Post by: Xbox-Scene on April 20, 2006, 09:43:00 PM
Devil 360: Xbox 360 Security Info-- Posted by XanTium on April 20 23:43 EST
Here's some news we received from the Devil360 Team, who announced last week that they will release a new product for the Xbox 360 on 06/06/2006:
Quote
(*) Xbox:
* The previous version of M$ console has been hacked by Andrew Huang also known as Bunnie from M.I.T. (more details here[pdf])
* This guy is very well known for his book "Hacking the Xbox". (more details here)
* What was the real security of the Xbox? Check this article[xbox-linux.org]
(*) Xbox 360:
* At http://en.wikipedia.org/wiki/Xbox_360 you will find a good definition of the new Xbox 360 features.
* What about the security of this M$ product?
-M$ worked on it a little bit at least.
According to findarticles.com, Chipworks is an internationally recognized technical services company that analyzes the circuitry and physical composition of semiconductors devices and electronic systems for a wide range of applications in intellectual property licensing, patenting and competitive study. Chipworks has successfully helped leading-edge semiconductor and electronics organizations achieve their goals by supporting research and development efforts in strategic product development and patent portfolio management. At the end of 2005, Chipworks analyzed the main chip of the 360 console and created a commercial report (see here).
-Bunnie also wrote a document which content is speculative and subject to change (see here[pdf]). This document deals with the Xbox 360 security scheme.
He made some assumptions about the scheme:
>be resistant against "hack once run everywhere" attacks (means invalidate mod chips using crypto and a specific perso for each console)
>be weak against one-time "hero hacks" (means avoid bunnie's or MIT hackers articles)
>use custom features in the processor or chipset cores (use microelectronic and electronic hardware to defeat software script kiddies)
A long time ago we bought several Xbox 360 and started to investigate their security scheme. Eventually a lot of bunnie's assumptions were brilliant. Well done!
-Playing pirated games or hacking the Xbox 360 security core?
Recently (mid march 2006) a hacker called "The specialist" published one weakness and a lot of people are now working on hacking the DVD firmware.
Using a fast FPGA card, it is possible to insert a parser/driver between the motherboard and the optical reader... we let the reader conclude by himself (sed -e 's/DVDFAKE/DVDXBOX/g Input > Output ;-)). What about the SATA HD?... wait and see. Maybe another time when few things would have been detailed.
Anyway what is your aim ?
If you wish to run Linux on your 360 then you have a problem, and this problem is very interesting. (see free60.org)
-According to M$ "The core security system has not been broken" (see here).
True the security core is intact. And not broken yet. Is it breakable? Maybe...
-Did M$ build the security architecture alone?
No, M$ received some help from Infineon (TPM) (see here).
Remark: If you can provide us some TMP chips, we could be friends. We have some but maybe few things evolved.
-M$ did not make some mistakes as the previous time with the first Xbox.
>The motherboard is reduced and a lot of wires are PCB protected. Then it is not so easy to spy wires and to apply a man in the middle attack.
>The firmware of each console can be reprogrammed by M$ using Xbox LIVE. This operation can be executed without the acceptation of the user. The idea is to release a new secure patch (a little bit like Zindows update) using the network.
>What about collecting the route, IP address, crypto keys and some more information from the console at this time?
It is not a nightmare!! They do it.(IMG:http://pictures.xbox-scene.com/xbox360/devil360/Hacked_Hynix_without_LAnalyzer_CS_and_WE_ok_xs_s300.jpg)
Figure: The Hynix (T) memory containing the encrypted boot code.
We first de-capped Xbox 360 components as Chipworks did and we analyzed the console (Some chips have nine levels of metal).
Now we can confirm a lot of bunnie's assumptions and sometimes even worse.
What could happen if M$ would have made a hardware mistake?
We will communicate about this in the next 360 hours.
The next communication will include pictures of the de-capped chips and then some explanations about the console and a little bit more.
In the future we will only communicate with people who subscribed an email address. [note x-s: it'll be posted here on the x-scene news too ofcuz]
Devil 360
Official Site: http://www.devil360.com
Post by: Ben999_ on April 20, 2006, 09:56:00 PM
Post by: cliffy88 on April 20, 2006, 09:59:00 PM
Post by: sew3521 on April 20, 2006, 10:04:00 PM
Post by: Lamer123 on April 20, 2006, 10:22:00 PM
Post by: nwo504 on April 20, 2006, 10:22:00 PM
Post by: BigRed2k on April 20, 2006, 10:26:00 PM
Post by: JustinT9669 on April 20, 2006, 10:35:00 PM
QUOTE(Lamer123 @ Apr 20 2006, 09:29 PM) 
I dont get it ?
me 2
Post by: sgr215 on April 20, 2006, 10:38:00 PM
Post by: Specter on April 20, 2006, 10:44:00 PM
Post by: Lamer123 on April 20, 2006, 10:56:00 PM
They are claiming that they They have found two different potential security exploits .
1. that they can write unsighned data to the xbox dash data on the 128 on board nand , by using a local area network .
2. and they have found a security hole in the boot loader chip .
Please correct me if i am wrong , seriously . I want to know what this is all about .
Post by: nwo504 on April 20, 2006, 11:02:00 PM
6-6-6
Post by: dinzy on April 20, 2006, 11:20:00 PM
Post by: Rustmonkey on April 20, 2006, 11:28:00 PM
QUOTE(Ben999_ @ Apr 20 2006, 10:03 PM)
Looking forward to what lies ahead
what "lies" ahead... hehe... we'll see what lies or truths they have... I susbscribed to the form, so if I get an email from them sometime, I'll let you guys know what it says
Post by: Arch0n on April 20, 2006, 11:32:00 PM
QUOTE(Lamer123 @ Apr 21 2006, 06:03 AM)
Ok after a couple re-reads I think I understand .
They are claiming that they They have found two different potential security exploits .
1. that they can write unsighned data to the xbox dash data on the 128 on board nand , by using a local area network .
