Develop Bugs

A520 2017, How to revert Knox to 0x0 from 0x1 after rooting

Hi,
can anyone help me to revert A520f 2017 Knox to 0x0.
Unfortunately I tried to Root my A5 2017, I am luckily successful to root my phone, but after that I realized that I will not receive OTA nor able to use sHealth app.
So I downloaded stock Rom and Totally re-flash everything(AP, BL, CSC...).... Although it remove the Custom recovery + super user etc. But when I tried to Open sHealth App, it saying that "Due to new Security Policy Samsung Health cannot be opened on a Rooted device. 0x110040581".
So, Is there any way available to reset everything means to bring it to zero position?

qazihamayun said:
Hi,
can anyone help me to revert A520f 2017 Knox to 0x0.
Unfortunately I tried to Root my A5 2017, I am luckily successful to root my phone, but after that I realized that I will not receive OTA nor able to use sHealth app.
So I downloaded stock Rom and Totally re-flash everything(AP, BL, CSC...).... Although it remove the Custom recovery + super user etc. But when I tried to Open sHealth App, it saying that "Due to new Security Policy Samsung Health cannot be opened on a Rooted device. 0x110040581".
So, Is there any way available to reset everything means to bring it to zero position?
Click to expand...
Click to collapse
Sorry cant help you with this but just one curious question. Is samsung pay also not working after rooting?
Sent from my SM-A720F using Tapatalk

cardozclive said:
Sorry cant help you with this but just one curious question. Is samsung pay also not working after rooting?
Click to expand...
Click to collapse
Samsung pay cannot work with knox tripped

ponkz said:
Samsung pay cannot work with knox tripped
Click to expand...
Click to collapse
Can you tell me is there any way available to use Samsung Health App. I am not worried about knox tripped nor warrenty clain... but worried about using default Application, OTA and Patch etc.
Would it possible use all these using root? Or any other way available..
Eg. I was using xposed in LG G3 which having small app like root clock. Which allow to fake those app which were not working on rooted device. But knox case seems different

qazihamayun said:
Can you tell me is there any way available to use Samsung Health App. I am not worried about knox tripped nor warrenty clain... but worried about using default Application, OTA and Patch etc.
Would it possible use all these using root? Or any other way available..
Eg. I was using xposed in LG G3 which having small app like root clock. Which allow to fake those app which were not working on rooted device. But knox case seems different
Click to expand...
Click to collapse
If you want to hide root, use Magisk su instead.

ashyx said:
If you want to hide root, use Magisk su instead.
Click to expand...
Click to collapse
No I dont want to hide root explicitly , I just want to use Samsung Health Application, if there is any way available to by pass the error message
"Due to new Security Policy Samsung Health cannot be opened on a Rooted device. 0x110040581".
Kindly tell me, either by hiding the Root Or Editing any file

qazihamayun said:
No I dont want to hide root explicitly , I just want to use Samsung Health Application, if there is any way available to by pass the error message
"Due to new Security Policy Samsung Health cannot be opened on a Rooted device. 0x110040581".
Kindly tell me, either by hiding the Root Or Editing any file
Click to expand...
Click to collapse
I just told you, to bypass apps that detect root you need Magisk su.
https://forum.xda-developers.com/showpost.php?p=71154562&postcount=4

There is no way to restore knox, so... rip Shealt

Yes eFuse Chip is to blame....
Gesendet von meinem SM-A520F mit Tapatalk

qazihamayun said:
Can you tell me is there any way available to use Samsung Health App. I am not worried about knox tripped nor warrenty clain... but worried about using default Application, OTA and Patch etc.
Would it possible use all these using root? Or any other way available..
Eg. I was using xposed in LG G3 which having small app like root clock. Which allow to fake those app which were not working on rooted device. But knox case seems different
Click to expand...
Click to collapse
You are able to use samsung health after rooting.
you have to be rooted again and i would recommend using TWRP + Magisk to root so it is systemless and you can still pass safetynet after rooting.
you will need to download TWRP, Magisk v12.0, dm-verity patch.
1. put magisk v12.0 and dm-verity patch onto the sdcard in the phone
2. flash TWRP
3. boot into recovery and swipe to allow modifications.
4. under wipe there should be a button to format data (its in the bottom right). you will need to do this to flash magisk and dm verity.
5. flash dm verity and THEN magisk
6a. boot into phone and complete setup to get to home page.
6b. download any systemless root app that you want (adaway works you just have to turn on systemless host files in magisk settings + viper4andriod has a module in magisk that you download for it to work)
(DO NOT TURN ON HIDE MAGISK UNTIL THE END)
7. download the app buildprop editor, open it and grant it root. search for the line ro.config.tima=1 and change the value from 1 to 0.
8. reboot the phone and you should now be able to use s health.
continue following if you wish to pass safetynet and be playstore certified (set up your root apps like viper and adaway before doing this)
9. go into magisk settings and enable the setting Magisk Hide. reboot phone. check that you pass safetynet in magisk manager after booting up again
10. go into app manager, find google play store, tap storage and then clear the data.
11. open app again and you should be certified. (this took me a few tries. not sure if it was play store needing to update the property or me needing to reboot the phone)
12. Yay! your device should now be able to pass safetynet and will be play store certified in the play store app. you should soon be able to see netflix in the play store again.
source: I done this on my a520 just on the weekend to be able to update netflix

Komplikationen bei CF-Auto-Root mit Firmware?

