I'm currently running stock rom with Blu_spark kernel. I've been using magisk, lately updated to 14.3 version.
My problem is I can not pass SafetyNet check. Both ctsProfile and basicIntegrity are false.
I tried Universal SaftyNet Fix but it didn't help at all.
Is there any hope to pass it on stock rom?
Do you have Xposed installed?
Thanks, I completely forgot about it
The other safety net problem people are currently having with Magisk is that if you update Magisk within Magisk Manager some scripts needed to pass safety net are no longer installed by default. If you flash Magisk instead through TWRP it seems to install like normal and you don't need to perform additional steps to pass safety net.
How to fix safetynet? I am on aicp rom
I had a similar issue on citrus. I couldn't install any module either. All i did was install magisk again, but through magisk manager. Select direct install, let it patch again, and reboot. If it doesn't work, then you can always try flashing the universal safetynet fix from twrp.
After a long time using SuperSU, I switched to Magisk yesterday, for it's modules and of course Magisk Hide. So, starting with a full stock B414 rom, I unlocked my BL, installed OldDroid's TWRP and flashed Magisk 16.0 .
Everything went fine, I'm able to give root access to my apps. What I'm trying to do now is passing SafetyNet check.
I downloaded SafetyNet "attest" from the store and ran a test -> Basic integrity : false and CTS profile match -> false :crying:
Reading various tutorials, I enabled magisk hide, selected a few google apps to hide (store, services framework) , enabled Host systemless and magisk Core (rebooted my phone between these changes), cleared Store data. Regardless of what I've done, I keep failing at SafetyNet check. Did I miss something basic ? Did someone manage to pass safetynet on a P9 Lite with Nougat ?
EinderJam said:
After a long time using SuperSU, I switched to Magisk yesterday, for it's modules and of course Magisk Hide. So, starting with a full stock B414 rom, I unlocked my BL, installed OldDroid's TWRP and flashed Magisk 16.0 .
Everything went fine, I'm able to give root access to my apps. What I'm trying to do now is passing SafetyNet check.
I downloaded SafetyNet "attest" from the store and ran a test -> Basic integrity : false and CTS profile match -> false :crying:
Reading various tutorials, I enabled magisk hide, selected a few google apps to hide (store, services framework) , enabled Host systemless and magisk Core (rebooted my phone between these changes), cleared Store data. Regardless of what I've done, I keep failing at SafetyNet check. Did I miss something basic ? Did someone manage to pass safetynet on a P9 Lite with Nougat ?
Click to expand...
Click to collapse
Hello,
i used it some times ago...
Try to enable usb-debugging together with magisk/hide,
then reboot and see what happen.. ( this is what i done )
All the best
Thanks for your answer ! However, it didn't changed anything, safetynet check failed. Interesting fact, after rebooting, both magisk hide and usb debugging are disabled... Is this normal ?
EDIT : It's more than that, usb debugging gets disabled as soon as I quit settings
managed to fix this using another xda thread, but safetynet keeps failing and magisk hide is always disabled on startup
https://twitter.com/topjohnwu/status/1029239685338419200
Hi. I have a safety net issue after following the rooting tutorial on this post. (to be precise, safety net was fine, i got the issue when i tried to install edexposed)
I've got a "cts profile mismatch".
I tried to get rid of it, uninstall magisk, wipe system, but it's still there.
I would like to try to make a factory reset using an ota file, but i can't find my version of the system.
I was on SKYW1907110OS00MP3 and i updated to SKYW1911010OS00MP5. Does someone have a factory ota update.zip for one of this two version ?
There is the MagiskHide Props Config module ( https://forum.xda-developers.com/apps/magisk/module-magiskhide-props-config-t3789228 ) for fixing this kind of issue, but there is no build-in fingerprint for the blackshark 2.
I tried to get one within an OTA file, but i can't find it.
I really don't know if i can do a << adb push stock_boot_b.img /dev/block/bootdevice/by-name/boot_b >> to restore the unpatched version of my rom or if that will brick my phone (or maybe do nothing to solve my issue)
If anyone have an idea, it would be great. Thanks.
Flashing the stock boot image of the ROM currently installed in your device will not cause bootloop. Tried and tested.
To pass Safetynet, you don't need to flash MagiskHide Props Config module. It doesn't really make your device pass Safetynet at all.
To pass Safetynet with EdXposed, follow these steps:
1. Make sure you enable Magisk Hide in the Magisk app.
2. Rename your Magisk package (optional - for banking apps).
3. Flash the latest EdXposed module from this repo: https://ci.appveyor.com/project/ElderDrivers/edxposed/history (the EdXposed in the Magisk app is outdated, and it breaks Safetynet), and the latest EdXposed Manager here: https://github.com/ElderDrivers/EdXposedManager
4. Go to EdXposed Manager's settings and enable App List mode and Pass SafetyNet options, then reboot your device.
Now, the trickiest part (sort of):
5. Clear Google Services Framework, Google Play services, and Google Play Store's data, then check for Safetynet. Sometimes, it still fails after your first attempt so just repeat this step until it passes Safetynet.
