Print

[scotty2hotty1124]

http://www.xbox-scen....php?p=151|#151

[lusal]

<floors the sarcasm pedal>

Way to resurrect an old thread with an offtopic, bannable request.

<let's off the pedal>

You twat.

Go to the tutorial section and read about 'the usual places'.  Xbins - ask for it by name.

[XanTium]

I recompiled the xbedump of Xbox-Linux (http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/xbox-linux/xbedump/) with the key released in this XBH thread. This should allow you to boot any xbe with the 007:AUF gamesave trick.

http://dwl.xbox-scen...xbedump-007.rar (for linux)

I managed to boot evox resigned with the program above - so the trick works.
I can't boot a 2nd .xbe from evo-x (I get the 'xbox needs service' screen).
Maybe if I also sign that 2nd .xbe with the program it might work ...


A really nice trick - now you can boot evo-x and probably also other homebrew software without the need to open your xbox.
It will also make it easier for those that want to flash their TSOP (it will still require to solder some jumpers - but now you are able to flash with evo-x instead of with xbox linux live and raincoat).
It will ofcourse never be the same as modchip: no direct boot - you will always have to go through the 007-game and saved game loading , you have to buy 007:AUF and USB Xbox Memorycard (which is more expensive then a modchip), it doesn't have special features like the modchip bioses (HDD swap , no patch hack , eject fix/trick , debug xbe , ...) and right now it's unknown what will all be possible to boot (also larger programs ?).
Also for those who wonder: right now it's not possible (yet) to boot backup games - they are expecting to work from D:/ and you can't swap DVD during the trick (orignal bios resets on eject).

Let me know if you tried this trick and what are your findings.

[BiMP]

I can verify it does work and I will be releasing a video later on for proof.

Also the Evox team should consider using this signing code to somehow 'sign on the fly' (technicly not sign, but still) allowing non-mod users to run any XBE from Evox using this trick.

Also I plan on testing xbox-live with this as soon as a win32 port is made (or I install linux to use the program)

[XanTium]

From the information I got the 007trick patches the kernel in memory.
So a crc-check will probably fail and xlive won't work.

Anyway - I don't see how it would be possible to boot a game with the 007trick atm ... bios make it possible games don't run from D:/ ... but with the 007trick it won't work from HD. (it will look for files on D).

You also can't swap DVD ... the xbox resets on eject.

[dankydoo]

Here is a windows port of xbedump.....

http://www.console-g...bedumpwin32.rar


Thanks,

dankydoo

[BiMP]

!--QuoteBegin-XanTium+Jun 16 2003, 07:14 PM-->

QUOTE (XanTium @ Jun 16 2003, 07:14 PM)

From the information I got the 007trick patches the kernel in memory. So a crc-check will probably fail and xlive won't work. Anyway - I don't see how it would be possible to boot a game with the 007trick atm ... bios make it possible games don't run from D:/ ... but with the 007trick it won't work from HD. (it will look for files on D). You also can't swap DVD ... the xbox resets on eject.

As for patching the kernal.. I have no idea

But it is possible to still rip games with Evox FTP and then have a built in Evox patcher to 'patch' the game executable to be launched from Evox (as Evox was launched from 007)

Evox is fully functional when run via the exploit, except you can't launch anything... So you can still access your Xbox and format drives.

[BiMP]

QUOTE (dankydoo @ Jun 16 2003, 07:17 PM)

Here is a windows port of xbedump..... http://www.console-gods.com/xbedumpwin32.rar Thanks, dankydoo

It's 404

So I decided to goto the home page and the link there worked

http://www.console-gods.com/xbedumpWin32.rar

This post has been edited by BiMP: Jun 17 2003, 01:22 AM

[stealth]

I believe on the xbox-linux mailing list, asterisk mentioned that he figured out how to stop the xbox from rebooting on eject, even after an app w/o the appropriate media flags had been launched.

Also the hack does patch the xbox's public key in memory.  That will last until a reboot.  Evox surely can launch any other app signed with that same key.

[BiMP]

Unfortunetly, the Win32 signer isn't working.

Signing boxplorer works but then when I verify it:

----
XBE Dumper 0.4-BETA Developer Release
Using Linux Test Keys
Magic XBEH value:      pass
Header Size:           pass
Image Base Address:    pass
Certificate Adress:    pass
Certificate Size  :    pass
Section Address:       pass
Debug Address:         pass
Kernel Entry:          0001C3C1  (KEY: A8FC57AB)
Kernel Thunk Table:    00079A00  (KEY: 5B6D40B6)
Section:  0 Hash:      pass
Section:  1 Hash:      fail
Section:  2 Hash:      pass
Section:  3 Hash:      pass
Section:  4 Hash:      pass
Section:  5 Hash:      pass
Section:  6 Hash:      pass
Section:  7 Hash:      pass
Section:  8 Hash:      pass
2048 RSA Signature:     CF317FC0AE03ABE97387AFDABD01F34EE90D89568135C51ABC77CF3006B3325EF39399BA637DDFD9
37
CEC990EFB099C112D84F2DE95F6ED835C05C541D6117E32D2AF4B4F755444147E6338DADD6F656EA
A5
B030A79F41B19B58E98017F3E2A79D3FFC52CC8120FC408AB404627C7AFA3831BBAC48C002309DD0
80
E2ECD2FE583AF36811489620478798BDB610FD1FEE68D37DB41BF5A87403BA82E2179D0B08617A55
1A
249FB34C111C1ED970D401E87CED51B2A25FA660B815344C51C41D5E4AD5F2221A132B399BB65D12

