Fix: Magisk / Unlocked BL - SafetyNet Test / ctsProfile / basicIntegrity -> false


katerpanne

Members
19 Apr 2014
3,557
332
Hello together,

if the SafetyNet-Test will fail - because of unlocked Bootloader / phone is rooted.
Here are some suggestions to solve it.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
TWRP and "magisk_patched.img":
  • Remove or rename the "/TWRP" folder
  • Delete "magisk_patched.img" if you patched "boot.img" manually with magisk
  • reboot
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Magisk Manager & EdXposed:
Then hide magisk by itself and hide the application in magisk-manager
Choose "Black List" in EdXposed-Manager for this applications
  • Google Playstore / Google Play Services / Google Services Framework
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Google Playstore "Play Protect certification" - Device not certified
  • clear Data "Google Play store", "Google Play services", "Google Service Framework"
  • reboot
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Flash "persist.img" you will loose your widevine L1 for ever

I have not tested this method it is from this thread. Make a backup before of your persist.img

If you do not have Widevine L1 or you have no plan to use it, install "persist.img"
via fastboot, TWRP, OrangeFox and Safetynet CTS will pass again but you loose Widevine L1 to L3 (Netflix HD)
  • download the full image for your phone from this URL: https://mirom.ezbox.idv.tw/en/phone/
  • unzipp it and search for this file "persist.img"
  • install the image
    • install with TWRP: mount "persist" as not read only and install the image
    • install with MiFlash
    • install with adb: "fastboot flash persist persist.img"
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Workarounds:
  • Changing the fingerprint solved the problem for some users
  • Disable the module that is responsible for the failed test e.g. "edxposed module"
An EdExposed module is the the root cause:
  • deinstall all "edxposed modules"
    • test if SafetyNet-Test is ok. If it is true install other "edexposed-modules" and test after every new module
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
These solutions may not work anymore for all apps
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
EdExposed:

there are three possibilities you can try
  1. install EdXposed and then install the module "HiddenCore Module"
    • open EdXposed Installer / Manager
    • on the left side open the menu and klick on "download"
    • search for "HiddenCore Module" download it / activate it / reboot
    • that module has a litte screen issue - this one should be better
  2. install the special magisk-manager version if you have installed the "magisk-edxposed module" version < 4.6.1
  3. use the "EdXposed Manager" Black List feature and turn it on for -> Play Store, Play Services and Google Framework
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Magisk-Manager:
This methods are not working at the moment 03/09/2020
  • install in "magisk-manager" the module "SafetyPatch" you can find it in "magisk-manager" under "Downloads"
  • install in "magisk-manager" the module "MagiskHide Props Config" you can find it in "magisk-manager" under "Downloads"
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
If you want to know what the SafetyNet-Test check is for, here you can get more information

Feel free and tell me your solutions, I will update this thread

Regards Kater

*** Update - New version from john Magisk for Android 11 ***

Here you can find the new version ...

https://github.com/topjohnwu

31725


Choose canary

31726


And download the file

31727


Release Notes

31728



Reported issues
https://github.com/topjohnwu/Magisk/issues

PS: In the meanwhile there is a new release so dont wonder if the newest version is higher than 20421 !!!

31733



Update 09.09.2020
 
Last edited:
Thanks,blacklist suggestion in edexposed worked perfect,saved me a lot of hassel,thanks a million

Sent from my MI CC 9 using Tapatalk
 
  • Like
Reactions: katerpanne
hello there @katerpanne
I can't seem to find that "hiddencore module"
I found one in xda by MysticBlaze347 but it needs xposed, is it the one? or if it's not, do you happen to have the one you're using?
 
Xposed drain much battery and it is no really effective. In fact SafetyNet in third-party checking apps is no reliable. I tried Xposed solution, cts is OK, but not working GPay and no cts dependent apps.
 
Hi Lucenera,

on my phone it is working ... and I didnt recognized battery drain.

GPay
28645


McDonalds
28647


Pokemon Go
28671
 
Did GPay already have the cards added or did you add them from scratch? However happy for you and all those who freely decide to try this solution.

Inviato dal mio MI 9 utilizzando Tapatalk

I dont use GPay / McDonalds... a user ask me if I can test it. I did it on the fly and it is working as mentioned :)
 
Today I got both ctf profile false and basic integrity false when check randomly in magis manager , so maybe google return the code again and even more restrictive checks ( 2 days ago when I checked was both true ) , did not change anything from my side...
 
Today I got both ctf profile false and basic integrity false when check randomly in magis manager , so maybe google return the code again and even more restrictive checks ( 2 days ago when I checked was both true ) , did not change anything from my side...
Did you have update Magisk?

Inviato dal mio MI 9 utilizzando Tapatalk
 
I have Magisk 20.3 & HiddenCore ... everythink is green and the special apps are working fine :)
 
Today I was unable to authenticate in pokemon go anymore, looked and found that my CTS Profile is False in Magisk 20.4.

SafetyPatch v3 stopped working also, having it flashed gives an basicIntegrity check error. I'm trying to do the persist.img method, but, after flashing the persist.img file I can't activate data, wlan and bluetooth in my phone anymore.

I'm doing something wrong?

My device is an Redmi Note 7 Pro.

Hi ... I dont use the persist.img method, this method is from this thread ... Perhaps somebody other can help you.
 
Today I was unable to authenticate in pokemon go anymore, looked and found that my CTS Profile is False in Magisk 20.4.

SafetyPatch v3 stopped working also, having it flashed gives an basicIntegrity check error. I'm trying to do the persist.img method, but, after flashing the persist.img file I can't activate data, wlan and bluetooth in my phone anymore.

I'm doing something wrong?

My device is an Redmi Note 7 Pro.
What you did wrong?
-You destroyed your original persist file.
I hope you got a copy with existing tool.zip.
 
Today I received a pop-up notification that Google Pay cannot be used on my device anymore, because it may be rooted (Google Pay worked fine yesterday). So I assumed they had applied the changes once again.

I was able to clear the safety check after installing EdExposed Manager and the HiddenCore Module :)
 
Last edited:
  • Love
Reactions: katerpanne