xboxscene.org forums

Author Topic: Star Wars Trilogy Exploit  (Read 71 times)

Kthulu

  • Archived User
  • Hero Member
  • *
  • Posts: 787
Star Wars Trilogy Exploit
« on: September 23, 2004, 12:34:00 PM »

trying to organize threads a little here.  please post discussions of possible exploits related to the default.xbe on the Star Wars Trilogy here.
Logged

bellum80

  • Archived User
  • Newbie
  • *
  • Posts: 9
Star Wars Trilogy Exploit
« Reply #1 on: September 23, 2004, 12:54:00 PM »

:rotfl: Just to make sure this updating dash thing won't effect my hard-modded Xbox right?  I can play the starwars dvd on my hard-modded xbox?   I've been in like 3 different topics and am now totally confused
Logged

total_ass

  • Archived User
  • Hero Member
  • *
  • Posts: 1201
Star Wars Trilogy Exploit
« Reply #2 on: September 23, 2004, 01:00:00 PM »

yeah hard modded xboxes with flashed mochips do not need to worry about any updates whatsoever, as MS can never stop your bios from loading.

what i want to know is if the latest dash installed with UDE will run this, because in theory it wouldnt check for fonts then. please someone with 5906.03 and ude confirm that this works.
Logged

Kthulu

  • Archived User
  • Hero Member
  • *
  • Posts: 787
Star Wars Trilogy Exploit
« Reply #3 on: September 23, 2004, 01:57:00 PM »

QUOTE (total_ass @ Sep 23 2004, 02:27 PM)
yeah hard modded xboxes with flashed mochips do not need to worry about any updates whatsoever, as MS can never stop your bios from loading.

what i want to know is if the latest dash installed with UDE will run this, because in theory it wouldnt check for fonts then. please someone with 5906.03 and ude confirm that this works.

but you do have to worry about your xbox getting banned from xbox live (i think) unless you have a bios like x2 4980 or above
Logged

total_ass

  • Archived User
  • Hero Member
  • *
  • Posts: 1201
Star Wars Trilogy Exploit
« Reply #4 on: September 23, 2004, 01:59:00 PM »

yeah the x2 bioses have xbox live blockers fortuantely, though you would need a modchip with an on/off switch in order to use Live.

anyway someone please anwer my question, i've asked it about 5 times now!!!!!
Logged

John Hoek

  • Archived User
  • Jr. Member
  • *
  • Posts: 84
Star Wars Trilogy Exploit
« Reply #5 on: September 23, 2004, 02:52:00 PM »

QUOTE (total_ass @ Sep 23 2004, 09:26 PM)
yeah the x2 bioses have xbox live blockers fortuantely, though you would need a modchip with an on/off switch in order to use Live.

anyway someone please anwer my question, i've asked it about 5 times now!!!!!

Quote


At this moment?!
We just do not know!  :blink:

First we have to check if those found .xbe's are exploitable.
It is NOT just enough that the hashing and headersettings are ok; ALSO there must be 'holes' into this .xbe which are exploitable, like the fonthack.

More study has do be done here. But there is already been working on it.

Let's all help, and find more of this kind of videoDVD's with xbox content.
Hopefully, there is an very usable .xbe file to find there....


I thoght for instance for 'Lord of the Rings' for instance?! Was there also not xbox info on it placed?

Logged

Disabled

  • Archived User
  • Newbie
  • *
  • Posts: 4
Star Wars Trilogy Exploit
« Reply #6 on: September 23, 2004, 06:12:00 PM »

I googled about an hour for more video DVDs with Xbox content and the only thing I found besides SW and Hulk ist the upcoming DVD of Riddick being released in november...
http://www.dvdfanatic.com/news.php?id=0409084
Logged

JimmyGoon

  • Archived User
  • Full Member
  • *
  • Posts: 210
Star Wars Trilogy Exploit
« Reply #7 on: September 23, 2004, 07:22:00 PM »

Quick question.... IF you burn a straight copy of this game... and use it in an xbox with a GOOD dvddrive.... will it play the game...

IF so.... then WHY CAN'T we just change the files it unpacks and updates the dashboard with to a dashboard .xbe file with UDE exploit put in.


clarification edit: If the default.xbe rewrites the other files to the xbox then why can't we throw in some font folders and waalaa. I think this is interesting and if anyone could stoop to "stupid n00b" level for a minute that would be great! BTW: I
m not a stupid n00b. LOL

This post has been edited by JimmyGoon: Sep 24 2004, 02:32 AM
Logged

jimmsta

  • Recovered User
  • Full Member
  • *
  • Posts: 121
Star Wars Trilogy Exploit
« Reply #8 on: September 23, 2004, 08:50:00 PM »

it wouldn't matter. What we would still need is M$'s RSA key to sign the xbe's...  this is because the dvd that you'd make is not the original dvd that contained the original xbe. This reason has been stated multiple times already, if not hundreds of times over the past few years of xbox modding...

If it were possible to modify data on a pressed DVD, then yes, maybe... but the xbe's would still be unsigned, so... no, it wouldn't work. sorry to get your hopes up.

