Print

[torne]

QUOTE(V1pErS11 @ Jun 12 2008, 02:09 PM)

One question though, it is mentioned that this is similar to the eeprom hack, now I don't know much about the eeprom hack but as far as I know it wasn't required to own another un-baned xbox and get its keyvault or whatever.

No, the eeprom hack also required the identifying information from another unbanned xbox. However, this information was very easy to dump on the original xbox as it only required booting a gamesave exploit, so people who had no intention of going on Live were able to dump theirs and offer them for sale on forums for people who needed to get unbanned.

QUOTE

So does this mean that this method to un-ban the 360 will eventually not require a second xbox and be simplified?

It is extremely unlikely that it will ever be possible to unban your 360 without using the keyvault from another unbanned xbox. This was never possible with the original xbox even though that was considerably less secure. We might eventually discover a new exploit which makes it easier to dump the keys from the 360, and that would probably result in a market for unbanned keyvaults, but currently it's so hard that it's nothing more than a curiosity. The only people this is currently useful to is "people who hacked their 360 to run linux and then had it RRoD", as they're pretty much the only set of people who will have a spare unbanned keyvault

There is no guarantee that it will ever get any easier; it probably won't. MS have done a far better job this time around; the 360's security is a defence in depth. Just buy a new 360 if you want to go on Live again.

[C0rpsefact0ry99]

Congrats on finding a way around it but if your going through all the trouble to use another xbox code why not just use the other xbox?

[torne]

There is indeed no real point to doing this, no.

The only situation where it's really useful is if you have already dumped the keyvault from one console (to try out the exploit to boot Linux etc) and that console later dies: you now have a spare unbanned keyvault you can later use on another console. This is likely to be a really rare scenario, though.

[brando56894]

im happy to see progress is being made in xbox hacks i dont use xbox live (well gold atleast) so it wouldnt really be that big of a deal if i got banned but atleast theres a way around it now.

[un]{nown]

Curious if anyone knows if MS stores the key they banned on there servers or are they just somehow flagging the keyvault to annouce it's been banned? If it was them flagging the keyvalut then why not just backup the keyvault in a unbanned state and then restore it if it ever becomes banned ?

Keep in mind I'm not very savy on this subject so I may be speaking out my ass on this one.

[torne]

There is a Live ID in the keyvault which is used during the xbox live login process to authenticate the console. This ID is marked as banned on their servers; nothing is changed on the console when it is banned.

[kennyinbmore]

QUOTE(Martinchris23 @ Nov 22 2007, 06:23 PM)

You can pick up 360's for the cost of 3 games (2 games if you just want the console). Given the fact that you'll never need to worry about being banned again, I think it's a fair tradeoff.

Martin

Actually the cost of 2 games for a refurb from gamestop. That's what I did, $125.00. By the way this fix is great and all but you still need a 2nd console to do it and if so what purpose does it serve?

[eNLogic]

This is good news. NAND keys can be changed.

Here's an Idea: Considering the fact that all data travels through the ethernet cable, couldn't you technically parse the NAND key from the data and SPOOF a different NAND? Personally, I have my XBox connected via Internet Connection Sharing in Windows. It could be as simple as running a service in the background that spoofs the XBox's NAND. Coupled with a keygen, you could change the NAND within seconds of being banned.

Or some variation of this idea. Forget all this soldering, thats too much work. We need to think spoofing.

This post has been edited by eNLogic: Nov 30 2009, 09:34 PM

[Facinus]

QUOTE(eNLogic @ Nov 30 2009, 02:29 PM)

This is good news. NAND keys can be changed.

Here's an Idea: Considering the fact that all data travels through the ethernet cable, couldn't you technically parse the NAND key from the data and SPOOF a different NAND? Personally, I have my XBox connected via Internet Connection Sharing in Windows. It could be as simple as running a service in the background that spoofs the XBox's NAND. Coupled with a keygen, you could change the NAND within seconds of being banned.

Or some variation of this idea. Forget all this soldering, thats too much work. We need to think spoofing.

Spoofing it? Yes, probably the best and easiest way to do it.
Keygen? Eh, maybe. More then likely it doesn't validate against an algorithm but against a database of keys. If there could be a keygen. Everyone should spoof as many as possible just to get them banned. Thus causing tons of legit users to be banned unfairly, creating a huge revolt. M$ would respond in one of a few ways, all of which would be good for us.

[torne]

The keys are generated randomly and stored by MS during manufacturing; there is no way to make a keygen.

[Facinus]

QUOTE(torne @ Dec 1 2009, 07:23 AM)

The keys are generated randomly and stored by MS during manufacturing; there is no way to make a keygen.

Like I said "Eh, maybe". Even if they are generated randomly, there will be some sort of algorithm, and if the keygen works 1 out of 10 times then its worth it. The trick is not to generate new keys, but generate existing keys. Like I said, maybe.

[torne]

There is no algorithm, it is *random*. The Xbox CPU, like any other processor with security features, has a hardware random number generator inside, which generates actual randomness, not pseudorandom numbers, using a physical (possibly quantum) process (exact implementation varies).

The number of possible keys is vastly higher than the number of xboxes; it's not a matter of it working one out of ten times, you would have to try millions of keys before finding one that worked.

[Facinus]

The Xbox CPU does not generate its own key.. Thus invalidating your first paragraph.

As for your second paragraph, you're right. But I was always wary of the keygen bit, hence why I repeatedly said maybe. Spoofing, on the other hand, is the way to go.

[torne]

The Xbox CPU *does* generate its own key. On manufacturing the CPU key is all 1's, no fuses blown: it is booted up on the production line connected to a manufacturing network, and it generates all its keys randomly while communicating with a manufacturing server so that MS can record all the keys (not just the CPU key but Live/contentsigning/dvd/etc - the entire contents of the keyvault) in their database.