Nethunter starting causes immediate safetynet fail

[pwncc]

Describe the bug A clear and concise description of what the bug is.

To reproduce Steps to reproduce the behavior:

1. Start a nethunter enabled device with root access disabled for the nethunter app
2. Confirm safetynet is passing
3. Give root access go the nethunter app
4. Open nethunter app (chroot does not need to start)
5. Run safetynet check
6. Observe that it now fails

Expected behavior I expected safetynet to pass with nethunter running.

Device info Device model: Onplus 7 pro Europe Android version: 11 ROM name/version: OxgenOs 11.0.7.1.GM21BA

Logs Connect your phone to a computer and run adb logcat > issue.log. Attach the log file to this issue. log.txt

Additional context I have tried all of the methods I could find to get safetynet to pass. I tried shamiko, props, ARCore, downgrading magisk 23 and everything else I could find on the web.

Checklist

• [ y] All information is present
• [ yy] Logs are attached
• [ ] I have tried installing and configuring [MagiskHide Props Config]https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf)

[pwncc]

Update. I reinstalled magisk v23. Riru safety net fix module does work and passes safety net just fine. This seems to only fail on zygisk

[danny729]

Hi pnwcc I am experiencing the same thing like you, phone and ROM is the same , are you able to run nethunter with magisk 23 and keep safetynet intact.

[GustavoSchip]

Has anyone found a fix/workaround? The one involving downgrading magisk and using riro netsafetyfix didn't work for me.

[pwncc]

@GILLESMaster Sorry wrong button. Switching to 23 and redoing all the safety net fixes has worked for me. I was unable to get anything working on 24

[GustavoSchip]

@pwncc hmm, il try it again when I am home from my vacation! I hope this works because it's super anoying.

[ServOKio]

Any update ? The problem seems to still be there Nethunter 2022.2 Magisk 25.2 + zygisk

[Displax]

Because of SELinux permissive. No way to change it.

[GustavoSchip]

Well, it works! Downgraded magisk to 23 and use riru with the needed modules and boom! It works, but now I'm stuck with magisk v23 so that is one downside @ServOKio @Displax

[ServOKio]

Well, it works! Downgraded magisk to 23 and use riru

[GustavoSchip]

Well, it works! Downgraded magisk to 23 and use riru

Yes, this is the way

[GustavoSchip]

Well, it works! Downgraded magisk to 23 and use riru with the needed modules and boom! It works, but now I'm stuck with magisk v23 so that is one downside @ServOKio @Displax

What did you do exactly, if I may ask? Having the same problem, downgraded to Android 11 and Magisk 23, did hide the Magisk app, enabled hidelist, installed latest safetynetfix for Riru... But safetynet fails :-( What did I miss? Am on MIUI 12.5 btw. Thanks !

@rdtm443 what you are missing is a way to hide modifications and/or a complete reset of the Google play services storage!

This is what I used to hide my modifications 'MagiskHide Props Config' U could search it up, install it and find a tutorial on how to use it.

And if all went well it should work perfectly fine!

Best of luck!

[GustavoSchip]

He deleted his comment lol

[shandongtlb]

The problem has been completely solved, It is because the startup app script contains the code from selinux to permissive, and everything is normal after changing back to enforcing.

https://gitlab.com/kalilinux/nethunter/apps/kali-nethunter-app/-/issues/327

[kaliiiiiiiiii]

reddit worked for me.

If you truly consider the security trade-off to be worth it then check if the following command makes you pass Safetynet (run it on a terminal app with root access)

chmod 440 /sys/fs/selinux/enforce

This should make so apps are unable to detect your permissive Selinux state (iirc Magisk used to do something similar to this in the MagiskHide code)

If this works you can use any script running app to run this at boot, wish you good luck

[GustavoSchip]

Thanks for all the feedback, and yes I have it resolved as well

[r1riyad]

Add this in Nethunter custom command. Now safetynet works even after reboot. Thanks for the command

chmod 440 /sys/fs/selinux/enforce

KernelSU Users should use the Below command in custom command otherwise u wil get permission error.

su && chmod 440 /sys/fs/selinux/enforce

[masteruni]

)

Add this in Nethunter custom command. Now safetynet works even after reboot. Thanks for the command

chmod 440 /sys/fs/selinux/enforce

KernelSU Users should use the Below command in custom command otherwise u wil get permission error.

su && chmod 440 /sys/fs/selinux/enforce

100% working on Android 13. Just make sure to set the exec mode to "background".

Cheers! 🥳

[pwncc]

Hey y'all, apologies my ADHD brain forgot to respond. I can confirm that the issue was caused by a permission issue in SELinux/enforce

Confirmed working on Android 11, 12 and 13 including custom kernel. Works with Play Integrity Fix module for magisk as well.

When you're adding the custom command to nethunter please note that nethunter does not start android terminal sessions in root mode by default. If you're on magisk (unsure about other methods) running "su" opens a new session and any && will be ignored.

For magisk users please add the following custom command

su
chmod 440 /sys/fs/selinux/enforce

It should look like this

Unfortunately this has not yet been fixed in nethunter as of today. I'm closing this now and leaving this at the bottom since this ticket is on the top of Google when you look for nethunter safety net.

[covar2077]

Hi i managed to bypass safetynet and cts but google wallet is not working. Any help???????????