Topic: Emulated X-box Live Client (Read 106 times)

FreakInvasion · « **on:** October 02, 2004, 01:45:00 PM »

We've all seen these noobs posting topics about "creating" an x-box live server and as the rest of us know that's impossible. For every game you supported, you'd have to reverse engineer the protocol because that's not universal and every game will have their own layout of packet formatting. It's not gonna happen so don't get your hopes up.

However I think it is possible to create a client with extremely limited capabilities. Think of it this way: suppose you wanted to create a stats hacker. This would require:
1) Authenticating to your account
2) Telling the main server that your creating your own server
3) Telling the main server that you played a game and here are the new stats

Seems possible if you could get past the damn encryption that the packets have in place. This is what I've done:
1) Got a crossover cable (made my own from a standard since there were none readily available

2) Used ICS to share my wireless conection from my computer to the network card
3) Plugged my xbox into the network card using the crossover cable
4) Configured Ethereal to sniff activity from the network card connected to my xbox
5) Was dissapointed, yet not surprised, to see the encrypted data that came up on my screen.

The only thing that wasnt encrypted was the M-Search packet that is sent at the begining. Sorry I don't have any examples to give because the saved packets file, as well as the xbox, is at my other house and is not readily available to me.

Perhaps someone here who has done this sort of work can fill me in on the encryption that the xbox uses to sent packets. It's amazing what I can accomplish as far as taking apart the protocol (I've done this with several protocols, including AIM oscar and tictoc, Kazaa, Tetrinet, IRC, MSN Messenger, etc) but as for encryption, well, that just stumps me...

Can anybody here bring me up to date?
Thanks

Disclaimerish thing:
I'm not saying that I endorse illegal hacking. In fact you might check out my site http://freehost07.websamba.com/greyhats/ to view some of my legal hacking work, which I myself have worked with MS to patch.

Allen626 · « **Reply #1 on:** October 03, 2004, 12:10:00 AM »

If it is encrypted, i dont see how you can get past that. But maybe you can find some more unencrypted packets. Or reproduce the sending of the packet to ms saying you won or lost.

EvilWays · « **Reply #2 on:** October 03, 2004, 01:49:00 AM »

Well, the authentication system is either Kerberos or a variation of Kerberos. The encryption will be a lightweight one bit-wise, otherwise the ping times would be awful. As for the actual encryption algorithm used, I couldn't tell you. I have some good tools to use (thanks to a computer/network security class I took at tech school), but I don't have Live so I can't create/recreate a testing environment.

fghjj · « **Reply #3 on:** October 03, 2004, 03:36:00 PM »

FreakInvasion thinks he is teh mast3r h4xx0r with his work on all these extremely complicated protocols and thinks he is ready to say things like this: "We've all seen these noobs posting topics about "creating" an x-box live server and as the rest of us know that's impossible." Then you and "the rest" don't know what they're talking about.

FreakInvasion · « **Reply #4 on:** October 03, 2004, 07:51:00 PM »

Uhh sorry to break it to you but you're the one whose wrong. Just because I have a post count of 4 doesnt meen that I don't know what I'm talking about. Sure there are packets that have the same structure from game to game, but there are those that do not. For example, when the server in a game like splinter cell, pandora tomorrow tells the client that merc X has shot spy Y, the packet is not going to be the same layout as when a server of a game like ESPN 2k5 tells the client that the QB has thrown the ball to Wide Receiver X.

Each game is a piece of software, and most software uses different packet layouts. Try taking a look at http://msdn.micro$oft.com/msdnmag/iss.../07/NetMatters/ to see what I'm talking about. Btw, replace the $ in that address with S.

This post has been edited by FreakInvasion on Oct 4 2004, 02:52 AM

fghjj · « **Reply #5 on:** October 04, 2004, 02:19:00 AM »

Yes, each game exchanges different data, depending on numerous aspects of the game. Reverse-engineering that data will most likely give you the same insight as studying "white noise". I wouldn't go as far as calling this inter-game communication a protocol, cos there isn't a documented "standard" except for what the developers have lying on their desks.

The beauty of Xbox Live is that you don't need to know anything about this. All the high-layered communication is handled by the Xonline lib. Live merely acts as a relay system for the game data and the game-specific server part is done by the Xbox which has the best Quality of Service (QoS). Theoretically, no need to know anything about the game itself.

Therefore your claim that it's impossible to create a Live server is untrue.

But to get back on-topic, there's some information on key-exchange and encryption in the XDK docs, so I still think you should read it

ps. there are also Live games that are hosted on a PC in the Micros0ft datacenter, I know recreating those will be a bit hard.

FreakInvasion · « **Reply #6 on:** October 04, 2004, 06:02:00 AM »

. But that is off the topic.

At any rate, thanks fghjj for pointing me in the right direction. I'll get to reading

Author Topic: Emulated X-box Live Client (Read 106 times)