|
|
|
Plans in the works for a "post 7371" exploit?
|
|
|
maru487
Newbie
|
11. April 2011 @ 14:52 |
Link to this message
|
Does anyone know if there are plans in the works, or if there is anyone working on an Xbox360 post-Efuse jailbreak/jtag/modchip?
I know there is the DVD-ROM backup through a USB stick or firmware flashing. That's unfortunately too limiting.
I assume the best method would be similar to what the PS3 has with a jailbreak method, modifying the latest 12625 firmware?
Any links or info would be great!
Thanks in Advance....
|
|
Advertisement
|
 |
|
|
|
marcusj0015
Member
|
11. April 2011 @ 15:01 |
Link to this message
|
|
I don't know of any Plans, but everyone should band together and crack the 360 full tha fuck open, there doin all this scurity shit, we should crack there beast open so far they can't do anything about it
|
|
maru487
Newbie
|
11. April 2011 @ 15:10 |
Link to this message
|
Originally posted by marcusj0015:
I don't know of any Plans, but everyone should band together and crack the 360 full tha fuck open, there doin all this scurity shit, we should crack there beast open so far they can't do anything about it
YA! YOU GO MAN! This is the energy needed to CRACK THAT MOTHER.........BOARD!
My background is electronics engineering so my firmware experience is somewhat limited...but I really want to figure this out, especially after they hijacked the XBMC from XBOX1 and turned into sh!t... their media center is the biggest POS code on the planet... no compatabilty, no dts, its slower then my granddad's abacu-ass..
I want to show up that turd of a company....
|
|
Modking30
AfterDawn Addict
|
11. April 2011 @ 15:20 |
Link to this message
|
Originally posted by marcusj0015:
I don't know of any Plans, but everyone should band together and crack the 360 full tha fuck open, there doin all this scurity shit, we should crack there beast open so far they can't do anything about it
Please repeat in english
|
|
jpizzle
Senior Member
|
11. April 2011 @ 15:42 |
Link to this message
|
|
we don't have their keys
|
|
Modking30
AfterDawn Addict
|
11. April 2011 @ 15:55 |
Link to this message
|
Originally posted by maru487:
Originally posted by marcusj0015:
I don't know of any Plans, but everyone should band together and crack the 360 full tha fuck open, there doin all this scurity shit, we should crack there beast open so far they can't do anything about it
YA! YOU GO MAN! This is the energy needed to CRACK THAT MOTHER.........BOARD!
My background is electronics engineering so my firmware experience is somewhat limited...but I really want to figure this out, especially after they hijacked the XBMC from XBOX1 and turned into sh!t... their media center is the biggest POS code on the planet... no compatabilty, no dts, its slower then my granddad's abacu-ass..
I want to show up that turd of a company....
My xbox will run anything you throw at it through media center. Including MKV's. You are just a noob who doesn't know how to set it up
|
|
maru487
Newbie
|
11. April 2011 @ 16:18 |
Link to this message
|
Originally posted by Modking30:
Originally posted by maru487:
Originally posted by marcusj0015:
I don't know of any Plans, but everyone should band together and crack the 360 full tha fuck open, there doin all this scurity shit, we should crack there beast open so far they can't do anything about it
YA! YOU GO MAN! This is the energy needed to CRACK THAT MOTHER.........BOARD!
My background is electronics engineering so my firmware experience is somewhat limited...but I really want to figure this out, especially after they hijacked the XBMC from XBOX1 and turned into sh!t... their media center is the biggest POS code on the planet... no compatabilty, no dts, its slower then my granddad's abacu-ass..
I want to show up that turd of a company....
My xbox will run anything you throw at it through media center. Including MKV's. You are just a noob who doesn't know how to set it up
Nice Thread hijack - not the subject, but noob?
yes and no...ive logged my time with several xbox1s, 360s and ps3s not sure what is considered noob...but modchiped, jtagged, jailbreak (ps3 and ipads) plus all the setups for networking to pcs in order to stream video, and pipe in "homebrew", etc... im certainly no guru, but i do know what the 360 can and can't do
you can't be serious about comparing the orignal XBMC with the MS version?
