Print

[BadBloke]

AutoHacker by BadBloke

(IMG:http://i44.tinypic.com/2s7xrn5.jpg)

AutoHacker is an app I wrote which helps automate the proccess of SMC/JTAG Hack (on nand-related stuff only, of course).

FEATURES:

- Motherboard Autodetection
- CB version / exploitability Autodetection
- Reads NAND two times (or part of it if we are using a BB Jasper)
- Compares the two backups, if they are identical, it saves them in a folder with a name of our choice.
- Extracts KV and ConfigBlock from the NAND Backup.
- Patches previously extracted KV and ConfigBlock in to the correct version of XBReboot (which is also autodetected).
- Writes final image to NAND memory of our console.
- Can also erase NAND (or part of it, if we are using a BB Jasper)
- Can also write original backup into NAND.

It can also be used regardless of JTAG Hacking in the following ways:

- Nand Dump
- Nand Compare
- Nand Write (any .bin image)

It uses a full (custom) GUI which saves as from typos or mistakes which can be done by manually typing in commands. It also saves as from looking up to Guides to determine the correct NAND addresses which are varied along with the motherboard revisions, since AutoHacker knows the motherboard we are working on, if it is exploitable etc. If something is not right (CB not exploitable / we have not patched XBR / we have not two identical backups) it does NOT overwrite our NAND.  

NOTICE: This program DEPENDS on NandPro and does NOT replace it.
I will update the app regularly, fixing bugs and adding features. Of course, each time a new XBR comes out, AutoHacker will need to be updated (this goes without saying).


SOFTWARE REQUIREMENTS / INSTALLATION:

In order for AutoHacker to run properly it needs:
- All the XBR 8955_3 versions (for all motherboards).
- NandPro 2.0b (Only this version is tested, the commands are 100% compatible with 2.0b and thus I have locked the program to this version - it will not run if it detects other NandPro version or no NandPro at all)
- SDL .NET runtime.

Installation Instructions:
- Use XBINS to download NandPro 2.0b and extract contents in "AutoHacker V2\" folder.
- Use XBINS to download all XBR_8955_3. ALL VERSIONS are needed (for all motherboard revisions). Extract all of them (or not) and throw them in "AutoHacker V2\XBR\" folder. There must be 6 .bin (or 3 .zip and 3 .rar) files in there.
- Run "sdldotnet-6.1.0-runtime-setup.exe". This will install the SDL .NET runtime.
- Run "port95nt.exe" if you are using LPT. This has to do with NandPro.


DISCLAIMER:
===========
I AM NOT RESPONSIBLE IF SOMETHING HAPPENS TO YOUR CONSOLE!! This program has been tested and it worked flawlessly during these tests. Abusing this program may give different results. The fact that it automates the whole process, does NOT mean that you don't have to know what you're doing. You DO, or else, you may end up with a bricked console!!
USE THIS AT YOUR OWN RISK, AS YOU WOULD USE NANDPRO AT YOUR OWN RISK.

DOWNLOAD LINK:

CODE

http://www.megaupload.com/?d=RKJCME34

CHANGELOG:
============

v2.1     :
           Fixed a bug where CB version 6723 was reported as not exploitable.
           Added a self-check upon startup so that all the files are in place and correct version.
           Added feature to automatically unpack XBR images in case the user threw them in the folder without decompressing first.

v2.00BETA:
           Complete rewrite. v2.00 Initial Release.


DOCUMENTATION / HILARIOUSLY EASY JTAG GUIDE (on NAND-related stuff)

This forum doesn't allow me to post as many images as I would like to complege the program manual in a single post. I don't want to triple-post, so, bear with having to copy-paste the last 5 images in order to view them


Make your LPT/USB soldering (not covered here).
Install and setup AutoHacker, then run it.
Bear with the "scene-like-scroller-thingy-with-awesome-SIDtune" then press esc.
Read the disclaimer, press OK, and you'll get to the Setup Menu:

(IMG:http://i44.tinypic.com/16hrtz7.jpg)

Notice at the upper-left portion of the window the so-called "info box". This is where we can see the interface type of our choice (LPT/USB), the NAND size of our choice, the revision of our motherboard (autodetected) and the CB version (autodetected). This info box is there while we're navigating through app's menu system and when we click on [SETUP] we get back to this screen, selecting Interface and NAND size.