Hello,
I have the Samsung Galaxy A50 (model number: SM-A505FN) and I wanted to root it with CF-Auto-Root, because I previously rooted an S5 in this way and it worked out without problems.
Now I have two questions:
1. Does the bootloader have to be unlocked because I read in other forums that you only have to unlock it if you want to get custom recoveries or OS.
As the description of CF-Auto-Root says, I want to stay as close as possible to the stock and only give apps root rights. I also want to keep getting OTA-updates and I don't want my phone to be wiped because I've already set everything up.
2. On the Firmware.Mobi page, to which you will be redirected if you go to ChainFires homepage, there are 3 Galaxy A50's listed, but with the model numbers SM-A505F, SM-A505U1 and SM-A505W (all without "fn" at the end unlike my modell number). Now to my question: Can I use one of these or do complications arise? If so, which one should I take?
Thank you in advance for future answers!
Kind regards,
Shademaster639

It's an English forum

I hope i am right but translated from german to english using google translate.
I have the Samsung Galaxy A50 (model number: SM-A505FN) and I wanted to root it with CF-Auto-Root, because I previously rooted an S5 in this way and it worked without problems.
Now I have two questions:
1. Must the bootloader be deactivated because I read in other forums that you only have to deactivate the bootloader if you want to get custom recoveries or OS.
As the description of CF-Auto-Root says, I want to stay as close as possible to the floor and only give apps root rights. I also want to keep getting OTA updates and I don't want my phone to be wiped because I've already set everything up.
2. On the Firmware.Mobi page, to which you will be redirected if you go to ChainFires homepage, there are 3 Galaxy A50's listed, but with the model numbers SM-A505F, SM-A505U1 and SM-A505W (all without "fn" on End, as with my model number). Now to my question: Can I use it or do complications arise? If so, which one should I take?
Thank you in advance for future answers!
Kind regards
Shademaster639

Lol, just recognized that the forum is english. I didn't think about this as I wrote the entry. The translation @spawnlives gave fits my question. Sorry for my mistake!
EDIT: I've edited my entry now to english.

Shademaster639 said:
Hello,
I have the Samsung Galaxy A50 (model number: SM-A505FN) and I wanted to root it with CF-Auto-Root, because I previously rooted an S5 in this way and it worked out without problems.
Now I have two questions:
1. Does the bootloader have to be deactivated because I read in other forums that you only have to deactivate the bootloader if you want to get custom recoveries or OS.
As the description of CF-Auto-Root says, I want to stay as close as possible to the stock and only give apps root rights. I also want to keep getting OTA-updates and I don't want my phone to be wiped because I've already set everything up.
2. On the Firmware.Mobi page, to which you will be redirected if you go to ChainFires homepage, there are 3 Galaxy A50's listed, but with the model numbers SM-A505F, SM-A505U1 and SM-A505W (all without "fn" at the end unlike my modell number). Now to my question: Can I use one of these or do complications arise? If so, which one should I take?
Thank you in advance for future answers!
Kind regards,
Shademaster639
Click to expand...
Click to collapse
I have not used cf auto root.
On earlier version of Android I used a different root method, now am using magisk on android version 9
Since cf auto root ( now SuperSu ) has not been updated for a while use of it on current Android version may not work.
Generally bootloader needs to be unlocked as rooting phones is a modification to the original firmware. Generally with Samsung, modifications to the phone OTA updates won't be possible. To update phone you will have to flash with odin then root again.
For point 2 I am not sure. If you are going to try it maybe use F model number. I think the U1 and W are for snapdragon variants not Eyxnos variants.
If you haven't read them yet these threads maybe of some help.
https://forum.xda-developers.com/showthread.php?t=1980683
https://forum.xda-developers.com/android/development/firmware-mobi-t3675896/page43
Note: Before trying anything always backup up your phone first.
As I have said I have not used cf auto root so maybe not able to help to much.

