Print

[YoshiKool]

also, update.xbe is a known exploitable XBE - other stuff such as mechassault's downloader will help also but they have not been exploited as of yet...

edit: i think i smell 500 posts... seems that exploits for 5713+ are already very very popular after only 11 days...

[eh.]

QUOTE (PedrosPad @ Jul 22 2004, 03:32 PM - partial)

The dates imply that the update.xbe that eh.'s NFL Fever 2003 downloaded must have been the first one published on the XBL servers.  So if a PAL XBL game also connected around that time, it too may have an update.xbe, with a titleID of the game.  It would seem that M$ decided that update.xbe was, in fact, part of the Dashboard suite after this time.

Excellent theory Pedro.

Regarding the last sentence ... they potentially just messed up though, if this is an indicator of what was intended eh.  

CODE

Certificate ~~~~~~~~~~~ Size of certificate                 : 0x000001DC Certificate timestamp               : 0x3D484652 Wed Jul 31 14:19:30 2002 Title ID                            : 0x4D530037 Title name                          : "NFL Fever 2003 Online Beta" Alternate title ID's                : none Allowed media types                 : 0x00000002                                    : XBE_MEDIA_XBOX_DVD Allowed game regions                : 0x00000001                                    : XBE_REGION_US_CANADA Allowed game rating                 : 0x00000000 Disk number                         : 0x00000000 Version                             : 0x00000002 Certificate ~~~~~~~~~~~ Size of certificate                 : 0x000001DC Certificate timestamp               : 0x3D484652 Wed Jul 31 14:19:30 2002 Title ID                            : 0xFFFE0000 Title name                          : "Online Updater Application" Alternate title ID's                : none Allowed media types                 : 0x00000002                                    : XBE_MEDIA_XBOX_DVD Allowed game regions                : 0x00000001                                    : XBE_REGION_US_CANADA Allowed game rating                 : 0x00000000 Disk number                         : 0x00000000 Version                             : 0x00000002

[eh.]

QUOTE (PedrosPad @ Jul 22 2004, 03:32 PM - remainder)

This the eh.'s NFL update.xbe that was used for US UDE2. eh.'s quip about  "Guy Fawkes day" (Nov 5th) caught my eye. This file from the NFL Fever 2003 DVD... CODE 2,121,728 \XODash\XOnlineDash.xbe ...is a fake Dashboard - when you run it it simply shows a static image saying that XBOX is due to launch in November 2002.  Interesting date eh? eh., any chance you could delete your NFL downloaded content, and see if the game sucks the same update.xbe it down again?  (I doubt it would, but would like to know).

Initially I reverted to 4817 and "connecting" did indeed display the pre-live fake XOnlineDash.xbe as you described (and consequently didn't download anything).  I then replaced it with 4920 and it attempts to download ... without success ...  I think my network setup's incompatible and will try changing that when I can eh.  

Edit (outcome):
Changed the network setup and received 5960 but nothing more, alas.  My tests proved to be somewhat futile, as I don't have Live!  Consequently, I could only gain access to it via the dash.

Learned that my version of Fever2k3 doesn't facilitate the initial connection, it just displays a message about visiting the XBL website for more info.  The owner needs to have subscribed by another means, before this version of the game can use it eh.

[scrupul0us]

::skips to page 15 and adds his two cents::

Can't you use configmagic? Then ude2?

[devz3ro]

QUOTE (scrupul0us @ Jul 26 2004, 07:28 AM)

::skips to page 15 and adds his two cents:: Can't you use configmagic? Then ude2?

Yes, obviously you can if you don't have a 1.6 xbox. I'm sure pedro, krazie, ldots and the others are well aware of that. There are many issues with changing eeproms:

1. It's sensative, if you mess it up it can be either very simple or extremely difficult to repair.

2. Far from everyone is comfortable with editing their eeprom.

3. If the instructions I re-wrote aren't followed exactly, you can run into other non-eeprom problems.

-devz3ro

[BluhDeBluh]

QUOTE (scrupul0us @ Jul 26 2004, 07:28 AM)

::skips to page 15 and adds his two cents:: Can't you use configmagic? Then ude2?

::replies sarcastically:

Read back a few pages, and the UDE2 thread and this has already been mentioned several times and isn't very helpful for a variety of reasons. Since Configmagic also dosn't work on v1.6 'boxes, apparently, people with PAL 1.6ers have a problem. It also means if you mess up your 'box, you also might struggle to revert it without picking up a copy of MechAssault and you'd also have to wait for EvoX to launch so you can play PAL games.

Not really ideal.

[YoshiKool]

scrupul0us: 1.4 or maybe 1.5 - 1.6's have kernel 5838 for the new video encoder

[PedrosPad]

QUOTE (BluhDeBluh @ Jul 26 2004, 07:45 AM)

Since Configmagic also dosn't work on v1.6 'boxes, apparently, people with PAL 1.6ers have a problem.

The source code for ConfigMagic can be found here (You never know - look that happened when I pointed people to the source of PBL )

[Chicken Scratch Boy]

right

why not just extract the eeprom manually? if you can get 1 pal and 1 ntsc, finding the right bytes to change should be a snap (or trial and error if you have nice failsafe like a modchip   ) or is the archetecture of the eeprom circut and drivers radicly different so reading a writeing would be a pain?

[PedrosPad]

QUOTE (Atreyu @ Jul 26 2004, 05:02 PM)

i sent my friend Idots search proggy.. and he ran it.. and he said it found some files but does the program write a log? if so.. where does it write it to?

E:\SCAN_LOG.TXT (or a filename very close to that)

[eh.]

QUOTE (PedrosPad @ Jul 23 2004, 09:31 AM - partial)

Usage: Put a copy of xbedump.exe at C:\ Pop the HDDXBESrch.bat batch file at the top of the folder tree you wish to search (C:\Games) and double click on HDDXBESrch.bat. The output is written to the file C:\HDDXBEs.txt. Remember, if it reports that every allowed media type is on, it'll be junk, as the xbe must have been modifed by DVD2XBOX or some such.

Thanks for this Pedro; it worked well (on win2Kpro) for me eh.  To increase the chance of others seeing it, could Angerwound add a link in the "Exploit Tools" sticky, along with one to ldots scanner?

(Edit: P.S.  The outcome of my Fever2k3 tests is now in the related post.)

[Angerwound]

I'm sure I can do that for you. I meant to throw that in there sooner but it must have slipped past me.

[PedrosPad]

QUOTE (Atreyu @ Jul 27 2004, 09:42 AM)

I got my friend to run Idots search tool, and he posted me his log.. i don't think any of the files he found are useful but just incase, can someone who knows.. please check the log to confirm? thanx FRIENDS XBE_SCAN.LOG

Unfortunately, in this instance, you're right - there's nothing remarkable in the log, but many thanks for taking the trouble and posting the results.

[Chicken Scratch Boy]

QUOTE (Chicken Scratch Boy @ Jul 26 2004, 06:39 AM)

why not just extract the eeprom manually?

like... back it up and look at people..
good idea, bad idea? tried it? i'm a genius?

[mkjones]