Topic: 360 Flash Dump Tool v0.4 (Read 367 times)

Xbox-Scene · « **on:** June 09, 2007, 08:52:00 PM »

360 Flash Dump Tool v0.4
Posted by XanTium | June 9 22:52 EST | News Category: Xbox360

(IMG:http://www.burstnet.com/cgi-bin/ads/ad9520b.cgi/ns/v=2.1S/sz=300x250A/

Robinsod released a new version of the 360 Flash Dump Tool(info) - a developers tool that will allow you to decrypt and extract various parts of a Xbox360 flash dump.
What's new/fixed (since v0.2)
* Fixed CG extraction (see NAND Layout thread for info)
* Reverted CE.cab to single file (thanks Takires)
* As TheSpecialist said extraction of CE section is now working, and what a pig it was Wink, you may now right click and select 'Extract' and get just the raw, decrypted CE Section or Kernel(s). Selecting Kernel(s) causes the application to extract the base (typically 1888) HV and Kernel as an uncompressed file - "xboxkrnl.1888.exe". The option to extract them as a .cab file has now been removed. If 1 or both of the patch (CF/CG) slots are occupied they will be applied to the base kernel and the result is also written as a file - xboxkrnl.XXXX.exe.
For example, if you have a base kernel (1888) and 2 patches (2858 and 4552) in your flash dump, load into the tool, right click on CE and choose kernel(s) you will get 3 files:
- xboxkrnl.1888.exe The base HV & kernel, no patches
- xboxkrnl.2858.exe The base HV & kernel, patched to 2858
- xboxkrnl.4552.exe The base HV & kernel, patched to 4552
* I noticed an odd bug in the the upgrade process while developing this tool. I have some dumps from a box where 4532 is upgraded to 4548. As I noted the other day the first 0xBB40 bytes of CG are stored immediately after CF and the remainder is stored in FS blocks (there's a list in the CF header and they also appear in the FS as sysupdate.xexp files). Well it appears during the update process from 4532 to 4548 the CG data for 4532 was deleted but the list in CF is still valid. This is odd since 4548 was not a lock down version was it? Yet it would be impossible to roll back from a corrupt 4548 to 4532
* Its very interesting to diff. 4548 and 4552 they have << 100 bytes of differences so I guess the exploit fix was pretty small Wink

Official Site: n/a, by Robinsod on xboxhacker.net
Download: here

Albuyeh · « **Reply #1 on:** June 09, 2007, 09:23:00 PM »

suhweet

RaLdY · « **Reply #2 on:** June 09, 2007, 09:53:00 PM »

I still dont get for whats this,dvd firmware hack or for the hypervisor exploit?

TheLegace · « **Reply #3 on:** June 09, 2007, 10:41:00 PM »

QUOTE(RaLdY @ Jun 10 2007, 05:29 AM)

I still dont get for whats this,dvd firmware hack or for the hypervisor exploit? (IMG:style_emoticons/default/uhh.gif)

This is for the Hypervisor, looks like some great accomplishments are happening, now that the 360 dumps can be decrypted, I am getting excited homebrews really looking good now.

BrooksyX · « **Reply #4 on:** June 09, 2007, 11:01:00 PM »

Hopefully this flash dump tool will lead to a big hole in the 360 kernel, hopefully even the newer ones too.

ratis · « **Reply #5 on:** June 09, 2007, 11:30:00 PM »

so I guess the exploit fix was pretty small Wink

id like to know what the wink is all about

Xx The 0ne xX · « **Reply #6 on:** June 09, 2007, 11:49:00 PM »

QUOTE(ratis @ Jun 10 2007, 02:06 AM)

so I guess the exploit fix was pretty small Wink
id like to know what the wink is all about

i think he meant to do

but put "wink" instead

mylakerye · « **Reply #7 on:** June 10, 2007, 01:03:00 AM »

this is very good, 100 bytes of difference means they added a single command or changed a couple of values, no rewritting of the hypervisor; I hope we find something good here

tomgreen99200 · « **Reply #8 on:** June 10, 2007, 01:48:00 AM »

homebrew. i like !

Trex666 · « **Reply #9 on:** June 10, 2007, 05:20:00 AM »

Ouu I dono Id say this is only exciting for people who can already run homebrew via the HV exploits.

mace1337 · « **Reply #10 on:** June 10, 2007, 05:58:00 AM »

QUOTE(Trex666 @ Jun 10 2007, 01:56 PM)

Ouu I dono Id say this is only exciting for people who can already run homebrew via the HV exploits.

Maybe this will lead to new exploits, or the resetting of the efuses, allowing a downgrade using an infectus or something. Just be patient, I expect to see homebrew by the end of this year! (IMG:style_emoticons/default/biggrin.gif)

frontlinep8tbal · « **Reply #11 on:** June 10, 2007, 08:15:00 AM »

efuses cannot be reset. They are comparable to, lets say a fuse for your car. It has a wire that goes through it and at the right amount off current it burns out. Same goes for efuses. For cpu's that have the possibilty of becoming unstable, the fuse can be blown to save from damage. Once its blown its blown.

All in due time, Once the teams find a solution for all kernels, the previous blown efuse wont matter. For the meantime enjoy your retail games

Gators2001 · « **Reply #12 on:** June 10, 2007, 09:37:00 AM »

Is this able to read the Key off the Console or is this only for the DVD drive?

I need to get the key off the console. Bad DVD drive... (IMG:style_emoticons/default/sad.gif)

mylakerye · « **Reply #13 on:** June 10, 2007, 10:14:00 AM »

QUOTE

efuses cannot be reset. They are comparable to, lets say a fuse for your car. It has a wire that goes through it and at the right amount off current it burns out. Same goes for efuses. For cpu's that have the possibilty of becoming unstable, the fuse can be blown to save from damage. Once its blown its blown.

http://en.wikipedia.org/wiki/EFUSE

"...the chip can instantly change its behavior by 'blowing' an eFUSE. This process does not physically destroy the eFUSE, so it is reversable and repeatable."

Wikipedia wrong.... whose heard of such?

This post has been edited by mylakerye: Jun 10 2007, 05:15 PM

openxdkman · « **Reply #14 on:** June 10, 2007, 11:26:00 AM »

Congrats! Free brains still win!

Author Topic: 360 Flash Dump Tool v0.4 (Read 367 times)