Print

[TheSpecialist]

QUOTE(Gators2001 @ Jun 10 2007, 06:13 PM)

Is this able to read the Key off the Console or is this only for the DVD drive?
I need to get the key off the console. Bad DVD drive...

We've JUST decrypted the key storage, containing the DVD key Next version of the tool with ability to decrypt it will be out soon. However, it's encrypted with fuse data, so you'll need to have the fuse data to get your DVD key from the motherboard. In most cases, this won't be very useful, since you probably won't have that and you can't get it without a dvd key in the first place. At least ... not yet But on the bright side ... progress again !

[wassco]

Man this stuff sounds good, hopefully someday well be able to flash the mobo (i have a dead 360 (E71 error)

so soon as we can flash bios onboard, or get around it....ill be happy...then 2 360's

[TheSpecialist]

and it's out http://www.xboxhacke...g49343#msg49343

You can now decrypt the whole key section if you have a valid flash dump (like from the infectus chip) and the fuse data (from the XELL loader for example) It will show you the DVD key and some other stuff, gonna do some research to find out what else of interest is in there

[Knasen]

QUOTE(TheSpecialist @ Jun 10 2007, 11:36 PM)

and it's out http://www.xboxhacke...g49343#msg49343

You can now decrypt the whole key section if you have a valid flash dump (like from the infectus chip) and the fuse data (from the XELL loader for example) It will show you the DVD key and some other stuff, gonna do some research to find out what else of interest is in there

Incredible work from all you guys, we love you!  

[The Prankster]

Progress is everything!  

[psxpirate1]

Isn't everything signed and verified by the hypervisor before anything can be executed? Also, does Microsoft scan people's 360's after the dash upgrades have taken place? They may have this info on record for Live users. Seems like something people could be missing if the ban hammer comes down again. The trick would be to get the 360 to register as the latest kernel update I'm thinking.  

[eX_Do0mY]

QUOTE(TheSpecialist @ Xboxhacker.net)

Well from power-on:
1. 1BL (first bootloader, stored in ROM), this loads decrypts and starts:
2. CB (2BL, 2nd bootloader, stored in NAND), this this loads decrypts and starts:
3. CD. This loads, decrypts and decompresses CE, which contains the base kernel + base HV. It also loads decrypts and then starts:
4. CF. This loads, decrypts and decompresses CG, which contains the patches for kernel and HV. It then applies the patches and starts up the patched HV and then the patched kernel. Then it boots dash.

So basically it's like: 1BL -> 2 BL -> patch kernel and HV and start them -> boot dashboard.

Every step also checks signature for the next step of course.

Yes, it seems everything past 1bl is checked and signed.  Looks like all you gotta do is find a way to defeat the 1bl, and you've won.  Hypervisor isn't even up until the 4th step.

[ITMASTER]

Very good to heard this kind of news )) the Judjment day getting closer and closer ))

[X-hacker]

QUOTE(ITMASTER @ Jun 12 2007, 08:12 AM)

Very good to heard this kind of news )) the Judjment day getting closer and closer ))

Here, Here

Micro$oft may have done a good job with the security lockdown on the 360,

BUT NO WHERE NEAR GOOD ENOUGH FOR THE MIGHTY MINDS IN THIS SCENE!

Nice work guys, keep us posted.  

[wassco]

Even if they find a way to manipulate it *and in return completely ruining all live capability...*


to me, (and almost ALL of my friends aroun dhere...) we could honestly care less and would be glad to rid ourselves of *live* play..

as long as we would be able to get homebrew / XBMC360 (oh the dream) on our box's...

so many pros to the only one con (no xbox live)

[The Prankster]

I personally can't wait to use this tool, I bought a 360 motherboard from someone on x-s with good rep, and a bunch of sweet looking stuff, gonna try to get an infectus soon too. Those infectus's are one BITCH to get, everything is in euros + italian sites and broken english, and yeah... blah blah blah very hard to buy.

Cheers.

[chrisdot]

QUOTE(Gators2001 @ Jun 10 2007, 05:13 PM)

Is this able to read the Key off the Console or is this only for the DVD drive?
I need to get the key off the console. Bad DVD drive...

erm i need this info too.....bad dvdrom.......did you have any luck?

[torne]

QUOTE(kev147 @ Jun 28 2007, 10:22 PM)

If the above is a correct example, do I just need to write down all the lines that start "fuseset"?

Yup, that's it. The CPU key is fusesets 3 and 5 (or 4 and 6, they are the same).

[Pres]

I have a few questions?
I have got my nand 1bl and fuses dumped. It is in my understanding the program 360 FDT which I am using .061 wont extract or will crash if the improper 1bl key is in the cxkey.txt file. It took me some figuring (never used ida) out where to look for the key but I think I found it and it will extract all the info including the kernels. If I change a variable in the key the program crashes and if I revert back to 0000's it works but wont extract. Does this assume I have the proper key? Also now that this information has benn obtained does this mean updating is okay? Feedback appreciated guys!

[kev147]

Hi Pres, I want to help but your last post has just created more questions for me.

What is the nand 1bl and how do you get it?

The fuses must be the fusset data written down, is that correct?

What is 360 FDT?

Basically what are you trying to do, why and how do I do it?

I want to learn and help others on the site, but am just starting out so please be gentle with me