spawnlives said:
I have not used cf auto root.
On earlier version of Android I used a different root method, now am using magisk on android version 9
Since cf auto root ( now SuperSu ) has not been updated for a while use of it on current Android version may not work.
Generally bootloader needs to be unlocked as rooting phones is a modification to the original firmware. Generally with Samsung, modifications to the phone OTA updates won't be possible. To update phone you will have to flash with odin then root again.
For point 2 I am not sure. If you are going to try it maybe use F model number. I think the U1 and W are for snapdragon variants not Eyxnos variants.
If you haven't read them yet these threads maybe of some help.
https://forum.xda-developers.com/showthread.php?t=1980683
https://forum.xda-developers.com/android/development/firmware-mobi-t3675896/page43
Note: Before trying anything always backup up your phone first.
As I have said I have not used cf auto root so maybe not able to help to much.
Click to expand...
Click to collapse
Thank you for your quick answer.
I am a newbie regarding rooting as I rooted my phone years ago and I just followed some instructions by chainfire.
1. It would be kind if you could explain a bit more detailed what you mean with "flashing with odin then root again".
2. How do I backup my phone optimally?
Kind regards
Shademaster639

Shademaster639 said:
Thank you for your quick answer.
I am a newbie regarding rooting as I rooted my phone years ago and I just followed some instructions by chainfire.
1. It would be kind if you could explain a bit more detailed what you mean with "flashing with odin then root again".
2. How do I backup my phone optimally?
Kind regards
Shademaster639
Click to expand...
Click to collapse
Samsung firmware can be downloaded from the internet or using PC apps. Generally if needed to flash firmware with Odin it will revert back to stock rom.So generally any modifications done to the phone ( ie: custom recovery,root,customs Rom's etc ) will be reverted back to stock firmware.
So if the phone is modifiied and you want upgrade to lastest firmware you would flash with Odin and then you would have to modify you phone again.
From a backup point of view I don't really have any non root method that I use. I mainly use custom recovery ( TWRP ) to backup when making changes to the phone ( except for firmware upgrades ). You could try something like a cloud backup service or try Samsung Smart Switch. There are also apps ( like on play store ) that will do backups up as well ( keep/copy backup's on SD card or PC ).

spawnlives said:
Samsung firmware can be downloaded from the internet or using PC apps. Generally if needed to flash firmware with Odin it will revert back to stock rom.So generally any modifications done to the phone ( ie: custom recovery,root,customs Rom's etc ) will be reverted back to stock firmware.
So if the phone is modifiied and you want upgrade to lastest firmware you would flash with Odin and then you would have to modify you phone again.
From a backup point of view I don't really have any non root method that I use. I mainly use custom recovery ( TWRP ) to backup when making changes to the phone ( except for firmware upgrades ). You could try something like a cloud backup service or try Samsung Smart Switch. There are also apps ( like on play store ) that will do backups up as well ( keep/copy backup's on SD card or PC ).
Click to expand...
Click to collapse
If I got it right, you root your phone by flashing a modified AP-file with Odin, so if I want stock firmware back, I have to flash the original firmware?

Shademaster639 said:
If I got it right, you root your phone by flashing a modified AP-file with Odin, so if I want stock firmware back, I have to flash the original firmware?
Click to expand...
Click to collapse
Basically yes. Stock firmware will generally replace any modifications done to the phone.

spawnlives said:
I have not used cf auto root.
On earlier version of Android I used a different root method, now am using magisk on android version 9
Since cf auto root ( now SuperSu ) has not been updated for a while use of it on current Android version may not work.
Generally bootloader needs to be unlocked as rooting phones is a modification to the original firmware. Generally with Samsung, modifications to the phone OTA updates won't be possible. To update phone you will have to flash with odin then root again.
For point 2 I am not sure. If you are going to try it maybe use F model number. I think the U1 and W are for snapdragon variants not Eyxnos variants.
If you haven't read them yet these threads maybe of some help.
https://forum.xda-developers.com/showthread.php?t=1980683
https://forum.xda-developers.com/android/development/firmware-mobi-t3675896/page43
Note: Before trying anything always backup up your phone first.
As I have said I have not used cf auto root so maybe not able to help to much.
Click to expand...
Click to collapse
CF auto root uses modified firmware and requires an unlocked bl if it even works.. if he wants root he will have to unlock the BL. Also to add, CF auto root uses SuperSU, it hasn't become SuperSU.. in fact, CF stands for ChainFire if I'm not mistaken who made SuperSU.. the auto root basically pre-rooted/patched firmware similar (but different of course) as magisk patching firmware with root. You are correct though that it might not work on newer devices/OS with system as root and ram disk in recovery or on system etc etc.
Also, the A505U A505U1 A505W A505FN or w.e models are all Exynos, not snapdragon. He will be taking a risk though flashing firmware from a different model so he better be prepared to fix it if it doesnt work. His best bet is to stick to his variant. I am sure if he looks around a bit he'll find all he needs. Last comment, the U and U1 models in USA are not BL unlockable. They are exynos but still locked in the USA.