2. and they have found a security hole in the boot loader chip .
Please correct me if i am wrong , seriously . I want to know what this is all about .
I'm not sure about what you've posted. The take home message I get is from this section:
QUOTE
Using a fast FPGA card, it is possible to insert a parser/driver between the motherboard and the optical reader... we let the reader conclude by himself (sed -e 's/DVDFAKE/DVDXBOX/g Input > Output ;-)). What about the SATA HD?... wait and see. Maybe another time when few things would have been detailed.
is that using a Field Programmable Gate Array on a PCB (card) they will feed the correct info to the xbox regardless of what the DVD firmware is doing.
So, rather than flashing your DVD's fimware in order to produce expected values to authenticate a disk, this chip will be programmed to do that. Sounds like a "modchip" version of the firmware hack. Probably would contain a table in flash that could be altered to keep up with any changes. Also the ability is there to support all drives as yo udon't care what particular firmware a device has, long as you can recognise and rewrite the signals to what is expected.
The whole sed reference is for rewriting the data on the fly I am guessing, and is what makes me think the above
Post by: Altima NEO on April 21, 2006, 12:02:00 AM
thats what im thinking they mean
Post by: dom0012 on April 21, 2006, 12:21:00 AM
Post by: ILLusions0fGrander on April 21, 2006, 12:24:00 AM
QUOTE(Altima NEO @ Apr 21 2006, 01:09 AM)
so basically, they might be able to possibly fake xbl to flash firmware?
thats what im thinking they mean
that would seriously be kick ass and a major backfire to MSs attempts... however from the little i know about all the massive encryptions, isnt that highly unlikely?
Post by: DivyX on April 21, 2006, 12:31:00 AM
I'm looking forward to see what this will be. I hope it's something BIG.
I think using word xbl is wrong word, isn't that just highly encrypted service?
Depending if all traffic from 360 to computer eg via crossover would be similarly encrypted i think using network wouldn't be the case then but i don't know that much of xbox360 networking in general to know but logic says not every traffic can be encrypted.
However XBL is so heavily protected that i'm sure no1 hasn't made too serious project even to start hacking it.
Post by: havoc on April 21, 2006, 01:20:00 AM
QUOTE
WTF??? This are the new age hackers???
By now, a 4 years old kid, could tell more about x360 than this BS....
By now, a 4 years old kid, could tell more about x360 than this BS....
these are not this are
a 4 year old not a 4 years old
no comma after kid or now
why dont you take your brainless posts elsewhere this site doesnt need people like you
Post by: Keo-Keo on April 21, 2006, 01:32:00 AM
QUOTE
Registrant:
Domains by Proxy, Inc.
DomainsByProxy.com
15111 N. Hayden Rd., Ste 160, PMB 353
Scottsdale, Arizona 85260
United States
Registered through: GoDaddy.com
Domain Name: DEVIL360.COM
Created on: 06-Apr-06
Expires on: 06-Apr-07
Last Updated on: 12-Apr-06
Administrative Contact:
Private, Registration [email protected]
Domains by Proxy, Inc.
DomainsByProxy.com
15111 N. Hayden Rd., Ste 160, PMB 353
Scottsdale, Arizona 85260
United States
(480) 624-2599
Technical Contact:
Private, Registration [email protected]
Domains by Proxy, Inc.
DomainsByProxy.com
15111 N. Hayden Rd., Ste 160, PMB 353
Scottsdale, Arizona 85260
United States
(480) 624-2599
Domain servers in listed order:
NS1.DEVIL360.COM
NS2.DEVIL360.COM
Dead end.. DomainsByProxy.com is used to hide the users info.. But then i noticed that they were running their own NS..
QUOTE
[root@xserv root]# ping ns1.devil360.com
PING ns1.devil360.com (217.73.17.126) 56(84) bytes of data.
64 bytes from 217.73.17.126: icmp_seq=0 ttl=45 time=152 ms
64 bytes from 217.73.17.126: icmp_seq=1 ttl=45 time=151 ms
--- ns1.devil360.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 151.270/151.971/152.673/0.802 ms, pipe 2
[root@xserv root]#
[root@xserv root]# ping ns2.devil360.com
PING ns2.devil360.com (217.73.17.128) 56(84) bytes of data.
--- ns2.devil360.com ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1999ms
Then to see if they were running DNS off their server i pinged the website
QUOTE
[root@xserv root]# ping devil360.com
PING devil360.com (217.73.17.126) 56(84) bytes of data.
64 bytes from 217.73.17.126: icmp_seq=0 ttl=45 time=151 ms
64 bytes from 217.73.17.126: icmp_seq=1 ttl=45 time=173 ms
PING devil360.com (217.73.17.126) 56(84) bytes of data.
64 bytes from 217.73.17.126: icmp_seq=0 ttl=45 time=151 ms
64 bytes from 217.73.17.126: icmp_seq=1 ttl=45 time=173 ms
W00t matchs the 1st name server!..
So who owns 217.73.17.126?
Well according to http://www.dnsstuff....p=217.73.17.126
QUOTE
% This is the RIPE Whois query server #1.
% The objects are in RPSL format.
%
% Note: the default output of the RIPE Whois server
% is changed. Your tools may need to be adjusted. See
% http://www.ripe.net/...l-20050331.html
% for more details.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Information related to '217.73.16.0 - 217.73.23.255'
inetnum: 217.73.16.0 - 217.73.23.255
netname: SK-VNET
descr: VNET s. r. o.
descr: Bratislava
country: SK
admin-c: VN666-RIPE
tech-c: VN666-RIPE
status: ASSIGNED PA
notify: ****@vnet.sk
mnt-by: VNET-MNT
changed: ******@vnet.sk 20030828
source: RIPE
person: Vojtech Nemeth
address: VNET s. r. o.
address: Repasskeho 2
address: Bratislava
address: 84102
address: Slovakia
phone: +421 903 448844
fax-no: +421 2 5292 6151
e-mail: *****@vnet.sk
nic-hdl: VN666-RIPE
mnt-by: VNET-MNT
changed: ******@vnet.sk 20050603
source: RIPE
% Information related to '217.73.16.0/20AS29405'
route: 217.73.16.0/20
descr: VNET s. r. o.
origin: AS29405
mnt-by: VNET-MNT
changed: ******@vnet.sk 20030911
source: RIPE
% The objects are in RPSL format.
