Develop Bugs

what triggers a failed safetynet response right now?

Lately it seems more and more developers are relying on safetynet for apps and features (especially google, i REALLY miss getting surveys with opinion rewards :[ )
So I'm curious if anyone has an idea what currently triggers a failed response.
Does busybox fail?
Does selinux need to be enforcing?
Does system status need to be "official"
Etc.
Lastly, bonus question:
Are there any custom kernels for g920p that don't auto root and install busybox?

It is fairly complex.
1) https://developer.android.com/training/safetynet/index.html
"SafetyNet examines software and hardware information on the device where your app is installed to create a profile of that device. The service then attempts to find this same profile within a list of device models that have passed Android compatibility testing. "
2) https://www.howtogeek.com/241012/sa...y-and-other-apps-dont-work-on-rooted-devices/
"Google uses something called SafetyNet to detect whether your device is rooted or not, and blocks access to those features. Google isn’t the only one, either–plenty of third-party apps also won’t work on rooted Android devices, although they may check for the presence of root in other ways."
You may already know this from the other thread regarding Magisk, but my suggestion is to return to stock via Odin, then follow the instructions from the Magisk thread here: https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445

koop1955 said:
It is fairly complex.
1) https://developer.android.com/training/safetynet/index.html
"SafetyNet examines software and hardware information on the device where your app is installed to create a profile of that device. The service then attempts to find this same profile within a list of device models that have passed Android compatibility testing. "
2) https://www.howtogeek.com/241012/sa...y-and-other-apps-dont-work-on-rooted-devices/
"Google uses something called SafetyNet to detect whether your device is rooted or not, and blocks access to those features. Google isn’t the only one, either–plenty of third-party apps also won’t work on rooted Android devices, although they may check for the presence of root in other ways."
You may already know this from the other thread regarding Magisk, but my suggestion is to return to stock via Odin, then follow the instructions from the Magisk thread here: https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445
Click to expand...
Click to collapse
Thanks for chiming in!
Dang there's a lot going on, i guess google is being pretty tight lipped about exactly what info they use.
But yea, at the moment I'm completely stock with magisksu and magisk v11.1
The issue is that magisk has to be re-installed after every boot, meaning there are a few minutes where safetynet and gms have the opportunity to see my root before i re-install magisk. (From what i gather from the magisk op thread, this could be fixed with a custom kernel... tested succesfully with skyhigh, but then failed safetynet and i don't know why.)
The other issue with the magisk set-up on complete stock is that Titanium backup and some other root-related apps seem to be almost entirely broken. Magisk OP thread sheds some light about that, something about system needing to mounted as rw (which I'm unable to change, since root hardly works at all)... a couple weeks ago the magisk dev said he was going to work on a fix for that, but I'm not banking on it.
So to summarize, I'm trying to figure out how to run a custom kernel (or even rom if possible) without failing safetynet... because even if i flash skyhigh on stock, Uninstall busybox, set se linux to enforced, uninstall supersu, and wipe davlik i still fail safetynet.
Or I'm i just too greedy wanting the freedom of root AND the comfort of stock behavior? (android pay, google opinion rewards, consistent play service function and updates etc)

I would guess that a custom kernel alone (no SuperSU or BusyBox) would cause a failure. It seems like any kernel mod would do so.
Magisk is an attempt to solve this, but doesn't seem quite there.

koop1955 said:
I would guess that a custom kernel alone (no SuperSU or BusyBox) would cause a failure. It seems like any kernel mod would do so.
Magisk is an attempt to solve this, but doesn't seem quite there.
Click to expand...
Click to collapse
I'd believe that, i guess that'd really be the obvious first step in profiling a device's environment.
Given that I'm guessing it'd just check the system info, all the info on the about device page in settings and compare it to which kernel i should have.
So in the interest of crawling deeper down this rabbit hole, I'm going to see what can be done to mock that info >
Also in defense of magisk, from what i gather, magisk is an extremely effective hands-off root solution... unless you have a samsung device.

@Nye-uhls, you should definitely check this out: https://forum.xda-developers.com/showpost.php?p=71398440&postcount=342
New kernel with built-in Magisk support.

koop1955 said:
@Nye-uhls, you should definitely check this out: https://forum.xda-developers.com/showpost.php?p=71398440&postcount=342
New kernel with built-in Magisk support.
Click to expand...
Click to collapse
Thats huge. I'm officially no longer putting effort into getting magisk working in anticipation of that new kernel.
Thank you for the heads up, probably wouldve kept sweating over this for a few more days lol.