CF24AFC4E14CFAD87493CFE65E9E0E18A1BAD66CC7363D71C0E415D51A2FC055856B588798E106A7
F7
EBEBCA0F0EF86533AAD214fail

XBE file integrity:    FALSE !!!!!!! FALSE !!!!!

------

this also occurs with other xbe's such as XBMP


Edit: Fixed post

Edit again: just tried signing Evox, still fails

Edit yet again: XanTium, I suggest you try it before posting it

I believe its the win32 patcher  

This post has been edited by BiMP: Jun 17 2003, 01:40 AM

[dankydoo]

I've verified it on three different xbox's

I've not sure if you are doing something wrong or what, but it definitely works.


dankydoo

[XanTium]

it looks like it's just the verify that has a problem.

I signed a xbe with the win32 app , and it verified OK with the linux app.

[BiMP]

!--QuoteBegin-dankydoo+Jun 16 2003, 07:47 PM-->

QUOTE (dankydoo @ Jun 16 2003, 07:47 PM)

I've verified it on three different xbox's I've not sure if you are doing something wrong or what, but it definitely works. dankydoo

Well I signed the XMBP app and tried to launch it

no go

i think the signer has problems with XBEs that are bigger?

[BiMP]

!--QuoteBegin-XanTium+Jun 16 2003, 07:51 PM-->

QUOTE (XanTium @ Jun 16 2003, 07:51 PM)

it looks like it's just the verify that has a problem. I signed a xbe with the win32 app , and it verified OK with the linux app.

Did you try the win32 verify?  all you said was you signed it in win32 and verified in Linux

if the win32 verify fails on it, then thats the problem

but if it works, then im not sure what im doing wrong but it isnt verifying correctly

[dankydoo]

Make sure you are verifying out.xbe......that's the file generated by the program.  And I haven't heard of anyone being able to get XBMP to work yet....


C:Documents and SettingsXXXXXXXDesktopxbedumpWin32Release>xbedumpwin32 d
efault.xbe -sign
XBE Dumper 0.4-BETA Developer Release
Using Linux Test Keys
Magic XBEH value:      pass
Header Size:           pass
Image Base Address:    pass
Certificate Adress:    pass
Certificate Size  :    pass
Section Address:       pass
Debug Address:         pass
Patch XOR Keys
Kernel Entry:          00012A17  (KEY: A8FC57AB)
Kernel Thunk Table:    00000000  (KEY: 5B6D40B6)
Section:  0 Hash:      pass -> corrected
2048 RSA Signature:    010000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000000

00000000000000000000000000000000000000000000000000000000000000000000000000000000

00000000000000000000000000000000000000000000000000000000000000000000000000000000

00000000000000000000000000000000000000000000000000000000000000000000000000000000

00000000000000000000000000000000000000000000000000000000000000000000000000000000

0000000000000000000000000000000000000000000000000000000failCorrecting Signature:



File out.xbe created, verifying it ...

Magic XBEH value:      pass
Header Size:           pass
Image Base Address:    pass
Certificate Adress:    pass
Certificate Size  :    pass
Section Address:       pass
Debug Address:         pass
Kernel Entry:          00012A17  (KEY: A8FC57AB)
Kernel Thunk Table:    00000000  (KEY: 5B6D40B6)
Section:  0 Hash:      pass
2048 RSA Signature:    328A575BBE6FA9C56CA73FDE28F451923F4D93FB00FFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0100pass

XBE file integrity:    OK


C:Documents and SettingsXXXXXXDesktopxbedumpWin32Release>xbedumpwin32 o
ut.xbe -vh -st
XBE Dumper 0.4-BETA Developer Release
Using Linux Test Keys
Magic XBEH value:      pass
Header Size:           pass
Image Base Address:    pass
Certificate Adress:    pass
Certificate Size  :    pass
Section Address:       pass
Debug Address:         pass
Kernel Entry:          00012A17  (KEY: A8FC57AB)
Kernel Thunk Table:    00000000  (KEY: 5B6D40B6)
Section:  0 Hash:      pass
2048 RSA Signature:    328A575BBE6FA9C56CA73FDE28F451923F4D93FB00FFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0100pass

XBE file integrity:    OK


dankydoo

This post has been edited by dankydoo: Jun 17 2003, 02:02 AM