Print

[HoRnEyDvL]

Im wondering if it will be possible 2 get our lil hands on the signed code m$ uses or crack1 so ppl wont need modchips any more any 1 got any theries , tips , sugestions , or ideas plz post them bellow trying 2 get a collection see if that can assiest any 1 crack this sucker.

[anticol]

Even a distributed app will be painfully slow.

It is a better idea to look for weaknesses in code that has already been signed than to try and sign our own code.

The code that a game runs accounts only for a very small proportion of the game it self. There are many files that a game must load and process. An attack that is likely to work would be a modified file (Possibly a saved game since these can be transferred by memory card) that when loaded causes a section of the game's code to be overwritten with some predictable results. If this can be done then we could feasibly take control of the system.

A good method for attack may be to monitor the kernel calls made by a program while a saved game is loading. The intention would be to alter the save file so that memory is allocated in such a way that we overwrite some code.

Ideally we would want to be able to control an applications calls to MmMapIoSpace() to allow us create a mirror of some memory (the program code) at a location that we could write to as part of the file load.

All said and done we still need a vital component, a vunerable xbe.