%
% Note: the default output of the RIPE Whois server
% is changed. Your tools may need to be adjusted. See
% http://www.ripe.net/...l-20050331.html
% for more details.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Information related to '217.73.16.0 - 217.73.23.255'
inetnum: 217.73.16.0 - 217.73.23.255
netname: SK-VNET
descr: VNET s. r. o.
descr: Bratislava
country: SK
admin-c: VN666-RIPE
tech-c: VN666-RIPE
status: ASSIGNED PA
notify: ****@vnet.sk
mnt-by: VNET-MNT
changed: ******@vnet.sk 20030828
source: RIPE
person: Vojtech Nemeth
address: VNET s. r. o.
address: Repasskeho 2
address: Bratislava
address: 84102
address: Slovakia
phone: +421 903 448844
fax-no: +421 2 5292 6151
e-mail: *****@vnet.sk
nic-hdl: VN666-RIPE
mnt-by: VNET-MNT
changed: ******@vnet.sk 20050603
source: RIPE
% Information related to '217.73.16.0/20AS29405'
route: 217.73.16.0/20
descr: VNET s. r. o.
origin: AS29405
mnt-by: VNET-MNT
changed: ******@vnet.sk 20030911
source: RIPE
Hrm Slovakia? Strange...
Lemme dig deeper.. http://www.dnsstuff....n=217.73.17.126
QUOTE
IP address: 217.73.17.126
Reverse DNS: [No reverse DNS entry per ns.vnet.sk.]
Reverse DNS authenticity: [Unknown]
ASN: 29405
ASN Name: VNET-AS (VNET ISP Bratislava, Slovakia, SK)
IP range connectivity: 2
Registrar (per ASN): RIPE
Country (per IP registrar): SK [Slovakia]
Country Currency: SKK [Slovakia Koruny]
Country IP Range: 217.73.16.0 to 217.73.31.255
Country fraud profile: High
City (per outside source): Unknown
Private (internal) IP? No
IP address registrar: whois.ripe.net
Known Proxy? No
Reverse DNS: [No reverse DNS entry per ns.vnet.sk.]
Reverse DNS authenticity: [Unknown]
ASN: 29405
ASN Name: VNET-AS (VNET ISP Bratislava, Slovakia, SK)
IP range connectivity: 2
Registrar (per ASN): RIPE
Country (per IP registrar): SK [Slovakia]
Country Currency: SKK [Slovakia Koruny]
Country IP Range: 217.73.16.0 to 217.73.31.255
Country fraud profile: High
City (per outside source): Unknown
Private (internal) IP? No
IP address registrar: whois.ripe.net
Known Proxy? No
Well pretty much all i know is they have a high fraud profile.. What ever that means ;-P the company that hosts devil 360 or at least owns the IP address is..
http://ns.vnet.sk/ so there ya go.. Off to bed.. Gnite
Post by: luther349 on April 21, 2006, 01:42:00 AM
Post by: DJLink on April 21, 2006, 01:48:00 AM
Nice one devil, you got me for about 6 seconds
Post by: indiraider on April 21, 2006, 01:59:00 AM
http://ns.vnet.sk/ so there ya go.. Off to bed.. Gnite
[/quote]
What you fail to notice is that an off shores out of the way server would be the best bet fora team that might be releasing hacked firmware. It would be the only way that they could sell and release copyrighted content. Dont discredit them yet just for being on a forein server. Remember that the team ICE was on a safe server and look what happened to them. We also wont be paying these guy it will be the mid sellers dealing with them so we have nithing to loose.
Post by: 0794 on April 21, 2006, 02:05:00 AM
Post by: PedrosPad on April 21, 2006, 02:18:00 AM
QUOTE(794 @ Apr 21 2006, 09:12 AM)
Good research Keo-Keo.
Indeed. Nice to see that sites/tools you used also.
Is it me?
Wasn't all the detail in the X-S news post from Devil360 already known information? 
In fact they even cite the original sources (which at least is respectful).Still I hope they have got something new
Post by: adamscybot on April 21, 2006, 02:33:00 AM
I hope to be proved that they are not a hoax!
Adam
Post by: dark by design on April 21, 2006, 04:17:00 AM
Though, it might just be some PR-Horny kiddies..
666, is kind of kiddie like...
But the cooler it is, if they actually unravel something "revolutionary" on the 6th of june 2006.
Post by: SharkUW on April 21, 2006, 06:14:00 AM
NEWSFLASH
xbox-scene updated it's page!!!!
It's all old news...worthless, pointless.
attention whores.
Post by: plonkman on April 21, 2006, 06:28:00 AM
Post by: SharkUW on April 21, 2006, 06:35:00 AM
QUOTE(plonkman @ Apr 21 2006, 07:35 AM)
shut up
Member since '03. 2nd post. What was your first word. 'cookie' or 'f**k'?
Post by: tiavo on April 21, 2006, 06:38:00 AM
Post by: plonkman on April 21, 2006, 06:55:00 AM
Post by: TheSpecialist on April 21, 2006, 07:04:00 AM
QUOTE(PedrosPad @ Apr 21 2006, 10:25 AM)
Is it me?
Wasn't all the detail in the X-S news post from Devil360 already known information? In fact they even cite the original sources (which at least is respectful).No, it isn't you
Theres is nothing new in their post, just a summary of old info. Besides, I find their statement about a FPGA card between the dvd and the 360 very odd ... The biggest problem is that the authentication related data is encrypted. So, if you want to mod the communication, you'll have to decrypt the packets, mod the info and encrypt them again. While this probably is possible, it's not easy at all. So, to me it seems they didn't really think about this and are just posting some fake info (about decapping chips etc). I could be wrong of course, but I find it very odd that they claim all kinds of stuff without posting ANY new info at all ...
