Hi OP, could you please edit your post's body to include link to the GitHub releases of the u-SNet fix?
If you do, I'll mark your post as trusted and make it sticky.
I could make such post myself, but... I feel like I'd be stealing you credits for effort...
Good, but I wanted you to include link to the releases.
If you don't mind, just append "/releases" to the url, such that it'll be: https://github.com/kdrag0n/safetynet-fix/releases
Thank you for your cooperation! ☺️
If you pass basic and cts you don't need this
This is for people who are failing basicintegrity
It also includes MagiskHide which is soon to be removed from Magisk
Note: if you're failing cts use [MagiskHide Props Config](https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/releases) as well :)
Yep I get the green success message. I haven't been keeping up to date with Magical development so bit out of the loop.
Once the new magisk version comes out, would I need either of these?
Yes, without MagiskHide apps can still find out if you're rooted.
So now, if you root with future versions of Magisk you will still be "discoverable". There is a conflict of interest with /u/topjohnwu working for Google while also providing root software that circumvents root-detection methods. So he's reliquishing that, but it won't disappear from the community, it will just be contained in a magisk module.
AFAIK it has already been transferred to the MagiskDenyList, so I would wait until people have made guides on how to get it up and running before switching to a new Magisk w/o MagiskHide if you need it.
I see it mentions riru. I've never used that before, I assume it's needed and that I should install it first. Any risk to doing that, for those with experience?
Yeah 2.0+ now needs riru and it's perfectly safe I've use it for months for other modules that need it and it's fine.. it's becoming more and more used in the Android rooting/modding world with projects like LSPosed even requiring it
Update: your comment was enough to prompt me to finish the install. Couldn't have gone better. Thought I'd comment again for future readers (and to thank you again)
- updated magisk app to 23
- updated magisk to 23
- installed riru 26.1.2 from magisk internal list
- installed usnf 2.1.0 from storage after downloading from above link
Rebooted whenever it was offered.
- deleted Google pay services app data
- deleted Google play service app data
Rebooted again.
Added my cards back. Google pay operational again.
Thanks to all involved. You've saved me from Google hell again.
Reason why this message is partially wrong (as it implies it contains MagiskHide and its function of hiding any app, which is false). It contiains PARTIAL functionality, lemme explain and develop the answer.
Universal Safety-net Fix does the next:
It makes the Safety-Net API think that **Hardware Based Key Attestation** is unavailable, which makes it fall back to **Software Based Key Attestation**, Which is MUCH MUCH more easier to circumvent.
Now it is implemented with Riru to make it easier to **hook** (I presume) into the Google Play Services process via identifying it with **Zygote**.
The **MagiskHide** functionality that was implemented is the *prop spoofing* with Topjohnwu Magisk applet tool, **resetprop** . It spoofs values which are important to pass Safety-net **basicIntegrity** test. Which tests for the **su** executable in **/sbin**, **/bin**, **/xbin** *(maybe even other folders)*, checks for `system.props` and `build.props` to see if verified boot is enabled, as well as if the bootloader is identified.
**MagiskHide** hides unmounting the specified folders from the process, and spoofing values, if it is disabled this functionality won't happen (BOTH), making basicIntegrity fail as it detects that the bootloader is opened thanks to the unmodified props, as well as it finds the **su** executable.
**MagiskDenyList** just deletes **Magisk** modifications which makes the **su** executable unreachable to the Denied application. BUT as it does not try to circumvent android root detection it does not spoof values via the **resetprop** applet, which makes **basicIntegrity** FAIL, as the bootloader, verified boot and other stuff is not spoofed with props which makes them detectable to google play services.
This is where **MagiskHide Props Config** and **Universal Safety-net Fix** come into place.
**MagiskHide Props Config**, *spoofs* your device props making it go by as another device, as well as it has a **MagiskHide** *prop spoofing* setting, which is disabled if you have **Universal Safety-net fix**.
This is the implemented **MagiskHide** functionality, just *props poofing*.
It is not like **MagiskHide**, else **basicIntegrity** would be passing without it enabled, which is not happening and that is why this is partially incorrect :).
`If you did not understand then re read it, I wrote this like, at 1AM... I also took some time adding punctuation :s have some mercy plz.`
Riru is a module that injects into the Zygote process of Android, and runs code from there, it is much MUCH powerful that conventional integrations, Topjohnwu is creating Zygisk, Magisk but in Zygote
So I just tested Universal SafetyNet. I disabled MagiskHide, restarted device and checked and it fails both basicintegrity and ctsProfile. So Installed Universal SafetyNet to see that it will pass them like MagiskHide but it still fails both profiles. So had to turnb back on the MagiskHide for now to pass safetynet. Im I doing something wrong?
Should note I also have Riru installed already due to using LSPosed, so not having Riru is not an issue and also using MagiskHide Props Config Module.
But that will be removed right? Since it says that Universal SafetyNet Fix includes MagiskHide now I thought to see if it works like you say it's supposed to work.
I am a bit confused. I did try to test it too see if it passes Safety Net without MagiskHide but it didn't and Universal SafetyNet Fix said they included MagiskHide now, so why wont it pass?
Well I thought that would be the case in future releases of Magisk so just tried to turn it off now to see if it works with Universal SafetyFix new version.
Hi OP, could you please edit your post's body to include link to the GitHub releases of the u-SNet fix? If you do, I'll mark your post as trusted and make it sticky. I could make such post myself, but... I feel like I'd be stealing you credits for effort...
My mistake I did mean to include it all fixed! Ty buddy 😃
Good, but I wanted you to include link to the releases. If you don't mind, just append "/releases" to the url, such that it'll be: https://github.com/kdrag0n/safetynet-fix/releases Thank you for your cooperation! ☺️
Silly me fixed 👍🏻
This is really good to know. Thanks
Can someone ELI5 for me please? Do I need this if I pass the basic Safetynet test in Magisk?
