Print

[InterestedHacker]

QUOTE(Avenger 2.0 @ Dec 27 2005, 08:48 PM)

Just imagine. Download an iso, burn it, run it... and your xbox is modded. This is even more simple than with the old Xbox. Me thing someone at MS is going to get fired really soon  

That isn't going to happen!  People are getting too hyped up already.

The disc boots yes, these guys claim the code is unsigned, but we already know the 360 will only run signed code, therefore it's likely signed but not media protected.  This means the disc is useless!  We can already switch media protection off if we want, but we invalidate the signature in the process, causing the 360 to reject the code.

If it is unsigned code, that means the 360 will run unsigned code, if it's presented in the correct way.  If that's the case, they have no security.

[blueoasis]

You can grab MS's Xbox 1 emulator update from here :

http://download.MS.c...855/default.zip

This can be burned to either a cd-rom or dvd-rom and executed on the 360.

[shodanjr_gr]

OK lets get something straigth.

The .xex on the disk ARE signed! BUT the media flag which determines the types of media the files can be executed from is not set to DVD-ROM only (probably not set to anything). So while the files are signed, they can be executed from any type of media (possibly even hard disk?).

Now if anyone asks why we cant flip the media flag on other .xex files and make em run off a DVD-RW, the problem is that if we try to do so, the signature check on those files will fail and they will NOT be ran by the console.

And before people get all haywire or anything abou this, it is NOT such a great development for the hacking scene. Sure we can run the demo disk of a DVD-RW and we MIGHT be able to put our own WMV-HD videos on the disk and watch em on the console, but that is as far as we will be able to go.


So NO we wont be putting an iso in our console and BAM the console is hacked.

[shodanjr_gr]

The 007 exploit was a result of a buffer overflow in the save game mechanism of 007 Agent under fire along with a number of other XBOX games (like splinter cell, mech assault etc). It has NOTHING to do with the iso not having a media flag set.

[crystalgeek]

i havent read all hte posts yet, but isnt this like i cant remeber where but someone posted tht they had ripped the content form a demo disk and replaced it with a full game and then booted it and they just got flamed, now Team PI release similar info and they are hailed. flame me if im making an ass of myself

[shodanjr_gr]

I suppose so, but without any concrete evidence, speculating about it only creates more rumors and more useless posting in the fora.

[tizmagik]

QUOTE(Avenger 2.0 @ Dec 27 2005, 02:06 PM)

In theory you can change the data on the disk (data like vidoes, pictures, etc - not the xex) and that may trigger a buffer overflow (or something simular). Not?

Buffer overflows will not be possible on the Xbox 360 due to the new security measures used. I'm not sure about the exact precautions MS went through to do this, something with running most if not all code in Supervisor mode, just to avoid any and all buffer overflows.

A software-based Xbox 360 hack seems highly unlikely, it will most probably be hardware-based.

[lobango]

QUOTE(Avenger 2.0 @ Dec 27 2005, 08:06 PM)

In theory you can change the data on the disk (data like vidoes, pictures, etc - not the xex) and that may trigger a buffer overflow (or something simular). Not?

i'm sure the system has overflow/underflow protection

[mcklain]

QUOTE(Avenger 2.0 @ Dec 27 2005, 07:40 PM)

Run disk -> Create buffer overflow -> Run linux -> Flash onboard bios.  

Seems like everybody has already forgot about the hypervisor...

[Hexx]

Concurrence.  

[obxdenied]

correct me if im wrong, and i probably am since i havnt actually seen the layout of the disc. But im guessing this  is a disc with no media check with signed files. And signed files are the only ones that will boot. So we cant boot homebrew. But arnt full games signed? so wots wrong with relinking a menu button on a kiosk disc to link to a signed game on the dvd. It has no media checks and the file itself is completely valid and signed.

[shodanjr_gr]

When you try to run the signed game .xex (which will have a DVD-ROM only media flag), the console will check the media flag and prompt an error because you will be running it off a DVD-RW.

[tubesock]

This will at least answer some questions at the very least... I think it's a little earlier to speculate on what it will bring to the scene.

Anyway, I am happy to be able to get a kiosk disk... about 60 minutes left to see if it works on my 360.

[obxdenied]

QUOTE(shodanjr_gr @ Dec 27 2005, 07:41 PM)

When you try to run the signed game .xex (which will have a DVD-ROM only media flag), the console will check the media flag and prompt an error because you will be running it off a DVD-RW.

hmmmm your right lol. Well modding the 360 should be interesting. All the hardware protection it has. But allowing such things to be run, they have sort of given us something 2 play with.

[CattyKid]

QUOTE(obxdenied @ Dec 27 2005, 02:39 PM)

correct me if im wrong, and i probably am since i havnt actually seen the layout of the disc. But im guessing this  is a disc with no media check with signed files. And signed files are the only ones that will boot. So we cant boot homebrew. But arnt full games signed? so wots wrong with relinking a menu button on a kiosk disc to link to a signed game on the dvd. It has no media checks and the file itself is completely valid and signed.

Editing the link would also void the signature, would it not?