Print

[opjose]

QUOTE (Sev @ Nov 20 2002, 06:10 PM)

I've just checked my EEPROM contents since my first ever backup, and the situation I have now. I'm actually surprised so little changed. There is only a single bit difference in the entire EEPROM. Bit 1 of 0xFD is set now, it wasn't before (was 0x09, is now 0x0B). I'm not saying this is related to a modchip check, and I'll *never* say reversing it will make a difference (because it'd make no sense for that to be the case, banning would be far easier once it happened once) but it's possible this could be a 'carrier' flag. Having said that, the HD partition table could hold such information as well. My quest is to find out exactly how this is being done.

                                    MS also "holds" restrictived information in inaccessible areas of the memory card.

There is no reason why they couldn't also set the flag on a non-used sector of the hard drive.

However the only contradiction to this is that I've been able to move drives from banned machines to non-banned units without a problem.

Once you are connected and banned, it's all moot though.

[opjose]

QUOTE (Sayten @ Nov 20 2002, 08:13 PM)

QUOTE (teacup @ Nov 20 2002, 05:33 PM) To start with, we can change the serial of an xbox, and when we try to connect to live with it (modchip on) this serial/MAC gets banned. My idea is too create a program on the xbox that cycles through serial numbers, logs on and gets that number banned. That's not going to work. In the eeprom, there is an online key that is used to encrypt the initial authentication packets. This is a shared secret that M$ also has, and its associated with that serial number. The key is never transmitted over the network, so M$ uses the transmitted serial number to look up the appropriate key. Each Xbox has a unique online key. So, if you change the serial number, but don't use the correct online key, then M$ won't be able to decrypt the packets and can't authenticate the Xbox. QUOTE (teacup @ Nov 20 2002, 05:33 PM) Since the xblive account doesn't get banned, just the xbox, a single account and xbox could ban hundreds of serial numbers. I think M$ would notice this and ban the account after awhile.

                                    Correct again!

I've played around with this and it seems that indeed the KEY and serial number and MAC address are interrelated.

This is why the taking an EEPROM from a non-banned system works, where a simple modification of serial number & mac address does not.

[opjose]

QUOTE (Ph34R @ Nov 20 2002, 08:20 PM)

What about all the Unmodded boxes who are having this problem? Why are they being put on the banned list when they have no such Chip running?

                                    That's the big joke at present.

It seems that M-icrosoft's scheme is far too overzealous.

Their message boards are repleat with even more people complaining in droves every single day, that their Xboxes are not connecting (connectivity) yet are not modded.

A small percentage of these may be bad setups, refurbished/returned systems (from modders!), etc. But not all of them.

The number of systems affected seems to be fairly big though.

[opjose]

QUOTE (Sev @ Nov 20 2002, 08:54 PM)

Zander: doubly agreed. The Live 'Update' people see after using full games is, as far as I can tell so far, an executable update for that game itself. If you have a modchip, check the number of XBE files you have on your E: partition before and after such checks. This is why the demo MotoGP updated when I first used it from the nonbeta Live, and why Whacked! didn't. It'd also be the reason why the 'update' was instantiated from different retail discs. This is what the code seems to say. That update could result in a game with further modchip checks being run instead of the default.xbe it originally used. I'm actually looking for the modchip check itself, I haven't found it yet. There are many many things it could look for, not just BIOS checksums. But either way, so far, I can prove that Live games have the chance to update their own executable, and this can be run instead of their own default.xbe .

                                    Yes very true.

[opjose]

QUOTE (NoMention @ Nov 20 2002, 11:51 PM)

After reading all of this, I have but one question.  Where are all the packet sniffer junkies out there that will make EvoX have its own emulated XBox Live tab?  It can't be that hard to have EvoX (or whatever dashboard you are using) have it's own implementation of the XBox Live protocols.   There are numerous service emulators out there that all run on this simple concept.  Let's trap the packets as they come to and from the Xbox and build our own XBox Live app.  Then, we could force the XBox to not notify MS that the XBox is modded, etc. Sounds viable to me.  I don't have a packet sniffer though...

                                    The only problem is that this would have to be done "outside" of the Xbox itself as the games love to update themselves at connection time.

Ideally you would connect to live using your non-modded Xbox and capture the correct response packets.

These would be analysed for your specific Xbox to determine what the servers are expecting.

Then you would add the trapped data to a response filter on your (Linux!) firewall which would intercept the XBLive packets going out that reveal your modded device.

Since the filter would replaced the authentication responses with good authentication code, the remote servers would never learn that you xbox has a mod chip in it.

If you could do this, then you would not even have to worry about the mod chip being on or not, as the fix would be handled outside the Xbox.

It's all UDP stuff though.

[opjose]

QUOTE (Fuzzy @ Nov 21 2002, 02:38 AM)

if its server side why can 70% of the users connect

                                    Are you referring to 70% total or 70% of modded systems.

Having seen way too many modded systems "drop off" I would assume you mean the former.

In which case, MS screwed the pooch so to speak.

Their anti-mod protection is WAY too agressive and tends to block even unmodded machines.

Of course there is an error factor in there too. Misreported units, (reported as unmodded but actually not) misconfigured routers, refurbs, returns where were modded then resold, etc.

