microg.org/
Step 3: Don't touch
As I've already made clear above, do not change any microG settings at this point. Don't enable device registration (if it's disabled), don't enable safetynet, and just generally leave microG settings alone for now. Oh yeah, and don't turn on wifi or data.
Step 4: Tricking SafetyNet
Everything up till now has just been preparation for actually tricking SafetyNet. So now that we've got all that out the way, let's get down to details:
First, downloads:
Download the latest zip: https://themagisk.com/magiskhide-props-config/
Download the latest zygisk zip: https://themagisk.com/universal-safetynet-fix/
Move these over to your phone and install them both as magisk modules.
Once these modules are installed and you've rebooted, connect your phone to your pc.
Open a terminal/command prompt in your platform tools folder, and type "adb shell props". You may need to grant the superuser permission from your phone.
Then choose option 1.
You'll then need to choose a device from the list available.
The key here is that we need to spoof our device fingerprint, so google thinks the device is certified, even if it actually isn't.
If your device is approved by google, then simply select your device model.
If not, things get a bit more unclear. Not every fingerprint will work for every device - If your device is vastly different from the one you are trying to spoof things may not always work correctly. The best advice I can give here is to choose a device that matches yours as closely as possible. As an example: if your device is made by Xiaomi but is not approved by google, I would select a fingerprint belonging to a Xiaomi device.
Keep in mind that if you try a fingerprint that does not work, you cannot simply switch it to something else and try again, as the SafetyNet history for the device has to be clean.
Once you've spoofed your device fingerprint and rebooted, you're almost ready to test out SafetyNet and google sign in. But first:
Step 5: Do you need signature spoofing?
To ensure things work as smoothly as possible, it's important to make sure you have signature spoofing working before you test SafetyNet. If you've got your own solution to that great. If not:
The first thing I have to point out is that a lot of sigspoof methods on google nowadays are outdated and semi-functional at best, working for a handful of devices. As this guide is intended to be a universal solution regardless of your device, the only answer is lsposed and fakegapps.
Download the latest zygisk zip: https://themagisk.com/lsposed/
Transfer it to your phone and install it as a magisk module.
I've attached the full lsposed manager apk to this post, as the parasitic one sucks. Install it and the fakegapps apk which I've also attached to this post.
You'll now need to enable fakegapps, and turn it on for anything that might need access to spoofing. This includes the system framework, all the microG stuff, and any app that needs to be fooled by microg. Then reboot.
Step 6: Ready to test
Everything should now be set up correctly.
Check the microG settings to make sure signatures are correctly being spoofed.
Enable device registration (if disabled).
Enable SafetyNet attestation.
At this point your phone should still be completely disconnected from the internet.
If you're happy everything is set up correctly, turn on your wifi or data, and test SafetyNet attestation.
Step 7: Done.
Hopefully you now have working SafetyNet and google sign in. If this does work for you, it means that safetynet is now stable on your device, and you are free to install whatever you want on it.
If it didn't work, keep in mind that this hasn't been tested on every device in existence. All I know is that this consistently works for me.
If your phone doesn't turn on, you probably need to charge it.
If your phone has exploded, you probably have a Samsung.
Thanks everyone for reading my guide, I hope you enjoyed! (Maybe it even worked)
Click to expand...
Click to collapse
I have a Samsung galaxy note 10 plus running LineageOS 19.1. I'ts unlocked, and rooted with Magisk. Is there something about Samsung phones that are more likely to "explode" trying to install MicroG?
WheelingPigeon said:
I have a Samsung galaxy note 10 plus running LineageOS 19.1. I'ts unlocked, and rooted with Magisk. Is there something about Samsung phones that are more likely to "explode" trying to install MicroG?
Click to expand...
Click to collapse
Yeah, that's a joke
WheelingPigeon said:
I have a Samsung galaxy note 10 plus running LineageOS 19.1. I'ts unlocked, and rooted with Magisk. Is there something about Samsung phones that are more likely to "explode" trying to install MicroG?
Click to expand...
Click to collapse
Samsung phones have a history of "blowing" up. First they were actually dangerous in very few cases but now they can expand and pop of the back of your phone. As long as you switch the battery then your safe to use it.
AOSP Rom (signature spoofing unsupported, without MicroG installer)
After Root install patch for spoofing via NanoDroid Patcher
Open Magisk settings -> Enable Zygisk + Enforce DenyList, install module MagiskHide Props Config -> reboot
Open Termux or ADB, type su to set root permission then type props (option 1)
Install MicroG via APK or offical F-Droid app, grant Signature spoofing permission
If you want using play store, install patched version (F-Droid add repo NanoDroid)
Open MicroG Settings -> Self-Check -> make sure all box checked
Turn on Google device registration, Google SafetyNet, if CTS fail then install Universal SafetyNet Fix
Install magisk module App Systemizer, Busybox for Android NDK to change MicroG to system app