Print

[Xbox-Scene]

Xbox 360 DVD Firmware Hack - Follow-up-- Posted by XanTium on March 19 20:39 EST
A bit more news about the Xbox 360 DVD Firmware Hack we talked about yesterday.
If you missed the news yesterday, I posted lots of info there already, check it out here so you can catch up and understand what's below.

* SeventhSon on the xboxhacker.net forums has been working on getting the Hitachi-LG GDR-3120L DVD drive working on Linux and Windows the last few weeks. Yesterday I said it was required to open your DVD drive and remove the firmware chip to read the Hitachi-LG DVD firmware and/or to get the unique 16 byte key, but on SeventhSon's page he explains how you can get this drive connected and recognized by Linux and Windows. He even programmed a few cmd-line tools (also available for windows and linux) that will allow you to dump the memory (incl. 'forbidden ranges'), firmware and unique key of the DVD drive on your PC and also tools to write (peek/poke single bytes) to the DVD memory (not firmware) and execute arbitrary MN103 code (this drives used the MN103 DVD chipset) from a PC on the drive.
Now, to flash your firmware you will still need to open your dvd drive and flash the firmware with a chip programmer (for now atleast, people are searching how to make it flashable via PC) (also note that chip is epoxied, so it's probably best to removed it to flash it), but with these tools you can already dump the firmware without chip programmer. So people out there with enough asm/assembly knowlegde that would like to take a look at the firmware themself but don't have a chip programmer can use this method.
Very technical details about his research are available on this page[kev.nu], but end-users will do just fine with this 'summary' page[kev.nu].


* Team xecuter also posted a bit about the hack:

Well done from Xecuter(info)!
(Pretty much) all the information you need is in these threads [note x-s: keep in mind these are threads in the XBH technical forum - technical/serious posts only please].
* The Challenge Response Protocol
* Hacking DVD firmware AGAIN
* Dumping Security Sector with H-943A
* Getting XBOX drives to work in windows

From what we can tell so far is that the game image will have to be patched too - We can smell a new feature for Qwix(info) 2

The scene can expect a hack for all drives very soon (It's currently only Hitachi) - you can be assured that it will be released although I don't think modchips will be any kind of business as its a pure piracy mod - no homebrew at all.

*UPDATE* Team Xecuter posted more about the hack, find it in our new post here.


* Xlife.nl posted an nice interview with TheSpecialist (in dutch - translated to english by me):

Xlife: Tell us a bit about yourself for the visitors of Xlife.nl (who are you?, what's your job in real-life?, age?, ...)
TheSpecialist: Usually asking the age is indiscreet, but in this case it's the only one I want to answer, hehe, I'm 30.

Xlife: How many people worked on the project?
TheSpecialist: 6 hackers were in the team. Although I think you can't say that only these 6 people made the hack: without the contributions from other people on XBH this would never have succeeded, it would have taken much more time anyway.

Xlife: How long did you actually work on this hack?
TheSpecialist: It's hard to say how many hours were put into this hack. We started last year analysing the original Xbox DVD firmware security because very few was known about it. We were expecting that the Xbox 360 security was based on this one and good knowledge into the security of the original Xbox would probably give useful insight for the protection in the Xbox 360 (and it looks like we were right). The reason we started with the original Xbox is because the kernel was easy to rip which helped us to find out when the original Xbox kernel went 'OK' with a DVD.

Xlife: Did you have contact with Microsoft about this hack?
TheSpecialist: No

Xlife: Why did you decide not to release the hack publicly?
TheSpecialist: The Xbox 360 was announced by Microsoft as the best protected console on earth and that hackers would be surprized by the unseen high level of security. This type of statements makes most hackers excited/interested. For me personally it looked like a great challenge to find out if the security was really so good. I think this motivation applies for pretty much all hackers on XBH. To look for security bugs was thus the real goal. Distribute a hack like this has nothing do to with 'hacking' and has also never been my goal.

