safetynet-fix icon indicating copy to clipboard operation
safetynet-fix copied to clipboard

Published 20 hours ago verified publisher icon kdrag0n

CTS profile does not match

Open j0110 opened this issue 2 years ago • 19 comments

Hi I just switched to LOS 20, and CTS doesn't pass anymore Screenshot_20230124-121507_Yet Another SafetyNet Attestation Checker I got USNF, samiko, and it used to work with LOS19.1 Any ideas? Thanks a lot

j0110 avatar Jan 24 '23 11:01 j0110

Surprisingly it works with https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD_2.1...

j0110 avatar Jan 24 '23 12:01 j0110

Surprisingly it works with https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD_2.1...

Because of microG. Use official GMS.

Displax avatar Jan 24 '23 22:01 Displax

So kdragon's UNSF won't work with microg? Why displayx's fork works?

j0110 avatar Jan 25 '23 12:01 j0110

Surprisingly it works with https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD_2.1...

Indeed. I rolled back to that. But with 2.4 if you retry the test for a while you could pass the test.

ibart avatar Jan 27 '23 10:01 ibart

Same as #248

j0110 avatar Jan 27 '23 12:01 j0110

I've noticed that just switching on the deny list in Magisk and switching it back off is enough to make the issue go away for a time.

Maybe it's unrelated...

stanelie avatar Jan 31 '23 14:01 stanelie

Just adding my feedback as I have also been affected since this morning. Issue is only affecting Google Pay but it is constant (no on and off like reported on #248). All other apps cannot detect root and banking apps work fine. At one point shortly after boot I noticed YASNAC passed all checks and then didn't when I re-ran a few seconds later. Things looks fine at boot but after boot something is changed maybe? Beginning of month is always time for Google to release system updates - could this be an issue too?

Model: Pixel 6a bluejay

Magisk: 25.2 stable hidden with all Google apps (incl. system) on DenyList as per usual

Magisk Modules:

  • MHPG 6.1.2-v137 with spoof fingerprint Pixel 2 and force basic attestation and now removed both altogether
  • Shamiko 0.6 (Enforce Denylist therefore not ticked off as required by this module - has been working fine until yesterday)
  • USNF 2.3.1 and now updated to 2.4.0

Additional notes:

  • YASNAC passes Basic integrity but fails CTS Profile
  • Play Integrity API Checker meets Basic integrity but fails Device integrity and fails Meets Strong Integrity
  • PlayStore states Device is not certified

Djtrip83 avatar Feb 08 '23 14:02 Djtrip83

I have the same problem. Tried all the possible fix mentioned.

Too has been working fine until yesterday.

So, maybe some update ? I have the problem on GSI ROM (tried the MHPC (spoof prop)) Work fine on STOCK or OEM STOCK PORTED

Mitezuss avatar Feb 08 '23 22:02 Mitezuss

Maybe this is the solution (and the problem): https://github.com/hentaiOS/platform_frameworks_base/commit/32cd021753626ae2dc0f72d222ac4fd734f3a8aa It seems that now Google checks the product and model names against the fingerprint

LambdaSoft avatar Feb 08 '23 23:02 LambdaSoft

I just noticed the same problem today too on my pixel 7 pro. Most safetynet/play integrity enabled apps work fine but google pay refuses to let me use tap to pay, yasnac returns basic integrity passed with cts profile fail, and play integrity checker returns true for MEETS_BASIC_INTEGRITY but false for the other 2

LuminarySage avatar Feb 08 '23 23:02 LuminarySage

Maybe this is the solution (and the problem): https://github.com/hentaiOS/platform_frameworks_base/commit/32cd021753626ae2dc0f72d222ac4fd734f3a8aa It seems that now Google checks the product and model names against the fingerprint

Ah! I noticed yesterday that my spoofed fingerprint was read as Pixel 2 Bluejay instead of Pixel 2 walleye. I then checked props and most were not changed by USNF and MHPC (only model was). I was about to change them all manually but would take too long...

Could this be the culprit?

Djtrip83 avatar Feb 09 '23 08:02 Djtrip83

Surprisingly it works with https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD_2.1...

Big vouch for this, works perfectly, just installed this instead of the stock USNF and boom, works.

ShiroBlank avatar Feb 15 '23 13:02 ShiroBlank

OnePLus Nord AC2003 here whit PixelExperience13 cant bypass even whit Displax mod. CTS profile mismatches.

Mak3yrM0v3 avatar Feb 18 '23 15:02 Mak3yrM0v3

Surprisingly it works with https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD_2.1...

Big vouch for this, works perfectly, just installed this instead of the stock USNF and boom, works.

I did not use that one, but opt for a more recent release https://github.com/Displax/safetynet-fix/releases/download/v2.4.0-MOD_1.2/safetynet-fix-v2.4.0-MOD_1.2.zip

Verified to work with Pixel 6a (13), and OnePlus 8 (LOS 20). Google Wallet tap to pay works again.

antonywu avatar Feb 24 '23 20:02 antonywu

Surprisingly it works with https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD_2.1...

wow, i have been struggling to get miui to pass with all modern methods and this one fixed it! 👍

XDM-Inc avatar Mar 22 '23 04:03 XDM-Inc

The fix is in #261

adipascu avatar Mar 28 '23 15:03 adipascu

The fix is in #261

what am i supposed to do with that

gio1135 avatar Mar 29 '23 23:03 gio1135

The fix is in #261

what am i supposed to do with that

https://github.com/Displax/safetynet-fix/releases/tag/v2.4.0-MOD_1.2

Displax avatar Mar 29 '23 23:03 Displax

Surprisingly it works with https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD_2.1...

That's the rocket to the mars. Thanks

Sandalu123 avatar Jul 26 '23 18:07 Sandalu123