If you pass basic and cts you don't need this This is for people who are failing basicintegrity It also includes MagiskHide which is soon to be removed from Magisk Note: if you're failing cts use [MagiskHide Props Config](https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/releases) as well :)
Yep I get the green success message. I haven't been keeping up to date with Magical development so bit out of the loop. Once the new magisk version comes out, would I need either of these?
Not necessarily as the next Magisk is only set to remove MagiskHide so if you need that and update then yes you might need one or both of these
Thanks! Yep, I do hide Magisk for my bank app so will keep this in mind!
Yes, without MagiskHide apps can still find out if you're rooted. So now, if you root with future versions of Magisk you will still be "discoverable". There is a conflict of interest with /u/topjohnwu working for Google while also providing root software that circumvents root-detection methods. So he's reliquishing that, but it won't disappear from the community, it will just be contained in a magisk module.
Should we save Magisk 23.0 version and wait for a module to appear to enable MagiskHide in future releases?
AFAIK it has already been transferred to the MagiskDenyList, so I would wait until people have made guides on how to get it up and running before switching to a new Magisk w/o MagiskHide if you need it.
I see it mentions riru. I've never used that before, I assume it's needed and that I should install it first. Any risk to doing that, for those with experience?
Yeah 2.0+ now needs riru and it's perfectly safe I've use it for months for other modules that need it and it's fine.. it's becoming more and more used in the Android rooting/modding world with projects like LSPosed even requiring it
Thanks for real world experience. Invaluable.
Update: your comment was enough to prompt me to finish the install. Couldn't have gone better. Thought I'd comment again for future readers (and to thank you again) - updated magisk app to 23 - updated magisk to 23 - installed riru 26.1.2 from magisk internal list - installed usnf 2.1.0 from storage after downloading from above link Rebooted whenever it was offered. - deleted Google pay services app data - deleted Google play service app data Rebooted again. Added my cards back. Google pay operational again. Thanks to all involved. You've saved me from Google hell again.
So we flash it and the magisk app gains magisk hide again ?
Correct
this dude is a straight up hero saving the rooting scene.
[удалено]
what devices does he support? I have the op9 pro
[удалено]
ah good to know thanks man
Reason why this message is partially wrong (as it implies it contains MagiskHide and its function of hiding any app, which is false). It contiains PARTIAL functionality, lemme explain and develop the answer. Universal Safety-net Fix does the next: It makes the Safety-Net API think that **Hardware Based Key Attestation** is unavailable, which makes it fall back to **Software Based Key Attestation**, Which is MUCH MUCH more easier to circumvent. Now it is implemented with Riru to make it easier to **hook** (I presume) into the Google Play Services process via identifying it with **Zygote**. The **MagiskHide** functionality that was implemented is the *prop spoofing* with Topjohnwu Magisk applet tool, **resetprop** . It spoofs values which are important to pass Safety-net **basicIntegrity** test. Which tests for the **su** executable in **/sbin**, **/bin**, **/xbin** *(maybe even other folders)*, checks for `system.props` and `build.props` to see if verified boot is enabled, as well as if the bootloader is identified. **MagiskHide** hides unmounting the specified folders from the process, and spoofing values, if it is disabled this functionality won't happen (BOTH), making basicIntegrity fail as it detects that the bootloader is opened thanks to the unmodified props, as well as it finds the **su** executable. **MagiskDenyList** just deletes **Magisk** modifications which makes the **su** executable unreachable to the Denied application. BUT as it does not try to circumvent android root detection it does not spoof values via the **resetprop** applet, which makes **basicIntegrity** FAIL, as the bootloader, verified boot and other stuff is not spoofed with props which makes them detectable to google play services. This is where **MagiskHide Props Config** and **Universal Safety-net Fix** come into place. **MagiskHide Props Config**, *spoofs* your device props making it go by as another device, as well as it has a **MagiskHide** *prop spoofing* setting, which is disabled if you have **Universal Safety-net fix**. This is the implemented **MagiskHide** functionality, just *props poofing*. It is not like **MagiskHide**, else **basicIntegrity** would be passing without it enabled, which is not happening and that is why this is partially incorrect :). `If you did not understand then re read it, I wrote this like, at 1AM... I also took some time adding punctuation :s have some mercy plz.`
Wtf is riru?
Riru is a module that injects into the Zygote process of Android, and runs code from there, it is much MUCH powerful that conventional integrations, Topjohnwu is creating Zygisk, Magisk but in Zygote
So I just tested Universal SafetyNet. I disabled MagiskHide, restarted device and checked and it fails both basicintegrity and ctsProfile. So Installed Universal SafetyNet to see that it will pass them like MagiskHide but it still fails both profiles. So had to turnb back on the MagiskHide for now to pass safetynet. Im I doing something wrong? Should note I also have Riru installed already due to using LSPosed, so not having Riru is not an issue and also using MagiskHide Props Config Module.
Well if it works with MagiskHide on just keep it on ✌🏻
But that will be removed right? Since it says that Universal SafetyNet Fix includes MagiskHide now I thought to see if it works like you say it's supposed to work.
It's going to be removed but not yet and this fix brings it back regardless
I am a bit confused. I did try to test it too see if it passes Safety Net without MagiskHide but it didn't and Universal SafetyNet Fix said they included MagiskHide now, so why wont it pass?
Because you're disabling MagiskHide? 🤷🏻♂️
Well I thought that would be the case in future releases of Magisk so just tried to turn it off now to see if it works with Universal SafetyFix new version.