Print

[xboxmods2977]

QUOTE(Movax @ Jun 24 2011, 04:38 PM)

I thought about redundant patching, but my understanding is that the code contained in the font exploit patches the four bytes I have patched (that is all I have patched thus far). Therefore nkpatcher should be getting the same kernel it would have gotten from retail+exploit.

Ok. Sounds good. So, lets explore our options. Possibilities? The only 2 are these:
1. Have you chosen the correct softmod bios for NKPatcher to load according to your kernel? (probably. SO,)
2. If so, let's go back a little further.

What you say above is true, so your setup may/must vary from a natural retail+exploit environment somehow.
Could there be any remnants of 4981 leftover in memory after PBL has loaded 4817? We know that BFMs do not overwrite all of the bios in ram.

That's all I have got.

[Movax]

I did use the correct exploit, maybe try everything again step by step really carefully..only possible wild card is I am using Linux.. I'll try again from Windows in a bit. (All the windows tools were run in wine.)

[Movax]

I re copied over some of the files, re encrypted the bios, etc from windows, no obvious change.

BUT, if I rename the ndts folder to dash and have it as my dashboard I can launch other apps and my IGR works perfect (and is really fast! I was using IND before this).

A clue?

.. Oh I see PBL is there.. still.. is this helpful?

[Heimdall]

Yes and no. ndts uses PBL to load Frosty's hand hacked Evox M8 BIOS before it loads UnleashX. In other words, it sounds as though you're loading a different BIOS, which is why it's working. Is the LED red?

[Movax]

Yep.. red LED, (..and my green is working properly.) My best idea with my limited experience is to try and dump the kernel from RAM and take a look.. compare to the kernel image I patched.

[Heimdall]

Excellent cross-reference

Yes, that means your system is working because you're reloading a different BIOS.

[Movax]

I dumped the kernel right after the BFM was loaded - I chained the dumper as xboxdash.xbe. I see the four bytes I patched, but, while overall very similar, there are tons of differences between this and the kernel image I started with, besides the obvious huge filesize difference. Why does the extacted kernel image have a filesize of over 600Kb while the dumped kernel is 262,144 bytes?

Any insight appreciated.. does this info help?

[Heimdall]

The extracted kernel is uncompressed, the BIOS is compressed.

[xman954]

QUOTE

My theory to be confirmed by xman954/Movax:
1. BFM bios was patched to execute habibi signed XBE, ie the dash, or first XBE.
2. When nkpatcher loads, it no longer finds the byte sequence hence no more patching of public key.

#2

QUOTE

Excellent cross-reference  
Yes, that means your system is working because you're reloading a different BIOS.

that version of dash is habi signed

try signing one of your game xbe's

the loading of BFM stock bios may have different offset in mem that nkpatcher is unable to calculate for some reason or it's fixed
the 4 bytes patched are the same that ernie.xtf does

i think the direction to go is:
patch the 4 bytes
and flash it to a chip that has 2 or more banks
and see what happens
that will confirm some things

also dumping the kernal on a normal softmoded xbox
then again after PBL reloads it

[Movax]

I can't seem to build a retail bios after patching .. xbtool crashes.

Any help welcome.

[kingroach]

I haven't read all the posts but did you try Ind-Bios 5003. It allows you to load a bfm bios so you dont need to use pbl loader. Flash the 5003 bios to TSOP and place stock bfm bios in c:/xboxrom.bin.