Stockish P2XL Magisk and Google Pay

I was running Android 9 Aug?2018 update with a custom kernel and Magisk. A few weeks ago Google Pay stopped working and i read the long thread here about the Google Play store update and Magisk no longer hiding root. I dirty flashed an updated stock rom and removed the format (-w) switch. I stayed with the stock kernel. Re-rooted with update Magisk root and Magisk app. In Magisk i pass SafetyNet Check ctsProfile and basicIntegrity. When i try to use Google Pay I still get the error message that i cannot use GooglePay there. I am very close to just going completely stock with no root as I am not jacking with my phone as much as i did years ago, android is progressing nicely and plus many devs have moved on from the P2XL. I just really dont want to have to re setup my phone. Any thing else i can try to use GooglePay before i go back to stock?
P2XL Bootloader unlocked
Android: 9.0 3/5/19
Magisk V19.0 (19000)
Magisk Manager 7.1.1
Not running any Magisk Modules
Thanks for any help or suggestions

fortillian said:
I was running Android 9 Aug?2018 update with a custom kernel and Magisk. A few weeks ago Google Pay stopped working and i read the long thread here about the Google Play store update and Magisk no longer hiding root. I dirty flashed an updated stock rom and removed the format (-w) switch. I stayed with the stock kernel. Re-rooted with update Magisk root and Magisk app. In Magisk i pass SafetyNet Check ctsProfile and basicIntegrity. When i try to use Google Pay I still get the error message that i cannot use GooglePay there. I am very close to just going completely stock with no root as I am not jacking with my phone as much as i did years ago, android is progressing nicely and plus many devs have moved on from the P2XL. I just really dont want to have to re setup my phone. Any thing else i can try to use GooglePay before i go back to stock?
P2XL Bootloader unlocked
Android: 9.0 3/5/19
Magisk V19.0 (19000)
Magisk Manager 7.1.1
Not running any Magisk Modules
Thanks for any help or suggestions
Click to expand...
Click to collapse
There is a lot of talk in many threads about this. There is a good tutorial or two around that do work but seemingly only temporarily then it breaks again. Seems Google would a way to detect stuff that is not patched yet. I am at work so I don't have much time to go searching but it should not be hard to find. It includes deleting a folder and reinstalling and hiding magisk.

CyberpodS2 said:
There is a lot of talk in many threads about this. There is a good tutorial or two around that do work but seemingly only temporarily then it breaks again. Seems Google would a way to detect stuff that is not patched yet. I am at work so I don't have much time to go searching but it should not be hard to find. It includes deleting a folder and reinstalling and hiding magisk.
Click to expand...
Click to collapse
Yea, I've been through that 106 page thread and a few others. Renamed folders, deleted folders, reinstalled apps, hid services in magisk hide. I was never a fan of NFC payment until I started using it lol.

Try safety patch module in Magisk to pass Safetynet

HueyT said:
Try safety patch module in Magisk to pass Safetynet
Click to expand...
Click to collapse
I appreciate the reply. installed this plugin. cleared cache/data for Google Pay and Deleted the GMS folder again. Reinstalled GPay, no joy
Trying to decide on checking out Android Q or Dirty Unicorn. I dont jack with my phone much anymore, may be worth it to checkout Q and lock it up for GPAY atleast for now.

fortillian said:
I appreciate the reply. installed this plugin. cleared cache/data for Google Pay and Deleted the GMS folder again. Reinstalled GPay, no joy
Trying to decide on checking out Android Q or Dirty Unicorn. I dont jack with my phone much anymore, may be worth it to checkout Q and lock it up for GPAY atleast for now.
Click to expand...
Click to collapse
I'm thinking the same

5T would rooting gain access to Samsung gear and control Gear 2 (R280) & Gear 360?

5T would rooting gain access to Samsung gear and control Gear 2 (R280) & Gear 360?
I've looked all over for a tutorial.
TIA.