QUOTE(tiavo @ Apr 21 2006, 02:45 PM)
but they may let an HDD capacity mod go unpunished, but really who knows.
You can't mod the capacity, since the capacity is 'signed'. So you can only use signatures supplied by MS and since they've currently only signed 20 gb's HD's, we can't use any bigger sizes, until MS starts to sell bigger HD's themselves (and we can use that signature)
Post by: sjohn on April 21, 2006, 08:18:00 AM
QUOTE(TheSpecialist @ Apr 21 2006, 02:11 PM)
You can't mod the capacity, since the capacity is 'signed'. So you can only use signatures supplied by MS and since they've currently only signed 20 gb's HD's, we can't use any bigger sizes, until MS starts to sell bigger HD's themselves (and we can use that signature)
Just to clarify, are you saying that it is currently possible to switch the MS 20gb, for a standard 20gb? Or are you just saying that if we had the signature, we'd have to have the signature of a larger drive in order to use a larger drive in our xbox.
I just don't want anyone jumping to any type of conclusion of something said in the wrong way. Thanks for all of the support in the scene.
Post by: JohnnyVegas on April 21, 2006, 08:21:00 AM
So again, Devil360, what is your fucking point? Seems to be another calculated ploy to get interest in their site. If your not going to offer anything worthwhile then just STFU. What a waste of time for everyone here.
I would hope if X-S has anything to do with this they would at the very least vouch for this sites creditability. Otherwise, I would suggest just ignore this so others do not do this in the future.
Hell I might do it now just for fun... LOL
Post by: krims0n on April 21, 2006, 08:35:00 AM
While just doing the same thing as the firmware hack this is actually quite a bit better. If there is a device in between that is intercepting and answering a couple requests on it's own and sending the rest to the firmware, then the firmware never actually needs to be hacked. The software on the chip can be programmed from scratch and no copyrights are violated. If no copyrights are violated it can be sold/distributed legally and installed legally.
Post by: Joergen on April 21, 2006, 08:49:00 AM
I also look forward to what lies ahead.
Post by: PedrosPad on April 21, 2006, 08:53:00 AM
QUOTE(krims0n @ Apr 21 2006, 03:42 PM)
To me it sounds like a device that will sit between the motherboard and dvd drive and "interpret" some of the commands to allow for playing of backups.
I agree that this is exactly what their news post is alluding to, but as TS points out, there are seemingly insurmountable problems with this idea. The primary one being that the traffic on the cable is encrypted.
I guess that its conceivable that the mobo could negotiate encryption keys with the mod-board, and the mod-board independently negotiate encryption keys with the DVD-Rom drive, and act as a true man-in-the-middle (decrypting, interpreting, and re-encrypting the traffic), but I have my doubts this is possible.
PS. This exact notion was discussed here only the day before the Devil360 press release.
Post by: PedrosPad on April 21, 2006, 09:04:00 AM
QUOTE(sjohn @ Apr 21 2006, 03:25 PM)
Just to clarify, are you saying that it is currently possible to switch the MS 20gb, for a standard 20gb? Or are you just saying that if we had the signature, we'd have to have the signature of a larger drive in order to use a larger drive in our xbox.
I just don't want anyone jumping to any type of conclusion of something said in the wrong way. Thanks for all of the support in the scene.
This is OT, but...
Official M$ HDDs are shipped with a pre-populated 'security sector' (for want of better term). This sector contains the HDDs unique serial number, its capacity, is encrypted, and M$ signed. The X360 console checks this!
With no knowledge of the M$ signing key, no way currently exists to generate this data ourselves, preventing anything other than true M$ drives from being recognised by the X360.
Post by: n8thegr8 on April 21, 2006, 09:37:00 AM
Post by: downlowfunk on April 21, 2006, 09:45:00 AM
QUOTE(n8thegr8 @ Apr 21 2006, 04:44 PM)
and besides, if you already have a working product, why the hell would you wait 2 months to release it? I mean seriously, if they released a working product right now, people would eat it up, I certainly know I would buy one. Yet another reason they are more than likely fakes.
well.. Being the devils that they are. they probably want to stick to the theme. plus theres final revisisons and mass Production and shipping from china. Remember the 360 launch, or when Executer chips were on back order??
You have a good point though, why not make a move when the streets are itchin for their Modchip fix, no one else has the goods. Im excited, about all these developments.
Post by: bubbathemaster on April 21, 2006, 09:53:00 AM
Maybe they are suggesting they are working on a hack at the end of the news, but well... Dunno what to think about it.
Post by: nachomans on April 21, 2006, 09:56:00 AM
What a couple of...
Just make some technical info, like thespecialist did before...
till now, this is completely BS...
Post by: Dasoldier on April 21, 2006, 10:00:00 AM
QUOTE(JustinT9669 @ Apr 21 2006, 04:42 AM)
me 2
Yea, I didn' quite pull any form of new information out of that big long post? Just restated things that are already well known.
Post by: frostyfire03530 on April 21, 2006, 10:27:00 AM
Anyway what is your aim ?
If you wish to run Linux on your 360 then you have a problem...
What about collecting the route, IP address, crypto keys and some more information from the console at this time?
What could happen if M$ would have made a hardware mistake?
They allude to knowing the advantages of the dvd-firmware hack, yet still post more information that leads me to believe that they are not focusing on something along those lines. Perhaps, with the information they lead up to and say will post more about later, the hynix memory that has the boot code in it, it could be a mod that will be physically alterable to the system hardware and will somehow enable dev workings in the 360. IDK, thats just my opinion from what I got from the post.... I just can't see from a writers sense, that presenting this in an agrumented form, that it would be about a 360 dvd mod. It's something deeper in the system's workings
Post by: kowrip on April 21, 2006, 10:57:00 AM
QUOTE(krims0n @ Apr 21 2006, 03:42 PM)
To me it sounds like a device that will sit between the motherboard and dvd drive and "interpret" some of the commands to allow for playing of backups.
