I doin't know much information specifically the sata calls nor do I know how flashing programs work through the sata bus. However, my thoughts about this are pretty simple and based on other hacking techniques where command intercepts are commonly used to response "correctly" to queries in order to fool the issuer into thinking it is getting the responses it needs.
What we need is some circuitry that contains an input sata and an ouput sata connector. Connect the sata cable from mobo into this circuit. Then connect sata cable from the other side into the DVD drive. What this circuit does is examine sata requests coming from the motherboard simply forwarding on those calls that are of no consequence, but hijaaking the ones that ask to read the firmware and then pass back results computed from a stock firmware flashed to this circuit. That way any requests to read, calc checksums etc will all be based on a "copy" of the stock firmware stored on this circuit while the hacked firmware located on the drive is free to allow backups. This (in theory) should make the mod undetectable. You could even let the sata flash this "copy" fw with anything it wanted (again theoretical) and let those intercepted calls report back info based on the new FW while still letting hacked firmware stay resident in the DVD's actual firmware (although I really don't expect this scenario is likely since a power outage would brick the 360 when flashing so it's something that is waaay to risky for MS to do).
Thoughts? Comments?
Cal
Author
Topic: Sata Command Intercept Is The Key (i Think) (Read 50 times)