mirror/safetynet-fix
1
0
Fork 0
mirror of https://github.com/kdrag0n/safetynet-fix.git synced 2024-07-08 05:59:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Google SafetyNet attestation workarounds for Magisk
64 Commits 3 Branches 16 Tags 2.2 MiB
C++ 59.5%
Kotlin 26.7%
Shell 11.5%
Makefile 2.3%
35d705eb8a
Go to file
Danny Lin 35d705eb8a
java: Ignore all Android Studio project data
2021-09-06 03:40:22 -07:00
.github github: Add Patreon funding link 2021-07-04 00:22:44 -07:00
java_module java: Ignore all Android Studio project data 2021-09-06 03:40:22 -07:00
riru Indicate support for Android 7 2021-09-06 03:01:35 -07:00
.gitignore Import module 2021-01-13 02:02:44 -08:00
build.sh Add integrated build script 2021-09-06 02:39:17 -07:00
LICENSE license: Attribute Riru Module Template 2021-09-06 02:39:16 -07:00
README.md readme: Update for Riru version 2021-09-06 03:16:11 -07:00

README.md

Universal SafetyNet Fix

This is a universal fix for SafetyNet on devices with hardware-backed attestation and unlocked bootloaders (or custom verified boot keys). It defeats both hardware attestation and the SafetyNet CTS profile updates released on January 12, 2021. The only requirement is that you can pass basic attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels. MagiskHide is required as a result.

Passing basic attestation is out-of-scope for this module; this module is meant to defy hardware attestation, as well as reported "basic" attestation that actually uses hardware under-the-hood. Use MagiskHide Props Config to spoof your CTS profile if you have trouble passing basic attestation. This is a common issue on old devices and custom ROMs.

Android versions 712 are supported, including OEM skins such as Samsung One UI and MIUI. This is a Riru module, so Riru must be installed in order for this to work.

How does it work?

Google Play Services opportunistically uses hardware-backed attestation to enforce SafetyNet security (since January 12, 2021), regardless of the device.

This module uses Riru to inject code into the Google Play Services process and then register a fake keystore provider that overrides the real one. When Play Services attempts to use key attestation, it throws an exception and pretends that the device lacks support for key attestation. This causes SafetyNet to fall back to basic attestation, which is much weaker and can be bypassed with existing methods.

Key attestation is only blocked specifically for SafetyNet in Google Play Services, so no other features are broken.

ROM integration

Ideally, this workaround should be incorporated in custom ROMs instead of injecting code with a Magisk module.

Commits for the system framework version of the workaround:

Support

If you found this module helpful, please consider supporting development with a recurring donation on Patreon for benefits such as exclusive behind-the-scenes development news, early access to updates, and priority support. Alternatively, you can also buy me a coffee. All support is appreciated.