While just doing the same thing as the firmware hack this is actually quite a bit better. If there is a device in between that is intercepting and answering a couple requests on it's own and sending the rest to the firmware, then the firmware never actually needs to be hacked. The software on the chip can be programmed from scratch and no copyrights are violated. If no copyrights are violated it can be sold/distributed legally and installed legally.
This type of device also opens up the possibility of emulating the DVD. It would be totally wild if a hard drive could be hooked up to such a device and the individual game ISOs loaded onto it from another PC. Such a device could be almost as good as upgrading the hard drive on the original Xbox !
Post by: Moltdar on April 21, 2006, 11:34:00 AM
Post by: brywalker on April 21, 2006, 11:44:00 AM
QUOTE(Moltdar @ Apr 21 2006, 06:41 PM)
that last post about streaming the games from your PC, Gamecube style would be totally wicked!!!
Oh GOD lets hope not. They worked TERRIBLY. The GC went NOWHERE until the Viper came out. Period.
So far, I call BS until I see something for real. I can tell you this for sure:
1) Do the mod, no more Live. They couldn't get around it on the security joke that is the XBOX, they DEFINITELY won't be able to do it for the 360. The firmware mod really doesn't count - it wasn't released and came 5 years late. Who knows if Live can detect it on XBOX at this point?
2) If it is a chip that goes inbetween the drive and the board, be prepared to update it like crazy. Until you can boot unsigned code - you can't patch games. So for every security update on the games to detect the chip, there has to be new code put on the chip.
Personally, Live is something that I didn't give 2 shits about for XBOX, but for 360 I can't live without. If a *REAL* mod comes out, I am there, but on a 2nd 360.
Post by: toothe360 on April 21, 2006, 11:47:00 AM
Post by: Neilinator99 on April 21, 2006, 11:50:00 AM
I'm afraid I wasn't able to deliver your message to the following
addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<[email protected]>:
Sorry, no mailbox here by that name. vpopmail (#5.1.1)
--- Below this line is a copy of the message.
Return-Path: <[email protected]>
Received: (qmail 8392 invoked by uid 1703); 16 Apr 2006 23:58:28 -0000
Received: from 66.163.179.163 by ns1 (envelope-from
<[email protected]>, uid 0) with qmail-scanner-1.25
(Epsylon Antivirus/Antispam - sweep: 2.20/3.84. spamassassin: 2.63.
Clear:RC:0(66.163.179.163):SA:0(?/?):.
Processed in 600.223872 secs); 16 Apr 2006 23:58:28 -0000
X-Spam-Status: No, hits=? required=?
Received: from unknown (HELO web35709.mail.mud.yahoo.com)
(66.163.179.163)
by 0 with SMTP; 16 Apr 2006 23:48:28 -0000
Received: (qmail 91142 invoked by uid 60001); 16 Apr 2006 23:51:01
-0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.com;
h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding;
b=d2QTG3GLF36qqSC+HU2co+CCnp7ZT4a+EbJ4OgvUSJqdEoigzxq/ceoLS91ONgePu4Yq3IB4v0U0A7E8WOSoUy4muUhc3SIcZCLgKjl8vN+NMIifATHZovV8R9NgV4NOH0sKq4iN8oE+qKusdC2NgI+fQxZ1owHQBM81onTk4M4=
;
Message-ID: <[email protected]>
Received: from [71.155.234.21] by web35709.mail.mud.yahoo.com via HTTP;
Sun, 16 Apr 2006 16:51:01 PDT
Date: Sun, 16 Apr 2006 16:51:01 -0700 (PDT)
From: Neil Maude <[email protected]>
Subject: Im curios
To: [email protected]
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="0-505108061-1145231461=:74329"
Content-Transfer-Encoding: 8bit
--0-505108061-1145231461=:74329
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
What are your services... if you cannot tell me exactly please hint
thank you.!
---------------------------------
Yahoo! Messenger with Voice. PC-to-Phone calls for ridiculously low
rates.
--0-505108061-1145231461=:74329
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
What are your services... if you cannot tell me exactly please hint
thank you.!<br><br><br><p>
<hr size=1><a
href="http://us.rd.yahoo.c...ahoo.com">Yahoo!
Messenger with Voice.</a> PC-to-Phone calls for ridiculously low rates.
--0-505108061-1145231461=:74
I called them asking what they do and this was there reply
i subscribed
Post by: manu_xl on April 21, 2006, 12:53:00 PM
QUOTE(SharkUW @ Apr 21 2006, 02:42 PM)
Member since '03. 2nd post. What was your first word. 'cookie' or 'f**k'?
member since november and already 160 useless posts
Post by: onge on April 21, 2006, 01:23:00 PM
Post by: ILLusions0fGrander on April 21, 2006, 01:55:00 PM
Post by: quenlin on April 21, 2006, 02:18:00 PM
Oh, and on an unrelated note, the spelling and grammar on this board is disgusting. Not being able to write properly is just as embarrasing as not knowing how to tie your own shoe or to take a shower. Anyone who writes like a third grader should be humiliated.
Post by: Modchip-Man on April 21, 2006, 02:34:00 PM
I live right around the corner from that place that was mentioned ( 15111 N. Hayden Rd) 13 miles to be exact. When i can get someone to drive me over there, what do you think i would find? Is that just one of the godaddy nodes, or is that the actual devil 360 registration place. I can check it out if you guys need me to.
Peace!
M-M
Post by: psxpirate1 on April 21, 2006, 02:39:00 PM
Post by: kowrip on April 21, 2006, 02:45:00 PM
QUOTE(quenlin @ Apr 21 2006, 09:25 PM)
I think the most realistic scenario we have to look forward to is that someone will duplicate the hacked firmware, people will be able to use the team xcuter or some such device to update the 360 dvd drive firmware, and then you'll only be able to play backups that are either patched or have dashboard updates disabled, so that there's no chance of having your firmware or dashboard updated. So no more Live or playing originals, but theoretically backups will run for as long as you can keep the unit from being updated. That will probably come first until someone develops a modchip. It is inevitable in any event.