Here we go:
Choose the method you use to connect your XBOX to your PC (LPT/USB).

(IMG:http://i41.tinypic.com/2427nlc.jpg)

Click on the photo that corresponds to your NAND.

(IMG:http://i42.tinypic.com/2uxv8us.jpg)

AutoHacker will now try to extract your console's CB and will tell you whether it is exploitable or not. The pictured system is modguru's guinea pig (an RROD'ed Xenon with CB version 1888 (IMG:style_emoticons/default/wink.gif) ) Notice that in the Setup Info that the field "Motherbrd" and "CB ver." is now filled-out (IMG:style_emoticons/default/smile.gif) . Press any key and you're done setting up (it was 2 clicks). You are now in the main menu (Action menu):

(IMG:http://i41.tinypic.com/2lmt443.jpg)

We first choose...

__________


DUMP

In the Action menu, click on DUMP.

(IMG:http://i42.tinypic.com/sgmxrn.jpg)

By now, AutoHacker should know everything it needs, and knows the commands we need to run. It informs us on the commands that will be used and asks for a keypress... Press a key and the first dump begins.

(IMG:http://i44.tinypic.com/wmmkud.jpg)





(IMG:http://i43.tinypic.com/50qgeg.jpg)

It then waits 10 seconds and the second dump begins.

(IMG:http://i42.tinypic.com/afj4tc.jpg)

When the 2nd dump is complete, it will automatically compare the two files and if they're identical it will inform us and ask us for a folder name. Once we type it and press ENTER, it will create a folder with the name of our choice, then copies the two files (dump1.bin and dump2.bin) on that folder.

(IMG:http://i44.tinypic.com/11l61ix.jpg)

As we can see, it succeeded in doing so. (IMG:style_emoticons/default/smile.gif)

Next step to JTAG city is...

__________

PATCH

I feel like I'm writing a novel  

IMEGR: http://i39.tinypic.com/2jg4c60.jpg

In the Action Menu, we click on PATCH.

IMAGE: http://i41.tinypic.com/2cne3yx.jpg

That was easy, right? We're done here!!
NOTE: This step will fail if we haven't copied all the XBR versions in the XBR folder. (see installation instructions)
Now all that is left is write the patched XBR.bin to our NAND memory.


__________

WRITE

IMAGE: http://i43.tinypic.com/ndvbwy.jpg

In the Action menu, click on WRITE.


IMAGE: http://i40.tinypic.com/i1zleb.jpg

Click on XBR.


IMAGE: http://i40.tinypic.com/1y1hc3.jpg

AutoHacker does some checks. 3 requirements need to be met in order to let us write XBR to our NAND memory.

1) You need to have patched XBR.
2) You need to have a good NAND backup.
3) You need to have an exploitable CB.

If all of the requirements are met, it asks us for a keypress to continue writing the NAND (or else it will read some red text explaining why it won't let us and we'll be back to Action menu).

IMAGE: http://i44.tinypic.com/28l6dyd.jpg

Then it warns us that we're about to actually write our NAND. THIS IS OUR LAST CHANCE TO CANCEL. If you're sure we know what we're doing, click OK.

IMAGE: http://i44.tinypic.com/wh4kn.jpg

XBR gets written into NAND...

IMAGE: http://i39.tinypic.com/j8e782.jpg

And finally it prints NandPro's DebugLog.txt on screen so thet if we were away from our PC we can see if something went wrong and possible error messages. We press any key and we're back to the Action menu. All that is left is solder our JTAG wires/diodes and enjoy our XBOX360 the way it was meant to be!

Still a WIP, need to add instructions on erasing the nand and other write options...