elliwigy said:
CF auto root uses modified firmware and requires an unlocked bl if it even works.. if he wants root he will have to unlock the BL. Also to add, CF auto root uses SuperSU, it hasn't become SuperSU.. in fact, CF stands for ChainFire if I'm not mistaken who made SuperSU.. the auto root basically pre-rooted/patched firmware similar (but different of course) as magisk patching firmware with root. You are correct though that it might not work on newer devices/OS with system as root and ram disk in recovery or on system etc etc.
Also, the A505U A505U1 A505W A505FN or w.e models are all Exynos, not snapdragon. He will be taking a risk though flashing firmware from a different model so he better be prepared to fix it if it doesnt work. His best bet is to stick to his variant. I am sure if he looks around a bit he'll find all he needs. Last comment, the U and U1 models in USA are not BL unlockable. They are exynos but still locked in the USA.
Click to expand...
Click to collapse
Thanks.
Appreciate the insight and the clarification.
Hopefully @Shademaster639 will pay attention to your post.
O/T: should say thanks also to the exploits made even though I don't have a ( US ) snapdragon variant on other devices.

elliwigy said:
CF auto root uses modified firmware and requires an unlocked bl if it even works.. if he wants root he will have to unlock the BL. Also to add, CF auto root uses SuperSU, it hasn't become SuperSU.. in fact, CF stands for ChainFire if I'm not mistaken who made SuperSU.. the auto root basically pre-rooted/patched firmware similar (but different of course) as magisk patching firmware with root. You are correct though that it might not work on newer devices/OS with system as root and ram disk in recovery or on system etc etc.
Also, the A505U A505U1 A505W A505FN or w.e models are all Exynos, not snapdragon. He will be taking a risk though flashing firmware from a different model so he better be prepared to fix it if it doesnt work. His best bet is to stick to his variant. I am sure if he looks around a bit he'll find all he needs. Last comment, the U and U1 models in USA are not BL unlockable. They are exynos but still locked in the USA.
Click to expand...
Click to collapse
I have unlocked my bootloader now since I had to do it nevertheless. I couldn't use cf-auto-root since there was no modified firmware for my device (sm-a505fn) listed on firmware.mobi. I tried rooting my phone using the latest version of magisk (v20.x) now, got random bootloops though. So I flashed my device back to stock with the original samsung firmware.

@spawnlives
1. Could you suggest me a video/forum entry/method that worked for rooting the a50 (SM-A505FN)? Is it recommended to install TWRP or just root with Magisk?
2. Are the newer devices protected with something like a "hidden OEM unlock" as I saw some videos about it how to deactive it? You are supposed to see this if this appears in your download mode: "KG STATE: Prenormal"?
Thank you in advance for future answers!
Kind regards
Shademaster639
EDIT: I have tried to root my phone now with latest Magisk version v20.x, but I got random bootloops. Same with version v19.3, which should work stable on a50 referring to this post: https://forum.xda-developers.com/galaxy-a50s/how-to/guide-root-galaxy-a50s-magisk-v19-3-t4001271
Kind regards
Shademaster639

Shademaster639 said:
@spawnlives
1. Could you suggest me a video/forum entry/method that worked for rooting the a50 (SM-A505FN)? Is it recommended to install TWRP or just root with Magisk?
2. Are the newer devices protected with something like a "hidden OEM unlock" as I saw some videos about it how to deactive it? You are supposed to see this if this appears in your download mode: "KG STATE: Prenormal"?
Thank you in advance for future answers!
Kind regards
Shademaster639
EDIT: I have tried to root my phone now with latest Magisk version v20.x, but I got random bootloops. Same with version v19.3, which should work stable on a50 referring to this post: https://forum.xda-developers.com/galaxy-a50s/how-to/guide-root-galaxy-a50s-magisk-v19-3-t4001271
Kind regards
Shademaster639
Click to expand...
Click to collapse
From you private message
Magisk has 2 parts to it.
Magisk- root method
Magisk Manager - control panel for magisk.
Magisk Manager is an apk app so it will show up regardless whether you phone is rooted or not ( except safe mode ).
Not having your device I not sure about you reboot issues. While doing a quick search there are issues posted here on xda and on Google about it. If i see anything useful I let you know.
KG and RMM states ( checked in download mode ) is a extra lock to prevent modifying your phone. I don't know if it effects every Samsung device though. So basically if KG and/or RMM state is showing Prenormal it will prevent modifying your phone.
Some more info from here
https://forum.xda-developers.com/sa...w-to/guide-root-install-twrp-samsung-t3747535

