I just wanted to dispell some misinformation, and maybe make some kiddie's lives easier. I dont know why there's so much confusion, since the tool was distributed with source! Why cant people just inform themselves? Anyways... sorry... ranting...
The rc4 key is unnecessary if one has a bios with an already decrypted 2bl.
How to go about making one:
Obtain an x2 4977 BFM rom image, 256k
Obtain the RC4 key
Unpack the x2 4977 BFM bios with xbtool
Insert the unpacked 2bl.img over the original 2bl in the rom image
This starts at offset 0x6200 (iirc)
Make the rom image 1024k using the age-old techniques
Upload to the usual sources for all to enjoy.
Then, noone will need to go trying to find the rc4 key.
To get the RC4 key without blatently breaking laws:
Obtain a bios that contains it in the 2bl, and has a decrypted 2bl.
(not sure which ones do, offhand. try evoxd6)
Open in a hexeditor.
Find the key... it's offset will vary, but it will start with the
magic letters W and B
All the bytes should add up to 0x063D, iirc
Also... to cover some other bases:
Using complex !loader with this is silly. The whole point of
complex !loader is to patch a stock bios at runtime. With this,
youre already running a patched bios, so there's no need. A good setup would
be to use bert & ernie to launch the Phoenix loader directly, which will in
turn load x2 4977 bfm, which will in turn launch evox.
A STEP-BY-STEP:
Install Bert&Ernie Font exploit as has been covered a million other times
Sign Phoenix Loader with the Font exploit key using xbedump. (also well covered)
Put RC4 key in config file, and copy to c:
copy phoenix.raw to c:
Copy signed .xbe to c:
put evoxdash.xbe on c:
rename x2 4977 bfm bios to xboxkrnl.bin and put on c:
Your box will now boot just as if it had a modchip. :-D
ENJOY!
btw... im extremely tired, so, correct me if any of this is wrong. :-)
--Artifex
This post has been edited by Artifex: Jul 18 2003, 11:02 PM