Print

[opjose]

QUOTE (ArMaGeDdOn @ Nov 20 2002, 08:44 AM)

sorry, the detect even with chip off is my theory.  because technically the chip is still attached, and we're not sure how MS checks for a modchip [not 100% sure anyways],  i just said that it's best to be cautious about that. opjose is the main man.  i'm just taking guesses here.  so, yeah.  don't trust the system even with your modchip set to off.  only trust a physical disconnect.  for now. hopefully something comes through.  remember, hasn't even been a week since release of xbox live.  lots of breakthroughs [well, just really good theories and ideas] have come through so far.  let's wait to see what they do for us.

                                    It's almost impossible for them to detect an LPC mod chip with the LPC mod switched OFF.

Their "trick" to getting you to run a mod chip detection snippet of code with the chip ON is what gets you.

It's a bit of subterfuge on their part, but it's quite effective.

Thanks to my still working MODDED Xbox I know this is the case.

I sacrificed another one to provide a control.

(Thank god for good and patient friends!)

[b0b]

or maybe the xbl updates xboxdash.xbe or xbl dash or both with the code like what is contained in evox to query the modchip then they dump it and upload it on your next xbox live connect (if it was after the beta period)

Zander seems to have a deep understanding of the server structure MS is employing with live. Would it be possible once we had the required information about the packets to patch the xbox and xbl dash so it would spoof the authorization ticket?

[mavmf]

QUOTE

They utilize "misdirection". E.G. they get you to run the updated dashboard (with mod chip detection code built in) when you turn ON your Xbox. This sets something (a flag, a bit?) Then even if you turn the mod chip OFF, upon the next connection your Xbox "reports in" that you have a mod chip in your machine. After that bye bye connection. This is why you CAN use Live if you NEVER use the updated M-icrosoft dashboard (and/or game) with your mod chip turned ON.

I have a matrix chip in mode 3 with ONLY the MS dash installed.
I therefore have gone to the MS dashboard with the modchip enabled as I don't have any other dash to go to (and I don't always boot straight to a game when I turn it on)

I haven't been banned in over a week yet.

The thing I haven't done is try the connection attempt or change any settings in the dashboard with the modchip enabled.

So it seems to me that I CAN access the MS dashboard with my modchip enabled, without it settting a flag to ban me the next time I connect with the modchip off. Maybe I'm just lucky... anyway I'm prepared to buy another box when this one eventually does get banned.

[opjose]

QUOTE (b0b @ Nov 20 2002, 11:27 AM)

We'll If Zander is right then this flag or bit must have been created by the XBL beta disc. It might be possible that code in both the updated xboxdash.xbe as well as XBL's xbe are cooperating, in that the ms dash is detecting not the mod but the fact that homebrew software is running on the box via HD scanning. XBL's installer obviously had the power to read the contents of the drive at this time back when XBL was in beta. So then it scanned the c: e: f: drives for known evox dashbroad names as we'll as sizes and checksums. That is why people with there evox dash named as xboxdash.xbe had there files updated. The update knowning that xboxdash.xbe is what was popular to name the evox dash ignored the fact the checksums didn't match what it expected and overwrote it with the update code then it wrote data somewhere safe about the fact the checksum didn't match. On Nov 15 upon running the XBL live dashborad that flag was sent to the XBL and the server allowed you to connect for the purposes of dumping your eeprom to ban your mac address as we'll as the header (they didn't look for the serial number since they already had it since you needed to be a registered member at xbox.com to enter the beta. if this is true then when the online key zander speaks of is transmitted to XBL it says to the server ok this is valid but our server says it's also banned and then returns an incorrect redirect command to multicast for the XBL serice as Zander said. If i'm right then useing the blank serial eeprom from pixel8 before useing xbl would of also prevented this at least up until the ban which wouldn't matter since they never got your orginal eeprom in the first place wish I had thought of that before.

                                    No they are not scanning the drives, as I've been able to take a drive from a NON-working machine and transfer it to a working one without problem.

(of course after unlocking and relocking).

The only thing which has kept the second modded machine connected is that I have NEVER used the M-icrosoft dashboard and Xbox Live with the mod chip turned on.

[opjose]

QUOTE (mavmf @ Nov 20 2002, 01:25 PM)

QUOTE They utilize "misdirection". E.G. they get you to run the updated dashboard (with mod chip detection code built in) when you turn ON your Xbox. This sets something (a flag, a bit?) Then even if you turn the mod chip OFF, upon the next connection your Xbox "reports in" that you have a mod chip in your machine. After that bye bye connection. This is why you CAN use Live if you NEVER use the updated M-icrosoft dashboard (and/or game) with your mod chip turned ON. I have a matrix chip in mode 3 with ONLY the MS dash installed. I therefore have gone to the MS dashboard with the modchip enabled as I don't have any other dash to go to (and I don't always boot straight to a game when I turn it on) I haven't been banned in over a week yet. The thing I haven't done is try the connection attempt or change any settings in the dashboard with the modchip enabled. So it seems to me that I CAN access the MS dashboard with my modchip enabled, without it settting a flag to ban me the next time I connect with the modchip off. Maybe I'm just lucky... anyway I'm prepared to buy another box when this one eventually does get banned.

