Xbox360 DVD Firmware Hacked

Status
Not open for further replies.
D

dipdude

Forerunner
Xbox360 DVD Firmware Hacked

As you know TheSpecialist and his team were working on a modified firmware for the Xbox 360. He already managed to make one for the original Xbox a while ago, and he announced this method was highly likely possible with the Xbox 360 too. From TheSpecialist on xboxhacker.net:

Months of hard work have come to an end. The 360 FW security details were posted a few days ago already, so why not make it official :-) It's been done.

And no, the team decided not to release a hacked FW. The security details are proof itself. The team advocates hacking, not piracy.

What is this? A bit more info...

The hack is a modified firmware of the Xbox 360 Hitachi-LG GDR-3120L DVD-ROM drive (the security in the Toshiba/Samsung TS-H943 is said to be similar, so it's probably also possible with this drive ... but it does require it's own hacked firmware of course).

As you (should) know, all Xbox 360 executables (XEX files) are signed by Microsoft (with a private key only MS has). This means that if you try to change anything to the XEX file, the signature will be wrong and the file will not boot.

Now ... to protect from booting an exact copy of a game from a DVD-R or other recordable media, microsoft gave each XEX file a 'mediaflag'. This mediaflag tells the Xbox 360 from which media (cd-r, dvd-r, dvd+r, dvd-rw, hdd, dvdxbox, dvdxbox360, ...) the XEX is allowed to boot. Changing this mediaflag in the XEX header is not an option as it'll break the signature of the file (see above), so ... what's done in this firmware hack is 'break' the detection of the disc.

Retail games usually get a mediaflag where they only allow 'dvdxbox360' (Xbox 360 discs - different than a normal DVD because it has some specific bad sectors and special info in lead-in/out that can't be written with a standard dvd burner). The modified firmware will trick the DVD drive into reporting a DVD-R (or other) as a DVDXBOX360 to the Xbox 360.

How can you do this?

Well, right now you can't. The firmware has not been released to the public because it would mostly be used for piracy and that's not what this team wants (unlike the original Xbox hack this can't be used (atleast not directly) for homebrew and linux fun). But the research done by these guys is public as you can read their discussions of the last few months on the xboxhacker.net forums, so people with good assembly experience should be able to duplicate this hack.

If the firmware was released, what would it mean?

Right now the Xbox 360 DVD firmware can't be flashed via PC (and for us, end-users, even less directly by the Xbox 360 itself (Microsoft could probably flash the drive from Xbox360 tho)), because there's no software to do this. Of course, drivers and flashing software for Xbox360 DVD drives could probably be written (and some people have been working on this), but so far this has not been done (atleast not publicly).

So, that means you'd have to open your Xbox 360, open your DVD drive and desolder the chip where the firmware is stored on.

Each Xbox 360 DVD drive has a unique key, if that key doesn't match what your console is expecting your DVD drive will not work.

So next you will need to read your current firmware chip with special hardware (flash programmer), to find your unique DVD 16 byte key (stored at 0x4F00). Then you'll have to insert this key in the modified firmware (or patch your original firmware) and program this modified firmware back on the firmware chip. Then put the firmware chip back in the drive, close DVD drive and Xbox 360 and I guess you're done.

As said above the hack would allow you to run MS-signed and unmodified XEX files only, so that also means the game must be of right region (as changing the regionflag in the XEX header would break the signature). Unsigned, homebrew executables would of course not work, again because signature check would fail.

LIVE and Updates ...

Can you go on LIVE with this hack? Well the firmware isn't released, so noone can try, but I'd guess it would work yes. The Xbox 360 itself is fully in 'normal state', nothing is modified to the Xbox 360 itself, it just gets 'wrong' info from the DVD drive. Of course if you start modifying non-signed files (like textures, ini files, ...) in order to cheat on LIVE or so MS could easily check for that.

Can Microsoft stop this firmware hack with forced LIVE updates? They could probably try detect a basic modified DVD firmware, but anything the Xbox 360 asks to the DVD drive goes via the DVD firmware, and if the firmware is 'open' in the hands of the hackers the firmware can probably each time be modified again to give the reply to the console expects. Microsoft could maybe do more with a HW security update ... but I'll let them analyse that.