This post has been edited by BadBloke: Apr 12 2010, 12:45 AM

[ste030]

Good work !

[skyliner99]

jtag, everyone doing it

great program

[ristodesign]

Looking good, will try this out!

Any plans to enter cpu key to change centain configuration values or wouldn't that be possible?

[bonaparte2]

Thanks!

[reddwarf]

Tried it on a xenon, works great!!! (as long as you make sure to extract the xbins xbr files correctly)

[BadBloke]

Thanks everyone.

QUOTE(ristodesign @ Apr 9 2010, 01:31 AM)

Looking good, will try this out!

Any plans to enter cpu key to change centain configuration values or wouldn't that be possible?

It doesn't really do any NAND/image editing on itself, only uses nandpro and calls some external routines. Think of it as an very advanced, sophisticated batch file, if you like (which is what V0.1 was essentially). Writing from scratch again sometime (not soon, maybe V3) on a lower-level language would allow me to do stuff like that, but then, again, PleXo is on his way there... For now I want to concentrate on making JTAG hacking as easy as possible with the least headaches and hassle, which is what AutoHacker is all about.

QUOTE(reddwarf @ Apr 9 2010, 03:22 AM)

Tried it on a xenon, works great!!! (as long as you make sure to extract the xbins xbr files correctly)

Thanks a lot for the feedback, means much to me. AutoHacker is very strict when it comes to dependencies, because it is designed having trustworthiness in mind. If it finds the smallest error it stops, because I wanted it to be fool-proof. I couldn't include XBR or NandPro for a lot of obvious reasons, so the side-effect of safety is a bit of hassle during the installation. Now that I think about it I could make it detect whether the files in XBR are in zip format and extract them upon program startup (something like an "automatic installation"). What do you guys think of that?

Thanks again for the feedback, everyone, please report if you have had success (don't forget to mention usb/lpt - motherboard revision etc). But most importantly, report bugs, annoyances and ideas as well.

[thesonandheir]

This looks amazing, cant wait to try this out.

A credit to you sir

[deilzfcjk]

talk about spoon feeding. Thats all there is to it. Now people will not do research.  It's beginning to be too simple. I rmember in December. I was rewriting my bad blocks using winhex. and omg. I almost bricked my 360. But ,i knew what I was doing.
Nand pro was still in it's infancy. I kept getting error on my ghetto rigged LPT dumper. I got it done in about 2-3 days. I freakin hate hex. I used nandcompare and I forgot everything by now. Thanks for the good work guys.

This post has been edited by deilzfcjk: Apr 9 2010, 03:00 AM

[sektor1062]

Yeah, but does it work on my up-to-date console yet?
Yeah and thanks etc, you're the love of my life.

This post has been edited by sektor1062: Apr 9 2010, 03:21 AM

[fritoeata]

Thanks so much! you are a credit to our scene, I know MANY others agree!

frito

[xmugen360]

QUOTE(sektor1062 @ Apr 9 2010, 04:17 AM)

Yeah, but does it work on my up-to-date console yet?
Yeah and thanks etc, you're the love of my life.

i am pretty sure this does not change things if you are not at exploitable dash then this is not for you...

Thanks this is amazing...

i hear the other fellow on the spoon fed part but i think it is good to make the jtag as accessible as possible many of my friends complain it is still to difficult...

[Muzzakus]

Still waitin for XBMC360.....

[InvidiousDemise]

Sweet program!  I'm sure this will come in handy.

QUOTE(Muzzakus @ Apr 8 2010, 10:44 PM)

Still waitin for XBMC360.....

Get to work... or shut up.

[ydgmms]

can i use a Xellous XBR with this? Like if I throw in the Xellous section into the XBR bins will youre program work, or does it do some CRC checking to find the 'right' XBR for the detected motherboard?

I like Xellous over Xell. Why? I dont know, really. But it made dumping/writing the BB easier.

ooh yeah; does it auto fix bad blocks too?

This post has been edited by ydgmms: Apr 9 2010, 05:04 AM