[ArMaGeDdOn]

opjose, will this setup work:

http://xbox-scene.fx...f840461aef24947


i mean, will that work well?  just as well as having 2 xbox systems?  (considering xbox is never installed on the modded drive).

please take a look and post something in there.  i think that would be a pretty much 100% un-bannable setup.  i would like your comments though.

thanks.

[opjose]

QUOTE (joeflux @ Nov 21 2002, 07:09 AM)

opjose, can M$ after banning your xbox. Keep you from playing your backups that are not Live type? Or the ban is only to keep from connecting online?

                                    So far there are still no mod chip detections in games.

I expect to start seeing that too in a few months though.

[-wr-]

   

I should start off by saying that I am in no way affiliated with Team Assembly... just passing on the news.

This was just posted on Team Assembly's web site at:
http://www.assembly.co.za/

___________________________________________

11/21/2002 - Successfully Logged on to XBOX LIVE with Changed XBOX Serial Number and MAC Address !!!
Thats Right folks !! We have done it.. We could tonight successfully change the XBOX Serial Number and MAC Address to something we wanted and the XBOX LIVE Network Dash picked the changed Serial number and MAC Address up !!!!

We Then successfuly signed on to XBOX LIVE with the NEW serial number and MAC address with the MOD Chip removed.. the XBOX LIVE System was 100% happy with the NEW Serial Number !!!!

While we were at it, With our New Serial and MAC we played a bit of Online UNREAL Championship (And kicked some ass!!)

This is a GREAT step forward to help understand why a 100% stock and a un-modified XBOX with all modifications removed can NOT access XBOX LIVE....

Please beware that this is for informational purposes ONLY you MUST only use XBOX LIVE with an un modified XBOX as stated in the XBOX LIVE agreements.. please also see disclosure at the bottom of this page...

[phantazma1]

geez.. there's sooo many posts that you all probably won't even read this message. oh well, i just wanted to say that LIVE looks kickass!

[yourstruly]

QUOTE

He is also using COPIED games online with success as long as the switch for the chip is OFF!!

Are you SURE  this is what you mean?

AFAIK you cannot use coppied games at all with the switch off.

Unless this is a typo or miscomunication, I would disbelieve your friend.

[opjose]

QUOTE (-wr- @ Nov 21 2002, 11:30 PM)

I should start off by saying that I am in no way affiliated with Team Assembly... just passing on the news. This was just posted on Team Assembly's web site at: http://www.assembly.co.za/ ___________________________________________ 11/21/2002 - Successfully Logged on to XBOX LIVE with Changed XBOX Serial Number and MAC Address !!! Thats Right folks !! We have done it.. We could tonight successfully change the XBOX Serial Number and MAC Address to something we wanted and the XBOX LIVE Network Dash picked the changed Serial number and MAC Address up !!!! We Then successfuly signed on to XBOX LIVE with the NEW serial number and MAC address with the MOD Chip removed.. the XBOX LIVE System was 100% happy with the NEW Serial Number !!!! While we were at it, With our New Serial and MAC we played a bit of Online UNREAL Championship (And kicked some ass!!) This is a GREAT step forward to help understand why a 100% stock and a un-modified XBOX with all modifications removed can NOT access XBOX LIVE.... Please beware that this is for informational purposes ONLY you MUST only use XBOX LIVE with an un modified XBOX as stated in the XBOX LIVE agreements.. please also see disclosure at the bottom of this page...

                                    There is one minor problem with this.

They merely changed the serial number and the MAC address, on a non-banned system.

This does NOT "unban" a system which is already aflicted.

[Fuzzy]

QUOTE (opjose @ Nov 23 2002, 12:39 AM)

QUOTE (-wr- @ Nov 21 2002, 11:30 PM)     I should start off by saying that I am in no way affiliated with Team Assembly... just passing on the news. This was just posted on Team Assembly's web site at: http://www.assembly.co.za/ ___________________________________________ 11/21/2002 - Successfully Logged on to XBOX LIVE with Changed XBOX Serial Number and MAC Address !!! Thats Right folks !! We have done it.. We could tonight successfully change the XBOX Serial Number and MAC Address to something we wanted and the XBOX LIVE Network Dash picked the changed Serial number and MAC Address up !!!! We Then successfuly signed on to XBOX LIVE with the NEW serial number and MAC address with the MOD Chip removed.. the XBOX LIVE System was 100% happy with the NEW Serial Number !!!! While we were at it, With our New Serial and MAC we played a bit of Online UNREAL Championship (And kicked some ass!!) This is a GREAT step forward to help understand why a 100% stock and a un-modified XBOX with all modifications removed can NOT access XBOX LIVE.... Please beware that this is for informational purposes ONLY you MUST only use XBOX LIVE with an un modified XBOX as stated in the XBOX LIVE agreements.. please also see disclosure at the bottom of this page... There is one minor problem with this. They merely changed the serial number and the MAC address, on a non-banned system. This does NOT "unban" a system which is already aflicted.

                                    i wish...

[opjose]

If you pass the connectivity test with the mod chip OFF, yes.

If you had it on, welcome to the banned box club.

[Lucid]

By the way...My XBOX was never banned OPJOSE.