Xlife: Aren't you concerned/worried that you gave ideas to people and that these will duplicate your hack and release it publicly?
TheSpecialist: To start with I think the hack isn't interesting for the average end-user in it's current status, because you need specific hardware and knowlegde to flash the drive. The current hack is also easy to patch for Microsoft because a backup differs on several points from the original and Microsoft could easily check for this. A 'perfect' emulator, that reports a backup in ALL possible ways exactly the same way to the Xbox 360 as an original disc is outside our scope and this would also require a lot of work/time. There's a possibility that this would start a cat&mouse game, where Microsoft comes with new patches and hackers will hack this again, ... So this means that as long as there's no 'perfect emulator' Xbox LIVE users will always risk getting banned and if they don't want to take this risk they will still have to buy original games.

Xlife: Did you directly start hacking the DVD firmware or did you first try hacking other parts of the Xbox 360?
TheSpecialist: No, we started directly with the firmware. The DVD firmware project on XBH is totally separated from, for example, the guys at free60.org

Xlife: Is it possible to play games on Xbox LIVE with your hack?
TheSpecialist: At this moment yes, but that's till Microsoft comes with a patch.

Xlife: What's your opinion about the fact that people doubt the authenticity of the small video you released?
TheSpecialist: The proof is in the hardware details on the XBH forums, not in the video. I released the original video now [see here[rapidshare.de - 100MB high quality version of first movie and with original sound]], that will already crush the speculation of a 2nd Xbox 360 in the reflection of the TV. I also think that if you carefully watch the movements of the laser you can no longer say this is fake. If you'd put a backup in a normal Xbox 360 the laser would not move the same way (see for example the movements to the outer edge of the disc, where it reads the security placeholder data). Only with very expensive hardware and lots of work and money a video like this could be faked.

Xlife: Do you plan to try hacking other parts of the Xbox 360?
TheSpecialist: There are no plans for that at this moment.

Xlife: Is there something else you'd like to say to people reading this interview?
TheSpecialist: Like amiga release groups said in the 'old days':'A game worth playing is a game worth buying'. I don't want to sound 'moralistic', but I always agreed with this 'ideology' and I hope others do too. I also thought it was great to see The Netherlands was well represented on XBH and I hope to welcome more interested dutch people in this little world.

Interview courtesy Xlife.nl.


Please don't use the discussion thread below to start another (pointless) real/fake fight (these posts will be deleted) ... if you really want to discuss that keep it in this thread.

[sew3521]

Interesting interview...and i must say i totally believe this if team xecuter believes it

[Mega_mil]

Well at least he cleared up a few things like how easy M$ could just make a patch to get rid of this.  WHen he said cat and mouse game, it only made me think of the PSP.  It would be the same kind of game going on.  Only difference is at first the hackers had SOny on the run but now Sony is starting to make things a lil bit more diffucult.

[JUANVAN]

^^ I belive with the new GTA hack for the PSPworks on all firmwares. They will make a patch I am sure at sometime. But right now I think the modders are up one..

But This post in the artical does not seem right from TeamXecuter - "The scene can expect a hack for all drives very soon (It's currently only Hitachi) - you can be assured that it will be released although I don't think modchips will be any kind of business as its a pure piracy mod - no homebrew at all."

Does this mean they have given up trying to chip a 360???

[VOlition]

I hope not...

[ILLusions0fGrander]

well.. couple facts got pointed out as far as, yes, they will most likely patch it so you cant abuse xbox live which is a good thing i have to say.

good work... hopefully a mod that helps all of us (homebrew) will be released before the end of the year.

This post has been edited by ILLusions0fGrander: Mar 20 2006, 03:48 AM

[snakejoe]

QUOTE(JUANVAN @ Mar 20 2006, 10:47 AM)

^^ I belive with the new GTA hack for the PSPworks on all firmwares. They will make a patch I am sure at sometime. But right now I think the modders are up one..

It is different, you cant run homebrew application on 360 now, that mens you cant use homebrew application to cheat the game that your 360 is the latest version.