That's all. All of these worked 100% on my CN-converted-to-Global Black Shark 2 device. Hope it will work on yours, too.
Woot, thanks a lot, i will try that right away.
[GUIDE] HOW TO UPDATE TO RUI 2.0 AND ROOT IT
--> Disclaimer: I'm not responsible if you brick your device. Use at your own risk and always backup your data! <--
0. Download linksF.14 OTA: Download
Magisk app: Download
OrangeFox beta: Download
ADB/Fastboot tool: Download
Patched boot.img: Find attached
vbmeta.img: Find attached
Patched safetynet fix: Find attached
1. Update your deviceUpdate your device to the latest firmware version (F.14). Therefor flash the provided OTA zip via stock recovery or OrangeFox beta recovery.
It is recommended to use the stock recovery. You can also update your device to the latest firmware by using the build in update function.
2. Root your deviceBoot into fastboot mode. To boot into fastboot mode, shut down your device and then press the volume down button while clicking on the power button.
Now you have successfully booted into fastboot mode. Connect your device with your computer and flash the patched boot.img and also disable verified boot.
Therefor just type following 3 commands:
1. fastboot flash boot patched_boot.img
2. fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
3. fastboot reboot
Your device should boot up. Now install the Magisk app and you have successfully rooted RUI 2.0.
3. Fix SafetynetInstall the patched "safetynet-fix-v.2.2.0-zip" module via Magisk. It will fix safetynet (Basic integrity and CTS). It works perfectly and won't brick your fingerprint etc. Thanks to @osm0sis
4. Get Widevine L1If you have unlocked your bootlader, Widevine will be set from L1 to L3. This will reduce the quality of certain streaming apps like Netflix from FullHD to SD quality.
However, you can get Widevine L1 back by contacting the Realme support. For more info, check the guide from @hack-os: Widevine L1 FIX
Reserved
DarkImperator said:
3. Fix Basic integrity check (Safetynet)Unfortunately, it is not possible to pass safetynet with rooted RUI 2.0. However, you can still pass basic integrity, which should be fine for most banking apps.
To do so, open the Magisk Manger app and click on the settings button on the top-right corner. Enable "Zygisk" and "Denylist". Then click on "Configure DenyList".
Click on the 3-dots on the top-right corner and select system-apps. Now search for "gms". You should find "Google Play Services". Click it and enable "com.google.android.gms" and "com.google.android.gms.unsuable". Now reboot your device and it should pass basic integrity.
Click to expand...
Click to collapse
I have rooted with magisk alpha and my snet passed easily.
To pass snet using magisk alpha:
1. Keep zygisk disabled.
2. Enable MagiskHide.
3. Configure DenyList for "com.google.android.gms" and "com.google.android.gms.unsuable" then reboot and done.
Eng.Raman said:
I have rooted with magisk alpha and my snet passed easily.
To pass snet using magisk alpha:
1. Keep zygisk disabled.
2. Enable MagiskHide.
3. Configure DenyList for "com.google.android.gms" and "com.google.android.gms.unsuable" then reboot and done.
Click to expand...
Click to collapse
Thanks for the info. I already tried it once with Magisk Alpha and the same settings as you, but CTS still failed. I'm gonna try it again and update the guide.
Edit: @Eng.Raman Unfortunately, it doesn't work. Installed Magisk Alpha, also cleaned all data of Google Play Store and Google Play Services multiple times and rebooted multiple times. But CTS still fails.
Do you maybe have installed some modules, like Riru or LPosed?
DarkImperator said:
Thanks for the info. I already tried it once with Magisk Alpha and the same settings as you, but CTS still failed. I'm gonna try it again and update the guide.
Edit: @Eng.Raman Unfortunately, it doesn't work. Installed Magisk Alpha, also cleaned all data of Google Play Store and Google Play Services multiple times and rebooted multiple times. But CTS still fails.
Do you maybe have installed some modules, like Riru or LPosed?
Click to expand...
Click to collapse
Don't dirty-flashing alpha over canary. completely uninstall magisk canary then clean install magisk alpha.
Yes ,I have installed some modules but they don't affect the test result, even without magisk and lsposed modules I have passed snet.
Eng.Raman said:
Don't dirty-flashing alpha over canary. completely uninstall magisk canary then clean install magisk alpha.
Yes ,I have installed some modules but they don't affect the test result, even without magisk and lsposed modules I have passed snet.
Click to expand...
Click to collapse
Yes, I know. That's exactly what I did. I uninstalled Magisk Canary completely including the app and went back to stock boot. Afterwards I installed Magisk alpha app, patched boot.img, flashed patched boot.img an rebooted.
Just a couple of minutes ago a new version of magisk alpha was released, and also with that version CTS fails.