Bootup time:
XBMC - 5 seconds
MSMC - over 45-60 seconds! bleh!
PS3 with PS3 Media server- 5-10seconds
Compatibility:
XBMC - mkv,dts, everything - (unfortunately the processor was to slow for this)
MSMC stock - WMV, dvix
MSMC with patches - mkv and the likes, but certainly NO DTS! and subitles in MKVs will NOT run, they jerk-off as soon as someone speaks.
PS3 - EVERYTHING
And since most of the mkvs these days are dts standard its a pain in the ass to run Remuxer (to remove subtitles) and AudioConverter (to convert to AC3)
Plus if you ever get a chance to disassemble the Xbox and a PS3, do it. The PS3 is WAY more elegant then the 360... the people at Microsoft should be embarrassed with their designs
This message has been edited since posting. Last time this message was edited on 11. April 2011 @ 16:24
|
AfterDawn Addict
3 product reviews
|
11. April 2011 @ 16:28 |
Link to this message
|
|
Maru has a point there Modking :D
On topic, I dont think there will be a post 7371 exploit myself. Im not even sure that c4eva will be able to combat the latest dash secuity measures. Ill still keep my finger and toes crossed though.
To get instant assistance with Flashing / JTAG / Homebrew from experts for free! click me (Im not one of the said experts BTW)
Make poverty history, cheaper drugs NOW! |
|
AkaMrMike
Member
|
11. April 2011 @ 16:43 |
Link to this message
|
|
Yeah this new dash has me worried also. Might get by with offline but as for live might be a thing of the past. If so we had a good run!
|
|
jpizzle
Senior Member
|
11. April 2011 @ 16:57 |
Link to this message
|
|
I'm pretty sure this dash is not going to end piracy ;)
It just might take a bit of time.
|
|
Modking30
AfterDawn Addict
|
11. April 2011 @ 17:14 |
Link to this message
|
Originally posted by jpizzle:
I'm pretty sure this dash is not going to end piracy ;)
It just might take a bit of time.
Correct. How many times have we heard this?
This message has been edited since posting. Last time this message was edited on 11. April 2011 @ 17:15
|
|
Modking30
AfterDawn Addict
|
11. April 2011 @ 17:16 |
Link to this message
|
Originally posted by maru487:
Originally posted by Modking30:
Originally posted by maru487:
Originally posted by marcusj0015:
I don't know of any Plans, but everyone should band together and crack the 360 full tha fuck open, there doin all this scurity shit, we should crack there beast open so far they can't do anything about it
YA! YOU GO MAN! This is the energy needed to CRACK THAT MOTHER.........BOARD!
My background is electronics engineering so my firmware experience is somewhat limited...but I really want to figure this out, especially after they hijacked the XBMC from XBOX1 and turned into sh!t... their media center is the biggest POS code on the planet... no compatabilty, no dts, its slower then my granddad's abacu-ass..
I want to show up that turd of a company....
My xbox will run anything you throw at it through media center. Including MKV's. You are just a noob who doesn't know how to set it up
Nice Thread hijack - not the subject, but noob?
yes and no...ive logged my time with several xbox1s, 360s and ps3s not sure what is considered noob...but modchiped, jtagged, jailbreak (ps3 and ipads) plus all the setups for networking to pcs in order to stream video, and pipe in "homebrew", etc... im certainly no guru, but i do know what the 360 can and can't do
you can't be serious about comparing the orignal XBMC with the MS version?
Bootup time:
XBMC - 5 seconds
MSMC - over 45-60 seconds! bleh!
PS3 with PS3 Media server- 5-10seconds
Compatibility:
XBMC - mkv,dts, everything - (unfortunately the processor was to slow for this)
MSMC stock - WMV, dvix
MSMC with patches - mkv and the likes, but certainly NO DTS! and subitles in MKVs will NOT run, they jerk-off as soon as someone speaks.