spawnlives said:
From you private message
Magisk has 2 parts to it.
Magisk- root method
Magisk Manager - control panel for magisk.
Magisk Manager is an apk app so it will show up regardless whether you phone is rooted or not ( except safe mode ).
Not having your device I not sure about you reboot issues. While doing a quick search there are issues posted here on xda and on Google about it. If i see anything useful I let you know.
KG and RMM states ( checked in download mode ) is a extra lock to prevent modifying your phone. I don't know if it effects every Samsung device though. So basically if KG and/or RMM state is showing Prenormal it will prevent modifying your phone.
Click to expand...
Click to collapse
I know that Magisk Manager will show up regardless whether my phone is rooted as I just installed it on my phone (like any other apk/app). I was asking if there was a way to fix the bootloop with the manager.
I checked if the bootloader is unlocked by going into the odin/download mode [VOLUME UP] + [VOLUME DOWN] and it showed: KG STATE: checking.
(Comment under a video of @AndroidHowTo: https://www.youtube.com/watch?v=zqbu7jCmeMY
 @AndroidHowTo OK But Now I Have Another Problem
your video ( KG STATE:Checking) but its Must be (KG STATE:NORMAL)
Until it is solved
AndroidHowTo:
If your device KG State = Checking it means the status is normal / unlocked bootloader. it different with RMM State)

Shademaster639 said:
I know that Magisk Manager will show up regardless whether my phone is rooted as I just installed it on my phone (like any other apk/app). I was asking if there was a way to fix the bootloop with the manager.
I checked if the bootloader is unlocked by going into the odin/download mode [VOLUME UP] + [VOLUME DOWN] and it showed: KG STATE: checking.
(Comment under a video of @AndroidHowTo:
@AndroidHowTo OK But Now I Have Another Problem
your video ( KG STATE:Checking) but its Must be (KG STATE:NORMAL)
Until it is solved
AndroidHowTo:
If your device KG State = Checking it means the status is normal / unlocked bootloader. it different with RMM State)
Click to expand...
Click to collapse
KG state - prenormal
and / or
RMM state - prenornal
Problems with modifying phone.
KG state - checking
RMM state - normal or disappeared
Allows modifying phone.
For want of better terminology they are separate keys to the same lock.
There are plenty of sites regarding this:
https://chimeratool.com/fr/docs/sam...onitoring-and-management-rmm-unlock-functions

Oneplus 5t security updates vs custom ROM newbie

Hi I've never wanted to root or custom ROM. I read the instructions and they are pages deep and the issues that come up and are discussed in threads have such confusing back and forth discussions using lingo and abbreviations that make my head spin.
However... Oneplus did their last update on my 5t my fourth oneplus phone... With an already old security update.
Is the only way to not throw away a perfectly working, phone with good Ram and a fairly new battery I paid to have installed just months ago?
If I'm wanting to hold on another year or 2 use the only option custom ROMs that contain security updates?
Is there a way to add security updates without a ROM? Or maybe at least just learn to root and then add just updates or is it only in ROMs?
I could probably happily use my phone as is but worried what effect no security updates really is to my use.
I really tried videos on doing so this myself I'm not comfortable if problems happen. Not very techy.
Any help appreciated

Unfortunately you can no longer get security updates once your device is deemed as old.
Your options will be to get an antivirus app on your phone, install a custom ROM (like LOS or pixel exp), or you can get a new phone.
Since you're new to this stuff I highly recommend you just get a new phone or simply install an antivirus.
Not sure which anti virus is better than which. But I'm confident in Avira, McAfee, and Norton. You may want to purchase their plan though.
Hope I helped.

Thanks alot for the reply. I'll start with an antivirus.

Hello,
I have similar issue, since I would need security patch update to keep running company mails and apps.
I have 2 doubts:
- if I root and install Android 11 custom ROM, security patches will be updated too?
- after this, would I be able to unroot and install company mail apps ( if rooted they will not work) ?
Thanks

Personally I think that your company has put an unfair burden on you to run company mail and apps on your personal phone while expecting you to have an updated phone at the same time. An updated phone should have been "given" to you.
That being said, you can actually flash and run a custom rom without root. Root is optional.
Process is as follows: (you'll need a PC for this)
1. Backup ALL your data
2. Unlock the bootloader
3. Install custom recovery and reboot to recovery
4. Wipe cache & system and format internal memory
5. Copy custom rom & gapps to internal memory
6. Flash custom rom & gapps and reboot system

miloinodense said:
Hello,
I have similar issue, since I would need security patch update to keep running company mails and apps.
I have 2 doubts:
- if I root and install Android 11 custom ROM, security patches will be updated too?
- after this, would I be able to unroot and install company mail apps ( if rooted they will not work) ?
Thanks
Click to expand...
Click to collapse
Yes if you install custom ROM you'll have security updates. It doesn't have to be Android 11 and you don't need root to install a custom ROM.
Also make sure to follow a precise guide about it so you don't encounter any issues. Always make a backup even if you're 100% sure you won't need it.
As far as I know mail apps don't check the integrity or do a SafetyNet check, so even if you root or don't it will work fine.
If you mean banking apps then you can install some modules to bypass the check or just completely remove root. Assuming that you rooted the device.