Avoiding updates might not be totally necessary. Somebody may release a device that holds both the original and the hacked firmware. In that case, it wouldn't matter how many updates were issued. They could just be applied to the legitimate one while the hacked one is doing all the work. I don't know exactly how hard this would be to implement, but you can't rule it out. Apparently, we now understand a lot about the protocol between the drive and the console. In that case, the whole thing can probably even be emulated. Let's go hacks ! My offline Xbox 360 is waiting for something sweet !
Post by: frOOt lOOps on April 21, 2006, 02:45:00 PM
Post by: Lamer123 on April 21, 2006, 02:51:00 PM
GOOGLE MAPS
It looks like it is registered to an airport
Edit: a stripmall next to the airport
Post by: 6h05T_R1d3R on April 21, 2006, 02:53:00 PM
Post by: MaTiAz on April 21, 2006, 03:15:00 PM
QUOTE(kowrip @ Apr 21 2006, 06:04 PM)
This type of device also opens up the possibility of emulating the DVD. It would be totally wild if a hard drive could be hooked up to such a device and the individual game ISOs loaded onto it from another PC. Such a device could be almost as good as upgrading the hard drive on the original Xbox !
But ISO emulation works only for games, so no homebrew then. But it would be more quiet, no need to swap disks and no whining about discs getting scratched
But still works for piracy only (I know everyone's gonna say backups of their legally owned games, but still ...).
Post by: DCFluX on April 21, 2006, 03:53:00 PM
Post by: satiros on April 21, 2006, 06:01:00 PM
QUOTE(Bign @ Apr 22 2006, 12:26 AM)
Check out the word "EMBARRASING" it has a double ss in it get it right. let people post as they wish this is not an english lesson. A lot of people break words down now just for txtin mates
i hope my english is good enough 4 your forum , english is not mt first language,
i like to point out after reading the whole thread that they achive:
1 to make you feel diffrenet changed your mood ranging from anger to having rather high hopes of what they r going to do
2 the members of the x- s forums made according to their knowledge thoughts of logical and unlogical thoughts of what this will be
3 publicity
"fly high in april shoot down in may"
if u have something then u sell it if you dont you talk about it!!!
hope the best for 4 the team that take us threre to the promise land im not going to buy a 360 unless.
and please give a small thought to what if the lost case of Xbox was saved through hacking it and the money went back to ms that sold the security to "hackers" otherwise it could sell more not to me of course.
in the world of satelite tv the inside leaking of the company is always the way to make channels visible to us "hackers" recently rumors had the satelite program of digiturk selling as hackers the "goods" refinancing themselves with codes that they worked for a few months plus making black money money without tax .
take care people and let shout again i want my 360 hack right now!!
satiros of thessaloniki
greece
Post by: tactix101 on April 21, 2006, 09:50:00 PM
But the main thing thats bothering me lately is the x-amount of ppl creating hype.
Oh ive done this oooh ive cracked this oooh im gonna be releasing a chip by so and so date.
Give it a rest please, u know we are all hardware whores just waiting for the latest bit of news to salivate over.
In the stream of fake promises of hacking groups saying there gonna release a chip. And the ppl just hashing up old news/info and trying to add there own twist to get hits is getting old and to the point that I dont know what to believe.
But the way i see it is:
If your gonna try taking on a company like ms you should atleast have the brains not to make comment or give cryptic clues on a site we all know is watched by ms untill your ready for a major strike ie: u have got all info inplace if your going for a software solution. Or have tested and dealt with manufacturing to the point of mass release .
Giving the enemy a warning shot like that is just like me saying whoopah i know im gonna blow up the houses of parliment now let me just mail tony blair and inform him of the time and date.
FLAME away if u must for stupidity grammer etc etc but thats my thoughts
Post by: brispet1 on April 21, 2006, 09:57:00 PM
attack in order to turn the drive into a 16X milk-shake maker... ummmmm Milkshakes
p.s. don't know about sandwich making functionality of SATA HD maybe soon, somebody send me some of those
new potato chips they could be my friend. Yes I have some potato chips but new ones maybe different like cool ranch
uhmmmmmm cool ranch!
more info availiable on 6/7/8 at 9:10 EST
Post by: proger on April 21, 2006, 10:42:00 PM
Post by: n8thegr8 on April 21, 2006, 10:43:00 PM
Post by: toothe360 on April 22, 2006, 04:36:00 AM
Post by: mat989 on April 22, 2006, 04:38:00 AM
the only thing i am waiting for is team-xecuter's solution...at least we know who are we dealing with....
Post by: Sheytan on April 22, 2006, 05:53:00 AM
Are you guys 10 years old????
Post by: manu_xl on April 22, 2006, 06:22:00 AM
BUT ... now I do! DEVIL360 is same as GCLOADER in the past. That team had also a site. It never became reality. (Both sites were GODADDY related. check google)
99,99% sure this is scam
FYI: gcloader promised a HDD addon for the gamecube. they only had a 'coming soon site' for 1 year.
Post by: tachy0n on April 22, 2006, 09:49:00 AM
The hack is by a Spanish team called enyeTOPIA. They are the group that promised to deliver GC loader (which never arrived). I have a feeling this is going to amount to nothing now!
Post by: PedrosPad on April 22, 2006, 03:04:00 PM
QUOTE(Interloper @ Apr 21 2006, 09:15 PM)
Question about signing those HDs as TS mentioned..
-Is the 'security sector' in the same location on all HDs?
Only 20GB official M$ ones are available so far. Based on this, the answer is yes.
