Print

[chatterx]

I found a Jasper model Xbox 360 in the pawn shop. It has the NXE dash but it is the version before 8955 that made a jtag impossible. The manufacture date is 2008-11-23.

Exploitable?

[syntaxerror329]

Based on the date of manufacture as long as the console has dash 2.0.7371 or less you are ready to go.

[chatterx]

Thanx guys

I knew it was june 2008 or 2009 wasnt sure. More than likely this console wont be a big block since it was one of the first batchs...... or did they all have some extra memory?

[syntaxerror329]

QUOTE(chatterx @ Sep 16 2010, 04:57 PM)

Thanx guys

I knew it was june 2008 or 2009 wasnt sure. More than likely this console wont be a big block since it was one of the first batchs...... or did they all have some extra memory?

Hmm, i think all arcade jaspers have internal memory or 256 or 512
I wonder why hackers have not been able to make a 256/512 run the 16 nand image and ignore the rest of the space.

When you jtag it make sure you use the new transistor method with aud_clamp fix. Check out the great tutorial i made here > http://forums.xbox-s...howtopic=719652

[chatterx]

Adding radio shack to my stops tomorrow. That is a great tutorial. I saved it as a matter of fact. I have been looking for something like this

I have only jtagged xenons and falcons. I use a home made lpt cable so I hate to see how long it is going to take to dump and flash this one. I have been using the 330 ohm resistors for xenons and the 1n4148 diodes for the falcons.

My falcon will three red light once every 15th start up or so. My xenon has never gave me an error yet


EDIT: what is the best methods for the jtag wiring nowadays? Is your method for all boards??

[syntaxerror329]

QUOTE(chatterx @ Sep 16 2010, 05:48 PM)

Adding radio shack to my stops tomorrow. That is a great tutorial. I saved it as a matter of fact. I have been looking for something like this

I have only jtagged xenons and falcons. I use a home made lpt cable so I hate to see how long it is going to take to dump and flash this one. I have been using the 330 ohm resistors for xenons and the 1n4148 diodes for the falcons.

My falcon will three red light once every 15th start up or so. My xenon has never gave me an error yet
EDIT: what is the best methods for the jtag wiring nowadays? Is your method for all boards??

You should reflash your falcon with the aud_clamp fix and install the new wiring as per my tutorial. The will solve almost any issue with booting.

My method works for all boards. If you want to use my method on a Xenon the TMS and TDI points are at J1F1 pin 3 and 4. I explain it a bit better in the tutorial.

[chatterx]

Awesome, thanx for the info.

[sm32]

just chiming in to say aud_clamp does wonders. i didn't use transistors or anything...just the diodes except routing the ROL to the aud_clamp point on the bottom of the board.

the zephyr i had before would RROD like 2-3 out of 4 times (it was bad). since the aud_clamp it hasn't given me a single boot error; i've also done 3 falcons and the only time they don't turn on is if there is a small short (they just restart and turn back on...not a big deal & hot glue fixes this -- it's from the LPT wires making contact with the board, but i've since then glue gunned the wires so they don't..no harm done)

[chatterx]

quick question here. I have never flashed a jasper and I am using a LPT cable. Is the command line something like this? nandpro lpt: -r256 orig.bin . It is a 256 big block.

I thought there was a way to just read a certain section of the nand and it would work. Just trying to save time here because this is going to take a while LOL.

[syntaxerror329]

QUOTE(chatterx @ Sep 23 2010, 10:45 AM)

quick question here. I have never flashed a jasper and I am using a LPT cable. Is the command line something like this? nandpro lpt: -r256 orig.bin . It is a 256 big block.

I thought there was a way to just read a certain section of the nand and it would work. Just trying to save time here because this is going to take a while LOL.

If you have never done the jtag hack before it might not be such a bad idea for you to do the complete firmware dump.

The tutorial i have linked to below will tell you how you can do this by only reading the first 2mb of the nand and then installing xellous to read the rest of it.


https://docs.google....mv5h_186pp2zddm

Good luck.

[chatterx]

I have done around 15 or so jtags. The majority were falcons and the rest were xenons. Every hack was pretty simple. Everything dumped right and flashed right. So I got a pretty reliable cable to work with and all.

Thank you for the link. I am familiar with everything the tutorial is telling me to do. It is a different firmware than I am used to using. When I first started out I used this guide HERE. I have memorized it since then and been going that route. What is the difference between the two? That may be a noob question LOL.

As soon as I am done with this xenon, I am going to start the jasper. I wont be able to tell if the flash was a success until I get my transistors and resistors in the mail. Should be Saturday.

[SphtKr76]

QUOTE(chatterx @ Sep 16 2010, 01:38 PM)

I found a Jasper model Xbox 360 in the pawn shop. It has the NXE dash but it is the version before 8955 that made a jtag impossible. The manufacture date is 2008-11-23.

Exploitable?

Make sure its not kernal 8498!

[chatterx]

Is a flash config of 0x008A3020 good for a 256 jasper?

edit: never mind found this through google

FlashConfig - System Types
01198010 - Xenon, Zephyr, Opus, Falcon
00023010 - Jasper 16mb
008A3020 - Jasper 256mb
00AA3020 - Jasper 512mb



Edit again - Crap error 250 at block B0. only one so far. I am on block 220.

[chatterx]

(wish the edit button would not disappear)

Update: after nearly 7 hours of dumping the full nand and only at block 2b10, I decided to quit the nand read. There was three 250 errors. The lowest one was B0 and then after that it was in the later 200's and the third was well into the 1000's (sorry, dont fully understand how the blocks are counted).

I did the 2mb backup as pointed out in the guide syntax linked me to. I got two matches without any read errors. After converting the hex to decimal I have a cb of 6723, which is exploitable   .

I am going to hold off on completing the guide until I get my transistors and resistors in. I have read it about 5 times now and got a pretty good grasp on the whole process, but I am sure I will have to refer to it. I am wondering though. What if the whole process is a complete disaster? I dont have a full nand backup to flash back.

[syntaxerror329]

Some bad blocks are completly normal as long as the bad blocks are in the same spot everytime you dump them. Of course if you get tons of bad blocks then there is probably something else wrong. What you were descibing sounds normal.

The #1 best method for jtag wiring is the transistor wiring. Cleanest signal possible. Almost no chances of 1's being read as 0's. It is for all version of motherboards however i have only shown it for HDMI versions in my tutorial. I am going to post a picture of the Xenon version later on today in my thread for the new wiring.

If it is your first time doing a jtag then i would not suggest doing anything untill you have a complete firmware dump but the odds are that everything will go just fine for you.