It shows my lack of knowledge never ever did I think you could Flash a ROM without being rooted.
Thanks

I successfully installed custom ROM w/o root.
But regarding company mail apps, I would need to hide bootloader unlocked status.
maybe it's impossible, if someone has a good idea...

miloinodense said:
I successfully installed custom ROM w/o root.
But regarding company mail apps, I would need to hide bootloader unlocked status.
maybe it's impossible, if someone has a good idea...
Click to expand...
Click to collapse
My banking apps working fine without root with crdroid 7.3 and flamegapps. Might work for your company mail app too.
Some roms readily hide bootloader status

Thanks for the hint, but these company mails apps are checking security patch date too. Last available for oneplus 5t are September 2020, and no further support from oneplus.

miloinodense said:
Thanks for the hint, but these company mails apps are checking security patch date too. Last available for oneplus 5t are September 2020, and no further support from oneplus.
Click to expand...
Click to collapse
Hence that's why the burden should be on the company to provide the "up to date" phone

miloinodense said:
Thanks for the hint, but these company mails apps are checking security patch date too. Last available for oneplus 5t are September 2020, and no further support from oneplus.
Click to expand...
Click to collapse
And that's why the burden should be on the company to provide the "up to date" phone

miloinodense said:
Thanks for the hint, but these company mails apps are checking security patch date too. Last available for oneplus 5t are September 2020, and no further support from oneplus.
Click to expand...
Click to collapse
I think if you change build.prop to some other phone with recent security patches you can bypass this.

XDHx86 said:
I think if you change build.prop to some other phone with recent security patches you can bypass this.
Click to expand...
Click to collapse
Today, I was thinking that this could be good way.
Root, change build.prop, and then unroot.
If you have a link for a good tutorial on change bulid.prop would be nice, thanks.

miloinodense said:
Today, I was thinking that this could be good way.
Root, change build.prop, and then unroot.
If you have a link for a good tutorial on change bulid.prop would be nice, thanks.
Click to expand...
Click to collapse
Just for update:
I tried to Root a stock ROM, edit build.prop (security patch date), unroot, and then lock bootloader.
But even if it was a stock ROM, OP5T was not booting.
Booloader was stopping boot since it was detecting a non-stock ROM.
Indeed, I had to unbrick OP5T since I was not possible to unlock bootloader.
So, still not solved

miloinodense said:
Just for update:
I tried to Root a stock ROM, edit build.prop (security patch date), unroot, and then lock bootloader.
But even if it was a stock ROM, OP5T was not booting.
Booloader was stopping boot since it was detecting a non-stock ROM.
Indeed, I had to unbrick OP5T since I was not possible to unlock bootloader.
So, still not solved
Click to expand...
Click to collapse
Just edit build.prop and use magisk hide module from magisk manager.

XDHx86 said:
Just edit build.prop and use magisk hide module from magisk manager.
Click to expand...
Click to collapse
Edit build.prop w/o root and unlock bootloader is not possible...
Moreover, hiding root will not work with more recent android updates and for sure it will not hide unlock bootloader.

miloinodense said:
Edit build.prop w/o root and unlock bootloader is not possible...
Moreover, hiding root will not work with more recent android updates and for sure it will not hide unlock bootloader.
Click to expand...
Click to collapse
Yeah I assumed you would know that you should root first. But seeing you even attempted to lock bootloader after modifying the device, seems I assumed wrong.
Magisk hide is working fine on later android versions like 8+. And for the bootloader it only trips CTS if your bootloader is using hardware backed key - Which is the case with OP5 - as CTS check also has hardware attestation. But it is possible to bypass said check by using SafetyNet Fix module, of course you will also install that from magisk manager.

Question : widevine, mcdonalds, banking app and root?

Hello!
I will receive a oneplus 9 pro next week and wonder if i shall root it or not. I want to use titanium backup and a few other apps that need root permission, but i also dont want to loose widevine level 1 for netflix and amazon video in hd, want to use my banking app and mcdonalds app.
i havent followed the magisk/root discussion for maybe a year or two (used a unrooted stock phone), so i am not up to date how things are at the moment.
just to be clear, please can someone answer the following questions:
1.) is unlocking bootloader (no root afterwards) enough to loose widevine level 1? can level 1 be gained again when bootloader is locked again or is lost permanent (like triggering knox with samsung).
2.) any problems with mcdonalds app and magisk? google pay?
after reading to the internet on the subject totday, i get the impression that rooting nowadays causes more problems thn benefits, but maybe i get a wrong impression.

flotsch1 said:
Hello!
I will receive a oneplus 9 pro next week and wonder if i shall root it or not. I want to use titanium backup and a few other apps that need root permission, but i also dont want to loose widevine level 1 for netflix and amazon video in hd, want to use my banking app and mcdonalds app.
i havent followed the magisk/root discussion for maybe a year or two (used a unrooted stock phone), so i am not up to date how things are at the moment.
just to be clear, please can someone answer the following questions:
1.) is unlocking bootloader (no root afterwards) enough to loose widevine level 1? can level 1 be gained again when bootloader is locked again or is lost permanent (like triggering knox with samsung).
2.) any problems with mcdonalds app and magisk? google pay?
after reading to the internet on the subject totday, i get the impression that rooting nowadays causes more problems thn benefits, but maybe i get a wrong impression.
Click to expand...
Click to collapse
Use the canary builds of Magisk, enable MagiskHide, and toggle the apps in question, and you're golden. Also, just to be sure, toggle it on for Google stuff like the Google app, Google Play Store, Google Play Services, Google Services Framework, Netflix, McDonald's, GPay, and any other banking or streaming subscription apps. Might want to have Magisk hide its self by changing the app name and signature as well.