[EnergySurge]

I've said it before and I am going to say it again, I give MAD props to TheSpecialist and everyone who worked on that DVD Firmware Hack.  I also completely agree within reason as to why it is not going to be released.  HOWEVER, my only question is the fact that since it has been said so many times that he will not release it EVER, why is it also said (I think by TeamXecuter) that there will be a hack for ALL Drives and that the scene "CAN" expect it to be released?  What does this mean?  If it is in fact going to be released, is that when people can actually flash the DVD Drive's Firmware via PC so that way its much MUCH easier to do?  I mean I would like to play my own "LEGAL" Backups but I would not want to see people with every game made for the 360 because seriously, "Some" (a few) games are very good and I am so far buying them (and still buying them, ie. Condemned, COD2, and G.R.A.W, next is Oblivion and NFS:MW!)

[mitch2025]

i dont want any knd of hack on the 360 yet. once a hack gets released publicly then gamerscores arent gonna mean shit. i like the gamerscore system. it keeps me playing a game because i want to get the points. it adds replay value to my games. however when people can just load up a hack and get all 1000 gamer points for any game then it makes me not want to even attempt to get the gamer points thus taking replay value out of my games. but thats just me

[ILLusions0fGrander]

as far as gamerscore.. i dont think you can get points through saves/hacks  anyways, because it unlocks them as you get them.

[dmack_901]

QUOTE(ILLusions0fGrander)

as far as gamerscore.. i dont think you can get points through saves/hacks anyways, because it unlocks them as you get them.

If people can hack the 360, they sure as heck can get the program to send that info to XBL without competing the mission.

[Unregistered007]

QUOTE(dmack_901 @ Mar 20 2006, 03:28 AM)

If people can hack the 360, they sure as heck can get the program to send that info to XBL without competing the mission.

getting a hack for playing backups is one thing but getting fake gamerscore ? thats just SICK

the biggest theives in the gaming industry are not the modders but the rental services.

[lc204]

We need hackers without any ethics to join the scene.  The Specialist and his team sounds like they have some good moral sense.  Maybe we can bribe them with beer and hookers.  (IMG:style_emoticons/default/tongue.gif)

[JoBlo69]

I think people need to accually know what there talking about before they start talking...

most of the disscusion is jokes and stuf i know but there are alot of people in the fake firmware threat that have there head up there ass...

but thats just me...

thespecialist is not going to ever release the accual hacked firmware because he has givin the knowlage on how to do to everyone out there that cares to read is thread on the topic...

and when it was said that he will never release it, but there will be a hack for all 30 drives this means that there are other people/tems out there that read the specialist technical disscution on the topic wich in detail discribes in great detail how to do this dvd firmware hack...

other teams have picked this up and are continuing the work that the specailist has starded with this...

thespecailist isnt going to release this hack into the wild because he doesnt want to deal with whatever ms might do o whatever, he has posted his work in his disscution so that people that have the knowladge to reproduce his work will release it...        

[nic8612]

QUOTE(JoBlo69 @ Mar 20 2006, 05:29 AM)

I think people need to accually know what there talking about before they start talking...

most of the disscusion is jokes and stuf i know but there are alot of people in the fake firmware threat that have there head up there ass...

but thats just me...

thespecialist is not going to ever release the accual hacked firmware because he has givin the knowlage on how to do to everyone out there that cares to read is thread on the topic...

and when it was said that he will never release it, but there will be a hack for all 30 drives this means that there are other people/tems out there that read the specialist technical disscution on the topic wich in detail discribes in great detail how to do this dvd firmware hack...

other teams have picked this up and are continuing the work that the specailist has starded with this...

thespecailist isnt going to release this hack into the wild because he doesnt want to deal with whatever ms might do o whatever, he has posted his work in his disscution so that people that have the knowladge to reproduce his work will release it...        

im not bitching about him not releasing the firmware, but in case he hasnt noticed, he is already in violation of the law by reverse engineering the firmware.  if MS cared, they would already have his ass