xboxscene.org forums

Author Topic: Dvd Firmware  (Read 107 times)

celicagt1993

  • Archived User
  • Full Member
  • *
  • Posts: 126
Dvd Firmware
« on: April 19, 2006, 10:49:00 PM »
QUOTE(MENTALDOMINANCE @ Apr 20 2006, 05:53 AM) View Post

OKAY...

The DVD drive's firmware is being executed. It doesn't need to be signed.
We can read and write to it. The code is then executing.

Instead of worrying about changing the bytes that need to be changed to fake a media type,
what if someone just went ahead and blanked the whole chip and used it to write a program -
A program that runs executables that aren't signed for instance & a rudimentary driver to
make it boot off something other than the DVD drive that would be useless now since it's
firmware is holding this software.

Would this work? 8)
And of course you would still need to keep the bytes that contain the KEY in the same place
so that the 360 would boot the drive but that is only a few bytes - quite easy to code around...

still wouldn't work...  the signature isn't check with the dvd's FW.
Logged

MacDennis

  • Archived User
  • Newbie
  • *
  • Posts: 49
Dvd Firmware
« Reply #1 on: April 20, 2006, 02:05:00 AM »
QUOTE(MENTALDOMINANCE @ Apr 20 2006, 06:53 AM) View Post

Instead of worrying about changing the bytes that need to be changed to fake a media type,
Incorrect. The media type of the disc isn't even checked by the console to begin with ..

QUOTE(MENTALDOMINANCE @ Apr 20 2006, 06:53 AM) View Post

what if someone just went ahead and blanked the whole chip and used it to write a program -
A program that runs executables that aren't signed for instance & a rudimentary driver to
make it boot off something other than the DVD drive that would be useless now since it's
firmware is holding this software.

Would this work? 8)
You want to create a replacement device for the dvd-rom drive? Sure, that can work, but only after a lot of serious reverse engineering. But what's the point?

QUOTE(MENTALDOMINANCE @ Apr 20 2006, 06:53 AM) View Post

And of course you would still need to keep the bytes that contain the KEY in the same place
so that the 360 would boot the drive but that is only a few bytes - quite easy to code around...
You only need the key to perform AES encryption/communication with the host (console). If you make a replacement then you can store this key at any location. But creating a replacement is a lot of work. You will need to reverse engineer and implement the AES protocol and you will need to implement the complete challenge/response protocol amongst many, many other things. It's possible but it's a bit pointless ..
Logged