Print

[Tp21]

are you sure the update is loaded from the disk, and not from xbox live as soon as it saw the xex to be updated?
and even if it loaded the update from disk, you didn't 'hack' the xbox you can only run updates from an self burned cd, what's the fun in that?

[No_Name]

Make a single bit change it breaks the signature and it wont work.

[jameswalter]

SS is like a signature for the disc, not the xex file.

[Havok]

Okay lets get back on track...

The Security Sector information says.. Hey I am a valid Xbox 360 disc. You can run me.

All XEX files are signed with a cypto 2048bit key.  Which says, hey I am a valid file run me.

Currently there is no way to boot anything that MS does not want us booting.

[Tp21]

how does the SS 'key' really work by the way?
is the 'other side' contained in the xex file or something... and why can't we generate one ourselves?

[jameswalter]

QUOTE(Tp21 @ Jul 17 2006, 02:43 PM)

how does the SS 'key' really work by the way?
is the 'other side' contained in the xex file or something... and why can't we generate one ourselves?

SS is probably like the signature for the DVD, except it is in a specific place on every disc, which is specified in the DVD firmware.  The XEX boot type determines what kind of media the XEX can boot from. Change the boot type, and the XEX signature is invalid.

[Tp21]

yeah, but HOW validates the SS all the files on the disc, or doesn't the SS does that (and why can't we edit the stuff on the disk as long as the SS is the same (and backup firm is used)) ?

[Tp21]

the ss is only is total filesize then, beause it IS possible to edit files other than xex's (but not make them larger)

[Havok]

QUOTE(savagepoop @ Jul 18 2006, 01:53 AM)

hmmmmm think befor u type
cause im pretty damn sure they didnt want us bootin back ups!!!! but hey look im booting them

I am thinking before I type...

when I say MS is not going to let us run anything they don't want to be run is a 100% correct statement.

The files on the backup disc and original disc are the same.  

So MS is allowing the files on the backup to be run.

[jameswalter]

QUOTE(Tp21 @ Jul 18 2006, 12:21 PM)

the ss is only is total filesize then, beause it IS possible to edit files other than xex's (but not make them larger)

Are you sure....I know it was possible on the Kiosk disc, but that XEX didn't require it to be run from an official xbxo360 disc.

[Tp21]

yes, i'm sure it's possible to edit files. there was this guy (forgot the link) that modified the GRAW logo on his disk, en it worked just fine.

[Havok]

QUOTE(Tp21 @ Jul 20 2006, 08:18 AM)

yes, i'm sure it's possible to edit files. there was this guy (forgot the link) that modified the GRAW logo on his disk, en it worked just fine.

This is true.  You can edit any files that are not signed.  There is a lot of the game that is unsigned.  People have loaded Oblivion mods on from the PC for example.

The only problem is you burn through a lot of dual layer disc trying to hack games like that.  And hose aren't exactly cheap.  Thats why there is not so much focus on it.

[TheSpecialist]

QUOTE(DeaL @ Jul 17 2006, 11:36 AM)

Hey all,

When I used "bad media" to start one of my backuped games in a Hitachi drive, I noticed that it could update the xbox360 but couldn't boot the game.

This makes me wonder, does a disc update requiere to read the SS's? If the execution of the update doesn't need to read the SS's could we run unsigned code?

Just thinking out loud here!

Regards, DeaL

Every XEX contains a 'media flag', which states from which kind of media the XEX is allowed to boot. For update files, this flag is set to 'allowed to boot from any kind of media', which means it will run from a backup disk, hard disk or whatever. For game XEX'es however, this flag is set to 'only allowed to boot from original game disk media'. So, if this is the case, the xbox checks if the disk is an 'original' and if not, it won't boot. When they released the kiosk disk, they wrongly set the flag inside the XEX to 'allowed to boot from any kind of medium', so the game would boot from a backup and wouldn't need a SS (till MS updated the kernel to block this particular game disk of course )

So in short, the media flag inside the XEX specifies if a valid SS is needed or not. So, unfortunately, this isn't a thing we can exploit to get unsigned code running (and we can't change the media flag, since that would break the XEX'es signature)

[Tp21]

QUOTE(TheSpecialist @ Jul 24 2006, 03:29 AM)

Every XEX contains a 'media flag', which states from which kind of media the XEX is allowed to boot. For update files, this flag is set to 'allowed to boot from any kind of media', which means it will run from a backup disk, hard disk or whatever. For game XEX'es however, this flag is set to 'only allowed to boot from original game disk media'. So, if this is the case, the xbox checks if the disk is an 'original' and if not, it won't boot. When they released the kiosk disk, they wrongly set the flag inside the XEX to 'allowed to boot from any kind of medium', so the game would boot from a backup and wouldn't need a SS (till MS updated the kernel to block this particular game disk of course )

So in short, the media flag inside the XEX specifies if a valid SS is needed or not. So, unfortunately, this isn't a thing we can exploit to get unsigned code running (and we can't change the media flag, since that would break the XEX'es signature)

i have to correct you a bit, the xex isn't blocked. people with the original can still boot it. the problem is that the backup disks are somehow blocked.