You missed the security part.
There is a small code named 1bl (boot loader number one) directly engraved (some rom subpart) inside the CPU itself along with a CPU key (a few efuses burnt or not burnt).
This is the start of a secure 'booting chain'. At no moment you are allowed to run your own code. Each part loads the next one and run it only if its signature is authenticated, etc... It's all about pairs of public/private rsa 2048 bits keys, sometimes just AES 128 bits encryption, only MS knows the private one, so we can't fake any valid signature, etc... And xorloser, in its most optimisitc calculation wrote that brute force key breaking would take 700000 years or something like that (with all planet participating, best powerful machines, only 128 bits to break, etc...).
But if you have old kernel 4532 or 4548 and a special shader that replaces one of the original shaders inside the game King Kong (the shader is not signed, thus not part of any security chain and disables the whole console security -thanks to a flaw in these kernel's hypervisors- allowing to boot a loader that stops everything in console and allows you to boot your own kernel - for now a standard linux kernel -)
So, no you have no other way : find an old console, get its cpu key, downgrade its kernel to 4532 (and water cool it, or you will lose it fast!)