PS3 - EVERYTHING
And since most of the mkvs these days are dts standard its a pain in the ass to run Remuxer (to remove subtitles) and AudioConverter (to convert to AC3)
Plus if you ever get a chance to disassemble the Xbox and a PS3, do it. The PS3 is WAY more elegant then the 360... the people at Microsoft should be embarrassed with their designs
That was a thought out and very nice response.....over RuleD! (my cousin vinny)
|
AfterDawn Addict
|
11. April 2011 @ 17:47 |
Link to this message
|
Whatever MS throws out there won't be unbeatable. I'ts simply a matter of whether c4eva (or someone else) decides to put in the time needed to crack it.
If man makes it, man can break it.
|
|
cooll903
Member
|
11. April 2011 @ 18:01 |
Link to this message
|
|
i just wish i was better at coding cause i would of loved to take a crack at MS coding. just to show them that they aren't as smart as they think they are. that the rule holds true " how ever smart you think you are there is ALWAYS someone smarter than you"
|
|
maru487
Newbie
|
11. April 2011 @ 18:37 |
Link to this message
|
|
So if the Efuse is blown, on previous IBM chips it didn't physically blow, but on the M$ versions they redesigned it so it would physically blow?
If that's the case, then isn't it possible to redirect the code to another registry other then the Efuse? Say an external port even?
If they are able to run a rebooter for 12625, seems very possible to run some kind of redirection.
|
Senior Member
|
11. April 2011 @ 20:11 |
Link to this message
|
Possible yes, with an unlimited arsenal of tools, time, and money. However, translating the exploits into methods that end users can understand/perform in the comfort of their own homes is therein where the challenge lies. It'd be one thing if there was someone in the world willing to throw all their resources (money) at this problem without expecting a return on their investment and then sharing this information with the public virtually for free, only so that certain members of the community figure out a business model so they can profit from someone else's endeavors. Essentially, that's the way it works out on the firmware side of the xbox 360.
There are a few people out there on top willing to work on these problems in an open-source community...however, there is always someone in the community who steals that knowledge to profit from it.
I guess now we're up to speed on 360 politics :)
"All drives should be updated to Lite Touch + (LT+) firmware if playing on XBOX live. Samsung drives and pre-78/79 Hitachi drives do not utilize AP 2.5. All other drives are considered to be detectable by Microsoft (YMMV). Make sure all rips are ABGX verified, contain SSv2, and patched AP2.5 (where needed). XGD3 must currently be burned on new drive with PC Burner Max firmware for 100% rip. All modded consoles can be potentially unsafe for use on XBOX live."
|
|
marcusj0015
Member
|
12. April 2011 @ 04:44 |
Link to this message
|
that Efuse idea is a good idea, i don't think MS actually blows any fuses, i think they mark them as blown, nothing actually physically happens to the 360, i don't think
but what we REALLY need to do, is we need to find a method to get the backup kernel running, if we do that, we will be able to run the 4xxx kernel with the JTAG hack, then we would be able to do anything
i'm assuming the backup kernel is there incase something happens during an upgrade to the Dashboard, so that the 360 could be rebotted and fix it's self, we need to find a way to make the dashboard update fail,
This message has been edited since posting. Last time this message was edited on 12. April 2011 @ 04:47
|
|
m4r0v3r
Member
1 product review
|
12. April 2011 @ 07:01 |
Link to this message
|
|
It won't happen, the new slim does have JTAG points though...
|
|
marcusj0015
Member
|
12. April 2011 @ 09:27 |
Link to this message
|
|
what won't happen?
if we have people saying it won't happen, we'll end up like the Zune modding community AKA nonexistant
This message has been edited since posting. Last time this message was edited on 12. April 2011 @ 09:28
|
|
maru487
Newbie
|
12. April 2011 @ 13:51 |
Link to this message
|
Does anyone know where I could obtain a datasheet of the Xenon or Jasper IC? I'm researching into the type of efuse they are using, but a datasheet would help
|
|
marcusj0015
Member
|
12. April 2011 @ 14:05 |
Link to this message
|
here is a link, it's a pretty good writeup: http://arstechnica.com/old/content/2005/06/xbox360-2.ars/2
you should also check out the Xenon's codename: IBM Waternoose
i don't know what IBM CPU it's based on, but i DO know, that it is basically the PS3 Cell, without the PPU's it's just the PS3 Cell's Core, times 3
http://www.theregister.co.uk/2004/08/02/ibm_efuse/
an eFuse, as used by IBM, is used to manage the CPU by lowering the power and so forth, Microsoft o the other hand, used the eFuses as a sort of file, if the eFuse set is blown in a certain pattern, that means a certain thing. and they are very much so reprogrammable, at least the IBM eFuses are reporgramable, who knows what Microsoft has changed
apperantly the CPU Key is at least partitally based on the eFuse pattern, and that the actual CP key CHANGES based on the eFuse Data, and there is clearly an algorithm linking the eFuse data, to the CPU Key, so if we could find simularities between the CPU Key and the eFuse, over hundreds of machines, we could have the algorithm, be great if Xell would anonymize the CPU Keys, and the eFuse Data, adn start comparing them all.