Yes it should. I assume your problem is these apps don't show up for you in the app store or they say they aren't compatible with your device? I had that issue with my 6T and my Gear S3. If that is indeed the case you just need to root with Magisk and use:
Magisk Hide Props Module
That module will let you change your device fingerprint to a certified one or something else if necessary. I can test this theory tonight on a rooted 5T with this module if you know what apps you are looking for. (I know what apps are needed for my Gear S3)
Both Magisk and that Module are installed in TWRP. However that module is activated and run from a terminal emulator on the phone. Personally I use this one:
Terminal Emulator
Once running that type:
su <--Hit enter, hit ok when Magisk asks, this will give terminal emulator root.
Now type:
props <--This runs the module you will now get menus choose pick certified fingerprint. It should be pretty self explanatory from here. Any questions ask.
Normal Magsik stuff I recommend hiding Google stuff from Magisk and renaming it with a random name.

Yea, Tried using Wear but doesn't find the R-280 or Gear 360. I remember a modded Gear apk a while back but it didn't work non-root.
So I should root. Is there a good tutorial link that incorporates this props list in the process? Or what rom would be good for this?
I've fairly familiar with the rooting process but it's been a bit.
Thanks for your help.

I've found on several devices now, that sometimes, my cars, headsets, watches, may not pair if the device has been on for some time. A restart and all the sudden everything connects no issue. My Gear S3 is no exception. Restart the phone and my watch and all the sudden it finds it. Your location can be off (my is always off except when using navigation), but those apps do need location permission.
Your best bet is to use FunkWizard's Guide. It doesn't have the props module stuff in it, however once TWRP is installed and you flash magisk, it's just reboot once so magisk will be installed, fully, and then go back to recovery. Then flash the module, then flash busy box. You'll be good to go. (I did realize I left out an important piece of information, that module needs BusyBox to work. You can get that here at the bottom of this post. <-- That BusyBox installer is also installed in TWRP. )
As for ROMs I use Lineage on everything. The privacy guard is the big seller for LOS for me. However that props module works in OOS, on the 5T I used it until LOS came out, back when it was first released. Also used it on my 6T until LOS was fully working with my watch. So all this stuff should work fine in OOS if you want to stay "stock".

Hmm. Got a Havoc installed and Magisk 19. "props not found" when typed in terminal after giving SU permissions. Any ideas?
Also, Anyone know where to download the older Samsung Gear apks or what apps to use for pairing the devices I mentioned?
Thanks again!

djphooka said:
Hmm. Got a Havoc installed and Magisk 19. "props not found" when typed in terminal after giving SU permissions. Any ideas?
Also, Anyone know where to download the older Samsung Gear apks or what apps to use for pairing the devices I mentioned?
Thanks again!
Click to expand...
Click to collapse
When you go into Magisk go to Modules in the menu, does the MagiskHide PropsConfig and BusyBox appear under Modules? I would guess they do not if "props" does not work.
Have you ever used APK Mirror ? It is a very handy site sometimes. It's from Android Police, so at least it's not a completely unknown source. That's not to say you shouldn't use direct sources whenever possible.

OhioYJ said:
Yes it should. I assume your problem is these apps don't show up for you in the app store or they say they aren't compatible with your device?
Click to expand...
Click to collapse
What do I do now? I have Magisk running busybox and props.
Galaxy Wear doesn't find my watch. Isn't there an older version available that might?

djphooka said:
What do I do now? I have Magisk running busybox and props.
Galaxy Wear doesn't find my watch. Isn't there an older version available that might?
Click to expand...
Click to collapse
I don't know that version would help, but you can try other versions on ApkMirror if you want. I know even in stock form connecting my watch sometimes takes some persistence. Sometimes it takes rebooting both devices to get it recognized, sometimes it just a matter of going back and forth and scanning multiple times. It basically never finds it the first time. Been through it many of times, as you can't just reconnect a the watch after a clean install, it's always completely reset the watch and reconnect as a new device.

