Print

[EthanHunt_IMF]

QUOTE (Kthulu @ Sep 28 2004, 03:00 PM)

were there any old dashboard versions that did not look for fonts specifically the C partition, but in their immediate directory? is there any possibility whatsoever of injecting the code from one of these dashes into 5680 and still maintaining a valid signature on the xbe?  thereby, allowing us to font-exploit completely from dvd? i'm way over my head here, but here's an illustration of what propose: |5680 signature|5680 media flags|5680 code| replaced with... |5680 signature|5680 media flags|5680 code^4034 code^5680 code| prolly not as it would be the same as hexediting the the dash to the proper media flags, right?

until that SHA1 collision stuff from the other thread gets worked out, editing a single bit will invalidate the signature and a retail bios will tell you to go to hell

[PedrosPad]

QUOTE (total_ass @ Sep 28 2004, 06:57 PM)

it doesn't look like this hulk exploit is going anywhere. do you guys have any other leads?

Always

[farbird]

If this xboxdash or default.xbe can be exploited.. the outcome might not be that advantageous..

There are people whom are doing mass piracy with dvd printing machines.. with this exploit, they can just plug this exploit in and the games will run, without even requiring the set to be modded... [ that is assuming that the xbe can be exploited and the fonts can be placed in the dvd and that it calls for the game xbe to be loaded...

this will mean an end for those whom do softmods... and the last person laughing loudest will be the pirates..

but then again.. .that is my opinion...

I feel that a mod must be only able to be done by someone whom have the technical knowledge...

This xbe run from media exploit might just be the killer.

[triggernum5]

I sure as hell wouldn't pay some dumbass for a bootleg game..

But your vision is looking a bit unrealistic, the utopia disc everybody except you wants seems to be out of reach..

[farbird]

don't get me wrong..
I am excited about this also..
I hope to see it being able to run..

but my worry is in the long term..

no hard feelings....

[Chicken Scratch Boy]

QUOTE (triggernum5 @ Sep 29 2004, 12:54 AM)

But your vision is looking a bit unrealistic, the utopia disc everybody except you wants seems to be out of reach..

lets just see what the UXE is...

[total_ass]

yeah perhaps the uxe can be enginerred into a boot disc somehow

that's just a guess though..............

[triggernum5]

If its what I think it is then we'd still need to tinker with the hdd before being able to pop in a dvd and run the exploit.  Not too handy for ntsc ppl.. but believe it or not, there are more than just americans on this planet..
On the otherhand..  if they put a utopia type disc in my hands I'll be man enough to bow in respect..

[Kthulu]

i've seen it.  it's exactly what they say it is in the thread.  it's a multi-region version of UDE...that also works on 5713+ kernels.  it's not a boot disc.

[eh.]

@joop: no exploitable flaws were found in any of the other four, alas eh.

[eh.]

(Although it might well prove to be pointless, I'm still having fun with this - via DVD based tests now eh... )

A question was raised (here) about the 5680 dash .wav's and so far as I could tell, the 5680 dash only gets its .wav's from within the C:/Audio directory tree ... I had them placed everywhere it might reasonably look for them on the DVD and renamed C:/Audio ... silence resulted (as per the 4920 dash) eh!

Additionally, I confirmed the 5680 dash doesn't run at all when two of the .wav's were renamed to eack other (whereas the 4920 didn't seem to care about that).  However, if individual .wav's were renamed 5680 didn't mind (so if they're present in C:/Audio it pre-validates them, otherwise it's not concerned) eh.

Interestingly, there seemed to be 3 more .wav's in 4920 than there are in the 5680 manifest ... maybe they provide an opportunity for a potential wav hack (but since that would need to be via the C:\ drive, it's unlikely to be worthwhile anyone pursuing it) eh?

[John Hoek]

quote:
Interestingly, there seemed to be 3 more .wav's in 4920 than there are in the 5680 manifest ...
unquote:

If you place this 3 .wav files on DVD and erase them on HDD;
does the dash also not load them from DVD?
It is possible that the dash needed certain .wav files on a spcific location on HDD; hense it even checks if they are not renamed.

Maybe this 3 files are not checked by the dash and yet working from dvd.

Can you test that also?

[PedrosPad]

QUOTE (eh. @ Oct 5 2004, 08:41 AM)

so far as I could tell, ....

eh., sounds like you're doing excellent research.

[eh.]

QUOTE (John Hoek @ Oct 5 2004, 01:08 AM - request)

Maybe this 3 files are not checked by the dash and yet working from dvd. Can you test that also?

I've tried a number of things and these three .wav files are almost certainly not being used by the 5680 nor the 4920 dash (and presumably that's why the 5680 manifest doesn't include them) eh:

C\Audio\AmbientAudio\AMB_EC_Voices13.wav
C\Audio\MusicAudio\Games Info Screen In.wav
C\Audio\MusicAudio\Games Info Screen Out.wav

Instead of the latter two, they use C\Audio\MusicAudio\Games Info Screen {In|Out} MSurr.wav (and all four work fine when substituted in the 4920 dash, but 5680 only runs when the correct MSurr pair are on the C:\ drive) eh.

[devz3ro]

Since it was proven that this mysterious dash (5680) still suffers the audio exploit, I believe we could still make something of this. Probably rmenhal can help determine whether this is possible or not since he was the one who re-created the st.db.

Would it be possible to create a audio cd in such a way when copying the audio track, it creates your hacked st.db onto the hard disc? I'm pretty sure this has been discussed before, forgive me if this was already proven false.

If true, we would have a 'utopia-like boot disc'

Sure it would be a few finger-presses, but you would only need 1 cdr and 1 dvd+r to have a modded xbox.

Just some late-night brain cells floating around.

-devz3ro

EDIT:

What I had in mind was after the st.db was copied, and audio exploit launched it would:

1. Execute d:\root.xbe (a habibi signed metoo).
2. Have metoo load a BFM bios, and run d:\root\default.xbe (homebrew) first.