Print

[aarong11]

Hello, I was wondering if anyone could explain exactly what happens to an 360 executable when it gets signed? Does the whole file change completely or do only certain parts change?

I'm not entirely sure (and please don't flame me if i'm wrong), but wouldn't it be possible for us to re-construct their MS's private key by comparing a signed executable with it's unsigned counterpart?
We could figure out exactly what happens to the file and try to reconstruct it!

Also, I was wondering if it would be possible to modify the 360 to use a different key? I understand the whole private / public keypair system and going by this the 360 needs to know the public key. Obviously it needs to store it somewhere. Doesn't that mean that we could create our own keypair and "re-program" the 360 to use it? It really would depend on where the console stored the key and how strongly it was encrypted.

[bonevichio]

QUOTE(aarong11 @ Aug 7 2006, 10:13 PM)

Also, I was wondering if it would be possible to modify the 360 to use a different key? I understand the whole private / public keypair system and going by this the 360 needs to know the public key. Obviously it needs to store it somewhere. Doesn't that mean that we could create our own keypair and "re-program" the 360 to use it? It really would depend on where the console stored the key and how strongly it was encrypted.

It is rumored the key in kept deep inside the processor.

Forget it - you may as well break into M$ and steal the key; it may be easier.

[PedrosPad]

QUOTE(aarong11 @ Aug 7 2006, 10:13 PM)

I'm not entirely sure (and please don't flame me if i'm wrong), but wouldn't it be possible for us to re-construct their MS's private key by comparing a signed executable with it's unsigned counterpart?
We could figure out exactly what happens to the file and try to reconstruct it!

I suspect the only difference between a signed and unsigned executable would be the population of the signature.  Comparing such binaries would only highlight the exact location of the signature.

Signing is distinct from compression and encryption.

[ChipMIK]

RTFM = Read The Fucking Manual in the n00b´s section before spending our time on a stupid "idea" like this..

[Mrcon]

bit rich coming from a noob

[Reaper527]

QUOTE(Mrcon @ Sep 5 2006, 11:04 AM)

bit rich coming from a noob

post count != experience, don't forget that. you of all people shouldn't be running around calling people noobs

[ViperXL2]

I have a friend who works at M$ and claims to have been in an area where they seem to keep the original xbox key.

[Chancer]

QUOTE(ViperXL2 @ Sep 22 2006, 01:27 AM)

I have a friend who works at M$ and claims to have been in an area where they seem to keep the original xbox key.

I have friend that works at Tesco claims he manufactured the moon

[mrjkwik]

QUOTE(ViperXL2 @ Sep 21 2006, 08:27 PM)

I have a friend who works at M$ and claims to have been in an area where they seem to keep the original xbox key.

QUOTE(Chancer @ Sep 24 2006, 02:34 PM)

I have friend that works at Tesco claims he manufactured the moon

thats ok.  i got a cousin that works at a sony plant.  he operates their hype machine

[ramtop]

QUOTE(ViperXL2 @ Sep 22 2006, 01:27 AM)

I have a friend who works at M$ and claims to have been in an area where they seem to keep the original xbox key.

original xbox key is no use to us though, plus the key is kept in a secure area, and only
certain people "as in 2 or three people" can use it to sign off software.

[loosechangeracing]

Yeah and I work at Comcast and let me tell you that liquid high speed is very useful when you want to get somewhere and do things very fast....you see we convert it to regular cable high speed before it leaves the plant, us workers get to use the liquid stuff for free!

[clintec]

I don't know how much "MORE" secure the signing process is for the Xbox versus some of their ActiveX web stuff, but I use to work in a Software development company and we had to sign our ActiveX code with M$ so that our stuff would be usable by IE.  The process we had to follow in order to SIGN our stuff was actually fairly SIMPLE.  Basically we compiled up our endstates and then we executed called "signcode.exe" to actually sign our endstates and (.CAB) files.

Like I said, this may be a completely different process for Xbox development however.

[Wolves]

QUOTE(Chancer @ Sep 24 2006, 12:34 PM)

I have friend that works at Tesco claims he manufactured the moon

I have a friend who works at Subway who claims he makes the secret sauce.

[Taco Supreme]

QUOTE(Wolves @ Sep 29 2006, 04:03 AM)

I have a friend who works at Subway who claims he makes the secret sauce.

ROFL HAHAHAHA THATS NASTY          

[Methadon]

QUOTE(ChipMIK @ Aug 9 2006, 02:10 PM)

RTFM = Read The Fucking Manual in the n00b´s section before spending our time on a stupid "idea" like this..

 Relax. The guy probably didn't see it explicitly stated anywhere, so he used the forums for what they're for: asking and answering. Nothing's stupid about someone wanting to learn. It's taking that same attitude and telling someone they're an idot for sharing their thoughts that scare people from the scene.

 People wonder why there's so many pirates; because they're the only ones we don't get someone yelling at when they're at the beginning of the learning stage. Have some patience, and if it's been posted somewhere before, kindly tell someone that.