xboxscene.org forums

OG Xbox Forums => No-Modchip Hacks (exploits) => XBE Exploits => Topic started by: GRiFFBALL on July 04, 2003, 03:42:00 PM

Title: Xtf File.....
Post by: GRiFFBALL on July 04, 2003, 03:42:00 PM
i think the default.xbe is something to do with it loading linux as it says linux in it wen i opened it with c++.
has anyone tried  putting the evox dash (for example) as default.xbe and deleting the one with the xploit.rar? try loading that.  i think the xtf files load the default xbe which in turn loads linux. so if we take out the xbe and just load exox it may work
or...
even better is there a mega x key xbe?
if yes rename to defaul.xbe and put the complex !loader files where linux should be eg,
c:fontsxtf files ------------->c:default.xbe--------------->e:linux[loads complex]----------------->boot !loader
just another theory lol
Title: Xtf File.....
Post by: zaltar on July 04, 2003, 03:46:00 PM
old and disproved theory, read around http://forums.xbox-s...ST&f=45&t=72446, already tried with evox, didnt work, if anyone else can verify... I'm betting theres something in the xtf files, but thats just a guess.
Title: Xtf File.....
Post by: p0pp on July 04, 2003, 03:46:00 PM
Well actually I know default.xbe loads linux it is just the linux loader xbe....  It has been around for a while.  The problem is trying to load other xbes in its place...  Which is loaded from the xtf file and i believe a check is made with the 2 RSA nums.....
Title: Xtf File.....
Post by: GRiFFBALL on July 04, 2003, 03:48:00 PM
bert.xtf is the underflow thingy
and the ernie.xtf is ther brains - buffer overflow and loads  default.xbe?
correct?
Title: Xtf File.....
Post by: p0pp on July 04, 2003, 03:50:00 PM
right.....  so the 'lock' thing has to be in the ernie.xtf
Title: Xtf File.....
Post by: GRiFFBALL on July 04, 2003, 03:55:00 PM
thats what i think
the ernie.xtf loads the xbe - i think
so this is were we would need to patch the kernel?
Title: Xtf File.....
Post by: p0pp on July 04, 2003, 04:02:00 PM
it whould seem right before the xbe is loaded.....  then we could unpatch it right after the xbe is loaded.....

the exact spot is hard to tell... that is why i need to see if there is a util to open/edit/create these files
Title: Xtf File.....
Post by: GRiFFBALL on July 04, 2003, 04:05:00 PM
try this
xtf file format
Title: Xtf File.....
Post by: p0pp on July 04, 2003, 04:11:00 PM
Thanks!

Also I noticed something else in the dump I have...  Just a little before the xbe is loaded there is a 'PE'  This could indicate the begining of an executables code.

Now as far as i understand it the font files are copied to memory then they are 'run'  so if during the running of the font files it sees PE it will believe it is an executable and then execute it...  Thus loading the 'program' that loaded the default xbe....

So if that is true we can replace 'code' after the PE (keeping the PE file format) and it will run our own code!!!!!
Title: Xtf File.....
Post by: GRiFFBALL on July 04, 2003, 04:20:00 PM
sweet im looking for some more xtf info for you to keep the ball rolling
Title: Xtf File.....
Post by: MomDad on July 04, 2003, 04:24:00 PM
A lot of the info in this thread can be referenced from known info from earlier posts yesterday/today.

GRiFF, the XBox .xtf is a proprietary format/extension. The extension described in your link appears to be for software dealing with Sonars smile.gif [edit: at a glance, xtf's appear to be in the same format as font texture packed resources in the .xpr files (as is used for fonts in other xbox apps)]

p0pp, as for necessary tools -- XDK, VS, and a decent hex editor.  the .xtf's can be hand-edited even.

Executable code begins at 0x76FDCA
Title: Xtf File.....
Post by: p0pp on July 04, 2003, 04:26:00 PM
Yes I know all that.....

I was just hoping for an easier way to edit it......

I have been trying stuff by hand for a long time now....
Title: Xtf File.....
Post by: GRiFFBALL on July 04, 2003, 04:29:00 PM
QUOTE (MomDad @ Jul 5 2003, 01:24 AM)
GRiFF, the XBox .xtf is a proprietary format/extension. The extension described in your link appears to be for software dealing with Sonars smile.gif

lol its late here smile.gif  i thought i was onto something when it said xtf file format - guess not
Title: Xtf File.....
Post by: p0pp on July 04, 2003, 04:33:00 PM
Hey dont worry about it.....  Atleast you were trying to help smile.gif smile.gif
Title: Xtf File.....
Post by: Col.Havoc on July 04, 2003, 04:54:00 PM
Just to say, good brainstorming between the two of you.

So, if the .xtf files tell the xbox to run a default.xbe file, and so far it only runs linux, could there have to be a certain starting line perhaps in the default.xbe?
Title: Xtf File.....
Post by: p0pp on July 04, 2003, 05:04:00 PM
No the xbe is just a plain old xbe...  The font file does all the magic!  Specifically the very end of the ernie.xtf....
Title: Xtf File.....
Post by: Col.Havoc on July 04, 2003, 05:08:00 PM
I should really get into coding.......
Title: Xtf File.....
Post by: p0pp on July 04, 2003, 05:09:00 PM
As should I.... and I'm off!!!!
Title: Xtf File.....
Post by: Col.Havoc on July 04, 2003, 05:28:00 PM
QUOTE (p0pp @ Jul 4 2003, 10:09 PM)
As should I.... and I'm off!!!!

good luck to you.
Title: Xtf File.....
Post by: zaltar on July 04, 2003, 09:37:00 PM
just wanted to add in my thoughts, may they be idiotic and completely wrong, or helpful, no flames please.  If the xtf file contains some executable code in binary format to run default.xbe (linux bootloader) and we just disassemble that code to see what its doing and change it to run somethign other than linux?  Or am i just completely off the ball here?
Title: Xtf File.....
Post by: K-Naledge on July 04, 2003, 09:48:00 PM
As stated it's pretty set in stone right now that you would have to edit/rehash the existing kernal to be able to do other activities aside from loading linux... as we can only assume that the way this file is structured... it's being designed off the current kernal (thus why it wins the lunix competition... purposely misepelled)

But an encouraging idea nonetheless. Why not give it a try?
Title: Xtf File.....
Post by: GRiFFBALL on July 05, 2003, 02:55:00 AM
i just opened the st.db file from the audio exploit and it has a reference to  e:linux.xbe
i also noticed that the default.xbe and linux.xbe are the same.
so both the font files and the st.db tell the xbox to load linux.xbe or default.xbe.
both of these arent signed so how do they run?  games should run too.
has anyone tried booting d:default.xbe? then if it has anything to do with signatures then the backups wont run and originals will.
also
what if we modified the default.xbe linux loader into an app loader like !complex as this will patch the kernel for us allowing us to boot homebrew.
Title: Xtf File.....
Post by: d3tr0it on July 05, 2003, 03:10:00 AM
QUOTE
i also noticed that the default.xbe and linux.xbe are the same.


default.xbe and linux.xbe are not the same... Well ofcourse they are the same program but they dont have the same RSA digital signature.

Check them with xbedump and yall see. Or I may be wrong here in what you ment...
Title: Xtf File.....
Post by: GRiFFBALL on July 05, 2003, 08:43:00 AM
yes i meant the same bootloader but it doesnt matter now does it?