Print

[ArMaGeDdOn]

so are you agreeing or disagerring with me?  you agree that the matrix in mode 3 can still be detected somehow with a future modchip detection method?

[opjose]

QUOTE (DaOne @ Nov 21 2002, 05:27 PM)

Ok, I will try to make this clear. Here is what we have tried and the results... Swaping "X" from a valid eeprom to a banned one results... Starting eeprom is banned and new info is from a valid eeprom. Valid Serial = Ban Valid MAC = Ban Valid HD KEY (by itself) = Ban Valid Online Key by itself = Ban Valid HD Key and Online Key = Connect Now doing the same in reverse (Swaping banned info into the valid eeprom) Banned Serial = Connect Banned MAC = Connect Banned HD KEY (by itself) = Ban Banned Online Key by itself = Ban Banned HD Key and Online Key = Ban As you can see the serial and MAC make no difference. We can even pair random info for the serial and MAC with a banned eeprom and its still banned. We can do the same on a valid eeprom and it will still connect. So it has to do with the HD KEY and Online Key. We have also confirmed that the online Key is generated off the HD Key useing a RC4 encription. We are almost there guys.

I buy all of this and have seen it myself.

What I'm unsure of is the hard disk key though.

It would seem that this is a bit much (though eminently feesible) for M-icrosoft to do.

It effectively means that they MUST have some software which runs on the target Xbox which not only preps the drive, but sets everything up to be "consistent".

Yet from the stickers I've seen, it appears that the drive is prepped without being connected to the motherboard itself.

Though who knows, it may well be that both the motherboard and drive are mated before being installed in the Xbox.

Anyway the one thing it does NOT account for are the people (myself included) that have taken a valid key from another machine WITHOUT moving the other machine's driver over, and ressurected a banned Xbox.

Given what you said, this SHOULD not work, unless I'm missing something.

Very interesting stuff though.

[opjose]

QUOTE (jcsickz @ Nov 21 2002, 06:12 PM)

this method sounds good, but what if you cant dissable your mod chip

                                    You are SOL without some means to disable your mod chip fully.

[upstatenyguy22]

QUOTE (DaOne @ Nov 21 2002, 05:27 PM)

Starting eeprom is banned and new info is from a valid eeprom. Valid Serial = Ban Valid MAC = Ban Valid HD KEY (by itself) = Ban Valid Online Key by itself = Ban Valid HD Key and Online Key = Connect Now doing the same in reverse (Swaping banned info into the valid eeprom) Banned Serial = Connect Banned MAC = Connect Banned HD KEY (by itself) = Ban Banned Online Key by itself = Ban Banned HD Key and Online Key = Ban As you can see the serial and MAC make no difference. We can even pair random info for the serial and MAC with a banned eeprom and its still banned. We can do the same on a valid eeprom and it will still connect. So it has to do with the HD KEY and Online Key. We have also confirmed that the online Key is generated off the HD Key useing a RC4 encription. We are almost there guys.

Great work!  This is finally starting to make some sense to me.

So from what I can see, M$ doesn't care much about the s/n for authentication purposes - they don't really even need to use it to track us, they've got our accounts for that.

So what they do check is that you have a valid online and HD key (remember, HD key, not HD unlock code - just mention that as some people seem to get confused by this, and I'm confused and they're the same, someone please tell me, as that would change everything in a manner of speaking).  And I'd seriously doubt it's a check for both being valid (ie if you use valid HD Key from EEPROM A with valid Online Key from EEPROM B, you would not connect - can someone verify that?).

Rather, they check for one of the 2, we don't know which, but let's say HD key for agument's sake, and see if it has been banned.  If not, they check that when they encrypt the HD Key with their key using RC4 it turns into the Online key.  How did you find that the online key is generated from the HD Key?

While it's certainly possibly they have a list of valid HD Keys, it may be more likely that they just have a list of banned keys, so if we can figure out what makes a HD Key "look" valid, whether it's been issued or not, we're ok.  Either way, this doesn't seem terribly difficult.

But then we have to figure out how to tranform the HD Key into it's corresponding online key (ie, what key do they use to encrypt it) - that sounds like the much harder part to me.

This stuff is probably all fairly obvious to you all, but I'm just looking for a quick check on my logic before I think more about attacking the problem, so I'm not looking the wrong way.

[undead]

Ok..  More info..