Post by: indiraider on April 22, 2006, 05:16:00 PM
1st post by Xecuter:
"You may have seen news about this on xbox-scene
I think I know who is doing this, I haven't had the chance to speak to him yet BUT if it is this friend of mine then you can be sure it is a very very low level hardcore hardware hack - but a very working one too.
if i'm also correct it won't be cheap - so you can be sure to see many alternative products and im sure other people will probably release the dvd firmware too (NOTE: Disclaimer to those who think about conspiracies all day - this does not mean Xecuter). June 2006 should be interesting."
2nd post:
"this is not for unsigned code
i'd say its for booting backups - but with protection so it cant be stopped by ms
thats what ive read between the lines - plus i know some of the dev thats being going on with a friend of mine and this sounds like his work"
This sounds very interesting. Could anybody shed any light on when Xecuter says "very very low level hardcore hardware hack - but a very working one too" and if i'm also correct it won't be cheap"? Could this be a chip of some kind, working as a middleman with the DVD drive and the hacked firmware?
Here the link to the origional thread http://www.team-xecu...ead.php?t=41250
Speculate here!
Post by: nwo504 on April 22, 2006, 08:22:00 PM
Post by: kezor on April 23, 2006, 01:12:00 AM
Post by: dinzy on April 23, 2006, 11:52:00 PM
QUOTE(Guidor @ Apr 23 2006, 12:41 PM)
I find it odd that somebody would delay to a date 6-6-6 just for the kudos factor. If they had something now they would want to be the first onto the market with it. Therefore I draw two conclusions. Either it is a hoax OR the people behind it are very close to something but not there yet so are giving themsleves the time while gaining attention which the 6-6-6 does very well.
june 6th is in ~ six weeks. If the hack was finished today it will easily take that long to manufacture and package. Heck they may not have anything "ready" yet and just plan to unveil it all on 666.
Seriously poeple need to stop making this same comment over and over again, because it is baseless. It takes months to bring these things to market. Remeber the x3 a couple of years back.? That thing tokk over a month and a half of "coming next week" after months of "coming shortly"
Post by: asakal on April 24, 2006, 01:26:00 AM
Post by: sicknasty413 on April 24, 2006, 03:05:00 AM
But anyways, there is way to much speculation going on...
If you really cant wait, go put yourself into a coma until 11:59 pm; june 5th. Then prepare yourself.
But interesting stuff none the less..
Perhaps itll be something amazing that we will all wet ourselves over; Or... perhaps itll be something that we all just want to go find the people responsible and piss all over them... unless they like it.. which would be awkward.
just my 2 cents
P.S. OT.. anyone ever notice how it says the time of posting, and its like way ahead on the minute side? I deffinetly didnt post this at 5:12.. its only 4:57.. lol
Post by: PedrosPad on April 24, 2006, 07:39:00 AM
QUOTE(sicknasty413 @ Apr 24 2006, 10:12 AM)
P.S. OT.. anyone ever notice how it says the time of posting, and its like way ahead on the minute side? I deffinetly didnt post this at 5:12.. its only 4:57.. lol
In My Controls (at top)->Board Settings (from resulting menu on right), you can set your local timezone/time offset, for those who may not have noticed! (but that's only whole hours of course
so won't help in your case ).PS. The time on this post suffered the same the symptom.
Post by: deadparrot on April 24, 2006, 08:03:00 AM
QUOTE(PedrosPad @ Apr 24 2006, 02:46 PM)
In My Controls (at top)->Board Settings (from resulting menu on right), you can set your local timezone/time offset, for those who may not have noticed! (but that's only whole hours of course
so won't help in your case ).PS. The time on this post suffered the same the symptom.
The whole board time is off and has been for ages.
Post by: frenzy987 on April 24, 2006, 09:17:00 PM
Post by: jrvandegrift1 on April 24, 2006, 09:52:00 PM
Post by: Heet on April 24, 2006, 11:49:00 PM
Post by: DCFluX on April 25, 2006, 10:04:00 AM
Post by: xecuterbox on April 25, 2006, 11:54:00 AM
how about limiting the disc read spin on a console at a slightly slower speed than most pc drives then as soon as the disc is span at full pc speed it explodes lolz
hey wait...we shudnt be givin console manufacturers ideas
seems like if its real, devil360 will be doing something with dvd firmware.
Post by: Smoko on April 26, 2006, 11:23:00 PM
QUOTE(DCFluX @ Apr 25 2006, 05:11 PM)
I would think one of the game makers such as Sony, Nintendo or M$ would be using those new DVD discs that turn opaque after 48 hours and are no longer readible.
If they done that, they would loose a whole lot of customers. Unless they sold them for really cheap game trial disks.
Other than that, the idea is really stupid.
Post by: Flexmaster Frag on April 27, 2006, 11:09:00 AM
QUOTE
seems like if its real, devil360 will be doing something with dvd firmware.
I highly doubt that. A low-level hardware hack seems more appropriate.
Post by: shrgnatlas on May 02, 2006, 02:51:00 PM
Post by: STEVEHABS on May 02, 2006, 06:18:00 PM
Post by: STEVEHABS on May 03, 2006, 01:19:00 AM
Post by: jayjames on May 03, 2006, 11:39:00 PM
Post by: Wolves on May 04, 2006, 12:05:00 AM
EDIT:
Post by: bigjimmy on May 04, 2006, 12:11:00 AM
Ive been watching this tread since Xbox-Scene annonced this. I rekon it was BS from the start, but it was interesting to see if anymore news was announced. Hopefully something amazing will be announced, but at the moment, i highly doubt it.
Post by: bigjimmy on May 05, 2006, 02:02:00 AM
Post by: phatnukka on May 06, 2006, 10:48:00 AM
Post by: whiteboytroy on May 06, 2006, 10:58:00 AM
Post by: frOOt lOOps on May 06, 2006, 03:36:00 PM
Although in the xecuter forums xecuter himself said that the spider team was behind this.
i dont know what to say, except i hate people who make promises and dont stick to them or even worse when they tell you things are in a quick time (like xecuter or saying 360 hours) and then not delivering that pisses me off.
