Print

[vydex]

After doing quite a bit of reading on the subject about the 360 firmware hack, I would just like to get some opions on what the score will be with xbox 1 backups.

I find this interesting for 2 reasons one is the fact that Im assuming that you wont be able to play orig xbox backups because the emulator is tied to the dashboard system code.

Secondly does the firmware hack also rewrite the signatures required for orig xbox games to boot??

An interesting conumdrum which I cant really find the answer too anywhere, has anyone else got thoughts on this?

[TheSpecialist]

Was just dropping by here on XS (IMG:style_emoticons/default/smile.gif) About your question: the 'authentication' takes place before the emulator kicks in, so it has nothing to do with that.

It's VERY easy to make the 360 FW allow xbox 1 backups, once you have gotten it to allow 360 backups, since it's the same CR protocol (only difference is that the 360 reads some responses from the placeholders). Basically all you have to do is to remove the check for dual layer (since most xbox 1 backups will be single layer). If you burned it on dual layer, you should not have to change anything at all and it will boot both 360 and xbox 1 backups.

But it won't play the backups that a 'normal' chipped xbox 1 will play, since you'll need additional info on the disc (the security sector). Meaning, if you have currently backups that work on the xbox 1, these won't work on a FW modded 360, you'll have to create a new iso with the security sector relocated. Besides, even if you had the security sector on your current backups, these still wouldn't work on the 360 FW hack, since the xbe has been patched (media flag and a 'new' signature). So you'll need to make a new backup anyway (IMG:style_emoticons/default/smile.gif)

QUOTE

Secondly does the firmware hack also rewrite the signatures required for orig xbox games to boot??

The FW hack has nothing to do with signatures, it 'only' fakes the DVD authentication.

This post has been edited by TheSpecialist: Mar 28 2006, 12:20 AM

[vexamus]

Could this also indicate that one might be able to run say... XBMC off of a disk?  or perhaps putting an exploited game on a disc to well, mod the emulated xbox while it's running so to speak.  

Could you guys imagine XBMC on the 360 with that much horsepower?  MMM...

[jizmo]

QUOTE(vexamus @ Mar 28 2006, 04:07 AM)

Could this also indicate that one might be able to run say... XBMC off of a disk?  or perhaps putting an exploited game on a disc to well, mod the emulated xbox while it's running so to speak.  

Could you guys imagine XBMC on the 360 with that much horsepower?  MMM...

If someone got the XBMC running under BC with some crazy hack, it'd be exactly as fast as it is on a Xbox, not faster.

It'd still take it any day.

[vydex]

QUOTE(TheSpecialist @ Mar 28 2006, 12:01 AM)

Was just dropping by here on XS About your question: the 'authentication' takes place before the emulator kicks in, so it has nothing to do with that.

It's VERY easy to make the 360 FW allow xbox 1 backups, once you have gotten it to allow 360 backups, since it's the same CR protocol (only difference is that the 360 reads some responses from the placeholders). Basically all you have to do is to remove the check for dual layer (since most xbox 1 backups will be single layer). If you burned it on dual layer, you should not have to change anything at all and it will boot both 360 and xbox 1 backups.

But it won't play the backups that a 'normal' chipped xbox 1 will play, since you'll need additional info on the disc (the security sector). Meaning, if you have currently backups that work on the xbox 1, these won't work on a FW modded 360, you'll have to create a new iso with the security sector relocated. Besides, even if you had the security sector on your current backups, these still wouldn't work on the 360 FW hack, since the xbe has been patched (media flag and a 'new' signature). So you'll need to make a new backup anyway
The FW hack has nothing to do with signatures, it 'only' fakes the DVD authentication.

Nice one thanks specialist, someone at last with a concise answer. Only bit that confuses me is you state that the xbox1 xbe backup is patched?
This confuses me because when I do a backup of one of my games, I FTP using whatever method then just use whatever burning program to burn the contents of the dvd game I just ftped over using the UDF upto 128 in filename length any char plus 8+3 bridge file system. This negates any use of iso making programs or patching of the xbe.

