Topic: Hmm, X L Arcade "bait"? (Read 320 times)

PedrosPad · « **Reply #75 on:** December 23, 2004, 02:36:00 AM »

QUOTE(Cio @ Dec 23 2004, 11:19 AM)

Could someone "point" me towards more details about media tags (i presumed the only tags where HD and DVD/CD-RW).

Keo-Keo · « **Reply #76 on:** December 23, 2004, 08:01:00 AM »

QUOTE(PedrosPad @ Dec 22 2004, 10:26 AM)

I've been working on a new APILogger:

PedrosPad · « **Reply #77 on:** December 23, 2004, 09:19:00 AM »

QUOTE(Fofer @ Dec 23 2004, 05:31 PM)

QUOTE(scimitar116 @ Dec 11 2004, 03:17 AM)

3) yes, you can play this as a backup (from a cd, not a dvd) on LIVE without being banned.

Hrmm? Is that so? I mean, I get the part about being able to play this off a CD-R on an unmodded Xbox, but being able to play it on Live with a modded box, without getting banned? Seems too good to be true.

When you log into XBL, doesn't it check your box for modifications and if it senses anything strange, you get banned on next login? At least that's the way I've always understood it and why I'm always sure to turn the modchip off before playing a retail game on XBL. Correct me if I'm wrong please. Are you saying the "check" is simply what media the .xbe is running off of, and if it's not "authorized" you get flagged? And in the case of this game, any old CD-R can be "authorized?"

Regarding XBOX Arcade CD specifically...
A CD-R backup of this can indeed to used to play on Live. This is the only title to my knowledge, that allows this (ignoring the tricky to burn SWBF Demo DVD-Video). And, yes, all the old XBL rules still apply, your machine must be in a retail state in order to not get banned.

jimmsta · « **Reply #78 on:** December 23, 2004, 07:52:00 PM »

CODE

#define XBEIMAGE_MEDIA_TYPE_DONGLE 0x00000100
#define XBEIMAGE_MEDIA_TYPE_MEDIA_BOARD 0x00000200

I'm rather interested in the media type dongle entry.... I'm willing to bet that there's a way to hack the software on the dvd dongle... or some sort of... I think I'll be right back... maybe I can hack it some way or another....

The_Truth · « **Reply #79 on:** December 23, 2004, 09:07:00 PM »

PedrosPad · « **Reply #80 on:** December 24, 2004, 01:59:00 AM »

QUOTE(jimmsta @ Dec 24 2004, 04:23 AM)

CODE

#define XBEIMAGE_MEDIA_TYPE_DONGLE 0x00000100
#define XBEIMAGE_MEDIA_TYPE_MEDIA_BOARD 0x00000200

I'm rather interested in the media type dongle entry.... I'm willing to bet that there's a way to hack the software on the dvd dongle... or some sort o

Been considered. See here.

PS. This is taking this thread off topic. Start a new one if you wish to continue discussions.

Cio · « **Reply #81 on:** December 24, 2004, 11:22:00 AM »

QUOTE(PedrosPad @ Dec 23 2004, 11:07 AM)

See here. Scroll down to, or search the page for "Allowed Media".

PedrosPad · « **Reply #82 on:** December 24, 2004, 01:22:00 PM »

QUOTE(Cio @ Dec 24 2004, 07:53 PM)

Then wouldn't a xbe with the "XBEIMAGE_MEDIA_TYPE_NONSECURE_HARD_DISK 0x40000000" flag run from a unlocked HD?

Sure would

- If you find an XBE with this media type and signed with the valid M$ signature, I'd be keen to see it.

YoshiKool · « **Reply #83 on:** December 25, 2004, 10:40:00 AM »

QUOTE

Right now the most leaniant key we know of is the one on this arcade disk (allows to be burned to be a cdr, can be played on xbl with no problems). Is there any way to compare this key with a normal game disk key and try to hack the diferences?

it's the same key. the media checks are more "leniant". nothing to do with the key.
also... the xbox key length is one of the biggest keys used commercially... it's bigger than most banks would use apparently, 2048-bit is a huge key to crack. if someone brute forced it... even with something like distributed.net it'd probably take thousands of years+

micr0c0sm · « **Reply #84 on:** December 25, 2004, 11:16:00 AM »

Could someone with an sdk log what external files are being called by the x-arcade disk / default xbe...., and make a buffer overflow exploit there to run any of the current exploits?? (nkptacher would probably work best in this situation).

I wonder if we could just extract the x-arcade iso, change some files around so that when it loads a game its really loading say a gamesave exploit type file...

p.s. im a total newb to xbox development...

Flame2k · « **Reply #85 on:** December 25, 2004, 01:18:00 PM »

if the ms sig is cracked its kinda made all this work in the past obsolete... could have a shitty effect on the softmodding scene (well untill xbox 2 comes out hehe)

PedrosPad · « **Reply #86 on:** December 25, 2004, 01:45:00 PM »

QUOTE(micr0c0sm @ Dec 25 2004, 07:47 PM)

Could someone with an sdk log what external files are being called by the x-arcade disk / default xbe...., and make a buffer overflow exploit there to run any of the current exploits?? (nkptacher would probably work best in this situation).

What a cracking idea. See page 2 of , er, this very thread.

BluhDeBluh · « **Reply #87 on:** December 25, 2004, 01:55:00 PM »

QUOTE(Flame2k @ Dec 25 2004, 09:49 PM)

if the ms sig is cracked its kinda made all this work in the past obsolete... could have a shitty effect on the softmodding scene (well untill xbox 2 comes out hehe)

mrp04 · « **Reply #88 on:** December 25, 2004, 07:58:00 PM »

that would be AWSOME! GREAT if you can get it to work!

Cio · « **Reply #89 on:** December 29, 2004, 07:46:00 AM »

QUOTE(nprice @ Dec 24 2004, 09:52 PM)

Cio, locked harddrives are not an issue for modchip users, as they boot from a non-MS bios that allows them to run unsigned code and boot from an unlocked harddrive. Softmodders on the other hand boot from original MS bios, so they need to boot a signed Xbe that is eploitable from a buffer overflow. So even before the Xbe is exploited, the MS bios will detect that the harddrive is unlocked and halt the boot process. In addition, by editing the Xbe to change the media flag you are breaking the MS signature which means you will not be able to run it from MS bios. Sorry, no cookie for you.

Author Topic: Hmm, X L Arcade "bait"? (Read 320 times)