Print

[Xbox-Scene]

Maximus v1.2 Hitachi-LG Firmware Stealth-Maker - All Versions Posted by XanTium | August 17 00:40 EST

Carranzafp released a tool that will patch any Hitachi-LG Xtreme firmware to make it 100% 'Firmware Stealth' (dump of FW and checksum appear asif it was original FW). It's not the same yet as C4E's Xtreme v3.0 FW for Toshiba-Samsung drives, that next to 'FW stealth' also includes 'Media Stealth'. (Gary)O.P.A. is working on adding 'Media Stealth' to the Xtreme FW for Hitachi-LG in one of his future releases: Maximus 1.1 Hitachi Firmware Stealth-Maker - ALL VERSIONS (32/36/40/46/47/58/59) WHAT IS IT ? It is a tool to take any hacked xtreme version for the hitachi and patch it to make 100% firmware stealth (appears like 100% original when you dump it) including the CHECKSUM!!! The only way to know if it has the hack is de-soldering the flash chip and read with external programmer, so the console will dont know !!! (I hope) It is NOT MEDIA-STEALTH yet, garyopa is already working on that side but when he finish that part he can implement this hack on his version. I first do the stealth hack mannually, but then I realized that it is a pain in the ass to calculate the differences by hand, and when a new xtreme release appears it will need to be calculated again so instead of that I have done a tool that do the necessary calculations and patches to make it stealth. I have done the tests only on 46 and 47 drives but is the same principle for every others. !Update! v1.2 released. What's new/fixed: * The bug it only affects drives different from the 46 and 47 versions, it was a problem about the address checking for detecting MODEB. Don't worry nothing that could brick your drive, only affected the detection on MODEB to determine stealth or original Now will work fine for all versions.  (I already do the test on the 59 without problem)   (IMG:http://pictures.xbox-scene.com/xbox360/Stealth-Maker/stm_screenshot_s300.jpg) FEATURES: * Take an input hacked firmware and patch it to make firmware stealth * Incorporates firmcrypt routines into the code (a little slower but I hope with that somebody will not kill his drive because a forgotten crypt) * You will have the following options: FULL STEALTH: -All the reads (memdump) will read as 100% original. NON STEALTH ON MODEB: -It will read the real hacked firmware when you are on MODEB (Not very useful for testing LOL) NON STEALTH ON MODEB AND TRAY OPEN: -When attached to windows if the tray is closed will read as original, when you open it will read as real non-stealth NON STEALTH ON MEMORY VALUE: -It will lookup an Internal memory value to determine if should be read as real or as original. You will need to POKE that memory value before do the dump ENSURE NO STEALTH: -This option causes ALWAYS read as real hacked, not very useful but here is it. Official Site: n/a, by carranzafp on xboxhacker.net Download: n/a (Might be illegal under the DMCA/EUCD)

[XanTium]

Rest of nfo/readme from carranzafp on http://www.xboxhacker.net/forums/index.php?topic=2999.0

QUOTE

TECHNICAL INFO:
---------------
 - Supports 32/36/40/46/47/58/59 versions and ALL present and future
   XTREME HACK versions

 - Protects the following ranges wich already are SAME_BYTE address
          0X0001A0 - 0x000FFF  all 0xFF
          0X003000 - 0x003FFF  all 0xFF
          0x005000 - 0x005FFF  all 0x74
          0x03E800 - 0x03FFFF  all 0x74
     * That means that you can put your custom code on the above areas
            (except the 5000-5FFF, read below) and the custom code will be stealth

 - For other areas not covered on the above ranges a "Table of Differences"
   is generated based on comparation of original Vs hacked, this is in order
   to guarantee 100% stealth and reduce at minimum the data required for stealth

 - It uses flash range 0x005000 - 0x005FFF for store stealth data and code
     0x005000 - 0x005800 reserved for stealth code
     0x005800 - 0x005FFF reserved for stealth data (Table of Differences)
          * So on future Hacks dont use that Sections (they are mine, lol)
 - If you are a hacker and plan to release something read APPENDIX


HOW TO USE / TEST:
------------------
CASE A) If you already have your drive flashed (any version of XTREME):
   - Attach the drive to windows and make it detect it (Use 2 wire trick
          or Open Tray on Power Up tweak)

        - Do a dump of your hacked firmware on the drive with:

            read.bat <your_drive_letter> hacked.bin
             * The read.bat is included on the tools directory

        - Open Hitachi Stealth-Maker App and select the file hacked.bin that you dump
             * To do good test use NON-STEALTH ON MODEB AND TRAY OPEN option Wink

        - Click Generate, choose Output file name (stealth.bin by example) and away you go

        - Once finished, take the ENCRYPTED file (suffix "-e.bin") and do the following 2
          commands IN THAT ORDER (flasher's included on tools subfolder)

           47flash <your_drive_letter> stealth-e.bin 90005000 1000
              *dont advance until the above command executes without error (if error, retry)

                47flash <your_drive_letter> stealth-e.bin 90033000 1000

      *NOTES: *    DO BOTH COMMANDS IN THAT ORDER !!!,
                        **   On versions 32,36,40 and 46 you must use 46flash instead !!!
                        ***  On versions 47 you must use 47flash instead !!!
                        **** On versions 59,59 you must use 59flash instead !!!