Could it not be argued that doing a backup this way will in fact allow it too boot in the 360 using the hack, as no patching has been applied and to all intense and purposes the security sector on the backup is in fact intact??

Thanks again and nice work on the hack btw most of us can only stand in your shadow, I also do not condone piracy and agree with your statement about not releasing it. I would also like to see homebrew boot from a dvd or other media, especailly xbmc.

[dimmellee]

QUOTE(vydex @ Mar 28 2006, 09:59 AM)

Could it not be argued that doing a backup this way will in fact allow it too boot in the 360 using the hack, as no patching has been applied and to all intense and purposes the security sector on the backup is in fact intact??

Well the media flag may not been patched with this method but it will still not boot on the 360 using the firmware hack as the security sector is not located within the data that you ftp'ed across, but on the disc itself. You would need to get the security sector of the original disc, put it into a file that the firmware can access instead of looking at the disk sector. Put that file with the data you ftp'ed across. Burn a new disc with that. Then have the firmware get the challenge/response protocols from the file you  put onto the disc. At least that is how I have read it.

[TheSpecialist]

QUOTE(dimmellee @ Mar 28 2006, 11:14 AM)

Well the media flag may not been patched with this method but it will still not boot on the 360 using the firmware hack as the security sector is not located within the data that you ftp'ed across, but on the disc itself. You would need to get the security sector of the original disc, put it into a file that the firmware can access instead of looking at the disk sector. Put that file with the data you ftp'ed across. Burn a new disc with that. Then have the firmware get the challenge/response protocols from the file you  put onto the disc. At least that is how I have read it.

Some ripping software will 'autopatch' the mediaflag for you, if it didn't, then that's indeed one problem less, but you'll still need the security sector on the disc. Well, in the future it MIGHT not be needed anymore, but I doubt that this will happen. You see, the security sector somehow is linked to the XBE for MOST games. We haven't found what causes this linking exactly, but if if someone finds out, I doubt that we can do anything about it, because 80% of the security sector is signed and I'm guessing that the 'linking part' is in that 80% So, you'll need to have a specific security sector for a specific xbe, meaning it has to be on the disc.

And about running XBMC => No, that will never work with the firmware hack, since you'll still need a valid signature for the XBE. However, the firmware hack might give interesting new hacking possibilities for the free60 guys

[dimmellee]

wow quoted by the specialist, i feel honoured. So I might as well say thanks to you and the rest of the team for keeping me so interested the last few weeks. Am looking forward to getting back to playing flash files on my 360  since they stopped my kiosk disc when I updated and hoping there may be a route to doing this with the hack. Already dumped my key and sat waiting in hope lol.....

[MacDennis]

QUOTE(vexamus @ Mar 28 2006, 03:07 AM)

Could this also indicate that one might be able to run say... XBMC off of a disk?  or perhaps putting an exploited game on a disc to well, mod the emulated xbox while it's running so to speak.  

No.

QUOTE(vydex @ Mar 28 2006, 10:59 AM)

Could it not be argued that doing a backup this way will in fact allow it too boot in the 360 using the hack, as no patching has been applied and to all intense and purposes the security sector on the backup is in fact intact??

If you transfer the contents by using FTP then the files will be intact yes, that's a requirement. Another requirement is dumping the security sector. FTP and/or current ripping tools which run on the xbox can't do that. It's technically not even possible.

ALL current xbox1 or x360 backups can NOT work with the hacked 360 firmware because the ISO needs to be 'prepared' in a special way.

[Keshire]

QUOTE(TheSpecialist @ Mar 28 2006, 06:54 AM)

However, the firmware hack might give interesting new hacking possibilities for the free60 guys

It'll allow them to mess with the base files that aren't signed.

