Print

[NeoKast]

True True.

Good point about not needing 007 AUF anymore.

I just assume you'd want it anyways.

[pez]

QUOTE (Ridley @ Jul 3 2003, 12:07 AM)

The exploit is not a bad thing. If M$ was gonna "come down" on the scene, then it would of done it already. Although, there is really nothing illegal taking place anyway.

Flashing a hacked MS BIOS onto the TSOP to bypass security is an illegal violation of the DMCA.

I'm no lawyer, but I'm guessing that the coders who write software to assist in that sort of activity are also in violation of the DMCA.

[thetruth]

Just about everything "we" do is violation of that law, so I wouldn't be too worried about specifics unless you want out of the scene entirely...

[nautiazn85]

QUOTE (BenJeremy @ Jul 3 2003, 12:48 AM)

QUOTE (ZakMcRofl @ Jul 2 2003, 08:42 PM) Just to clear things up: BenJeremy was probably refering to the following possible method: 1) Use 007 to get access to Xbox HDD 2) Modify original dash in a way that allows it to be run out-of-the-box (i.e. without 007 hack). This is the hard part, since any change in that xbe would break the signature. This is why BenJeremy refered to a thread in this forum about hacking the scripting language of the dash: Original Dash hacking Maybe it would be possible to exploit the script language somehow in order to run something. But then again, this "something" would need to signed as well. So what I think is we are missing one major step from always using 007 to running non-signed code right at bootup. Another thing that is interesting is that the Complex Loader comes out just a few days before the 4th of july. Maybe it will be used in the "final" solution and _someone_ decided to release it earlier. Maybe to draw some attention, who knows. Obviously a part of any solution would be replacing the original bios which is still in the memory. This can be done by the loader and that is why that loader is a major breakthrough. Now all we need is a way to run that loader at bootup... Well, mind you, it's purely my speculation. They talked about a "chain of new exploits" - which implies there may be a weakness to be exploited by placing data files on the Xbox (XIP?) in a manner that would cause them to overflow similar to the 007 hack and manage to trigger executable code. Um, I'm not saying any more, as what's occurred to me is an obvious answer, once the above is accomplished.

Wow, you should be a fortune teller.

[Liquid Oxygen]

M$ will come out with a patch which will ban idiots who are using copied games on XBL.  Someone will get around the patch and M$ will respond.  The battle will be never ending unless MS puts a nail in the coffin by having some sort of prog scan your xbox everytime you connect to XBL.  If it detects anything except the norm it will auto ban.  I'm sure its not too hard for them.  

This is really gonna get ugly on the scene, I can assure you of that.  And it will ruin it for the ppl who had games on thier HD's and were buying games to play on Live which was the smart thing to do.

[BenJeremy]

QUOTE (nautiazn85 @ Jul 3 2003, 10:49 PM)

QUOTE (BenJeremy @ Jul 3 2003, 12:48 AM) QUOTE (ZakMcRofl @ Jul 2 2003, 08:42 PM) Just to clear things up: BenJeremy was probably refering to the following possible method: 1) Use 007 to get access to Xbox HDD 2) Modify original dash in a way that allows it to be run out-of-the-box (i.e. without 007 hack). This is the hard part, since any change in that xbe would break the signature. This is why BenJeremy refered to a thread in this forum about hacking the scripting language of the dash: Original Dash hacking Maybe it would be possible to exploit the script language somehow in order to run something. But then again, this "something" would need to signed as well. So what I think is we are missing one major step from always using 007 to running non-signed code right at bootup. Another thing that is interesting is that the Complex Loader comes out just a few days before the 4th of july. Maybe it will be used in the "final" solution and _someone_ decided to release it earlier. Maybe to draw some attention, who knows. Obviously a part of any solution would be replacing the original bios which is still in the memory. This can be done by the loader and that is why that loader is a major breakthrough. Now all we need is a way to run that loader at bootup... Well, mind you, it's purely my speculation. They talked about a "chain of new exploits" - which implies there may be a weakness to be exploited by placing data files on the Xbox (XIP?) in a manner that would cause them to overflow similar to the 007 hack and manage to trigger executable code. Um, I'm not saying any more, as what's occurred to me is an obvious answer, once the above is accomplished.   Wow, you should be a fortune teller.

Yeah, well, the font (XPR) and DB weaknesses were bound to be exploited eventually.


007 AUF was the foot in the door, and Free-X found the icing on the cake, with a variation on the now accessable dashboard.

Gee... I go away for two days and the whole Xbox "scene" has bee turned on end!!

[feflicker]

Buffer overflow exploits are not a new thing... MS$ is constantly tackling this on their PC platform. They will find a way to eliminate it here as well. Just a matter of time. But in the meantime, enjoy your "software-mod" while you can.

Don't expect anything soon. I am sure there will be a project plan to combat this, and it takes time, even if this is code red for MS$ to plan the counter attack. (They will want to get it right first try...)

[drunkinstoner]