Topic: A Idea For Exploit (Read 153 times)

NoFace · « **on:** February 15, 2006, 09:55:00 PM »

Good ideas, the main conflict we are dealing with now is how to get past those virtual machines MS has set up to run xbox 1 games. With the xbox, the system was physical and an exploit could gain access. The xbox 360 security is definetly uncharted territory.

GOVATENT · « **Reply #1 on:** February 18, 2006, 06:37:00 AM »

well, insted of useing a xbox 1 game, why not try to see how packets work with 360 games, both on xbl, and with system link/ tunnel service

TheMasterChef · « **Reply #2 on:** February 18, 2006, 07:46:00 AM »

"mod the packets", I don't think it's as easy as it sounds, or we would join Kai games through the XBOX Live menu and not suffer the lag of not having Live lag compensation.

You could even mod an XBOX by XBOX Live updating it to a softmod, if it was hacked enough.

Would be cool, but I don't think anyone can hack it.

deadparrot · « **Reply #3 on:** February 19, 2006, 02:52:00 PM »

Sure, there's an open-source Live! emulator over at SF.NET

</sarcasm>

Good luck emulating something you have no information on. Also, XBC and XLink do it by emulating system link (LAN) not XBL (WAN).

GOVATENT · « **Reply #4 on:** February 20, 2006, 05:39:00 PM »

BTW, Stop with the noob, i know how XBC works. Thats why i tried to say mod either XBL or XBC type packets. So before you make fun of someone, READ.

grim_d · « **Reply #5 on:** February 20, 2006, 07:16:00 PM »

QUOTE(GOVATENT @ Feb 21 2006, 12:46 AM)

BTW, Stop with the noob, i know how XBC works. Thats why i tried to say mod either XBL or XBC type packets. So before you make fun of someone, READ.

nobody called you a noob man, chill, i think the fact this hasnt been closed yet signifies that your ideas have some respect.

GOVATENT · « **Reply #6 on:** February 20, 2006, 07:39:00 PM »

i am sorry, getting of topic, but i did not want to yell

BjTheClown · « **Reply #7 on:** February 21, 2006, 10:25:00 PM »

im pretty sure the connection to XBL is encrypted, so adding any custom packets would be difficult. although it seems plausible to mimic the XBL server for a little while using this method. but the fake live server would need to be able to adapt (not just send out pre-recorded packets) so that it can respond to the specific requests of the xbox. check this out.

lordvader129 · « **Reply #8 on:** February 22, 2006, 04:34:00 PM »

as long as hes using a stock hard drive he wont get banned

modthebox.tk · « **Reply #9 on:** February 27, 2006, 08:30:00 AM »

QUOTE(timdotexe @ Feb 27 2006, 07:20 AM)

That is not 100% correct though, they wouldn't have spelt it so well and they would have said something about their friends uncles next door neighbour having it running!

or that they found some modchip on the internet and being incredibly naive little ten year old's thinking it would work.

I remember that exploit that all you needed was a wire and bridge it. So so funny. I still cannot believe the idiocy or naivity of that person. But hey nobody is perfect.

and about the exploit.

a) the mod packets I don't think would work; the only way I see them working is if we somehow managed to write a piece of hacked code that could hack itself like a virus into the harddrive from the RAM. If you found out how to do this and use something to distract the hypervisor as well (not buffer overflow) then it could be accomplished. I think any 20+ year computer engineer* that has learned C C++ and .NET basics would be able to do it (I think).

any thoughts?

*20+ refering to how many years of experience he or she has not their age.

QUOTE(BjTheClown @ Feb 22 2006, 07:32 AM)

im pretty sure the connection to XBL is encrypted, so adding any custom packets would be difficult. although it seems plausible to mimic the XBL server for a little while using this method. but the fake live server would need to be able to adapt (not just send out pre-recorded packets) so that it can respond to the specific requests of the xbox. check this out.

QUOTE

Tp21Sep 29 2005, 08:17 PM
Hello!

i have an request for everyone who wants an alternative live server
maybe it's possible too fake a live server, but to do that, i need packets of an xbox signing in too xbox live.
namely the kerberos packets on port 88.
if we can fake an Live! kerberos server, the xbox can login to it.
then we can decode the packets send by any game, too find out what they are sending in plain tekst ( not encrypted ).
so... if anyone has any ethereal packets where the kerberos signin is in ( unbanned ).
i love too get them.
you will all be greatly rewarded

QUOTE

This project is so utterly complex for a few reasons:

Xbox games use a series of cryptography techniques to encrypty and decrypt data. First off, all packets are signed with what appears to be DES encryption. Which is basically 54bit encrypted data, the only useful way to aquire the key for cracking the encryption would be to retrieve it from what I am calling a handshake packet.

This handshake packet is sending out various bits of data about each xbox using what looks like a custom algorithm developed by MS.

The problem we face is the lack of network source. The XDK isn't good enough for this, the XDK provides libraries to interface with this functionality, but will not allow us to replicate any encryption keys due to the fact that we have no way of knowing what an idividual program is sending.

I'm not saying it is impossible, but the complexity of Xbox Live is way past any reasonable work.

I just read that article. 54 bit is a bit less than 64 bit which is what CPU's are right now (AMD 64) and correct me if I'm not mistaken but would't you just need to run a program that tells the server to retrieve that packets and try different algorithems on them using the DES standard. And yes I understand they are custom but couldn't you make a program to try different things?

Author Topic: A Idea For Exploit (Read 153 times)