Print

[NotMe1963]

Actually if you have been following the discussions about downgrading the kernel and 4552.  With the 4552 update an efuse was blown and downgrade was disabled.  Attempts to downgrade after that update result in an unbootable console.  Re-flashing with 4552 returns the console to life.  If you have removed the resistor which was on the supply line for the 5v needed for blowing efuses it would still be possible to downgrade, but consoles that have not had such a mod are currently unable to complete a downgrade from 4552.

[leorimolo]

who cares, anyway a modchip will be needed, so when you install it it will be required to just overide the efuse, also how hard can it be?

[0794]

vary smart hacker...and it appears that he covered his tracks legally by notifying MS...

true homebrew is still in the future...

[653dan]

QUOTE(NotMe1963 @ Feb 28 2007, 01:36 AM)

Actually if you have been following the discussions about downgrading the kernel and 4552.  With the 4552 update an efuse was blown and downgrade was disabled.  Attempts to downgrade after that update result in an unbootable console.  Re-flashing with 4552 returns the console to life.  If you have removed the resistor which was on the supply line for the 5v needed for blowing efuses it would still be possible to downgrade, but consoles that have not had such a mod are currently unable to complete a downgrade from 4552.

thanks for confirming that couldn't find where i'd read that, the efuses aren't fuses in the conventional sense are they? (individual mobo components) but rather onboard/part of the cpu or other vital 360 chip

at least theres now a proven exploit method giving us something to look for else where in the system

[ILLusions0fGrander]

odd.. i dont use my FW hacked 360 much.. newest game ive played on it was... carbon?

D:2.0.4532.0

hope something comes of this! doubt it will be very soon, but its a little more hopeful

[jameswalter]

QUOTE(leorimolo @ Feb 27 2007, 05:39 PM)

who cares, anyway a modchip will be needed, so when you install it it will be required to just overide the efuse, also how hard can it be?

Oh....just override the E-fuse....no problem...except that it is inside the CPU...and I do mean inside.

[leorimolo]

QUOTE(jameswalter @ Feb 27 2007, 07:55 PM)

Oh....just override the E-fuse....no problem...except that it is inside the CPU...and I do mean inside.

Thanxs, I knew couldn't have been so easy. Maybe with this door open it can lead to more.

[santa09]

im not a hacker but from all that i kno. this is pretty much useless unless you have a way to downgrade kernel. Why can you just sniff the key like they did with the original xbox and then inject it into the flash with some code already there so the 360 thinks its signed but it really isnt. mabye?

[fahrenheit]

Well its all becoming a little clearer now. Guess this is what "a few performance and stability issues" really means - http://www.majornelson.com/archive/2007/01...ash-update.aspx

This post has been edited by fahrenheit: Feb 28 2007, 03:52 AM

[codywolf]

could this mean we can get banned from xbl with going online with hacked fw

[quarky42]

QUOTE(794 @ Feb 27 2007, 06:42 PM)

vary smart hacker...and it appears that he covered his tracks legally by notifying MS...

true homebrew is still in the future...

I agree.  Sure I would *love* to see a modchip come out immediately because of this, but if you were smart enough to come up with a hack like this, then you might also be smart enough to realize that if MicroShaft found you after you blew something like this wide open WITHOUT telling them, they might just sue your right into the ground.  If you told MicroShaft what was up and they ignored you, and then you blew them out of the water with a successful hack they wouldn't have a legal leg to stand on.  You gave them due notice just like the people that discover vulnerabilities in software before evil/bastards find them and get them fixed before they can be exploited...   If the company fails to respond then they publish code.

The other problem with this is that even if you could win in court, MicroShaft has enough money to tie you, your family, your friends, your pets, and your possessions up in legal proceedings until you are old and gray without worrying about any loss to M$.   I give the guy props for covering his ass and releasing all the technical mojo for another skilled hacker to reproduce his results.

Sure downgrade might not be possible at this time with the blown fuse in the processor, but a new bug could hit, or other hackers may discover a way to completely replace the bios ala current xbox modchip style and make it give the same responses to queries ala current drive firmware attacks.   This could be huge in leading towards new hacks.  He just explained how the whole security system handshakes and how it was exploited.  I think that is very worthwhile.  If he was out there to screw the mod community, then he wouldn't have showed anything and bugtraq wouldn't have gotten all those juicy details.


I believe good things will be coming from this.   Even if this exact method doesn't create the end-all-be-all solution, I think it opens many new doors and provides some great insight for minds greater than mine.  I look forward to seeing "what's next".

[juan_2006]

       

Amazing!!

[infamous_Q]

could we use a same sort of on the fly chip as is used in teh firmware...or sort of?

have two modes. one's homebrew mode, and one's retail mode.

retail mode:

everything functions as it should, any chips or exploits (minus the FW hack for those who use backups) are off

homebrew mode:

-live connection is severed (this prevents cheaters on live, and hopefully detection by MS...although if there's no live connection i dont see why they'd want to to ban you ne ways) best way to do this would write something that will block communication with live IP's.
-exploits/chips are on, homebrew is allowed to run.
-access to the internet/network is still allowed (or running if enabled)
- this could be initialized by launching software or something, or a hardware switch (this could enable switching between the two modes very easily). but who knows....


if you ask me the best way to do it would be if someone kept a version of the bugged bios, and we completely copied it to another chip in order to allow homebrew to run when that one's on. no live contact means no risk of banning or updating.

just an idea tho....work it like an xbox 1 chip maybe, so it auto boots to the hacked bios. you could use another chip in order to easily control communication between the chip storing the bugged version and the current one.
that is of course....if we can copy the bios w/o breaking the signature.

[ThaCrip]

looks promising ... i aint to worried as i dont have a xbox360 yet as im waiting for price to drop and basically to sum it up the only game i "really" want for the xbox360 right now is forza motorsport 2

if the x360 does ever get fully hacked it will be nice though although i doubt it will happen anytime soon although this is a step in the right direction ... until then the original xbox will still have a good use

[gnutellafan]

what a great time to have a year old new in the box, untouched 360 ;-)