'No Device Check' Xposed module helps with SafetyNet check

[mnaoumov]

After installing module https://repo.xposed.info/module/com.pyler.nodevicecheck

I've got ctsProfile = true

[mnaoumov]

[mnaoumov]

I also found on the Russian forum http://4pda.ru/forum/index.php?showtopic=461675&st=82360 a patched version of this module which helps with the basicIntegrity checks

For those who don't want to register on the forum, I reuploaded the apk https://drive.google.com/file/d/1mbwLy4Mtkv-PTNgASGPdR8sHChECUgHg/view?usp=drivesdk

[mnaoumov]

It's not perfect though. It doesn't fix signature validation. The same forum contains some ideas how to fix signature validation. But it's more difficult and I'll try it later

[Nenphy]

I'm not an expert to talk here but i found an interesting module on xposed that can disable temporarily the signature validation:

link of the explanation: https://www.google.com.br/amp/s/www.xda-developers.com/application-signature-verification-how-it-works-how-to-disable-it-with-xposed-and-why-you-shouldnt/amp/

Module: http://forum.xda-developers.com/xposed/modules/xposed-disablesignaturecheck-t2783480

Hope this could help Nenphy

[Ferbee]

It's not perfect though. It doesn't fix signature validation. The same forum contains some ideas how to fix signature validation. But it's more difficult and I'll try it later

Hey, do you mind adding the other 2 apks, because i have Signature Spoofing enabled, and if it works i'll report back

[mnaoumov]

Get them here https://drive.google.com/open?id=12SA2zzmt6FoJ9x6gnizPD0rqD4gAz8rv

Device Check 1.1.apk Fixed basicIntegrity check

No Device Check 1.1_fakeSign.apk Signature from Google Services. Requires patch to support fake signatures

Device Check 1.1_ap.apk Signature from Android Pay. Requires patch to support fake signatures

Here is the article in Russian explains how to fake signatures. Haven't tried it yet http://4pda.ru/forum/index.php?showtopic=724118&st=180#entry50304407

I used that tool to check SafetyNet status https://play.google.com/store/apps/details?id=org.freeandroidtools.safetynettest

[donkykong017]

thx guys for your input. i found this few days ago when my banking app was updated to check for saftynet (i guess) cause even with the devicecheck to pass SN it did not work. guess it had to do with the signature. yesterday i found this (https://github.com/Magisk-Modules-Grave/safetypatch/blob/master/README.md) magisk module and it does not pass SN with xposed installed, but my banking app works now. i don't know why but maybe someone with more knowledge than me can explain that. and maybe it helps. i guess with the devicecheck.apk and this module saftynet should fully pass?! i did not try that. but i am luck for now as my banking app works again

[mnaoumov]

@donkykong017 did you try MagiskHide for your banking app? Is SafetyNet fix really required for it?

[donkykong017]

yes it is. i tried with magisk hide. selected it and it did not work. the scenario was: magisk active xpoesed active banking app selected in magisk hide/magisk hide active SN check in magisk did not pass Banking app did not open for security reasons SN did not pass in App provided

second scenario was: magisk active xpoesed active banking app selected in magisk hide/magisk hide active Devicecheck active in xposed SN check in magisk DID pass Banking app did not open for security reasons SN did not pass in App provided

working scenario now is: magisk active xpoesed active banking app selected in magisk hide/magisk hide active Securepatch active in Magisk Devicecheck NOT active in xposed SN check in magisk DID NOT pass Banking app DID open SN did not pass in App provided

edit: i do not know what my banking app checks for. seems it is just that one thing that the saftypatch module fixes

[CarlesLlobet]

thx guys for your input. i found this few days ago when my banking app was updated to check for saftynet (i guess) cause even with the devicecheck to pass SN it did not work. guess it had to do with the signature. yesterday i found this (https://github.com/Magisk-Modules-Grave/safetypatch/blob/master/README.md) magisk module and it does not pass SN with xposed installed, but my banking app works now. i don't know why but maybe someone with more knowledge than me can explain that. and maybe it helps. i guess with the devicecheck.apk and this module saftynet should fully pass?! i did not try that. but i am luck for now as my banking app works again

Do you have the apk still on your computer? Could you upload it ? The repository has been removed and the Github account is now empty (seems they've been catched and banned)

[CarlesLlobet]

Get them here https://drive.google.com/open?id=12SA2zzmt6FoJ9x6gnizPD0rqD4gAz8rv

Device Check 1.1.apk Fixed basicIntegrity check

No Device Check 1.1_fakeSign.apk Signature from Google Services. Requires patch to support fake signatures

Device Check 1.1_ap.apk Signature from Android Pay. Requires patch to support fake signatures

Here is the article in Russian explains how to fake signatures. Haven't tried it yet http://4pda.ru/forum/index.php?showtopic=724118&st=180#entry50304407

I used that tool to check SafetyNet status https://play.google.com/store/apps/details?id=org.freeandroidtools.safetynettest

Have you tried it yet ? I've been looking it and it seems that do work with any application you have to extract your applications signature with the attached ApkSig.zip and manually modify it as it explains with your own generated signature.

