A Zygisk module which fixes "ctsProfileMatch" (SafetyNet) and "MEETS_DEVICE_INTEGRITY" (Play Integrity).
To use this module you must have one of the following:
- Magisk with Zygisk enabled.
- KernelSU with ZygiskNext module installed.
It injects a classes.dex file to modify a few fields in the android.os.Build class. Also, it creates a hook in the native code to modify system properties. These are spoofed only to Google Play Services' DroidGuard (SafetyNet/Play Integrity) service.
The purpose of the module is to avoid a hardware attestation.
You can create this file in the module directory to spoof custom values to the GMS unstable process. It will be used instead of the included pif.json.
You can't use values from recent devices due them triggering hardware backed attestation.
If you are failing basicIntegrity (SafetyNet) or MEETS_BASIC_INTEGRITY (Play Integrity) something is wrong in your setup. Recommended steps in order to find the problem:
- Disable all modules except this one
Some modules which modify system can trigger DroidGuard detection, never hook GMS processes.
- Disable ZygiskNext
- Reboot
- Enable ZygiskNext
Follow these steps:
- Flash the module in Magisk/KernelSU
- Clear Google Wallet cache (if you have it)
- Clear Google Play Store cache and data
- Clear Google Play Services (com.google.android.gms) cache and data (Optionally skip clearing data and wait some time, ~24h, for it to resolve on its own)
- Reboot
Guide
You can read module logs using this command directly after boot:
adb shell "logcat | grep 'PIF'"
No.
You can read more info here: click me