Precautions and Recovery Using Xbox Gamesave Exploits
BeMoreOpenXbox
July 2004
Abstract
For new enthusiasts of Xbox soft modification (soft-mod), this article intends
to help them to understand the precautions against Xbox errors and their
recovery.
Gamesave exploit
Gamesave exploit is the very first step in the soft-mod approach without
opening the Xbox. It launches the code which M\s disallows the consumer to run.
For example, a FTP program provides the access to Xbox disk. There are several
gamesave exploits availabe (007 Agent Under Fire, Splinter Cell, and
MechAssult). Note that only the original releases of these games have the
"features" to support gamesave exploits that are found so-far. M\s patched them
in newer releases like the so-called platinum hits or greatest hits.
There are many tutorials and resources available for these gamesaves. It is
important to read them through and have good understanding before operating. In
a nutshell, a bootstrap is put on the Xbox hard drive (HDD) as part of a
gamesave. This is done by either using USB storage (with a home-brew adapter or
an action reply kit without opening the Xbox) or hot-swapping the HDD (with a
PC after opening the Xbox). In a pure gamesave setup, the original game disk
must be available to load the bootstraps in the gamesave and then launch the
programs the user wants to run.
Service Errors
M\s puts relatively strict guards against changes on the HDD. Once it finds
itself not satisfied, an awful helpless screen comes up stating that service
is required. An error code can be found on the screen. One of the most common
code is error 21. Then the Xbox hangs up till being powered off. However, there
are other cases in which the Xbox simply just hangs without displaying an
service error message. When these problems happens every time after powering on
the Xbox, it make the Xbox totally or partially unoperational, including the
dashboard or even all games.
Just-in-case Precaution
Although obviously and ideally the user should avoid mistakes and troubles,
things could still go wrong from times to times. Therefore, just-in-case
precautions are always necessary. The user needs to be capable of revert the
changes and restore the previous working state. The following are these
just-in-case precautions.
1. After gaining control of the Xbox, use the backup function of Evolution X
(EvoX) to backup the important information of the Xbox. Copy the log files
which contains the HDD key and EEPROM information to PC. Make additional backup
and write down the HDD key.
2. Back up all the files on hard drive C: E: to a PC. This can be done by using
either a FTP program that supports recursively transferring directories, or
some other tools to backup the whole hard drive images. It is better to have
the individual files accessible on the PC rather than only the images to
restore.
3. Test the ability to launch gamesave directly after powering on the Xbox
without entering the dashboard. Power on the Xbox by pressing the eject button.
Put the game DVD disk into the tray. Press the power button so that the Xbox
closes the tray and shuts down. Wait a minute and press the power button. After
the Xbox Logo screen displays, the game should load directly without entering
the dashboard. Then load the gamesave exploit that supports FTP. This exercise
allows the user to get familiar with the sequence of power-on-off and
eject-close.
4. Always think about the following before making changes on the HDD. Are the
changes made in both the directory of gamesaves and other Xbox system files
and/or directories? If the answer is yes, rethink and be very careful about the
risk. Because if both the gamesave and dashboard are corrupted, there is no way
to load or reinstall the gamesave exploit without opening the Xbox and
hot-swapping the HDD. As a rule of thumb, try to make a small workable change
at a time rather than make big changes everywhere.
5. Given all the above precautions are taken properly, unpredictable worst case
may still happen, where the gamesave exploits cannot recover. In these cases,
Xbox cases needs to be opened, and the HDD needs to be taken to a PC and
recovered from there.
A Recovery Example.
In this example, errors are simulated on purpose to show how Xbox responds and
how to recover. Please do not actually follow the steps as there is no need to
take the risk, especially for those readers who do not understand the
operations yet.
A.1 Do not follow the steps. This is not a tutorial, but just an illustration.
A.2 All the original Xbox files should have been backup to PC. The hard disk
key is also recorded.
A.3 This experiment is done on a Xbox with Kernel version 5713 and dashboard
version 5960. It maybe cannot be reproduced on other Xbox with or without the
same versions.
A.4 Start a gamesave exploits. Using FTP, keep a copy of c:\xboxdash.xbe (like
orig_xboxdash.xbe). Think about item 4 of the precautions in the previous
section.
A.5 Replace c:\Xboxdash.xbe with c:\xboxdashdata.185ead00\settings_adoc.xip.
Reboot without DVD disk in the tray.
A.6 No service error but the xbox just hangs at Xbox Logo screen. This is maybe
because kernel 5713 does not accept a Xboxdash.xbe with an old time-stamp.
A.7 Press the eject/close button, the DVD tray should be opened. Put in the DVD
game with the exploits already installed and closed the tray. Alternatively,
press power button to power off the xbox. Press the eject button to power it
back on. The tray should open. Quickly put in the game disk and press the eject
button to close the tray. If it is too late, power off and power on again.
A.8 The game should start. Go ahead to load the gamesave exploit. Use FTP to
delete the c:\xboxdash.xbe that causes the problem. Reboot without a DVD disk
in the tray.
A.9 Error 21 screen pops up, and the Xbox hangs.
A.10 Same as A.7
A.11 Load the gamesave exploit. Use FTP to rename the backup of the original
c:\Xboxdash.xbe (like orig_xboxdash.xbe) to c:\xboxdash.xbe. Reboot without DVD
disk in the try.
A.12 The dashboard should come up without problem. The problems are recovered.
Summary
An Xbox user who uses a gamesave exploit and makes changes on the HDD should
take just-in-case precautions against service errors or hang-up. This ensures
it is possible to recover using a gamesave exploits without opening the case.
Note (Let me know if the following understanding is inaccurate or you have
different opinions.)
1. It seems that loading Xbox games on DVD disk does not require or depend on
system files on the HDD, except to load gamesaves.
2. The sequence of power-on-off and eject-close always allows a DVD games to be
loaded directly, assuming M\s will not change it.
3. M\s apparently has made a series of strategic and operational mistakes in a
struggle to make Xbox under its control. After quite a number of revisions and
efforts to patch their own problems without enhancing functionality and value
for the customers, Xbox can still be exploited by soft-mod approaches, not
mentioning the hardware ones. Is this really realistic, necessary, or worth it
for M\s?
Author
Topic: Precautions&recovery Using Xbox Gamesave Exploits (Read 27 times)