xboxscene.org forums

Xbox360 Forums => Xbox 360 Hacking Forums => General Technical Hacking Discussion => Topic started by: bi0hacker on March 24, 2006, 05:00:00 AM

Title: Are Pir/live Files Signed?
Post by: bi0hacker on March 24, 2006, 05:00:00 AM

Okay I manually hex edited one of the files in the archive (replaced some menu text) and it froze after the loading.

Either that means what I edited crashed the game, or each individual file's integrity is checked upon request of the file.

Title: Are Pir/live Files Signed?
Post by: Angerwound on March 24, 2006, 05:44:00 AM

PIRS/LIVE and CON_ files are all uniquely signed. LIVE archives are delivered via live. ... duh   PIRS being already residing on the hard drive or provided via other means besides xbox live. (Kiosk disks, extra game disk content). While CON_ are user created files such as game saves. They are all of the same basic format but restrict their data differently. Changing any of them however does result in a corrupted signature as you had suspected.

Title: Are Pir/live Files Signed?
Post by: PedrosPad on March 24, 2006, 06:37:00 AM

QUOTE(bi0hacker @ Mar 24 2006, 03:29 PM)

Sorry if I misled you, I just noticed that the live packages were using the same algorithm as the pir.

I suspect the difference between the 3 types of file lies in the public/private key combination used to sign.  One private key stored within the X360 - and used to sign generated "CON"-type PIRS files, a different one on used by the XBL team to sign LIVE content, and a third to sign media distributed files.

Title: Are Pir/live Files Signed?
Post by: bi0hacker on March 24, 2006, 03:30:00 PM

From what I can see, CON type archives are signed locally. That means with a BIOS dump(if the function is stored there) or a XEX disassembler we could read the asm instructions to form an algorithm