Print

[Matt_Tracy]

If I remember correctly, the 78FK's were only in PAL regions. Is that true for this drive, too?

[bourke]

I was right - it seems they had almost no time to lock down that v79, they've already found a way to hack around the 'single bit'(!) protection they added:

(from carranzafp at xboxhacker)

Yes, I see the problem, they add a check here (Upload code routine from Atapi Debug):

ROM0:90029FF9 PROC_UPLOAD_CODE: ! CODE XREF: proc_3B:loc_9002875Ep
ROM0:90029FF9 btst 0x10, (0x5BD) ! If bit 0x10 (bit 5) of 5BD is off then exit (no load code)
ROM0:90029FFE beq exit
ROM0:9002A000 mov 0x5D8, A2
ROM0:9002A003 mov A2, A0

And the hard part is that I can not see any direct location to do a BSET 0x10,0x5BD, so maybe there is a indirect way to turn this bit on, if somebody can trace a command that sets this bit the toolbox will work (issuing such command before dumping)

...

And you can already mod it if you have the hardware:

a) de-solder the tsop,

b) read it with external programmer
c) decrypt it
d) use SMART HACKER option on the toolbox to generate the 79 hacked binary.
e) encrypt the hacked binary (dont forget this step)
f) reflash with external programmer
g) re-solder the tsop

You can do steps c,d,e on the toolbox, dont worry about the key not showing fine on the toolbox, I already fixed it on the new version that will soon release

This post has been edited by bourke: Feb 24 2007, 03:32 PM

[ash1471]

Just found this on the net but cant decide whether its true or not. What do you lot think??


http://www.xboxhacker.net/index.php?topic=6963.0



Doh..... Just realised the tsop still has toe desoldered.

This post has been edited by ash1471: Feb 24 2007, 06:15 PM

[jas0nuk]

Of course it's true carranza wrote the toolbox, he knows how the 0078 drive works.

What he did for the tester was make him flash the 0078 firmware directly, so it no longer does the bit-check, and it then worked with the toolbox.

edit: Hi from a fellow Mancunian

[Exobex]

QUOTE(Masta-G @ Feb 23 2007, 09:39 AM)

I think you're wrong mate.
Since I did a 0078 drive a few days ago with my VIA addon card.
All I had to do was insert some original video dvd disc, and unlock it with the new SLAX disc.
Didn't have to unplug any of my SATA HD's (connected to my onboard SATA controller) either.
When I rebooted my PC, It took windows 5minutes to boot, but the toolbox managed to dump and write the new firmware without problems.
Let's hope the new 079FK will work too, without having soldering skills of course:P

I think you need to re-read my post, mate.  I said the HANDFUL of 0078FKs, not ALL 0078FKs.  Some don't like playing ball with the VIA chipset.

[Vrtclhykr]

Exobex is very right.  Some 78's I get will not recognize from my 6421 chipset.  I have to use my onboard Nforce 570......and it is a pain in the ass.  When I do the 78's with NF I get random I/O errors while flashing or restoring.  I just do back to back flashes until it goes error free.

[caster420]

QUOTE(purepwnage12560 @ Feb 24 2007, 11:56 PM)

so does this mean that the benq and the new hitachi drives cannot be hacked now? or will they be able to soon enough?

This has nothing to do with the BenQ.  People are still working on getting the firmware dumped from the BenQ drives (last i heard/read).

The v79's can be hacked right now by desoldering the tsop, externally programming, and resoldering.  THe problem that there is a bit that is preventing the firmware from being read in the new v79 firmware.  This is stated above.  If we can't change the value of this bit, firmware toolbox will not work, nor will any software for now.  This is what i get out of his posts, someone correct me if i'm wrong.

Caster.

[purepwnage12560]

oh wow i guess MS is starting to play ball now and stepping up to the plate.

[dreadyjun]

Hi all
 I have a ver 79FK and yes it's PAL region. SO at this time there's no software to get around the de soldering and re soldering part? Is there any other way around it as I don't have the hardware to program the tsop and it those chips are very tiny.

Regards

[Vounce]

QUOTE(dreadyjun @ Feb 26 2007, 08:21 AM)

Hi all
 I have a ver 79FK and yes it's PAL region. SO at this time there's no software to get around the de soldering and re soldering part? Is there any other way around it as I don't have the hardware to program the tsop and it those chips are very tiny.

Regards

Currently no but dont worry, I've read over att xboxhacker that carranzafp is working hard to fix the toolbox so you will be able to flash it.

[mr2000jp]

QUOTE(dreadyjun @ Feb 26 2007, 11:21 AM)

Hi all
 I have a ver 79FK and yes it's PAL region. SO at this time there's no software to get around the de soldering and re soldering part? Is there any other way around it as I don't have the hardware to program the tsop and it those chips are very tiny.

Regards

can you please post pictures for the board with the flash chip , i need to know if it has any epoxy on it , or not (the black thing all over)

[jameswalter]

No....I don't think the 79fk has been flashed yet.  The 78fk can be flashed with firmware toolbox, but once again something was put in place to make it harder to flash the 79fk.

[Haybe]

wow lol 79fks i better get a new 360 soon

[sosotiit]

It has been hacked, and from what is said a few beta are running it.
Source of the extra protection identified but no widely available solution at this point (no integrated to FW toolbox yet). hopefully it will be available soon.

rgds,soso

[chips1]

just my luck to get this version then (IMG:style_emoticons/default/sad.gif)