                                    Yeap it could be at connection time via the XBLive tab.

When the animation is running the packets are initially sent out.

This is why the failure looks almost instant to the "banned" boxes.

[Beantown]

QUOTE (opjose @ Nov 20 2002, 10:57 AM)

Yes and no. Once the Xbox is on the "list" so to speak, the damage is done. This is why the utility to modify the serial number/mac and header is needed. This MAY permit us to UNDO the banning, then coupled with the F:boot bios you would have a workable way around the entire problem.

So your convinced that there is really a list after reporting in for the first time?

I was thinking that maybe the "flag" is now built in to the eeprom or other encrypted header info when attempting to establish a connection.  This way M$ doesn't need to maintain a "list".

[__Blaz0__]

One question here, has anyone tried to wipe their HDD clean(Back to original state) and reload the software for live?  Basically start over.  I am thinking of doin this myself, but need to get my switch installed first.

[shommel]

What is f_boot bios anyway.
is it out yet?

Steve

[HeavenX007]

QUOTE

One question here, has anyone tried to wipe their HDD clean(Back to original state) and reload the software for live? Basically start over. I am thinking of doin this myself, but need to get my switch installed

but if you already got listed and banned then it wont matter what you do to your system, unless you can replace your serial and mac as well.

[Sev]

I guess it's about time we actually start looking at what's really happening around the detection side of things so we can be sure, rather than giving theories, if we can.

So the current idea seems that xboxdash.xbe is doing a check and setting an EEPROM flag which is picked up on the next Live connect attempt.

Firstly, has anyone with a modded but unbanned machine (and an EEPROM backup) been able to see a change in the X, Y and Z values when they attempt to connect to Live without a CAT5 cable plugged in, after going to the MS updated dash?

Even without the connection test, has dropping into the updated xboxdash.xbe with a modchip on effected a change in the EEPROM settings?

As far as I can tell, moving from Live beta to full live didn't change my xboxdash.xbe or the xodash directory contents - xboxdash.xbe only changed once, and that was when the Beta Live was installed. I have backups of my system state in each of these three situations - before beta, with beta, with full, I'll compare them a little later.

The 'Live performing an update' happened to me when I ran the MotoGP demo from the full Live disc. This appeared to load a new MotoGP XBE file onto the E drive. I didn't notice any other major changes.

There are fragments of 'connection' messages in the xboxdash.xbe file,
has anyone noticed network activity from the dash at any point, even before trying to do a connectivity test?

The X, Y and Z settings. At least some of these seem to be bitfields, for example bit 5 of X (if you see it as a 32 bit number) appears to mean 'MAC address overriden). Does anyone have any more?

Maybe it's also time to move this to a new thread eg 'What's really happening'?

[__Blaz0__]

I guess what I am getting at, are we sure there is an actual list or a flag that is sent out from our box saying "yes" allow to connect , or "no" dont connect.  It just seems so unfair to ban a serial.  I mean why punish someone who wants to right their ways and actually remove the mod from their system, cause they care more about playing live.

[Sev]

First confirmation:

For me, there are no differences between the beta and full versions of:

xboxdash.xbe
xodash\xonlinedash.xbe
xodash\update.xbe

This was a PAL beta. The files were dated 23 August 2002.

The lengths, respectively, are:
1,633,220 bytes
1,819,192 bytes
1,914,880 bytes

[BenJeremy]

Waiting for 10 new topics posted asking if new X2 and Evo-X BIOSes prevent XBL from detecting them in 5... 4.. 3.. 2...

[opjose]

QUOTE (Beantown @ Nov 20 2002, 01:58 PM)

QUOTE (opjose @ Nov 20 2002, 10:57 AM) Yes and no. Once the Xbox is on the "list" so to speak, the damage is done. This is why the utility to modify the serial number/mac and header is needed. This MAY permit us to UNDO the banning, then coupled with the F:boot bios you would have a workable way around the entire problem. So your convinced that there is really a list after reporting in for the first time? I was thinking that maybe the "flag" is now built in to the eeprom or other encrypted header info when attempting to establish a connection.  This way M$ doesn't need to maintain a "list".

                                    No I've reflashed a non-working Xbox with an eeprom dump I made ages ago. No go.

[opjose]

QUOTE (__Blaz0__ @ Nov 20 2002, 02:57 PM)

One question here, has anyone tried to wipe their HDD clean(Back to original state) and reload the software for live?  Basically start over.  I am thinking of doin this myself, but need to get my switch installed first.

                                    Yeap, doesn't help for the connectivity problems.