Download Firmware: illegal and not released (see above)

Download Video: here[youtube], here[rapidshare.de], here[xbox-scene]

 
Cracked! Finally, lol. Earlier than i thought though. If the hacks good enough we can expect full rounds of pirated 360 games by 5 months time in Asia. There are groups already with an impressive collection of backed up 360 games just waiting for someone to crack the 360....now somebody tell them to release it to the public :P
 
Well... i did download the viedo and read the first fourr pages of the thread and as per my understanding even if it Hacked FirmWare of the DVD drive would be released it would be real tough to apply it as it would require a lot of other stuff and not to forget the Unique ID code of each of the drives...

What they have achieved is simply great but its not very easy to implement... Although they have kicked M$ where it hurts most by Showing them thats ITS DONE :ohyeah:
 
It was inevitable. They should just hand over the firmware to the pirates now as it will eventually reach them.
 
The Xbox games, not 360....M$ will provide firmware upgrades as more and more Xbox games become compatible on 360 but i guess it'll not be that important specially after certain point.
 
XBOX 360's latest hack is leaked to the public, but its usefulness to would-be pirates and warez community is questionable

Early today XBOXIC.com posted an interview with Robinsod, Microsoft's latest problem. Earlier this week we reported that a group of 6 hackers found a vulnerability in Microsoft's newest gaming console, the XBOX 360. This allowed them to boot a copied version of Project Gotham Racing 3.

The man who calls himself Robinsod is part of a group of 6 hackers who have tried to break the copy protection of the XBOX 360. However, according to Robinsod, they are not planning on releasing any specifics on how they went about loading a copied game disc on their consoles for very humble reasons. They did not want to hack the new XBOX to assist in or even encourage any type of piracy but to prove to themselves that they could.

Robinsod also provides some warnings for those who do try to replicate their findings. They will most likely turn their consoles into unusable "bricks" like a sort of "don't try this at home, kids" warning. However, Team Xecuter has planned to release a firmware patching utility for PCs to update the XBOX 360's DVD drive firmware and circumvent the copy protection. There is no word yet on how they are coming along but it should be interesting.

This is not the first time anyone has ever tinkered with the XBOX 360 and succeeded in finding what they shouldn't have been able to. Soon after the gaming system began shipping there was already a way to access the contents of the XBOX 360 hard drive to retreive save games. Soon after that the file system was decoded to allow one to access the structure of a game disc by a coding group that calls themselves "Pi". Though these cracks aren't very useful to the typical gamer they could be starting points to hacking the console and running all sorts of code on it which we have seen with the original XBOX system.

Sony's PlayStation 3 console is set to launch later this year in all major markets. According to recent announcements, Sony will be preloading the Linux OS onto the PS3 which should be very interesting to hackers all around the world. The question will then be "which gaming console will be the most difficult to hack?"
 
The interesting thing about linux on PS3 is that if some game dev made a linux game and compiled it for the Cell based target, he wouldn't have to pay any licensing fees.

Of course, if you had Linux running along with a game, the low RAM on the PS3 would probably kill you.
 
We’ve been asked from quite a few of you for a comment about the recent “hacked†Xbox 360. I got the official response for your perusal:

The core security system has not been broken. However, it is reported that the authentication protocol between the optical disc drive and the console may be attacked, which if accurate could allow people to play illegally copied games. Our security team is aware of this and we are investigating potential solutions to this issue. The Xbox 360 platform was designed to be updated, and we are prepared to respond appropriately should any unauthorized activity be identified.

Everyone should keep in mind that Microsoft invests a great deal of time and effort to ensure that Xbox gamers enjoy the most powerful and exhilarating game experience available today. Genuine and unmodified Microsoft Xbox products provide gamers with the reliability, security, support and dynamic gaming experience that they expect. Microsoft works with a large group of legitimate business partners to sell and service genuine Microsoft Xbox products. Microsoft does not authorize or support any products or companies that modify or change the Xbox console in any way.
 
Status
Not open for further replies.
Top Bottom