Print

[alee132]

QUOTE (Kreepa13 @ Oct 12 2002, 06:23 PM)

The features depend on the bios so there isn't any difference between the chips in terms of features. will the new x-ecuter be better than matrix in terms of installation or in any other way.

                                    well they said they made it really strable and all, so it could just be another 1 wire mod!  I'm not sure that they will go strait for the no solder, especially since they said it will not be like another mod chip out there.

[M3_DeL]

no one knows at this point if it will be better.

[bagel5009]

the advantage is, itll work on the new xbox's

[M3_DeL]

that is not an advantage if you have a v1 xbox. And yes these mods will work on both versions

[forcelite]

I think v1 and v1.1 means the ones with the new drive. Not the new xbox's

[bagel5009]

QUOTE (M3_DeL @ Oct 12 2002, 10:17 PM)

that is not an advantage if you have a v1 xbox. And yes these mods will work on both versions

                                    very true

[82ross]

I think its just the kernal that makes it work on the new version. not the new chip they are bringing out. so any flashable modchip with the correct bios could work with both versions.

[Dark Schneider]

I have full confidence that this will be a classic mod.

[obiwan]

FYI numbnut confirmed that Xodus/Matrix chips work on V2 (or V1.1) xboxs also!

[opjose]

QUOTE (obiwan @ Oct 13 2002, 01:42 PM)

FYI numbnut confirmed that Xodus/Matrix chips work on V2 (or V1.1) xboxs also!

                                    He said that an that the LPC bus was still active on the V1.1 XBoxes, but because of the extra HASH the mcpx does, it would not work.

Now that the hash has been discovered a change to the Xodus/Matrix may be required for it to work with the new v1.1 xboxes.

[ravencry]

opjose you are not informed right... read up.

[opjose]

QUOTE (ravencry @ Oct 13 2002, 01:55 PM)

opjose you are not informed right... read up. opjose Archived User Hero Member Posts: 2553 Will The New X-ecuter Be Better Than Matrix Ok Again I don't quite see this. Pardon my picking at it, but I've played the over optimistic side before and now I want to get it right: "I am proud to announce that at 10:45BST the 'v1.1' secure version of the Xbox was proven to be running arbitrary BIOS code in a normal 256KByte modchip - with no additional hardware required.  In short, in under a week we were able to normalize the new box to enable it to interoperate with Linux properly." ---- Yet in earlier posts he talked about needing to tie down some extra data lines to get an LPC mod to read into the bus. So it's not quite "normal" if that is required. In this case there was no mention of what modchip he used, was it an LPC mod or a homebrew? 256k alone does not necessarily indicate a Matrix mod. Until he tells us, we don't really know... (although I haven't been following all their threads that closely...) "For non Linux users, you will need to wait for Xecutor to issue a release of the cracked native BIOS.  I don't think that will take too long, its just a rerun of last time now; Xecutor is saying a few weeks.  Pretty much no matter what Xecutor do, their cracked BIOS will be on Usenet the day it comes out (they kind of live by the sword and die by it at the same time).   You might also find proactive guys like EvoX attempting the raw hack themselves now and separately releasing." By inference a new BIOS is required, but there is NO mention as to if this new Xecutor bios will work with the existing LPC mods. Hopefully this indeed -WILL- be the case. To me it's merely that the two points seem seperate and not fully confirmed to be linked though I may be wrong. opjose Archived User Hero Member Posts: 2553 Will The New X-ecuter Be Better Than Matrix So far the ONLY partially confirming post has been this.... "Mad Mike, you just need to wait for a new BIOS to arrive one way or another now.  Although I was unable to test it because I soldered a header in about 15 seconds after getting the box open, I believe Xodus will work fine, the mounting hole being in the same position and LPC known to function perfectly. " This is Numnuts himself speaking. He is stating that the LPC mods are known to function (see his earlier post about needing to tie down a dataline to get it to work though), and that he BELIEVES that the Xodus will work fine with a new bios. So this -IS- much closer but there are still no confirmation, nor confirmation that that at the very least the data line tie down is not required as he originally posted. opjose Archived User Hero Member Posts: 2553 Will The New X-ecuter Be Better Than Matrix I guess I'm talking to myself heh. I found a post which seems to indicate that things are not as simple as a bios update... "Disclaimer: I am numbnut. The 1.1 version of the Xbox is certainly designed to be Palladium Lite. The concept is that no code is executed unless it matches a one way hash signature. The only exception is the boot ROM (512 bytes) which lives in the nVidia-designed MCPX chip; this is used to validate the next code to execute, which validates the next code to execute and so on. Unfortunately for MS (and perhaps nVidia), they chose a hashing algorithm which already had a known flaw. The hash, which works on QWORDS (64-bit quantities) is completely insensitive to b31 and b63 of a QWORD both being inverted. Doubly unfortunately for MS, the VERY FIRST DWORD of the hashed region is the entry point, and contains a long relative jump. The effect of flipping b31 and b63 on this QWORD is to retarget the jump to RAM. Triply unfortunately for MS, they have a small interpreter built into their ROM code, whose instruction set is capabel to to IO amd memory r/w before the bootrom is validated and executed. It was trivial to add some memory writes to the interpreted code stream to prep the memory targetted by the modified jump with a jump back into the flash. The end result is perversion of the hashed region in a way invisible to the hashing algorithm, and execution flow jumping to arbitrary code in the flash. I urge anyone interested in both the technical detail and the larger issues raised by this to read the threads on http://www.xboxhacker.net as this is a much larger issue than simply another Xbox crack." The initial hash "lives" in the MCPX as stated above. Numbnut states that basically he flipped some bits to get the code to "jump into RAM" and "prepped" the table that would be jumped into via an interpreter. The problem is that these "flipped bits" live in the MCPX, so something must be done to get the MCPX to go ahead and flip the bits. E.G. some external wiring or hardware. Print Pages: [1] 2 « previous next » xboxscene.org forums > OG Xbox Forums > Modchip Forums > Matrix & Chameleon Modchips > Will The New X-ecuter Be Better Than Matrix   SMF 2.0.19 | SMF © 2021, Simple Machines