GuyInDogSuit said:
Use the canary builds of Magisk, enable MagiskHide, and toggle the apps in question, and you're golden. Also, just to be sure, toggle it on for Google stuff like the Google app, Google Play Store, Google Play Services, Google Services Framework, Netflix, McDonald's, GPay, and any other banking or streaming subscription apps. Might want to have Magisk hide its self by changing the app name and signature as well.
Click to expand...
Click to collapse
thank you for the information.
so i will definitely not loose widevine l1 with unlocking bootloader and root?
to hide magisk itself (change name and signature), i just need to turn this option on in magisk and not need to do this in a manual way?

flotsch1 said:
thank you for the information.
so i will definitely not loose widevine l1 with unlocking bootloader and root?
to hide magisk itself (change name and signature), i just need to turn this option on in magisk and not need to do this in a manual way?
Click to expand...
Click to collapse
Correct, by default it will change to a "default" app icon and rename itself to "Settings" but you can easily still tell it from the device's own system Settings app.

one last question.
following this root instruction https://forum.xda-developers.com/t/guide-magisk-unlock-root-keep-root-oos-11-2-7-7.4252373/ , do i have to use the provided boot images? i feel safer to download the full ota from oneplus official site and extract payload.bin and then use payload dumper to get a boot.img.

flotsch1 said:
one last question.
following this root instruction https://forum.xda-developers.com/t/guide-magisk-unlock-root-keep-root-oos-11-2-7-7.4252373/ , do i have to use the provided boot images? i feel safer to download the full ota from oneplus official site and extract payload.bin and then use payload dumper to get a boot.img.
Click to expand...
Click to collapse
If you are leery of using someone else's boot.img, feel free to do that if you'd like. But regardless, be sure to boot the image, don't flash it. Booting it not only gives you the temporary root access to install Magisk yourself, but also ensures that the patched boot.img is actually valid.

v23 has a fix for SafetyNet API. It looks like that supersedes anything from the last canary/debug builds, so it's probably safe to stick with that. Everything else is the same, though.

GuyInDogSuit said:
v23 has a fix for SafetyNet API. It looks like that supersedes anything from the last canary/debug builds, so it's probably safe to stick with that. Everything else is the same, though.
Click to expand...
Click to collapse
V23?

flotsch1 said:
V23?
Click to expand...
Click to collapse
Latest stable Magisk build. I'm saying you won't need to mess with canary/debug.

When you turn on hide then hide the app the in the settings then your allowed to do anything you like but also hide it in the menu of magisk then your all done don't flash to much crap and magisk hide module is not really finished yet for this device good luck
I rooted it the second i got it
And don't use canary builds of magisk only if you want to run your phone very unstable i recommend the stable version

thanks alot for the information.
i still hazzle to root. i had a oneplus 3 2 years ago and had magisk root/custom rom/twrp, but i also had issues on regular basis and spent alot of time on xda and with flashing. dont know if i want this again or just a phone that works.
and just to be sure:
in case i loose my widevine level 1 because of root or bootloader unlock: will it come back when locking bootloader again and/or unroot. or will it be level 3 forever?

Wildvine L1 is not always retained when unlocking the bootloader. If I unlock mine, I go to L3 every single time, but when I lock it back, I go back to L1. I've tested this 3 times and it happened all 3 times.

flotsch1 said:
thanks alot for the information.
i still hazzle to root. i had a oneplus 3 2 years ago and had magisk root/custom rom/twrp, but i also had issues on regular basis and spent alot of time on xda and with flashing. dont know if i want this again or just a phone that works.
and just to be sure:
in case i loose my widevine level 1 because of root or bootloader unlock: will it come back when locking bootloader again and/or unroot. or will it be level 3 forever?
Click to expand...
Click to collapse
Well to be honest I never had that problem and i need to have my binance hidden as well and everything works well but with some games like slime hunter i really need to hide magisk it self too from the settings but when you do they everything will be working okay. And so far I have seen with magisk hide module what you can download is that there are no keys yet for using in op9p (could be changed didn't check it for a while now)

CTS profile match failed

Hi there.
I have an unrooted realme 6 pro. 2 days ago I tried to use Google pay and it did not work. It said that "You can´t pay contactless using this device. It may be rooted or running uncertified software.
I went to google play and I saw that my device is certified. After running some SafetyNet checks it says that CTS profile match failed. evakuation type: BASIC HARDWARE_BACKED. And then after reading some blogs I saw that on Google Play my netflix isn´t supported on my device although I have already installed it.
Any help or advice?
Thanks

Is your bootloader unlocked?
There's only 2 reliable ways to pass SafetyNet including CTS. The first is a completely stock device running pure OEM firmware with a locked bootloader.
The second is with Magisk, using DenyList and 2 modules: Universal SafetyNet Fix and MagiskHide Props Config.
A stock ROM on an unlocked bootloader will fail.
A custom ROM on a locked bootloader will fail.

