Hi
Long story short, I had to restore my device using MSM (11.0.4.4AA). However, after I restore using MSM, I cant pass safetynet. basicIntegrity ANd ctsProfile are both failing. Bootloader is still locked (MSM relocks it), and Im not rooted. I tried unlocking bootloader and rooting with Magisk, enabling Magiskhide, and even tried some pass safetynet modules but still not passing. Tried updating software to 11.0.5.5AA (OxygenUpdater and OS update methods) and tried installing OS using fastboot (flash-all.bat method. Still cant pass safetynet... Any other suggestions? Im pretty lost right now... On top of that, Rogers network in Canada has been down all day so I cant get SMS to verify my accounts and especially my lifeline Whatsapp, but thats for another rant... TIA
Related
Hi, since 2 days they've been an update in the safety.net detection from google. I cannot log in pokemon go anymore. My configuration is 8.2.4 global, phone is not root, just unlocked, i had installed before superSu and Magisk. Has some people here recorded having the same problem ? Do you have some idea on a way to fix it ? My safety.net was not passing but the game was working, i have cts profile mismatch and basis integrity false.
You need to lock your BL for pass safetynet, or use Magisk and bypass It
Benefits/downsides of doing that?
Thanks
I think you can't. Magisk overwrites your boot.img and that's the issue. Guess your phone won't boot afterwards.
Indeed. I tried it and it just got to the mi logo and rebooted itself over and over.
You can lock bootloader by restoring previous boot image in Magisk manager, then you should be okay.
You can't or it will show something like "Your device is destroyed"
You cannot lock bootloader after *any* system mod. Plain and simple.
Hi, please I have a question about this.
So, How do you use banking or paying apps like Google Pay if it checks for unlocked bootloader?
I would like to use Magisk + Google Pay and I dont see the way.
Thanks!
skorzo said:
Hi, please I have a question about this.
So, How do you use banking or paying apps like Google Pay if it checks for unlocked bootloader?
I would like to use Magisk + Google Pay and I dont see the way.
Thanks!
Click to expand...
Click to collapse
With unlocked bootloader, you must install Magisk to pass SafetyNet. If you don't have Magisk installed and you have an unlocked bootloader, you will fail SafetyNet with ctsProfile being false, rendering you unable to install and run apps requiring you to pass SafetyNet. As long as you pass SafetyNet, you can run banking apps and Google Pay with no problems.
why so many people afraid to keep bootloader unlocked? ok is a security risk, but if high unlikely to have issue if you dont install/run bad stuff on your phone... or i mistake?
Hi everyone,
I have a LG G6 (H870DS/SEA) and it's a great device. Even better with Oreo, now the device doesn't have the problems we've had on Nougat.
Let me tell a quick story about security and this device. I've upgraded officially (using LG Bridge) to Oreo one month ago, I think. Everything worked at the time: my bank account, Pokémon GO (which uses SafetyNet) and every single application that depends on device certifications.
Recently, after seeing so many posts about the new ThinQ features, the bright camera mode and the rename, I decided to flash the CIS firmware using LGUP and UPPERCUT to make the G6 detectable by LGUP. No problems, SafetyNet was indeed working at the time (attested using Pokémon GO).
After some time w/out using the device, I decided to go back and use it. Yesterday, I tried to open my bank application and it failed several times with the same error code. I thought that it was some kinda of problem with my account, but then I realized that SafetyNet problems actually does the same things when the CTS profile mismatchs or something else prevents SafetyNet to be attested.
With that in mind, I decided to install a "SafetyNet checker" and see what was actually going on. Boom. SafetyNet failing multiple times. It says my device doesn't support SafetyNet (which is a lie, IMO). Initially, my thoughts were that, upon flashing the CIS firmware, something broke and SafetyNet end up broke. Tried to flash the last SEA firmware, no luck. Tried to revert back to the original SEA Oreo firmware (which I flashed the CIS firmware on top), no luck at all.
Apart from my bank application, Pokémon GO and any application that eventually uses SafetyNet for security checking, everything else works. I just don't know what happened with this, as I don't know if my device is still "official" or a red bright light was powered during the flash process (which, IMHO, I doubt, otherwise I'd have seen this on the start).
At this point, I think I'm stuck into this unless a bootloader unlock comes along sometime (this is not impossible, but let's keep hoping for now) and Magisk + its modules are activated in order to hide SafetyNet approval.