        - If you dont mess any step then your drive is now STEALTH !!! give a try with
                read.bat <your_drive_letter> dump.bin
                   *It must return the original firmware 100%
                    do it again but with tray open and you will get the real hacked.

        - In case you need to RESTORE to un-stealth version you must restore the
          sectors on inverse order, so first restore 90033000 and then 90005000
     never flash the second sector before flashing sucessfully the first
          one or you will brick the drive (no more windows detection) also ensure
          to restore from a crypted version of your firmware.
       
CASE (IMG:style_emoticons/default/cool.gif) If your drive is not flashed:
   - Until Garyopa and other hackers implement this hack on their releases you
          will need to do in 2 big steps:
           - STEP 1: flash the xtreme hack you want (follow such instruccions)
           - STEP 2: when you have tested it works simply do the stealth hack
                          as explained on CASE A)


APPENDIX - HOW TO IMPLEMENT ON CURRENT OR FUTURE XTREME RELEASES:
-----------------------------------------------------------------  
   - Do your homework and make a nice new featured xtreme version
   - To avoid hybrids DONT work on an already stealth version, work on a
          clean version
        - Dont use 5000-5FFF sections, they are mine Wink
    - Before release, use this tool to patch your release with the needed
          changes to make it stealth
        - On the flasher routines (flash.bat) remember that you must flash
          sectors 90005000 and then 90033000 in that order, never flash the
          second sector before flashing sucessfully the first one or you will
          KILL the read routine and brick the drive (no more windows detection)
        - You can leave a DOOR OPENED I mean if you choose "Non Stealth on MODEB
          and OPEN TRAY" you always will get the possiblity to read the real hacked
          firmware on the chip (for verification purposes) but of course that  
          will leave the door opened for M$
        - On the RESTORE routines (flash.bat) you must flash the sectors on
          inverse order, so first restore 90033000 and then 90005000
     never flash the second sector before flashing sucessfully the first
          one or you will KILL the read routine and brick the drive
          (no more windows detection)


BUGS, COMMENTS OR ADD FEATURES REQUEST:
---------------------------------------
[email protected]


THANKS TO
-------------------------------------------------------------------
Seventhson, Garyopa, Birdy, Geremia,The Specialist, Commodore4Eva,
Team_Modfreakz, Uberfry, and all other who contributes on
xboxhacker.net forums

[xboxexpert]

(IMG:style_emoticons/default/biggrin.gif)

[metaphaze]

QUOTE

It is a tool to take any hacked xtreme version for the hitachi and patch it to make 100% firmware stealth (appears like 100% original when you dump it) including the CHECKSUM!!!

Wasn't it like last night when we heard making the Firwmare look legit to M$ was impossible?

This is great work! Thanks Maximus!

[WinbonD]

holy cow ,

this is some good hacking right here ,

great job

[jitster]

Good Job !!

[heydricas]

just because we think it's "Stealth", doesn't mean M$ will buy it...

They have FULL control over the console, they can do ANYTHING, in ways nobody knows about...

when the first ban comes well see...

Still, dual firmware mods are the most safe option


you need to add a little note to the readme

"use on xbox live at own risk"

[WinbonD]

lol , the MS is still trying to figure out how to detect the extreme 1.1 ,

[lobango]

i'll wait until MS catches 1 person and does something.  i don't want to open up my box for nothing

[sofa king dumb]

It is a tool to take any hacked xtreme version for the hitachi and patch it to make 100% firmware stealth (appears like 100% original when you dump it) including the CHECKSUM!!!

check and mate, reaches to king you
so this would mean its safe to play orginal games on live?

[jameswalter]

All I can say is absolutely amazing.  Now if only we knew if MS had the ability to get the drive into modeb through some sort of communication with it (kinda like slax I guess).  Even so it looks like the FULL STEALTH mode will be awesomely undetectable.....GOOD JOB MEN!!

[xboxexpert]

QUOTE(heydricas @ Aug 17 2006, 12:48 AM)

just because we think it's "Stealth", doesn't mean M$ will buy it...

They have FULL control over the console, they can do ANYTHING, in ways nobody knows about...

when the first ban comes well see...

Still, dual firmware mods are the most safe option
you need to add a little note to the readme

"use on xbox live at own risk"

If the SOUTHBRIDGE doesn't support the command to check firmware then MS can not do a damn thing.  I know for a fact that the Southbridge doesn't support the command to check or flash firmware since the DVD Drive is not a MS manufactured product its basically a 3rd party.  MS mass bannings?  I think not.  I know a way that MS can in fact check for hacked or edited firmware but I'm sure as hell not going to post it here on XS so MS can take a stroll over here and read my text and do it.

-xboxexpert

This post has been edited by xboxexpert: Aug 17 2006, 05:56 AM

[xboxexprt1]

(IMG:style_emoticons/default/happy.gif)

[jtom617]

wow, so this pwns?  (IMG:style_emoticons/default/laugh.gif)  (IMG:style_emoticons/default/ohmy.gif)

[DaddyO21]

Oh god , i came.  (IMG:style_emoticons/default/blink.gif)