I did it !
Here is what I did:
- Step 1 : I removed the “su” binary from system/bin and system/xbin using Root Explorer, an application that I use for a long time (but not open-source, unfortunately).
- Step 2 : OK, with Magisk-v6.zip and Magisk_Manager_v1.2.apk
- Step 3 : The first link is directing to SuperSU and it didn’t work with that zip ! Instead I installed phh-superuser-17-magisk.zip from this link, and the pph apk SuperUser 184.108.40.206 from F-Droid.
- Step 4 : OK, with xposed-v86.5-sdk22-topjohnwu.zip and XposedInstaller_by_dvdandroid.apk
- Step 5 : updated MicroG Services Core to version 0.2.4-20
- Step 6 : installed MicroG DroidGuard Helper version 0.1.0
I found the SafetyNet Helper apk on apkhere website…
Is this the one: https://rootexplorer.co/ ?
It asks me to remount system as read/write but even after allowing this it still can’t delete su in xbin.
Yes it is this one, I have the version 2.19 (of 2012).
It prompts for root at startup, make sure you accept this…
Then you have to mount as R/W, select su and delete.
For removing the one of /system/bin it was no problem, for /system/xbin/ it started lagging (unresponsive app warning), but waiting a bit did the trick…
Ok I got it to work on a fresh install of Open OS, but then I restored the data from my previous backup and now it doesn’t work anymore.
Have you tried it too?
For me the results are:
SafetyNet request: success
Response validation: success
CTS profile match: false
Also in the original XPosed installer app there was a module for microg DroidHelper after installing it, but in the systemless version I don’t have that module. Maybe that is my problem?
Hi Paul !
I tried the SafetyNet Helper but same result as you : CTS profile match: false. However, when I launch Pokémon Go the game is running with MicroG, so in my understanding this game is only checking the SN validation and not the CTS profile…
In the systemless Xposed Installer I have one active module : FakeGapps 1.1, this module is required for signature spoofing.
A post was split to a new topic: :penil_2: How to install any app on FP Open OS (for beginners and experts)
What do you think of downloading APKs from the net ?
I believe it is very dangerous unless you trust the source. I read here What do you think of apkmirror.com? that they could be trusted because they are signed by the author, but is that really enforced when installing from APK file instead of store ? How do you know if it’s signed, and verify the signature ?
Tbh I don’t know much about this.
I rarely download apps from anywhere else than F-Droid and if I do I first look at apkmirror, simply because people who’s opinions I value say it’s trustworthy. If I can’t find it there I use evozi, because as far as I can tell it simply fetches the apks from the play store.
I followed the instructions above with the latest version of magisk (v7) and phh-superuser. Microg states everything is fine with signature spoofing and so on (all boxes are checked) … The issue is SafetyNet Helper. This tool prints the following error message:
SafetyNet request: fail
Google Play services connection failed
Does anyone have any ideas about this issues?
Here is the full guide (at level 5). You may have to do a hard reset or reinstall the OS if you previously tried other things to bypass SafetyNet.
- Did you do everything according to this guide?
- Did all the checks (marked with the ) of the previous steps work?
- Did you disable root with magisk before you tried SafetyNet Helper?
- Dumb Question: Did you make sure you have internet connection?
- Also: SafetyNet Helper is just for diagnostics. Did you try whatever app you wanted to work - I’m guessing Poemon Go?
The first what I did is to flash the latest FP2 image. Then I started with the guide, beginning with deleting /system/xbin/su (I could not find /system/bin/su). After runing through the guide, all microG boxes are checked.
With the latest Magisk Manager I can’t find a way to disable root. I can just start phh SuperUser and disable root there.
I’m afraid you’ll have to start again. Deleting /system/bin/su is essential and has to be done before deleting /system/xbin/su and before flashing phh’s superuser.
Hiding Root from SafetyNet will only work with magisk.
Why not the shipped Amaze app?
Amaze is not able to mount /xbin as read/write
Ok, when I wipe really everything, then my backup and OS installer is gone afterwards. How can I put this back to the device?
Also, pls read this: http://www.xda-developers.com/magisk-updated-to-v7-now-completely-open-source/
It is not possible anymore to hide root with the latest version of magisk!
Hello ! The combination I described above was working for me till yesterday, but now it is not working anymore. Apparently it is due to an update of safetynet that now detects systemless exposed, according to what I read here.
There is a new combination of SuperSU v2.78 SR1 + SuHide v0.53 + Magisk v7 + Xposed 86.6 that apparently works, I’m trying it right now and will keep you informed
Ok, I didn’t get far away with this one…
After a FP OS upgrade to 16.09 (to clean older version of magisk, superuser and xposed systemless) and removing system/bin/su and xbin/su, I installed SuperSU v2.78-SR1 from TWRP. Then I want to install SUHide .53 and it is not allowing it, saying that “do you have SuperSU v2.78 SR1 or newer installed in systemless mode?”. Indeed SuperSU installed itself in system mode, I don’t understand how to go systemless with that zip…
EDIT2 : According to this link, the way to force the systemless install is to type in terminal (TWRP) echo “SYSTEMLESS=true” > /data/.supersu . I didn’t try it myself yet.
Another thing to investigate could be to go with Needle instead of Xposed, anyone have experience with it?
(there’s a workaround inside)
Instead of Needle, I’ve successfully installed its fork Tingle by @ale5000 . At the beginning adb didn’t see my device, then I remembered that I had to allow USB debugging and desactivate USB multimedia share. The Tingle installation is very easy and straightforward.
Now MicroG self-check OK, without Xposed .
However, SaftetyNet Helper still returns “Response payload validation failed”. Perhaps I’ll need to uninstall magisk and un-root ? It’ll be for the next episode