1. The Online key IS present with a "Virgin" XBOX and does NOT change when you install LIVE..

2. The HDD Key is NOT linked directly with the Online Key..

We uses the original HDD from XBOX1, then we copy and use the Online Key from XBOX2 to XBOX1 and XBOX LIVE still works on XBOX1..  so there's no direct relationship..  also both XBOX1 and 2 are not banned..  

So our assumption on this is that either XBOX Live looks at BOTH HDD and  Online Keys when you get banned or JUST the Online Key !!

We'll verify as soon as we can get our hands on a  banned eeprom image..

[upstatenyguy22]

QUOTE (undead @ Nov 21 2002, 07:15 PM)

Ok..  More info.. 1. The Online key IS present with a "Virgin" XBOX and does NOT change when you install LIVE.. 2. The HDD Key is NOT linked directly with the Online Key.. We uses the original HDD from XBOX1, then we copy and use the Online Key from XBOX2 to XBOX1 and XBOX LIVE still works on XBOX1..  so there's no direct relationship..  also both XBOX1 and 2 are not banned..   So our assumption on this is that either XBOX Live looks at BOTH HDD and  Online Keys when you get banned or JUST the Online Key !! We'll verify as soon as we can get our hands on a  banned eeprom image..

                                    Ah hah.  This sounds easier.  So if we use a vaild HD Key and a valid online key, we're ok.  They don't have to be a "pair" from what you're saying.  From what daOne says, it's more than just the online key, but if we just need to have two seperate key generators, one for the online key and one for the HD key - well, we can do that.

Let me know when you can confirm that a bad either HD or online key breaks the process.  Zander has a banned eeprom handy, I left everything at home today.   Get a hold of him and he can probably get it to you faster than I can.

[opjose]

QUOTE (undead @ Nov 21 2002, 07:15 PM)

Ok..  More info.. 1. The Online key IS present with a "Virgin" XBOX and does NOT change when you install LIVE.. 2. The HDD Key is NOT linked directly with the Online Key.. We uses the original HDD from XBOX1, then we copy and use the Online Key from XBOX2 to XBOX1 and XBOX LIVE still works on XBOX1..  so there's no direct relationship..  also both XBOX1 and 2 are not banned..   So our assumption on this is that either XBOX Live looks at BOTH HDD and  Online Keys when you get banned or JUST the Online Key !! We'll verify as soon as we can get our hands on a  banned eeprom image..

                                    Great! this is consistent with what I've seen, as have others.

[Zander]

undead?

news?

Z

[Pr0crastin8r]

undead, IM me at Pr0crastin9r on aim, [email protected] (msn), or 96314782 on ICQ if you want my before and after eeproms (oct16, nov16), the first being when i was on xbl beta, the second being after the ban.

[undead]

[undead]

pr0crastin8r, i added you to my msgr..

i have something for u to try...

[undead]

We have obtained a supposedly banned eeprom image from an unknown source and we then did the following with a known good and NON banned xbox..

here is exactly what we did: (with offsets into eeprom image)

Used our original HDD Key (0x00 to 0x2F)
calculated new checksum (0x30 - 0x33)
used NEW serial number (0x34 - 0x3F)
used NEW MAC address (0x40 - 0x45)
used 2 byte word align padding (0x46 - 0x47)
used the Banned eeprom's Online Key (0x48 - 0x57)
used the original Video standard settings (0x58 - 0x5F)
used 0xFFFFFFFF for checksum (factory reset) (0x60 - 0x63)
Zeroed everyting else out for factory reset (0x64 - 0xFF)

when we turned the xbox on it asked for language and time zone (factory reset)..

we went into XBOX LIVE network config and it picked up the new Serial and MAC..

we then launched a XBOX LIVE game.. SUCCESSFULLY signed with this serial, mac and Online Key combination kicked some ass in UNREAL !!!!

From this can for certain say that (if this was indeed a banned box) the Online Key and HDD Key as nothing to do with each other..  and progress is just ahead !!

Next step would be to try and resurect an actuall banned xbox !  

Any volunteers ??

[atomon]

could you explain how to do all this stuff in n00b terms please?

[undead]

thats correct..  the only missing piece is the HDD Key..

And we are on "edge" waiting to find out if that is the case..  just awaiting for feedback from some "testers"

will keep you all posted...

[Fuzzy]

opjose and zander, remember how earlier i was talking about having my old and new eeprom, if i just replace the eeprom without changing anything else (the new with the old) will my box work again?