Post by: whiteboytroy on May 06, 2006, 05:34:00 PM
QUOTE(afortaleza @ May 5 2006, 09:17 AM)
The 360 hours, do they expire today or tomorrow ?
-- Anderson
im pretty sure they expire next month
Post by: STEVEHABS on May 07, 2006, 04:45:00 AM
Post by: Satanic Sheep on May 07, 2006, 06:00:00 AM
QUOTE(STEVEHABS @ May 7 2006, 11:52 AM)
kafluke where were we supposed to see an update about devil360? sure as hell isnt anything different on there website.
the first post of this thread...
QUOTE
What could happen if M$ would have made a hardware mistake?
We will communicate about this in the next 360 hours.
The next communication will in-clude pictures of the de-capped chips and then some explanations about the console and a little bit more.
We will communicate about this in the next 360 hours.
The next communication will in-clude pictures of the de-capped chips and then some explanations about the console and a little bit more.
Post by: afortaleza on May 08, 2006, 04:55:00 AM
QUOTE(Satanic Sheep @ May 7 2006, 10:48 AM)
nope, 360 Hours = 15 Days. 21st April + 15 days = 6th May?
That's right ! May 6th was the deadline they gave themselves, but no freacking updates were released or any email sent. This whole text about security and stuff is probably BS !!
Post by: PedrosPad on May 08, 2006, 05:49:00 AM
QUOTE(Satanic Sheep @ May 7 2006, 10:48 AM)
nope, 360 Hours = 15 Days. 21st April + 15 days = 6th May?
I assumed they were aiming for the date of 06/06/06 (in keeping with the devil theme) - that'd be 6th June, 2006. Maybe their math sucks.
Post by: JustXploit on May 08, 2006, 07:45:00 AM
<quote>
-M$ did not make some mistakes as the previous time with the first Xbox.
</quote>
Good 2 go
Post by: STEVEHABS on May 08, 2006, 08:27:00 PM
Post by: littlestevie360 on May 19, 2006, 09:53:00 AM
it says in the caption of the picture of the NAND flash that it contains the encrypted bootcode
Where the F*CK did they pull that from
anyone who has been snooping around would know that the bootcode and kernal are "burned" into the cpu along with all the keys and other important security info, not to mention that information is thrown around inside the cpu under a 4-way lockable cache (ie: to keep it away from prying eyes), and those of you who seem to think anything is hackable, it would be easier to break into the mint and steal a large sum of money then what it would be to crack open the cache when its locked, not to mention once its cracked then decrypting it,
next point they have a plee to infion (or how ever you spell it) for a TPM (Trusted Platform Module for those who dont know anything about Paladium or Trusted Computing its a 8bit secure processor that holds important keys and operates the security of Paladium or Trusted Computing). What use would anyone have in researching a TPM, i have done alot of research into it but i dont need one in my hands. Just the datasheets are fine. These TPM's are designed to be secure so the TPM is no entry point unless your some genious hacker who can get information out of devices which are made in such a way that they will never in a million years disclose there contents.
I cannot see the "Man-in-the-Middle" attack working either. Communication to the drive is handled by SATA, which is a Hi-Speed Communication port. The time it would take to A) decrypt the information,
figure out what the xbox360 needs to know, and C) re-encrypt it and send it to the console, dont you think the kernal would be processing a WTF command, to elaborate on that, decryption takes time unless we know the key that it is encrypted with. The encryption key is randomly generated every time you turn on the console so the device cant have it stored in memory because it changes. so when the conole starts a challenge/responce protocal communtication with the drive and the device decrypts reads sends the kernal most likely would of paniced.. it would be a WTF the dvd-drive should have replied by now it musnt be present (thus why i call it the WTF command)on another note i hope that Devil360 team can produce something that works (even though they dont seem to know some of the basics [not talking about the last point that was in responce to people on this board] of how the consoles security is built). i have been activly experementing with ideas on how to compromise the security of the xbox360, anyone who has any information on Paladium or the Bootsrap and Kernal please P.M me as im always looking for new information and possible vulnerabilities that i may have overlooked, credit will be given where due if anything does come out of information that is shared
Thanks in Advance,
Littlestevie360
Post by: Arch0n on June 03, 2006, 12:47:00 AM
3 days to go...
Maybe they're just stoked about going to see the Omen remake and wanted to share
Post by: JethroTul on June 06, 2006, 01:31:00 AM
Post by: pash on June 06, 2006, 01:29:00 PM
QUOTE
Service Temporarily Unavailable
The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
--------------------------------------------------------------------------------
Apache/1.3.33 Server at www.devil360.com Port 80
The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
--------------------------------------------------------------------------------
Apache/1.3.33 Server at www.devil360.com Port 80
Yeah, so that is there excuse. And they have a lot of emails to abuse!
Post by: sniffinpoprocks on June 07, 2006, 04:46:00 AM
-------------------------------
Our server is currently down due the huge amount of hits we received yesterday. We will move to more powerful servers and we hope to be back online tomorrow.
The Devil360 will be a modchip for the Xbox 360 console, the 'small' security hole has been found! This device is in no way related to the DVD firmware exploits - it's a totally different approach.
However we did not manage to get the product ready for today (6/6/6), because we are working hard on improving it to:
* Try to protect it from any type of update
* Make it programmable via PC
* Boot unsigned code
* Allow to swap HD with larger drive with a special interface between the 360 and the HD (all types IDE/SATA).
Submitted on Wed, 2006-06-07 06:44.
Post by: Ozy on June 07, 2006, 04:49:00 AM
Post by: sniffinpoprocks on June 07, 2006, 05:02:00 AM
We understand, certainly after the ICE modchip story, that people will not easily believe this so we will send prototypes to some scene sites as soon as they are ready, so they can confirm it's real.
The modchip will be sold without any code.
We also discovered some shops already take pre-orders for this product. Do not pre-order it!
We did not announce any distributors yet and the device will not go on pre-order until at least after the prototypes have been tested/reviewed by independent sites.
Submitted on