Print

[Astrum]

I have thought of a new way for hacking the 360 and hopefully it is plausible.

If I can write a python script for X.B.M.C. to emulate X-BOX LIVE, I could then connect one end of an RJ-45 to an original X-BOX and the other end to the X-BOX 360, from there you can connect to 'X-BOX LIVE' from the X-BOX 360, but the python script running on X.B.M.C. will emulate the X-BOX Live, from there I could insert a 360 game or 360 content into the original X-BOX disc drive and rip it to its Hard Drive, thereby effectively transferring a signed X-BOX 360 game to the X-BOX 360's Hard Drive (or content).

You could emulate X-BOX Live by grabbing the corresponding DNS/IP of X-BOX Live's server(s) and creating a python script around these; it doesn't even need to be an original X-BOX as it could be a PC and a C++ script as the emulator.

If anyone would like to help with the script or investigate this further please PM me, respond here, or both.

This post has been edited by Astrum: Oct 18 2008, 11:13 AM

[Astrum]

If it works then the 360 will think it is connecting to live, but it really isn't, instead it's connecting to a Live emulator and you could then download all of the content within the Live emulator (whatever is in the emulator directory; 360 games, movies, etc.) onto the 360 HDD because it won't know the difference from Live and the Live emulator.

This post has been edited by Astrum: Oct 18 2008, 02:00 PM

[No_Name]

/headdesk

[Icedevil]

I doubt you could trick the 360 into thinking it was connected to xbox live.  There has to be some kind of security handshake that takes place to assure the 360 it's really connecting to live.  Also, I would assume there would be some content missing from your emulator on the xbox, which might throw a red flag.  I think it is a great idea, but way to hard to make a 1 to 1 copy of live, if someone could we wouldn't need x-link kai and such to play online for free.

[Arakon]

oh, and while you're writing an xbox live emulator and cracking the encryption of the datastream, why don't you crack the 2048 bit signature too? I mean, only if you have 5 minutes of time on the side. with python.

[Guessswho]

/facepalm

[Astrum]

QUOTE(Arakon @ Oct 23 2008, 07:24 AM)

oh, and while you're writing an xbox live emulator and cracking the encryption of the datastream, why don't you crack the 2048 bit signature too? I mean, only if you have 5 minutes of time on the side. with python.

What.. you've never heard of brute-forcing a hash with a hash cracking CPU? It would probably only take about a week and I am going to try it as soon as I get mine in the mail. Joking about the ordering of it, actually I don't even know if it will be hashed at all; how would I get the string I wonder? Could I use assembly and look through the dashboard? There might be a simpler way (I admit my programming skills are low, but maybe it would work like this?):

Disassemble a Dashboard update, get string (if there is one).
(if there is a hash, use a cracker CPU to brute-force it (they cost like $25.00).
Create a modified dashboard version > latest (burn it with a game iso replaced with modified dashboard)
Inject the disc into the xbox 360.

The xbox will accept the disc with the proper hash and request to update the dashboard with the new dashboard on the disc.

The dashboard will then have the capability to connect to a live emulator with the 'content' item(s).

or

scenario two:

Connect the xbox 360 HDD directly to a sata port on a machine that has 'the' 'live emulator' (which could be written in C++, assembly, else?) and transfer the 'content' item(s) that way.

Maybe there is a simpler way?

Just throwing ideas in the pot, maybe they're no good because I am basing them off of my basic programming knowledge or maybe they do have some plausibility.

- Astrum

[torne]

Unless you know where to buy a $25 chip that can do something around a trillion trillion trillion hash operations per second (if you do we'd really like a link) then you had better be prepared to wait for a few million years before you manage to collide with the hash of a dashboard update..

[No_Name]

Can I have some of the drugs you are on please.

I would love to live in the same world as you do.

Seriously... a $25 chip to crack a key designed to be resistant to brute force attacks?

Give it up, what your talking about sounds like something from a Hollywood script.

My sig says it all.

[Arakon]

QUOTE(Astrum @ Oct 27 2008, 01:39 PM)

What.. you've never heard of brute-forcing a hash with a hash cracking CPU? It would probably only take about a week and I am going to try it as soon as I get mine in the mail. Joking about the ordering of it, actually I don't even know if it will be hashed at all; how would I get the string I wonder? Could I use assembly and look through the dashboard? There might be a simpler way (I admit my programming skills are low, but maybe it would work like this?):

Disassemble a Dashboard update, get string (if there is one).
(if there is a hash, use a cracker CPU to brute-force it (they cost like $25.00).
Create a modified dashboard version > latest (burn it with a game iso replaced with modified dashboard)
Inject the disc into the xbox 360.

The xbox will accept the disc with the proper hash and request to update the dashboard with the new dashboard on the disc.

The dashboard will then have the capability to connect to a live emulator with the 'content' item(s).

or

scenario two:

Connect the xbox 360 HDD directly to a sata port on a machine that has 'the' 'live emulator' (which could be written in C++, assembly, else?) and transfer the 'content' item(s) that way.

Maybe there is a simpler way?

Just throwing ideas in the pot, maybe they're no good because I am basing them off of my basic programming knowledge or maybe they do have some plausibility.

- Astrum

FYI, using all the computers on this planet to bruteforce that kind of encryption would still take thousands of years.
as for your other ideas, not possible. again, due to the signature.

[Astrum]

Well, I am not giving up that easily!

What about the 360 development kit microsuck has? Surely they must give a development kit to developers? If I/we could obtain a development kit then I/we could create whatever I/we want. (Yes, I/we, lol)

Would the previous be a plausible method?

(oh and for the previously previous scenario, would you even need a decrypted hash in order to get the 360 to accept content? I am wondering because I am comparing it to my knowledge of MD5 and most systems that I have come across that use MD5 only compare an MD5 hash to the second MD5 hash to see if the password is correct (I know that there is a very large difference between 32bit and 2048bit (combination-wise)), so it would seem (though I have no knowledge of how exactly the 360 security works) that developers would just insert the already hashed password into their game/content for it to be compared in hash to the string in the 360.

- Astrum

[Arakon]

the devkit data is devkit signed. it doesn't work on retail units. no developer has the means to sign anything for retail. ONLY MS alone does. all developers have to send their game data to MS for signing.
quite a few people in the scene own a devkit, btw. but like I said, it's useless for any of that.

[somethingdope]

i don't know which is worse: you suggesting that ? or trying to further convince yourself that it can actually be done.

[Robborboy]

QUOTE(Astrum @ Oct 27 2008, 08:39 AM)

What.. you've never heard of brute-forcing a hash with a hash cracking CPU? It would probably only take about a week and I am going to try it as soon as I get mine in the mail.

[wall, desk, television, fish-tank, electric fence, clothing iron face][/face]

[xtalent]

You know what? Im just going to go and buy Microsoft and make xbox live free. How bout that guys?? Hmm