V0latyle said:
Is your bootloader unlocked?
There's only 2 reliable ways to pass SafetyNet including CTS. The first is a completely stock device running pure OEM firmware with a locked bootloader.
The second is with Magisk, using DenyList and 2 modules: Universal SafetyNet Fix and MagiskHide Props Config.
A stock ROM on an unlocked bootloader will fail.
A custom ROM on a locked bootloader will fail.
Click to expand...
Click to collapse
I have also checked that. It has always been locked. I do not know if the problem is caused due to the new android update since is now running on android 11. Plus I dont want to root my phone

V0latyle said:
Is your bootloader unlocked?
There's only 2 reliable ways to pass SafetyNet including CTS. The first is a completely stock device running pure OEM firmware with a locked bootloader.
The second is with Magisk, using DenyList and 2 modules: Universal SafetyNet Fix and MagiskHide Props Config.
A stock ROM on an unlocked bootloader will fail.
A custom ROM on a locked bootloader will fail.
Click to expand...
Click to collapse
... You cannot have custom rom on unlocked bootloader LOL. Just saying. Unless a device is ancient, back in the days where you could run custom roms without unlocked bootloader.

JhinCuatro said:
... You cannot have custom rom on unlocked bootloader LOL. Just saying. Unless a device is ancient, back in the days where you could run custom roms without unlocked bootloader.
Click to expand...
Click to collapse
But that's the thing. I don't have a custom from. I did not root my phone. The only thing I did is to open the developer options. The bootloader was always locked. That started happening after the update to android 11. I sent my phone to the customer service now but I do not think they will do anything.

JhinCuatro said:
... You cannot have custom rom on unlocked bootloader LOL. Just saying. Unless a device is ancient, back in the days where you could run custom roms without unlocked bootloader.
Click to expand...
Click to collapse
You can, you just have to set a custom root of trust. See Android Boot Flow

V0latyle said:
You can, you just have to set a custom root of trust. See Android Boot Flow
Click to expand...
Click to collapse
Oops I misstated. I meant custom rom on locked bootloader**.

manu3732 said:
But that's the thing. I don't have a custom from. I did not root my phone. The only thing I did is to open the developer options. The bootloader was always locked. That started happening after the update to android 11. I sent my phone to the customer service now but I do not think they will do anything.
Click to expand...
Click to collapse
Same problem with my OnePlus Nord.

oOEDGUYOo said:
Same problem with my OnePlus Nord.
Click to expand...
Click to collapse
Did you find any fix yet... Am having the same issue

happy619 said:
Did you find any fix yet... Am having the same issue
Click to expand...
Click to collapse
I ended up installing the Pixel Experience rom. It was the only way to fix it

oOEDGUYOo said:
I ended up installing the Pixel Experience rom. It was the only way to fix it
Click to expand...
Click to collapse
I have been on custom ROMs for over 6 months on nord ... Some have bad update cycles .. Some are unstable and many more issues although my Device was certified

I have the same problem, bootloader is normally unlocked and I have Universal SafetyNet Fix and MagiskHide Props Config installed, using lineage 18.1 on my redmi 9 pro device

I have flashed both ...( Magisk hide prop conf & universal safety net )
But still "CTS failed, can somebody help me please....

I have this problem too. Any solutions ? I tried magisk with prop conf and safety net-fix and still have cts failed...

Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet

The rest ? What you mean ? Cause i have problem with CTS failed and im desperatly looking for solution

Oshvitzon said:
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
Click to expand...
Click to collapse
The rest ? What you mean ? Cause i have problem with CTS failed and im desperatly looking for solution

Mrlama112 said:
The rest ? What you mean ? Cause i have problem with CTS failed and im desperatly looking for solution
Click to expand...
Click to collapse
The regular instructions:
Magisk with zygisk , hide app , configure deny list and then as i said in the previous post

Oshvitzon said:
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
Click to expand...
Click to collapse
Thank you! Worked like a charm! IDK why my CTS Profile suddenly started failing, but this seemed to have fixed it.

Oshvitzon said:
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
Click to expand...
Click to collapse
Thanks so much it worked well. Am I able to update the Google Wallet without it affecting the mod 3.0?