If you already have tried, can you upload the ApkSig.zip ?

Thanks in advance

[nazotan]

I also found on the Russian forum http://4pda.ru/forum/index.php?showtopic=461675&st=82360 a patched version of this module which helps with the basicIntegrity checks

For those who don't want to register on the forum, I reuploaded the apk https://drive.google.com/file/d/1mbwLy4Mtkv-PTNgASGPdR8sHChECUgHg/view?usp=drivesdk

I tried to access the above link to dig into their implementation but I could not find the relevant info about their code and apks. It may be changed for a while. Can you recheck the link? Thanks

[mgforce]

thx guys for your input. i found this few days ago when my banking app was updated to check for saftynet (i guess) cause even with the devicecheck to pass SN it did not work. guess it had to do with the signature. yesterday i found this (https://github.com/Magisk-Modules-Grave/safetypatch/blob/master/README.md) magisk module and it does not pass SN with xposed installed, but my banking app works now. i don't know why but maybe someone with more knowledge than me can explain that. and maybe it helps. i guess with the devicecheck.apk and this module saftynet should fully pass?! i did not try that. but i am luck for now as my banking app works again Hi @donkykong017 can you pls help with the saved file from your mobile/pc. Thanks

[mgforce]

thx guys for your input. i found this few days ago when my banking app was updated to check for saftynet (i guess) cause even with the devicecheck to pass SN it did not work. guess it had to do with the signature. yesterday i found this (https://github.com/Magisk-Modules-Grave/safetypatch/blob/master/README.md) magisk module and it does not pass SN with xposed installed, but my banking app works now. i don't know why but maybe someone with more knowledge than me can explain that. and maybe it helps. i guess with the devicecheck.apk and this module saftynet should fully pass?! i did not try that. but i am luck for now as my banking app works again

Do you have the apk still on your computer? Could you upload it ? The repository has been removed and the Github account is now empty (seems they've been catched and banned)

Did you get this @CarlesLlobet - if yes, can you pls share? Thanks.

[CarlesLlobet]

thx guys for your input. i found this few days ago when my banking app was updated to check for saftynet (i guess) cause even with the devicecheck to pass SN it did not work. guess it had to do with the signature. yesterday i found this (https://github.com/Magisk-Modules-Grave/safetypatch/blob/master/README.md) magisk module and it does not pass SN with xposed installed, but my banking app works now. i don't know why but maybe someone with more knowledge than me can explain that. and maybe it helps. i guess with the devicecheck.apk and this module saftynet should fully pass?! i did not try that. but i am luck for now as my banking app works again

Do you have the apk still on your computer? Could you upload it ? The repository has been removed and the Github account is now empty (seems they've been catched and banned)

Did you get this @CarlesLlobet - if yes, can you pls share? Thanks.

I did not @mgforce, I had no answer. At the moment I have only been able to bypass ctsProfile and basicIntegrity checks with the Russian patched version, but not the apkSignature check. If I have any news, I'll post them here.

[mgforce]

I did not @mgforce, I had no answer. At the moment I have only been able to bypass ctsProfile and basicIntegrity checks with the Russian patched version, but not the apkSignature check. If I have any news, I'll post them here.

Thanks for the quick revert @CarlesLlobet. I see 3 versions out there, can you pls tell which one worked for you

Device Check 1.1.apk Fixed basicIntegrity check

No Device Check 1.1_fakeSign.apk Signature from Google Services. Requires patch to support fake signatures

Device Check 1.1_ap.apk Signature from Android Pay. Requires patch to support fake signatures

[xerta555]

@mgforce I have tes the apk file on my device (RR Nougat with last Magisk):

• Magisk SN check ok
• SN app check ok
• Snapchat login failed (Magisk Hide enabled for this app)

Apparently if an app only check the SN statut, it could be ok/pass, but if it check more stuff, it couldn't be ok/don't pass.

