Print

[Trisman]

Thank god, a group of people that arent scared out of their brains by the big, bad Live!  

I'm in the process of building a server farm out of old pII xeons, if you need it as a beta server pm me, but i dont have that much bandwidth, so i dont know how much help i can be.

Again, its good to see someone getting the ball rolling.

[Flame2k]

i wil try setting up some servers on my network tonight as the 3 live servers and watch what the xbox tries to do.

il post data in the morning.

[fghjj]

chimpanzee and others:
The idea is not to crack tested&approved security concepts like IPSec. Everybody trying to monitor traffic when playing live won't get much info out of it. Also watch out to not get banned cos I've got a feeling that Xbox connects to AS***.XBOXLIVE.COM where *** is some game ID or something (untested I don't have Live).

Like bigfreak said, most probably our only hope is some patcher for .xbe files that searches for patterns of the challenge/response mechanism and let it "always return true" and find the encryption code and replaces it by something that "simply jumps over it". This is offcourse a simplified explaination for the average assembly noobs like me.

There are already excellent tools like IDA Pro available that do disassembly and a lot more. We still need the encryption/ASM expert tho.

Even if this is done, do we need to write separate server apps for every game?

About legality: the DMCA probably forbids stuff like circumventing security but us .EU ppl still can hack around as long we don't (and I quote local law in my broken English) "penetrate other ppls computers without them knowing it".

btw.: Another option might be TSR's like Evox trainer stuff. Unfortunately nobody seems to know how this has been written. Maybe you could even make use of Evox's current telnet interface to scan memory to find the unencrypted Send() buffer.

Just some thoughts it's very late here

[SargeZT]

Nope.  It connects directly to AS.XBOXLIVE.COM, and sends authentication data and some encrypted shit that I can't make heads and tails of.  I'm working on figuring out what the hell the encrypted data is...

[SargeZT]

Also, screw the DMCA.  Fair Use, at this point of the project, protects those of us on the not bad country, from anything serious.  Installing a Modchip is no more illegal then what we are doing with this.  

And, sorry to forget to address this, the data likely isn't encrypted in the buffer, probably encrypted then put into the buffer, for an extra layer of security.

[SargeZT]

To be fair, I'm not in this for Live! play with backed up games or banned systems.  I'm in this to see if there is an exploit possible (Live PSO on the Gamecube) with NO extra tools but a computer.  Unlikely, admittedly, but possible.  

But yeah, I REALLLLY want to figure out that encryption.  It's definitley not RC4, MD5.  Perhaps it's actually a Checksum of the data sent out thus far, preventing people from doing exactly what we're doing.

[Chicken Scratch Boy]

good ideas here.

i've skimmed lightly through the thread

and i have to say this about the "make an xbox live server" part: you won beable to build a live server from source.

you will have to steal it.

I say "go for it" and good shit seems to happen. (ldots, fbl) i saw tomilius initial thread cited as proof that anything is possible. well. PBL modifications where never  thought to be impossible, just none did it.
what i have to say here is: are you insane?

Check one:
( ) yes
( ) no
( ) maybe

now about the exploit part...:

this seems possible and this is how it looks like it will happen

set up dhcp on xbox
dhcp server on computer defines itself and gateway and dns
upon dns query, computer establishes itself as all nessesary domains. (*.xboxlive.com)
xbox auths with computer
xbox says "i have dash XXXX"
pc says "well i have dash 9999, you better download it"
dash 9999 is really the exploit files

so....

we need a
dhcp server
dns server
xbox live info intperation and response mechanisms
update system spoof.

i guess the dhcp and dns servers should be easy

the update and live protocols should be able to be spoofed with some dcrypting, hacking and sniffing...

[fghjj]

QUOTE

Nope. It connects directly to AS.XBOXLIVE.COM

I don't know where (not at home currently) but in the .xbe I tested some string formatting was done in the form of tgs%s.xboxlive.com and I can imagine it being some game ID or something.

QUOTE

Installing a Modchip is no more illegal then what we are doing with this.

True, true, I thought I remembered a very relevant lawsuit on this (setting up custom server so you don't need to use server of game-developer-company), but I can't find it anymore.

QUOTE

and i have to say this about the "make an xbox live server" part: you won beable to build a live server from source. you will have to steal it.

I don't know do Live servers simply cast game data to all clients (universal server app for all games) or does every title come with its own server (then we might as well forget about the whole thing )?

[Chicken Scratch Boy]

it could be a relay type thing, but i assume that it uses a universal protocol to wrap the data.....

<insert shitty explaination here>\


good luck on that

[SargeZT]

I totally agree with CSB.  It's going to be virtually impossible to recreate the live servers.  However, the Update idea is what I'm working on right now.   I gotta go to work right now, but I'm going to work on it when I get back.

[remedee]

QUOTE

set up dhcp on xbox dhcp server on computer defines itself and gateway and dns upon dns query, computer establishes itself as all nessesary domains. (*.xboxlive.com) xbox auths with computer xbox says "i have dash XXXX" pc says "well i have dash 9999, you better download it" dash 9999 is really the exploit files

I'm not sure I get how this would be relevant. You would need to modify the original xbe files to begin with so that they could connect to your internal servers rather than the actual xbl servers. You would also need to be running an exploit or chip for those xbes to run as well. This is where the idea for the patcher comes in. Something to modify the required files, then you'd run xbl as usual from within a game etc.

CSB, I've read some of your other posts etc. and respect your opinion, I think I'm just missing what exploited files would be need to be downloaded if they'd already need to be modified to make the connection in the first place.

I haven't seen any response to it, but has anyone else considered the idea of the modified bios/kernel patcher? I still don't know that it would work at all, but it did seem like something worth taking a look at.

[Chicken Scratch Boy]

[b01]

QUOTE (fghjj @ Aug 29 2004, 02:30 PM)

I don't know do Live servers simply cast game data to all clients (universal server app for all games) or does every title come with its own server (then we might as well forget about the whole thing )?

  I also belive it is a relay system, if M$ came up with a universal server for games of ALL types, they would be this SHIZNIT.

With PC games, every online games comes with server version. The server version is NOT for game-play and can only be used to run a server.

Now the question is this: Is the server version on the disc with the game title,  or is it on the MS Live servers.

If they are on the disc, then there would not be much use for a M$ Live Server other than to relay the packages from one XBOX to another Xbox.

It makes more sense to me that M$ has the game creators make a server for their games which is to be hosted on a Live server. This would mean the Live service is just a bunch of computers running XBOX title game servers, and that when you connect to Live  it is similar to connecting to XLink Kai. you join a chat room,  meet someone and start a game.

To run Live this way would take WAY TOO MANY severs. So I propose that M$ Live is run exactly like XLink Kai. XLink Kai is just a chat room to meet gamers. When two gamers are ready to play, it tells one of the XBOXes to start a game/server (on player 1s Xbox), then tells the server that another player will join (player 2s Xbox).

(If this is in correct, someone from Team XLink correct me. )

This way M$ can untilize the power of the XBOX instead of having to spend tons of money on computers that will run the game servers.

I theorize that XBOX Live is nothing but a credit card charging MSN Messenger!  Basically charging people to connect over the internet. It's probably not any different than the xbox system link.

QUOTE

Chicken Scratch Boy:  read the fscking post.

Chill out! Don't go pecking ppls eye out becuase they didn't understand your chicken scratch.

[Chicken Scratch Boy]

[The_Truth]

 if further assistance is needed from the "Creator" i will try to contact him.