Print

[forgreatjustice]

QUOTE

why not attempt to write an xbox program that would send the official BIOS when queried by AS.XBOXLIVE.COM instead of the modded one?

we can't run 2 xbe's at the same time
the xbox is not designed to

QUOTE

why are softmodders still banned?

because softmods still patch the bios or replace it in memory

[LordHomer]

I could be wrong, but I believe that it is possible to create a Terminate-and-Stay-Resident type xbe, in the style of a memory patch.
Could it be done the way Nkpatcher patches active memory??
Is it then possible to have that send the original bios from the box?

Of course this theory, if possible could instead be applied to patch all xbox live games run after this 'patch' to point not at AS.xxxx.xxx  but some other user defined place?

[Trisman]

Or could you have a bios that is actually two bios's the first that is actually run, and a second that is sent when queried by as.xboxlive.com.  Two 256k bios's merged into one 512k image.

[John Hoek]

xbox Live checks you're bios-hash/version ms signed, serialnumber, MAC adres and latest dash ms installed.

>> What we can change is our serial and MAC adres.
>> MS dash and kernal checking could be fouled, AS LONG AS YOU'VE TOTAL CONTROL OVER YOU'RE XBOX.

They only thing we should foul, is basicly the program dashonline.xbe, because
those program is sending all the information to MS, whch we don't like.

So like i mentioned before. as long as our own patcher is running, we could emulate the xboxonline.xbe in such a way (Build into the patcher itself!), that it has exactly the same xbox state, just before it sends info to MS.  then let it send the info we want it to, and after this, we jump further into the REAL xboxonline.xbe, so that furthger execution is done there.

In this case, always 1 program is running, and it's ours

[John Hoek]

 

[Chicken Scratch Boy]

QUOTE (Makhno @ Sep 19 2004, 08:13 PM)

someone really needs to establish a team of people who are capable of pursuing this task.

do we have a volenteer?

(i mean you!)

[John Hoek]

And if you were smart, you take dash 4920 as the standard base.

the reason is that those are best known, there are less checks inside for exploits, modded executables, fonts etc.  But all standard functions and procedures, hashing checking etc. are build-in already.

It should be easier to mod those programversion then the newer ones.

Just my 2cc

[PedrosPad]

QUOTE (John Hoek @ Sep 19 2004, 12:10 PM)

The problem what i've seen here with the hacks so far is, that everybody makes the mistake; because they want te revert the state of Xbox 100% back to orginal, so that original dash is running, with retail bios etc.

There is a reason for this.  M$ has the ability to included new, M$ signed, executable code in the XBL exchange at any time.  This means that they can add additional XBOX machine checks, or HDD checks as frequently as they like.  They can even re-code this routines as often as they like (negating fingerprinting-style identification).  If the XBOX doesn't respond as expected, they can ban it.  A lot of XBOXs could be banned instantly, before any patch maintenance is performed to work around it.

[John Hoek]

QUOTE (PedrosPad @ Sep 20 2004, 11:51 AM)

There is a reason for this.  M$ has the ability to included new, M$ signed, executable code in the XBL exchange at any time.  This means that they can add additional XBOX machine checks, or HDD checks as frequently as they like.  They can even re-code this routines as often as they like (negating fingerprinting-style identification).  If the XBOX doesn't respond as expected, they can ban it.  A lot of XBOXs could be banned instantly, before any patch maintenance is performed to work around it.

[PedrosPad]

QUOTE (John Hoek @ Sep 20 2004, 01:15 PM)

As long our OWN program fouls XBOX live, they can want to try to let you update dashversions or whatsoever. But our OWN program desides also what to install and to execute. It just have to 'tell' XBOXlive servers, that we using alway use the latest dashversions.

I'm not talking about forcing whole XBE upgrades- this a network packet level call and response thing.

XBL server sends out completely new executable code packet.
The XBOX's installed 'XBL monitor' doesn't recognise the new packet
Either
it doesn't execute the code in the packet (ignores), meaning the XBL server won't get the response it's expecting from a legitimate XBOX = Ban.
or
it does allow the code to execute - the code scans memory/HDD (both?), reports this to the XBL server = Ban.

[Trisman]

PedrosPad brings up a good point, any way we figure out to get onto Live! with a modded box would soon be closed as they can upgrade security on all Live! boxes as much as they please.  So therefore, we should probably spend our time coming up with a Live! server that we can use and setup on anyone's computer.  To do this we should first start a team, and get everyone to post every bit of technical knowledge we have on the Live! servers.

Edit:  I don't know how much of a help i would be on a team however; 95% of my programming experiance is in Java.  It is close to C and C++ but its just diffrent enough (big-endian, lots of helper classes), that I would have to spend a lot of time learning those, as those languages, possibly combined with assembly, would likely be what composes the components of the server.

[PedrosPad]

QUOTE (LordHomer @ Sep 22 2004, 04:29 PM)

There are by far many more advantages to having control and development over our own servers for this. This way we are innovators, not just crackers.... There is little reason to connect to m$ live if this is successul, we'll find far more people playing with us then with them.

Forgive my ignorance, but isn't this roughly what XLink Kai does?

Kai claims to have chat and buddy lists, etc. - like XBL.

[John Hoek]

Also it's reasonble that more and more games in future are only Live enabled and multiplayer don't integrated anymore.


Patching an executable online.xbe is possible WITHOUT change to be banned from MS.
Every time you connect to Live server, the first thing is asking for an update available yes/no?
-> if No, then execute further and ''fool''  Live server with wrong correct info.
-> if Yes, MS wants to update with a patched (online-)dash, we take the download
   as normal and patches our own program, so that the next time XBOXLive is blocked, ie. NO connection anymore. So banning is outv of the question then.

In the last case, this user with a hacked livedash, must wait for an updated version of Fool_Live_server_online_dash.xbe and playing cat-mouse is started again.

[PedrosPad]

QUOTE (nprice @ Sep 22 2004, 10:22 PM)

Just because the XBL server doesn't get a response doesn't mean you are running a modded xbox. You think you would get banned if a computer between your xbox and the XBL server goes down suddenly? Or your power goes out? Or maybe your xbox freezes. What I'm getting at is there is no way to guarantee the delivery/return of packets. MS would most likely not be able to ban your EEPROM for this. Just have our hack let the user know that XBL is attempting to run new code.

Very fair point.  But in event of a lost packet, the most likely course of action would be for the XBL server to retry.  So if the 'XBL monitor' never responds, XBL won't progress any further.  So, while not a ban, not much use either.

[LordHomer]

Forgive my ignorance PedroPad, but does Xblink connect 'Live Enabled' only games (not system link)  
Cause you are right, this is like Xai, but for Live only. If that already exists, oops... thats all I was ever hoping this thread would do.