Nevertheless, I found out something interesting. With Magisk Canary, CTS fails and Advice tells me to Lock bootloader. With Magisk Alpha CTS still fails, but I get no advice.
DarkImperator said:
Yes, I know. That's exactly what I did. I uninstalled Magisk Canary completely including the app and went back to stock boot. Afterwards I installed Magisk alpha app, patched boot.img, flashed patched boot.img an rebooted.
Just a couple of minutes ago a new version of magisk alpha was released, and also with that version CTS fails.
Nevertheless, I found out something interesting. With Magisk Canary, CTS fails and Advice tells me to Lock bootloader. With Magisk Alpha CTS still fails, but I get no advice.
Click to expand...
Click to collapse
What is your Momo app and magisk Detector results? Can you screenshot ?
Eng.Raman said:
What is your Momo app and magisk Detector results? Can you screenshot ?
Click to expand...
Click to collapse
Yes. Have installed both and attached the screenshots. Have not added any of those apps to my DenyList.
DarkImperator said:
Yes. Have installed both and attached the screenshots. Have not added any of those apps to my DenyList.
Click to expand...
Click to collapse
Your momo app shows " The environment is broken" and this is related to enabling MagiskHide.
To get rid of this message and to see full results either add config "app_zygote_magic" or install momohider-mod zip attached.
Eng.Raman said:
Your momo app shows " The environment is broken" and this is related to enabling MagiskHide.
To get rid of this message and to see full results either add config "app_zygote_magic" or install momohider-mod zip attached.
Click to expand...
Click to collapse
EDIT: @Eng.Raman had to install MomoHider and add config "app_zygote_magic". Now Momo gives me the message.
DarkImperator said:
Installed MomoHider, but it still said "The environment is broken". So I disabled MagiskHide. Only as MagiskHide was disabled, I received a message from Momo. Screenshot attached.
Click to expand...
Click to collapse
That's weird you can't even hide magisk and su file.
Eng.Raman said:
That's weird you can't even hide magisk and su file.
Click to expand...
Click to collapse
Yeah, Magisk alpha seems not to fix CTS on my device. Safetynet-fix (https://github.com/kdrag0n/safetynet-fix) does, but it also bricks my in-display fingerprint reader. So at the moment it seems like I can't bypass CTS.
DarkImperator said:
Yeah, Magisk alpha seems not to fix CTS on my device. Safetynet-fix (https://github.com/kdrag0n/safetynet-fix) does, but it also bricks my in-display fingerprint reader. So at the moment it seems like I can't bypass CTS.
Click to expand...
Click to collapse
My fingerprint also works well.
Are you tried to pass the snet with the latest USNF-2.1.2? May it works for you.
Eng.Raman said:
My fingerprint also works well.
Are you tried to pass the snet with the latest USNF-2.1.2? May it works for you.
Click to expand...
Click to collapse
Yes, USNF and safetynet-fix both brick my in-display-fingerprint.
With Magisk alpha/canary there is no issue with my fingerprint.
DarkImperator said:
Yes, USNF and safetynet-fix both brick my in-display-fingerprint.
With Magisk alpha/canary there is no issue with my fingerprint.
Click to expand...
Click to collapse
Try clean installing magisk custom it has MagiskHide without DenyList, builtin snet checker and online modules repo as magisk stable, the latest custom magisk build is 23015.
Eng.Raman said:
Try clean installing magisk custom it has MagiskHide without DenyList, builtin snet checker and online modules repo as magisk stable, the latest custom magisk build is 23015.
Click to expand...
Click to collapse
What exactly do you mean with Magisk custom? I was not able to find other 23015 builds than from topjohnwu and vbb2060
DarkImperator said:
What exactly do you mean with Magisk custom? I was not able to find other 23015 builds than from topjohnwu and vbb2060
Click to expand...
Click to collapse
TheHitMan7 Custom Magisk ( Github Link ) updated 6 hours ago.
Also he has two TG channles one named as "Magisk Custom" for downloading the debug builds and the 2nd one named as "Custom Magisk" for supporting and discussions.
Eng.Raman said:
TheHitMan7 Custom Magisk ( Github Link ) updated 6 hours ago.
Also he has two TG channles one named as "Magisk Custom" for downloading the debug builds and the 2nd one named as "Custom Magisk" for supporting and discussions.
Click to expand...
Click to collapse
With enabled Magisk Hide it will fix basic integrity check, but not CTS. And it also bricks my in-display-fingerprint. Guess I'll stay with Magisk Canary, till there might be an update to fix those issues.
Hello guys.
When trying to add my bank card in google pay, I have an error that this phone can't be used to pay because it's rooted.
jalal.sy said:
Hello guys.
When trying to add my bank card in google pay, I have an error that this phone can't be used to pay because it's rooted.
Click to expand...
Click to collapse
I have the same issue with my banking app that doesn't allow NFC payments even though I've done everything to hide root.