How To Guide Rooted S22: How to make the new Google Wallet work

If you rooted using the method on this forum, and your Google Pay app was recently upgraded to Google Wallet, you will probably find that it doesn't work anymore. Even if you have the Universal SafetyNet Fix installed and SafetyNet shows as passing, the new payment app will still detect your device as rooted. This is because it now uses Google Play Integrity instead of SafetyNet.
There's a lot of discussion in this thread. But the short version is, if you want to get payments working again:
1. Install MagiskHide Props Config.
2. Follow the instructions on that page to change your device fingerprint to Samsung Galaxy S21 (A11).
That's it! Some people in the thread also cleared data for Google Play Services but I don't think I did. Also in that thread is a verification app (first version, official version) for Google Play Integrity that you can use to make sure your device fingerprint setting is correct.
So far I haven't noticed any side effects from changing the fingerprint. I was unable to receive any SMS messages after first changing, but I rebooted a second time and that issue went away.

Just install safetynet-fix-v2.3.1-MOD.zip in Magisk. That worked on my OnePlus Nord CE (EU).

Vattu said:
Just install safetynet-fix-v2.3.1-MOD.zip in Magisk. That worked on my OnePlus Nord CE (EU).
Click to expand...
Click to collapse
Yeah this thread is now out of date. The updated safetynet fix is a much better option now.

You don't need just the safetynet module. You need Shamiko along that.
So latest Safetynet + Shamiko 0.5.2 (the latest version right now) and you're all set. You gotta whitelist the banking apps you use and they'll work perfectly fine. These 2 were enough to allow my preferred ridiculous banking app to work without an issue, without any other modules or tweaking and such.

dragos281993 said:
You don't need just the safetynet module. You need Shamiko along that.
Click to expand...
Click to collapse
You only need Shamiko if you use LSposed, right? I don't use LSposed and it's been enough for me to put all of my annoying apps on the Magisk denylist.

aurny said:
You only need Shamiko if you use LSposed, right? I don't use LSposed and it's been enough for me to put all of my annoying apps on the Magisk denylist.
Click to expand...
Click to collapse
No. I only had Magisk installed with Zygisk turned on. I first installed Safetynet Fix then Shamiko. The first module wasn't enough for my preffered banking app to not detect that the bootloader was unlocked. Shamiko fixed that. I simply installed it as a module in Magisk

Thanks, good to know. I haven't had that issue yet but I'll remember this in case I need it in the future!

aurny said:
If you rooted using the method on this forum, and your Google Pay app was recently upgraded to Google Wallet, you will probably find that it doesn't work anymore. Even if you have the Universal SafetyNet Fix installed and SafetyNet shows as passing, the new payment app will still detect your device as rooted. This is because it now uses Google Play Integrity instead of SafetyNet.
There's a lot of discussion in this thread. But the short version is, if you want to get payments working again:
1. Install MagiskHide Props Config.
2. Follow the instructions on that page to change your device fingerprint to Samsung Galaxy S21 (A11).
That's it! Some people in the thread also cleared data for Google Play Services but I don't think I did. Also in that thread is a verification app (first version, official version) for Google Play Integrity that you can use to make sure your device fingerprint setting is correct.
So far I haven't noticed any side effects from changing the fingerprint. I was unable to receive any SMS messages after first changing, but I rebooted a second time and that issue went away.
Click to expand...
Click to collapse
Thank you very much, it worked perfectly.

This actually worked, thank you!

Question [rooted device] Galaxy wear 4 not connecting

I was recently able to root my Oneplus 9 Pro, after getting all my data back on getting my device at least usable I decided to try and set back up my watch. I keep being unable to connect. I've blocked galaxy manager/wear from magisk and I've hit a brick wall any advice?

drybonesification said:
I was recently able to root my Oneplus 9 Pro, after getting all my data back on getting my device at least usable I decided to try and set back up my watch. I keep being unable to connect. I've blocked galaxy manager/wear from magisk and I've hit a brick wall any advice?
Click to expand...
Click to collapse
you most likely need to hide magisk from more (or all) google related apps and services on your device. had the same issue with me. i'm pretty google based sign in would also not be working for you in this situation. the solution for me was to re rehide magisk from everything.

That's what I originally thought and was racking my head against it. This is the only this I can't get working post root. I saw Samsung devices have a Bluetooth patch when searching but no universal patch, at least I can't find one

drybonesification said:
That's what I originally thought and was racking my head against it. This is the only this I can't get working post root. I saw Samsung devices have a Bluetooth patch when searching but no universal patch, at least I can't find one
Click to expand...
Click to collapse
is safetynet passing for you?

Seems to be so, everything other then my gear manager is working as intended

For me on a13 the galaxy wear app just crashes while trying to connect (non root)