i say Xell, becasue they actually have easy access to both values
This message has been edited since posting. Last time this message was edited on 12. April 2011 @ 14:25
|
|
maru487
Newbie
|
12. April 2011 @ 15:03 |
Link to this message
|
Thanks for the links and info!!...I will investigate more
seems to me, the processor should be easily blanked out to a factory default, reprogrammed with a bootloader, then by the firmware of choice. I think that's the direction I'll head in but I would rather see a simple jailbreak for all firmwares just out of principal.
I'm a firm believer that when I buy a product, it is mine. I should be able to tie a rope around and make it a boat anchor or turn the system into a controller for my car. Doesn't matter, I OWN IT. And to prevent me from reprogramming it with ANY software of MY choice should be criminal.... IMO.
Ok, nough of the ranting... back to my boring job...
|
|
marcusj0015
Member
|
12. April 2011 @ 15:08 |
Link to this message
|
lol, i agree, but it's time this bitch be cracked wide the fuck open, and it will make MS release the 720 sooner to boot!
i think we, as a community, need to investigate the $flash_oddupd1.xex
$flash_oddupd2.xex
$flash_oddupd3.xex
theres litterally an EXE inside of that, that flashes an included bin file, that overwrites DVD Drive firmware
one more thing, the eFuse's arent actually blown, it's a state, AKA changeable
This message has been edited since posting. Last time this message was edited on 12. April 2011 @ 15:11
|
|
maru487
Newbie
|
12. April 2011 @ 15:36 |
Link to this message
|
Originally posted by marcusj0015:
lol, i agree, but it's time this bitch be cracked wide the fuck open, and it will make MS release the 720 sooner to boot!
i think we, as a community, need to investigate the $flash_oddupd1.xex
$flash_oddupd2.xex
$flash_oddupd3.xex
theres litterally an EXE inside of that, that flashes an included bin file, that overwrites DVD Drive firmware
one more thing, the eFuse's arent actually blown, it's a state, AKA changeable
Unfortunately, it didn't take me long to find out that the Efuse is permanent. Some websites say that it is reversible and I had read a few articles before hinting at the physical process, but this one solidifies it for me:
http://paris.utdallas.edu/ssiri08/Tonti_SSIRI_eFuse_V2.pdf
Here's an insteresting one for those who are before 7371:
http://dwl.xbox-scene.com/tutorial/XBOX360cpu15data.pdf
Basically, triggered by the programming process, current flows through the bridge and changes the resistance of the diode from low to high. Where did the Efuse rumor come from? Maybe they don't use them? I continue to research, but I think its likely permanent. The name is inherent of permanent situation, otherwise wouldn't they call them EBreakers?
This most likely means an override/modified version of firmware that ignores or looks elsewhere for the register values.
|
|
Advertisement
|
|
|
|
marcusj0015
Member
|
12. April 2011 @ 16:45 |
Link to this message
|
maybe, i don't see how any change could be permanant, as in not possible to reverse
sounds like they increase the voltage to specific eFuse's, which heats the silicon, making it more dense, we might be able to reheat it to bring it back to normal
your right, it does look permanant, it looks like a wax like material is used to seperate the silicon in an un blown eFuse, and the heat melts the wax, and the silicon, being hot, basically fills in the gap
This message has been edited since posting. Last time this message was edited on 12. April 2011 @ 16:55
|
|