;(
Logged

Mr Ed

  • Archived User
  • Hero Member
  • *
  • Posts: 1739
Star Wars Trilogy Exploit
« Reply #9 on: September 24, 2004, 01:21:00 PM »

Are these:

CODE

#define XBEIMAGE_MEDIA_TYPE_HARD_DISK 0x00000001
#define XBEIMAGE_MEDIA_TYPE_DVD_X2 0x00000002
#define XBEIMAGE_MEDIA_TYPE_DVD_CD 0x00000004
#define XBEIMAGE_MEDIA_TYPE_CD 0x00000008
#define XBEIMAGE_MEDIA_TYPE_DVD_5_RO 0x00000010
#define XBEIMAGE_MEDIA_TYPE_DVD_9_RO 0x00000020
#define XBEIMAGE_MEDIA_TYPE_DVD_5_RW 0x00000040
#define XBEIMAGE_MEDIA_TYPE_DVD_9_RW 0x00000080
#define XBEIMAGE_MEDIA_TYPE_DONGLE 0x00000100
#define XBEIMAGE_MEDIA_TYPE_MEDIA_BOARD 0x00000200
#define XBEIMAGE_MEDIA_TYPE_NONSECURE_HARD_DISK 0x40000000
#define XBEIMAGE_MEDIA_TYPE_NONSECURE_MODE 0x80000000
#define XBEIMAGE_MEDIA_TYPE_MEDIA_MASK 0x00FFFFFF

The same as these:
CODE

XBE_MEDIA_1LAYER_DVDROM
XBE_MEDIA_2LAYER_DVDROM


And are all these the same thing as a booktype?  

If so, couldn't I hack my Pioneer's firmware to make all discs say
CODE
XBE_MEDIA_2LAYER_DVDROM
no matter what they were?  That would let me use an XBE without having to change the media flag, and breaking the signing of the app right?

This post has been edited by Mr Ed: Sep 24 2004, 08:21 PM
Logged

Kthulu

  • Archived User
  • Hero Member
  • *
  • Posts: 787
Star Wars Trilogy Exploit
« Reply #10 on: September 24, 2004, 01:36:00 PM »

yes and no

XBE_MEDIA_1LAYER_DVDROM
XBE_MEDIA_2LAYER_DVDROM

corresponds to this

#define XBEIMAGE_MEDIA_TYPE_DVD_5_RO 0x00000010
#define XBEIMAGE_MEDIA_TYPE_DVD_9_RO 0x00000020

when the xbox detects the media, it looks at the physical properties of the disc (reflectivity, layers, etc)  AND the book type.  they are two separate things that used by the xbox to classify the media it detects.
Logged

Kthulu

  • Archived User
  • Hero Member
  • *
  • Posts: 787
Star Wars Trilogy Exploit
« Reply #11 on: September 24, 2004, 01:40:00 PM »

QUOTE
If so, couldn't I hack my Pioneer's firmware to make all discs say
CODE 
XBE_MEDIA_2LAYER_DVDROM 

no matter what they were? That would let me use an XBE without having to change the media flag, and breaking the signing of the app right?

prolly, but then you have to find xbes that are media flagged and signed to run from those medias.  most xbes are signed to run from

#define XBEIMAGE_MEDIA_TYPE_DVD_X2 0x00000002
Logged

Kthulu

  • Archived User
  • Hero Member
  • *
  • Posts: 787
Star Wars Trilogy Exploit
« Reply #12 on: September 24, 2004, 01:51:00 PM »

ah, but that has me thinking...

what if XBEIMAGE_MEDIA_TYPE_DVD_X2 is just a XBE_MEDIA_1LAYER_DVDROM  or XBE_MEDIA_2LAYER_DVDROM  with a special book type....

instead of changing the book-type of a DVD+R disc to DVD-ROM, what if you could change the book-type to XBOX-DVD (or whatever it is supposed to be)...???

that makes me want to find out where exactly the book-type bits are on a dvd and read them off of an xbox disc.  then create a hack that changes the book-type of dvd+r to match...but i don't know how :(
Logged

jimmsta

  • Recovered User
  • Full Member
  • *
  • Posts: 121
Star Wars Trilogy Exploit
« Reply #13 on: September 24, 2004, 10:39:00 PM »

I'm beginning to think that the only reason why no one has gotten an xbox dvd-rom drive to read discs in a pc is because the EEPROM in the xbox dvdrom drives requires a key, just like the harddisk key... if not the same exact key.

I believe this might be the only reason why we can't go ahead and read xbox game dvds using an xbox dvd drive in a pc...

Thus, if the xbox dvdrom drive is locked, media cannot be read, and the drive cannot be recognized in windows....
Logged

Mr Ed

  • Archived User
  • Hero Member
  • *
  • Posts: 1739
Star Wars Trilogy Exploit
« Reply #14 on: September 25, 2004, 01:07:00 AM »

I don't know what you mean but there is a 2048bit encryption key stored on the XBOX motherboard that is used to read DVDs.  Operation Project X was all about trying to crack it.

Anyway, until we get that key we won't be able to read DVDs in anything but an XBOX.

Now, that's not what I care about right now because unless someone can sneak that key out of MS or reverse engineer it then that is hopeless.  What I am interested in is, can I find a way by a combination of manipulating the booktype firmware on my burner and leaving the .xbe files signature intact, to burn a DVD that does NOT require a modchip or softmod to playback.

You would still need a modchip to extract the game, but if you owned other XBOXs you wouldn't have to mod them to play backups.  :unsure:  
Logged