Print

[Ozy]

QUOTE(Textbook @ Jul 4 2006, 06:33 PM)

Here are my $.02

Can we play Xbox 1 backups on the Xbox 360?  Yes, I wrote one of the first tutorials to do so, you can find it in the backup FAQ.  Can we inject modified data files into the image before burning, and will it work?  Theoretically, yes.  The only thing signed on Xbox 1 discs are XBE files.  Almost all data files are unsigned.  we can modify...say...a Halo 2 map, fix the encryption...then inject it into the image and it will most likely work.  I haven't tried this yet, but everything logically says "you can play modded Halo 2 maps on the Xbox 360 using the firmware hack".  Go on Live and have fun with being permanently banned though.  Anyways... where does this get us?  Nowhere for right now.  The only files that we can load any homebrew from are XBE files.  It just so happens that we cannot modify these files in any way, because they are signed.  It is possible that somebody may find an exploit in a certain Xbox 1 game's unsigned data files.  This, coupled with the firmware hacks, would get homebrew running at least through the backwards compatibility emulator.  The only problem we face is finding this Xbox 1 game data file exploit.  And before you ask, no none of the Xbox 1 exploits using 007, Mechassault, or Splinter Cell will work.  These relied on buffer overflows.  The Xbox 360 is nearly impervious to buffer overflows.  For now, we wait until somebody can find an exploitable data file in an Xbox 1 game (on the backwards compatiblity list).

So just finding them, then. What about one of the 100 OXM demo disc, you you think that one would work?
Should we try every disc?

The key to any softmod exploit here has got to be in the emulator.
We should try some of the xbox release games; Amped, something-something racing etc. that my not have all their XBEs signed (after all it was a long time before the xbox was hacked). Or trying something stupid like the Halo map pack or a second rate game like rayman.

Another thing to try would be splinter cells, maps ond xbes or even unreal tornamanet.

Those are the only ones I can thinks of right now.

[stowelly]

QUOTE(Gecko Slayer @ Nov 9 2006, 06:06 AM)

Sorry, I havne't read all 4 pages and this probably was explained soemwhere else.

Injecting an executable into a non-executable file will not help!

That's like putting an exe file into a jpg file and running the jpg file in paint!  It simply wont work!  In order for anything to load, it has to be EXECUTED, not READ.

Anyway, there goes me.

the point of a bufferflow is that the program is expecting a "file" or "buffer" of a certain size.... if its larger than that size it overflows onto the return address which can be replaced with your own code

not saying it will work int his situation i feel the hypervisor will cut that shit straight out

[xbox7887]

I'm not quite sure of what use this will be, but here are some interesting links below dealing with hypervisor exploitation (Blue Pill) as well as a pretty ingenious way of modifying vista kernel contents by paging them to the hard drive first, definitely worth reading....

blue pill concept - http://invisiblethings.org/index.html (click on the recent blog post at the top)

kernel exploit presentation - http://invisiblethin.....ta kernel.ppt

[roofus]

Eh, completely useless towards the 360 - the Xbox 360 uses STFS for all file storage, including cache file storage - and there is no paged memory on disk.

[xbox7887]

Oh well, I still found it pretty interesting nonetheless

[jameswalter]

QUOTE(Gecko Slayer @ Nov 8 2006, 10:06 PM)

Sorry, I havne't read all 4 pages and this probably was explained soemwhere else.

Injecting an executable into a non-executable file will not help!

That's like putting an exe file into a jpg file and running the jpg file in paint!  It simply wont work!  In order for anything to load, it has to be EXECUTED, not READ.

Anyway, there goes me.

Sure it will....this is how all exploits work....the xbox game save is read not executed, the first PSP exploit was an image file exploit....the code overflows the stack, and points to an executable, not is an executable.

[dutch nelson]

Glad not everybody on this forum just wants to play back-ups,

I want homebrew apps!  



But the homebrew scene for the 360 is very dead sadly