TL;DR:
- My phone is failing on every SafetyNet test and I just don't know why;
- It runs official firmware. However, it went through LGUP flashes 2-3 times now;
- There are no root or bootloader unlock methods to this specific model, so there were no unofficial modifications whatsoever;
- The problem started recently, as the SafetyNet depended applications seemed to work after the first flash;
- The first flash actually changed the region (SEA>CIS), so I just don't know if this is the real problem or this is just an unfortunate coincidence;
- I just reverted the phone to its normal region (SEA), and it keeps failing;
- According to multiple SafetyNet checkers, it just says it's uncompatible and tells something about an empty payload. Neither the CTS profile is available;
- Just in case, if someone wonders about the versions I've used until now, the order of the flashing process is:
SEA Nougat -> SEA Oreo (LG Bridge) -> CIS Oreo (LGUP+UPPERCUT) -> SEA Oreo (20C/LGUP+UPPERCUT) -> SEA Oreo (20A/LGUP+UPPERCUT)
If this problem is also happening with someone, or happened to someone else and eventually had a fix, please show the way. If you had the problem, please answer the questions below:
- Have you ever used LGUP with this device? If yes, which firmware did you flash?
- There was a region/carrier change? (eg.: SEA -> CIS, CIS -> EUR, TIM BRAZIL -> BRA and so on)
- SafetyNet dependents were working after the flash?
- Did you wipe your device after the flash? (if you've answered "yes" to the first question).
Thanks in advance.
Mr. I.
(PS: this is NOT a thread to ask for a bootloader unlock. Please don't answer this just to ask for a solution to this. Thanks!)
Hello, I really messed this up... I haven't rooted a phone in over 5 years, but just ordered a moto g7 from google fi because I wanted to play around with rooting and rooted apps again.
Setup:
-got moto drivers, adb, set developer mode, unlocked bootloader
I had tried to just root using the "simple?" method of using Magisk with the lolinet firmware files. I used the PPO files in the Official/FI dir. I thought that I had seen an error when flashing the magisk modified boot.img that there was an issue or that it wasn't valid, I (stupidly) assumed that this was like the notification you get after unlocking bootloader about invalid key or whatever. When trying to boot up it would just keep boot looping, and I went into hard panic mode... I saw other people had mentioned using retail or retus firmware on the google fi variant, so I proceeded to try to just flash those stock boot.img files after the fi one hadn't worked. I then finally got it to boot up fully, I don't even remember which firmware it was (retail maybe) and felt a little bit better about it, but had also seen that some people had said it wouldn't have the full functionality of network switching if I wasn't using the fi firmware. So... back to the fi firmware...
I was able to get it booting up on stock fi firmware, and to be honest I should have stopped there and given up on root, because I'm guessing I would have been perfectly fine up to that point... I again tried magisk modified fi firmware to no avail, and was having trouble getting back on stock fi for some reason... I followed a post to reset to stock and relock bootloader ***I'm guessing this was my major fault***, I must not have been paying enough attention to the command prompts doing this, but I think this is where I messed something up royally. It was able to boot, but then it said it had updated software to the 'PPOS' variant which I thought was strange... After attempting to reflash stock fi and then magisk fi boot.img it is failing and won't even get to boot loop.... when trying the slew of commands to flash full stock firmware I keep getting issues with the "_a" partition being not found.
At this point I can't get to recovery, or boot after attempting to flash a number of times. Any help would be appreciated, even if it is just a confirmation that I f'd this device and to stop wasting my time and give up on ever having a rooted device again lol.
Thanks for your time, and let me know if there is additional info to provide that may help.
Edit: Current status:
"Start Up Failed: Your device didn't start up successfully. Use the Software Repair Assistant on computer to repair your device. Connect your device to your computer to get the software Repair Assistant."
in Bootloader logs, but I don't know what software repair assistant it is referring to, i have tried connecting to pc.
Edit 2: Or I'm just a complete idiot and needed to re-unlock bootloader with the code like previous... which I totally should have known, but again, I'm an idiot...
So, now that I've got it booting up, do I attempt reflashing a magisk img or just admit I'm too stupid to do this? Or should I go with twrp which seemed like more steps and potentially more issues to run into?
Sorry for the scare and immense stupidity!
I finally installed 10.3.0, rooted, and am using the SafetyPatch module to bypass Safetynet on my OnePlus 6t T-Mobile phone converted to International.
Now my Google account show shows my device as Huawei P20 Pro. How do I change this?
redcodefsu said:
I finally installed 10.3.0, rooted, and am using the SafetyPatch module to bypass Safetynet on my OnePlus 6t T-Mobile phone converted to International.
Now my Google account show shows my device as Huawei P20 Pro. How do I change this?
Click to expand...
Click to collapse
Under some circumstances it is necessary to change the "fingerprint" of your device to appear as if it is another device in order to pass CTS.
... Oddly I too had problems with Safety net when first flashing over to 10.3, I got lost in translation somewhere because after re-flashing it a few times with both the local upgrade method and TWRP now it passes Safety-net by default, no extra Magisk module necessary.
I am rooted without TWRP, last time I tried going through TWRP but it flashed on both partitions and I lost My OS.