xboxscene.org forums

Pages: 1 2 3 [4] 5 6

Author Topic: Sha-1 Broken!?  (Read 394 times)

cmiz

  • Archived User
  • Sr. Member
  • *
  • Posts: 438
Sha-1 Broken!?
« Reply #45 on: February 16, 2005, 11:16:00 PM »

QUOTE(The_Truth @ Feb 17 2005, 03:08 AM)
@cmiz: THEY HAVE GOTTEN THE BURNED DVD READ(not from booktype, but it was read), the disk swap with music mixer doesn't check for media type, so you can load a hacked gamedisk(of music mixer).
Logged

fghjj

  • Archived User
  • Sr. Member
  • *
  • Posts: 288
Sha-1 Broken!?
« Reply #46 on: February 16, 2005, 11:58:00 PM »

Still, 2^69 is a lot attempts for a public-key-patching, retail-bootable .xbe while we have plenty of non-crypto flaws in the Xbox.
Logged

cmiz

  • Archived User
  • Sr. Member
  • *
  • Posts: 438
Sha-1 Broken!?
« Reply #47 on: February 17, 2005, 12:17:00 AM »

wink.gif

no as far as the possibility of us getting this to work out, it's a long shot...and for now i'll just stick with UXE and nkpatcher 10. but if we got a cd flagged xbe that could load a new bios. that'd be pretty sweet! even though originally this would mainly be an access to install an existing softmod.
Logged

shakaru

  • Archived User
  • Full Member
  • *
  • Posts: 128
Sha-1 Broken!?
« Reply #48 on: February 17, 2005, 12:47:00 AM »

What about the Rental Wipe disc and the Test Equipment disc. What media are the put on?
Logged

PedrosPad

  • Archived User
  • Hero Member
  • *
  • Posts: 1277
Sha-1 Broken!?
« Reply #49 on: February 17, 2005, 03:32:00 AM »

QUOTE(cmiz @ Feb 17 2005, 01:29 AM)
we're not coming up with new ideas to help MS...we're simply stating that ideas that have been kicked around before are not solved by this. if MS had any intention of doing these things, they would be doing them already.
Logged

ZakMcRofl

  • Archived User
  • Full Member
  • *
  • Posts: 167
Sha-1 Broken!?
« Reply #50 on: February 17, 2005, 04:26:00 AM »

So basically what needs to be done is this:
1) Take RSA-signed header from CD/DVD-Bootable XBE (starwars dvd, hulk, arcade cd)
2) Add bios-loading XBE code
3) Since the resulting XBE would have the wrong SHA-Checksum, add random data until it the code section matches the SHA-Checksum in the header
4) Boot XBE from DVD+R (set to DVD-Rom booktype) or CD-R

Obviously the big problem is 3). I am not sure if the currently exposed weakness allows to do this. According to a slashdot comment, " The attack does only one thing: allows an attacker to generate two streams of data which hash to the same value."
Apparently it does not allow you to generate a second stream of data which hashes to the same value as a given stream.
Which is what we would need and which is why I don't think we'll get any results from this hack...
Logged

shakaru

  • Archived User
  • Full Member
  • *
  • Posts: 128
Sha-1 Broken!?
« Reply #51 on: February 17, 2005, 05:21:00 AM »

The attack that was reported on slashdot took only hours after they figured out what to do. But you pointed out something that we compleatly missed. There are more cd/dvd's that boot than the live cd. This gives us many more options. Secondly, i see no reason not to try to makie an program that will make an xbe, check the sum, and add a unit then try again. It will be time consuming, and it will be tough, but we have all seen how long some xbox projects take and considering that there has to be a large enough group of us who may be willing to do this, I see no reason not to.
Logged

Keo-Keo

  • Archived User
  • Sr. Member
  • *
  • Posts: 477
Sha-1 Broken!?
« Reply #52 on: February 17, 2005, 03:22:00 PM »

It comes down to that age old saying..

If human can make it.. Another human can break it..

Logged

The_Truth

  • Archived User
  • Full Member
  • *
  • Posts: 134
Sha-1 Broken!?
« Reply #53 on: February 17, 2005, 04:05:00 PM »

cool.gif
Logged

Odb718

  • Archived User
  • Hero Member
  • *
  • Posts: 925
Sha-1 Broken!?
« Reply #54 on: February 17, 2005, 07:09:00 PM »

tongue.gif
Logged

triggernum5

  • Archived User
  • Hero Member
  • *
  • Posts: 896
Sha-1 Broken!?
« Reply #55 on: February 17, 2005, 10:04:00 PM »

They don't mention the power cord in the news-break because it doesn't sound nearly as exciting..  My fav newsbreak is "One of the major colas may have toxic batches..  We'll tell you which one at 11:00"  I think it was on the Simpsons..
Logged

jameswalter

  • Archived User
  • Hero Member
  • *
  • Posts: 745
Sha-1 Broken!?
« Reply #56 on: February 18, 2005, 12:19:00 AM »

QUOTE(dankydoo @ Feb 16 2005, 08:20 PM)
You charge people for this stuff.... and you don't know what you are talking about?  Wow.  Poor bastards..
Logged

cmiz

  • Archived User
  • Sr. Member
  • *
  • Posts: 438
Sha-1 Broken!?
« Reply #57 on: February 18, 2005, 12:36:00 AM »

just a general question. has anybody burned the dvd-demo movies to dvd-r and ran the xbe's? just curious as to whether that had been done or not?
Logged

krayzie

  • Archived User
  • Hero Member
  • *
  • Posts: 3350
Sha-1 Broken!?
« Reply #58 on: February 18, 2005, 12:44:00 AM »

QUOTE(cmiz @ Feb 18 2005, 07:42 AM)
just a general question. has anybody burned the dvd-demo movies to dvd-r and ran the xbe's? just curious as to whether that had been done or not?
Logged

cmiz

  • Archived User
  • Sr. Member
  • *
  • Posts: 438
Sha-1 Broken!?
« Reply #59 on: February 18, 2005, 09:33:00 AM »

QUOTE(krayzie @ Feb 18 2005, 07:50 AM)
the dvd demo's also had a xbox dvd signed default.xbe. it would be just as useless as trying a normal burned xbox game
Logged
Pages: 1 2 3 [4] 5 6