Print

[Angerwound]

I've got this running on my Live box at the moment, K: 4034 D: 5960.... Just kept the update.xbe from my old dashboard before I let Live Upgrade.. After the upgrade, I tested live first and found it worked. I then gained FTP access transfered over needed files and everything booted fine. Now to see if Pedro can work out this Live access.

[devz3ro]

Only reason the easter-egg is still there is for live 2.0 access. I'll leave it up to you though since you spent some time on it.

-devz3ro

http://sh0x.tk/

[Angerwound]

Totally up to you guyz, if you think it will help anyone at all keep her pinned, otherwise let her go.


BTW, I'm tinkering with trying to launch xonlinedash.xbe.. I hexedited the xboxdash.xbe to look for an occurrence of fonts\ as pedro said there was and can't seem to find it. Anyone else find the occurrance?

For now I am just changing the fonts and xboxdash.xbe's back to original's and then reboot to play live... Gamesave to switch hack back on ( I suppose you could use the EasterEgg exploit as well )... Simple enough...

[Angerwound]

Should, 5101 doesn't have the setback's 5713 does.

[rmenhal]

QUOTE (ldots @ May 23 2004, 11:54 PM)

If I was eager to go on Live I think I would just make a font/audio switch in Evox like we were used to with the old fonts (do you remember when the clock loop was an issue ).

You forgot that audio exploits don't work with post-4920 dashes? However, you could do something similar with the easter-egg. But that wouldn't work across updates, because settings_adoc.xip will be overwritten.

[Jbob]

Found the hex strings in Thc lite after posting (2 occurances) edited them and now works flawless with THc WooHoo

[rmenhal]

QUOTE (Angerwound @ May 24 2004, 03:22 AM)

BTW, I'm tinkering with trying to launch xonlinedash.xbe.. I hexedited the xboxdash.xbe to look for an occurrence of fonts\ as pedro said there was and can't seem to find it. Anyone else find the occurrance?

"fonts" is in 16-bit unicode. In this case, there's just a 0x00 after each (8-bit) letter. There are two occurrences in xboxdash.xbe.

[ldots]

QUOTE (rmenhal @ May 24 2004, 05:40 AM)

You forgot that audio exploits don't work with post-4920 dashes? However, you could do something similar with the easter-egg. But that wouldn't work across updates, because settings_adoc.xip will be overwritten.

True - so this is not completely ideal  
But this is the same issue as live/audio users had before. Let live upgrade the live dash, then use a game save hack up restore the 4920 dash.

About Pedro's idea. The Mech fonts keep a small stub program in memory after the in-memory-pathched msdash has been reached, to be able to patch the key back to its original state if a non habibi-signed xbe is being loaded. Does anyone know how long this stub program survives? Maybe a similar trick could be used for launching xonlinedash.

[wivenhoe123]

can anyone help me! i'm trying to use this exploit to let me remove my mod chip!
i have got all the relevant files on my xbox (thanks digisatman!) and when the mod chip is in i can get it to run through the update.xbe (xboxdash.xbe) > bert ate ernie > phoenix > evox dash.
though as soon as i remove my mod chip and try and boot i receive an error 13! any suggestions?

UPDATE! ok it seems if i use the xboxdash.xbe from digisatman's package then i receive error 21, though if i sign the xboxdash.xbe it changes to a error 13.
when using my mod chip it still functions fine, with no errors.
anyone got any suggestions of something i could try or what the problem could be?

Mark

[digisatman]

seems like devzer0 still has not got a package out, bet ya to it m8!

I pm'ed him, so i think i might try and get him to put my package on the usual places,

cheers

[digisatman]

i have a question,

when using this exploit, say i go to play a game like halo for example, then i press the eject button coz i wanna play another game, will it restart my xbox?

thanks

[TraZer]

QUOTE (ldots @ May 23 2004, 11:58 PM)

Sounds to me like you still have the retail *xtf fonts in the root of C: You need to rename the extension of : C:\Xbox.xtf   and C:\XBox Book.xtf to a something else (*.bak) Also be sure you habibi signed E:\default.xbe (you didn't mention that).

Thanks for your answer!... I might have missed the thing with signing the default.xbe in E:\
where canb I read about signing the xbe?

thanks again? =)

[PedrosPad]

QUOTE (ldots @ May 23 2004, 11:54 PM)

Think your idea would work Pedro  These are some of the concerns. If this causes an update each time, it's far from ideal. Another thing is what happens when you exit xonlinedash.xbe? Would Bert_ate_Ernie fire again when reloading our xboxdash.xbe (update.xbe)? This is a new memory layout, so maybe not? Would we get a reboot? Some things to check  If I was eager to go on Live I think I would just make a font/audio switch in Evox like we were used to with the old fonts (do you remember when the clock loop was an issue ).

Thanks for the feedback.  I was am hoping to get some discussion going on in this topic & thread.

I was always confident that the bright sparks in the forum would be able to combine the exploits to solve any issues (as they always have ).  I authored my Dashboard Exploit Summary post to aid and encourage this

I'm assuming that, by the time you've performed all the XBOX!Live updates to the latest Dashboard/XBOX!Live console, the final xodash\update.xbe would be far newer than the 4290 update.xbe - and the font overflow bug fixed - meaning that if the latest xodash\update.xbe was launched by the xonlinedash.xbe, and was denied all fonts except C:\bert_ate_ernie.xtf, the exploit wouldn't fire - I do wonder what would happen.

A best-case-scenario is that the additional check simply steps over loading an overflowing font, and carries on looking and loading the remaining fonts what match the *.xtf wildcard.  Since  rmenhal has found that the 4290 update.xbe only loads one font, it may possible to the put the two retail fonts and bert_ate_enie in C:\ and force the order of the *.XTF file enumeration.  Either by file renaming (relying on a sort order), or re-writing the raw directory sector.

[PedrosPad]

QUOTE ({later} @ May 23 2004, 09:33 PM)

here's a nice little movie I made of the update-exploit, check out the boot time I really like it alot... http://members.lycos..... {later}).avi

Look Mum, I'm on Telly.  

[PedrosPad]

QUOTE (zorxd @ May 24 2004, 03:50 AM)

is this exploit supposed to work on a TSOP flashed xbox with PBL that load kernel 5101?? I want to do this to test it before using it on other xboxes

If your TSOP flashed, why would you need a software exploit?   And why use PBL to load a retail kernel?   (It's known that this isn't sufficient to use Live)  I feel I missed something here.