[opjose]

Ok Again I don't quite see this. Pardon my picking at it, but I've played the over optimistic side before and now I want to get it right:

"I am proud to announce that at 10:45BST the 'v1.1' secure version of the Xbox was proven to be running arbitrary BIOS code in a normal 256KByte modchip - with no additional hardware required.  In short, in under a week we were able to normalize the new box to enable it to interoperate with Linux properly."

----

Yet in earlier posts he talked about needing to tie down some extra data lines to get an LPC mod to read into the bus. So it's not quite "normal" if that is required.

In this case there was no mention of what modchip he used, was it an LPC mod or a homebrew? 256k alone does not necessarily indicate a Matrix mod.

Until he tells us, we don't really know... (although I haven't been following all their threads that closely...)

"For non Linux users, you will need to wait for Xecutor to issue a release of the cracked native BIOS.  I don't think that will take too long, its just a rerun of last time now; Xecutor is saying a few weeks.  Pretty much no matter what Xecutor do, their cracked BIOS will be on Usenet the day it comes out (they kind of live by the sword and die by it at the same time).  

You might also find proactive guys like EvoX attempting the raw hack themselves now and separately releasing."

By inference a new BIOS is required, but there is NO mention as to if this new Xecutor bios will work with the existing LPC mods.

Hopefully this indeed -WILL- be the case.

To me it's merely that the two points seem seperate and not fully confirmed to be linked though I may be wrong.

[opjose]

So far the ONLY partially confirming post has been this....

"Mad Mike, you just need to wait for a new BIOS to arrive one way or another now.  Although I was unable to test it because I soldered a header in about 15 seconds after getting the box open, I believe Xodus will work fine, the mounting hole being in the same position and LPC known to function perfectly. "

This is Numnuts himself speaking.

He is stating that the LPC mods are known to function (see his earlier post about needing to tie down a dataline to get it to work though), and that he BELIEVES that the Xodus will work fine with a new bios.

So this -IS- much closer but there are still no confirmation, nor confirmation that that at the very least the data line tie down is not required as he originally posted.

[opjose]

I guess I'm talking to myself heh.

I found a post which seems to indicate that things are not as simple as a bios update...

"Disclaimer: I am numbnut.

The 1.1 version of the Xbox is certainly designed to be Palladium Lite. The concept is that no code is executed unless it matches a one way hash signature. The only exception is the boot ROM (512 bytes) which lives in the nVidia-designed MCPX chip; this is used to validate the next code to execute, which validates the next code to execute and so on.

Unfortunately for MS (and perhaps nVidia), they chose a hashing algorithm which already had a known flaw. The hash, which works on QWORDS (64-bit quantities) is completely insensitive to b31 and b63 of a QWORD both being inverted.

Doubly unfortunately for MS, the VERY FIRST DWORD of the hashed region is the entry point, and contains a long relative jump. The effect of flipping b31 and b63 on this QWORD is to retarget the jump to RAM.

Triply unfortunately for MS, they have a small interpreter built into their ROM code, whose instruction set is capabel to to IO amd memory r/w before the bootrom is validated and executed. It was trivial to add some memory writes to the interpreted code stream to prep the memory targetted by the modified jump with a jump back into the flash.

The end result is perversion of the hashed region in a way invisible to the hashing algorithm, and execution flow jumping to arbitrary code in the flash.

I urge anyone interested in both the technical detail and the larger issues raised by this to read the threads on http://www.xboxhacker.net as this is a much larger issue than simply another Xbox crack."



The initial hash "lives" in the MCPX as stated above.

Numbnut states that basically he flipped some bits to get the code to "jump into RAM" and "prepped" the table that would be jumped into via an interpreter.

The problem is that these "flipped bits" live in the MCPX, so something must be done to get the MCPX to go ahead and flip the bits.

E.G. some external wiring or hardware.