[mgforce]

Thanks @xerta555 for this feedback. But I am not aware which of the 3 apks works best. Had asked @CarlesLlobet but didn't hear back. So can't help much

[CarlesLlobet]

I did not @mgforce, I had no answer. At the moment I have only been able to bypass ctsProfile and basicIntegrity checks with the Russian patched version, but not the apkSignature check. If I have any news, I'll post them here.

Thanks for the quick revert @CarlesLlobet. I see 3 versions out there, can you pls tell which one worked for you

Device Check 1.1.apk Fixed basicIntegrity check

No Device Check 1.1_fakeSign.apk Signature from Google Services. Requires patch to support fake signatures

Device Check 1.1_ap.apk Signature from Android Pay. Requires patch to support fake signatures

Hi @mgforce, sorry for the late response, I did not see the last question.

I tested the first one. The point is I am testing the Bypass on a banking application with its own signature, so the other two won't be able to do much more for me, as they have the Google Services and Android Pay patched signatures respectively, but not my application fake signature, so they would not work for me. If you are trying to bypass the Signature Check on one of this two apps (Google services or Android Pay), this two apps will bypass all checks for you, but for other apps you just will be able to bypass the ctsProfile and basicIntegrity checks, not the Signature check. You should generate a fake signature for your own app, which I have not been able to reproduce following the Russian thread, as they did not provide me the binaries they used to generate this fake signatures on Google Services and Android Pay.

[aaazv]

So how to by pass per app signature?

Ive passed the saftynet test of magisk, but not the "SafetyNet test" app.

What to do?

[linux019]

No Device Check doesn't help with google pay as it works locally only on your phone. Google pay sends nonce generated by SafetyNet to google servers and ones can check if this nonce is correct and your phone can be used for payments. Only way to bypass Safetynet with active Magisk and XPosed is to cheat google DroidGuard

Stab 1: Check what is installed on the device. Stab 2: Check the stack trace for suspicious method calls. Stab 3: Check for native methods that shouldn’t be native. Stab 4: Use /proc/[pid]/maps to detect suspicious shared objects or JARs loaded into memory.

[errorcodevortex]

Not sure if anyone still here just stumbled across this issue. Just discovered safetynet by bdoel xposed module reuploaded it to my drive https://drive.google.com/file/d/1kAEBmqd9DB7HCAaIepfqJ_nTtthVkOeY/view?usp=sharing It uses pyler no device check and another trick I couldn't recognize to somehow pass both checks. Also found out that hiddencore module 1.7 also gets both magisk check to pass haven't tried to decompile it yet but it keeps your screen on (AON) for some reason. I am trying to figure out trick to get micro-g fully working and snapchat without a restore with xposed installed. Playstore safetynet checkers still fail I'm assuming because of spoofing signatures, need to try with some of new apps from above. Spoke with weishu and he just got support added bdoel + hiddencore 1.7 in Tai Chi Xposed which has several extra features such as rootless mode that may be helpful here. Also just came across this apksig stuff https://github.com/moosd/Needle/blob/master/README.md from the 4 forum And this module that claims to pass both tests without xposed https://forum.xda-developers.com/apps/magisk/module-safetypatcher-t3809879

[SmaamX]

اگرچه کامل نیست. اعتبار امضا را درست نمی کند. همین انجمن حاوی ایده هایی برای رفع اعتبار امضا است. ولی سخت تره و بعدا امتحانش می کنم

Hi, I can not download the required files and the links do not work. Thank you

[SmaamX]

I did not @mgforce, I had no answer. At the moment I have only been able to bypass ctsProfile and basicIntegrity checks with the Russian patched version, but not the apkSignature check. If I have any news, I'll post them here.

Thanks for the quick revert @CarlesLlobet. I see 3 versions out there, can you pls tell which one worked for you Device Check 1.1.apk Fixed basicIntegrity check No Device Check 1.1_fakeSign.apk Signature from Google Services. Requires patch to support fake signatures Device Check 1.1_ap.apk Signature from Android Pay. Requires patch to support fake signatures

Hi @mgforce, sorry for the late response, I did not see the last question.

I tested the first one. The point is I am testing the Bypass on a banking application with its own signature, so the other two won't be able to do much more for me, as they have the Google Services and Android Pay patched signatures respectively, but not my application fake signature, so they would not work for me. If you are trying to bypass the Signature Check on one of this two apps (Google services or Android Pay), this two apps will bypass all checks for you, but for other apps you just will be able to bypass the ctsProfile and basicIntegrity checks, not the Signature check. You should generate a fake signature for your own app, which I have not been able to reproduce following the Russian thread, as they did not provide me the binaries they used to generate this fake signatures on Google Services and Android Pay.