Print

[fghjj]

I would love to be able to play without a creditcard.

[lmnoq]

you wouldnt think they'd want to have a whole lot of encryption after authentication takes place.  if they were running some beefy encryption during the games, the latency would kill the service.  i'd guess the biggest thing to figure out would be the initial authentication and then the command set for communication

could it also be possible by xbe patching that you could remove the encryption entirely?
then you could patch your xbe and create the emulated server that doesn't require any encryption at all; thus changing the way the xbox talks entirely

[fghjj]

bigfreak:
As the docs say it's "loosely" based on IPSec and then heavily optimized for speed. My guess is that only someone with really good encryption skills and too much time on his hands can do this.

lmnoq:
They implemented a very fast and very secure encryption with a maximum of only 24 bytes overhead over a normal packet. See XboxSDK.chm.

[remedee]

[remedee]

Ok fellas, I just got an interesting suggestion. LordHomer mentioned something to me about using a modified bios or nkpatcher style app that runs on the xbox itself to intercept the calls to the servers and re-direct them. I'm not entirely sure how difficult this would be as opposed to just swapping out the server info in the xbe itself, but considering the bios/patcher are both still functioning during normal gameplay (think IGR), then I can't see it being impossible to throw another catch in there for the network traffic. This would negate the need to modify every live xbe and the dns spoofing options entirely. There would still need to be a host pc setup, but that's been part of the plan all along since I'm fairly certain M$ would be a just a little bit bothered by a centralized server lol. Any ideas?

[remedee]

I've come across some very interesting info, but I'm hesitant to post the exact details right now. I'm quickly coming to the realization that I have everything I need to accomplish this, but I could definitely use the help of some of the more experienced coders. I'm pretty sure the majority of the stuff is in c++, which I don't currently have a copy of. I've got a pretty good idea of who the "gurus" are, but I don't want to start pestering them with PMs etc if they arent interested or c++ isn't their particular strong point. So any of you guys reading this that have some serious skills and are interested in making this a reality, please feel free to PM me or msg me on #xbox-scene (remedee). TIA

[m.e]

Does anyone know xlive checks if the .xbe's are correctly signed?

[Flame2k]

)

itd b a hell of alot of work to start it from scratch? im not a brilliant coder at all but the task is huge, and it must have cost m$ thousands!

mind you, if we dis assemble xbes and look at the calls and functions, it could be possible to code a service on a server that fools the xbe's into thinking they are actually on live and everything is running properly.

im just thinking, ignore me if u dont agree lol.

[SargeZT]

Well, I started packet sniffing what update.xbe sends out to the live servers.  Fairly easy to replicate, extremely hard to modify.  It looks like there's a lot of encrypted clutter, perhaps encrypted with the private key (mebbe).  Maybe it's a hash check, I really don't know at this point.  

But, either way, I'm taking a smidge of a break from XGuides to look through this stuff.

[chimpanzee]

If you can do this, the whole security foundation it is based on (kerberos and ipsec) can be tossed and that would be a big news and front page of any major media. In other words, I really really doubt there is any chance of it.

[sonnyz]

i just gotta give mad props to everyone involved here and thank everyone for the time there spending on this, i really do think this is possable but it will be alot of work and time, i love this scene and have a feeling things like this will keep the xbox1 alive long after the new systems come out, hell them M$ might not even care about spoofing servers when they arent providing support for xbox 1 live anymore.

also i just wanna state that atleast in my area alot of ppl dont secure their wireless routers and with a laptop with a wireless card its pretty easy to get on alot of them, you just gotta have your friend drive through some neighbor hoods slowly till you get a signal u can use then you dont have to worry much about those, errr scary M$ sites:)

also i have visual studio .net 2003(C++), PM me if your intrested. i work for a wireless internet company so i have access to alot of different internet connections if this can come in handy to anyone id love to help out.

its 4 in the morning and i havent sleeptfor over 24 hours so if i dont make sence or just sound crazy i apoligize and just ignore me.

thanx again everyone.

[Flame2k]

that stuff should come in handy, we need the pros on this job...

[SargeZT]

[gavroche]

dont bother monitoring it.  the protocol and packets are almost tamper-proof.

if you read the docs and specs of XBL, you should understand this.  There is no need to do things the hard way.

[remedee]

Agreed, maybe I should have clarified. Monitor the calls being made etc, like if the commands are being accepted/rejected. Not that I've got an actual server in place yet, but that goes back to how I can set it all up to test the 3 individual connections.