Such as the King Kong Shaders located on the demo disc.

[xodus_xodus]

QUOTE(MacDennis @ Mar 31 2006, 12:20 PM)

No.
If you transfer the contents by using FTP then the files will be intact yes, that's a requirement. Another requirement is dumping the security sector. FTP and/or current ripping tools which run on the xbox can't do that. It's technically not even possible.

ALL current xbox1 or x360 backups can NOT work with the hacked 360 firmware because the ISO needs to be 'prepared' in a special way.

last statement doesn't seem true.
the firmware only changes the media flag to return a "pressed" dvd.
There is no special thing to do when using the tool to backup 360 games.

[GeToChKn]

QUOTE(xodus_xodus @ Apr 3 2006, 12:36 AM)

last statement doesn't seem true.
the firmware only changes the media flag to return a "pressed" dvd.
There is no special thing to do when using the tool to backup 360 games.

It does make sense if you actually knew what was going on.  If you read the part The Specialist himself posted,

QUOTE

but you'll still need the security sector on the disc. Well, in the future it MIGHT not be needed anymore, but I doubt that this will happen. You see, the security sector somehow is linked to the XBE for MOST games. We haven't found what causes this linking exactly, but if if someone finds out, I doubt that we can do anything about it, because 80% of the security sector is signed and I'm guessing that the 'linking part' is in that 80%  So, you'll need to have a specific security sector for a specific xbe, meaning it has to be on the disc.

then you would understand that you would have to repatch each and every disc that you backed up before by other methods, because those other methods, like FTP don't copy the security sectors.   Not to sound like a dick, but if you can't read something 4 posts above yours (by one of the guys who actually pulled this off), don't fricking post something you know nothing about.

[PiP]

How about the XBOX 360 kiosk disk that was floating around that was bootable by the xbox360 (before being updated). Did that have any of the security sectors or anything?? How come that disk worked? And, out of curiosity, with a firmware hacked 360, will a dvd-r version of the Kiosk disk boot on an update xbox360? I hear that than an original version of the Kiosk disk will still boot on an updated 360, but a burned version will not. Why is that?

Thanks

This post has been edited by PiP: Apr 7 2006, 06:15 AM

[MacDennis]

QUOTE(PiP @ Apr 7 2006, 07:11 AM)

How about the XBOX 360 kiosk disk that was floating around that was bootable by the xbox360 (before being updated). Did that have any of the security sectors or anything??

No.

QUOTE(PiP @ Apr 7 2006, 07:11 AM)

How come that disk worked?

Because the exeutable files were flagged to be able run from DVD recordable media. No we can't change these files, there are signed. No way to break this signature.

QUOTE(PiP @ Apr 7 2006, 07:11 AM)

And, out of curiosity, with a firmware hacked 360, will a dvd-r version of the Kiosk disk boot on an update xbox360?

Only if you grab the required data (security sector amongst other things) from the original pressed kiosk disk.

QUOTE(PiP @ Apr 7 2006, 07:11 AM)

I hear that than an original version of the Kiosk disk will still boot on an updated 360, but a burned version will not. Why is that?

If that disc is a pressed dvd-rom then it probably does have the security sectors that would explain why it would still boot. No, you can't burn a security sector to a dvd recordable.

QUOTE(xodus_xodus @ Apr 3 2006, 01:36 AM)

last statement doesn't seem true.
the firmware only changes the media flag to return a "pressed" dvd.
There is no special thing to do when using the tool to backup 360 games.

You are incorrect. Even a recordable disc can be prepared (bitsetted) to 'return' a 'pressed' dvd. This disc 'media type flag' is actually never returned to the console but the general audience still seems to believe the security is all about this mysterious 'media flag' when it isn't. Who started this crazy rumour?

The security is all about a challenge / response session. For this session to succeed you will need security sector data amonst other things. All these things need to be patched in the ISO. That's why your current backups won't work if a firmware hack is released.