[Magisk] SafetyNet pass #116
Comments
|
I've cracked this one! There's no super-fancy detection going on here - on my OnePlus 6 I managed to pass SafetyNet by doing the following: 1.) Install Magisk 16.4 (nothing special here - no fancy builds needed.) 5.) Set the fingerprint with the following keys (pressing enter after each): 5.) Enable Improved hiding: (after further investigation - this isn't needed) 6.) Add/edit custom props: (after further investigation - this isn't needed) 7.) Script settings: 8.) Reboot: After this SafetyNet passed perfectly for me so it looks like the SafetyNet issue is just entirely based on what is in the build.prop for any given device. Fix those and it passes straight away. 👍 Further Investigation After some more digging - most of what I did above isn't needed - the problem seems to be that by default the "MagiskHide Props Config" module runs using late_start service which for some reason on your GSI images doesn't seem to work. Changing that to post-fs-data as its "boot stage" and it works perfectly by simply setting a valid fingerprint and setting it to post-fs-data, reboot and you're done. Looks like fixing this one would actually be much simpler than expected - there must be an issue between this GSI and how the "late_start service" setup works in Magisk. At least now we know where to look but for now - switching to post-fs-data fixes the problem! |
|
This investigation of yours helped a ton mate! |
|
@cawilliamson 7th step didnt worked for me?? it says input a valid command..i'm totally new to this kindly help! Also my improved hiding is disabled by default and cant enable it as it says everything is safe! Also in step number 5-pressing enter after each mean could u explain the steps properly? I just copy pasted your thing! |
|
@vineet1122 Copy/pasting wont work dude. As for step 5 - skip it - if you read next to it - I wrote this step isn't needed (just left there for the purposes of the bug report.) The key thing is step 7 is to change from late_start service to post-fs-data. The numbers may have changed but with that info you should be able to adapt them for your needs. Hope that helps! |
|
the "MagiskHide Props Config" module has been updated, |
On newer versions, i skipped the step 7, and on 6, set boot-stage to post |
|
This fix is not working anymore, tried on Magisk 22.1 :( |
Ok so I've read a lot of conflicting points of view on this but from my research around the Interwebs it seems that a few things are true:
1.) This GSI doesn't currently pass SafetyNet due to "ctsProfile: false" meaning a CTS profile mismatch.
2.) Magisk will absolutely never pass out-of-the-box on a GSI without any tweaking at all unless one is made specifically for a single device or has a release fingerprint ID of a working device.
3.) Play Store will always show "Uncertified" while SafetyNet is not passing.
4.) MOST IMPORTANTLY Some folks DO have MagiskHide working on GSI / Treble images by using the "MagiskHide Props Config", running "su", then "propts" and selecting their device to install its release key to build.prop
So in short - the problem I'm seeing is that this GSI can not pass CTS profile but other GSI images can ( such as https://forum.xda-developers.com/project-treble/trebleenabled-device-development/8-1-0-pixel-experience-t3796011 ) as multiple comments and screenshots provide proof of.
This also appears to affect all Phh based builds so I can only assume the issue is in one of the base repos rather than distro-specific.
The text was updated successfully, but these errors were encountered: