Barely a day has gone by since the <a href="http://www.maxconsole.net/?mode=news&newsid=6367" target="_blank">video release of the world's first Xbox 360 hack</a>. This has brought alot of controversy across a lot of forums at the web, some question what exactly this is, some question if it's real and some fear this will be the start of mass piracy on the Xbox 360, we have scoured the web to what we hopefully brings to you everything of any great worth which has been said with regards to this hack. The following information comes by way of <a href="http://www.xboxhacker.net/index.php?option=com_smf&Itemid=33&topic=481.160" target="_blank">XboxHacker.net</a> <a href="http://www.xbox-scene.com/xbox1data/sep/EEukZpklFAhkcWwSgZ.php" target="_blank">Xbox-Scene</a>.

Why isn't this so-called Hack getting released to the public ?

It's simple Thespecialist and his crew we believe done this hack for the pure challenge, it was intrinsic motivation that led them to this. If you see in the beginning of the video, they are taking a jibe at the MS security expert who said with the Xbox 360 we will see security levels higher than ever before. If it was released to the public (it appears not to strictly illegal), the creators could get into some serious trouble (In my honest opnion, despite the quote to follow), I don't think Microsoft would be too happy about their next generation console promising next generation security running copies of games within 4 months. Seeing as there hasn't really been time for a 360-scene development team to develop and build on applications such as Xbox Media Center and emulators for the Xbox 360, the only purpose of this hack would be to promote piracy (If released publicly) on the Xbox 360, which is certainly not what The Specialist and his crew want to do. Others of you have come up with theories that it was released to take the heat off the creators, and make way for a series of Xbox 360 mods in similar to fashion when TMBINC released the first GC Mod schematics. I seriously do not think TS and his crew have any intention of this, like I say they are clearly very talented guys, in most likely well paid jobs who have a passion for challenges such as hacking the Xbox 360. RobinsonD, one of the contributors can be quoted as saying -


Lets kill this once and for all. We could just upload the file through Tor or some open WLAN or use some other anonymous mechanism. But we wont. The fact is that it would simply enable spotty kids to steal games. Thats all its good for, no unsigned code & no region free. I have a certain ammount of sympathy for people with small kids (like me - the little buggers never put the disks away) but then MS should provide replacement disks for a nominal fee since you bought a license to use the software even if the media containing it is damaged.

It's not fear of lawyers that stops us releasing we simply dont advocate or encourage piracy.

My only hope for this hack is that it gives us a new attack vector against the Kernel & as Spec said, the guys at free60 are hackers, they can figure this out for themselves. Beyond that its a cheap and cheesey hack that spoofs the below par 'original disk detection' to boot a DVD+R. If MS would do the decent thing and give us some form of homebrew SDK (Like Sony did with the Net Yarozee - I had some fun with that!) then there'd be no excuse for any of this


The video isn't Fake

Alot of contributers to the project have had many an experience with this kind off stuff, none more so than The Specialist who also help hack the original Xbox Firmware. It is very true that there may just well have been another Xbox 360 round the back of the TV, but well it isn't a fake, not just by going the reputation of thos involved. TheSpecialist even released a new video, this time 100MB in size which has better audio quality and details.


As SeventhSon said, if this is a fake it should be easy to prove. Look at the stock DVD firmware and compare it with the CR protocol post and the Sector Decryptor. Hot Swap a game disk and go look at the place holders and see if you can find the CR data in the sectors specified. Heres the CR data for both of the Type 1 response in PGR3 PAL:

CID CD RD Sector Range
79 8D8AC269 EA9536DB FCB930 FCC92F
16 CBD9E4E1 62B5B3F7 20F8F0 2108EF

Obviously this doen't help the non technical people but there ought to be enough capable bodies out there who can debunk this IF it is a fake.

About the video: it was released for fun, not as 'proof'. A video can't proof anything actually. The proof is in the technical details in the HW section of this site, but of course, you'll need some knowledge to understand these. But like said before, if the info is not correct, we'll sure as hell be proven wrong soon

Anyway, If we had shown the back, ppl would have said that we had hid the xbox UNDER the table. if we had shown under the table, ppl would have said that we had hid the xbox IN the TV. If we had opened the TV, ppl would have said we had put a wireless receiver IN the TV. If we had shown all HW IN the TV, ppl would have said we had edited the video. Hehe.

Best frame you can see what your supposedly 360 is, is the frame just before the screen goes red.

I think the best 'proof' of this video is in the laser movement. It's reading the responses from disc, from the outer area. Try to get your 360's laser to do the same movement when YOU insert a DVD-R. Also, listen to the sound of the disc spinning up and try to get your drive to do that when you insert a backup.


The following comes from an article at <a href="http://www.xbox-scene.com/xbox1data/sep/EEukZpklFAhkcWwSgZ.php" target="_blank">Xbox-Scene</a>.

What Exactly is this Hack ?

The hack is a modified firmware of the Xbox 360 Hitachi-LG GDR-3120L DVD-ROM drive (the security in the Toshiba/Samsung TS-H943 is said to be similar, so it's probably also possible with this drive ... but it does require it's own hacked firmware of course).

If the firmware was released, what would it mean?
Right now the Xbox 360 DVD firmware can't be flashed via PC (and for us, end-users, even less directly by the Xbox 360 itself (Microsoft could probably flash the drive from Xbox360 tho)), because there's no software to do this. Of course, drivers and flashing software for Xbox360 DVD drives could probably be written (and some people have been working on this), but so far this has not been done (atleast not publicly).
So, that means you'd have to open your Xbox 360, open your DVD drive and desolder the chip where the firmware is stored on.

Each Xbox 360 DVD drive has a unique key, if that key doesn't match what your console is expecting your DVD drive will not work.
So next you will need to read your current firmware chip with special hardware (flash programmer), to find your unique DVD 16 byte key (stored at 0x4F00). Then you'll have to insert this key in the modified firmware (or patch your original firmware) and program this modified firmware back on the firmware chip. Then put the firmware chip back in the drive, close DVD drive and Xbox 360 and I guess you're done.

As said above the hack would allow you to run MS-signed and unmodified XEX files only, so that also means the game must be of right region (as changing the regionflag in the XEX header would break the signature). Unsigned, homebrew executables would of course not work, again because signature check would fail.

LIVE and Updates ...

Can you go on LIVE with this hack? Well the firmware isn't released, so noone can try, but I'd guess it would work yes. The Xbox 360 itself is fully in 'normal state', nothing is modified to the Xbox 360 itself, it just gets 'wrong' info from the DVD drive. Of course if you start modifying non-signed files (like textures, ini files, ...) in order to cheat on LIVE or so MS could easily check for that.
Can Microsoft stop this firmware hack with forced LIVE updates? They could probably try detect a basic modified DVD firmware, but anything the Xbox 360 asks to the DVD drive goes via the DVD firmware, and if the firmware is 'open' in the hands of the hackers the firmware can probably each time be modified again to give the reply to the console expects. Microsoft could maybe do more with a HW security update ... but I'll let them analyse that.

As you (should) know, all Xbox 360 executables (XEX files) are signed by Microsoft (with a private key only MS has). This means that if you try to change anything to the XEX file, the signature will be wrong and the file will not boot.

Now ... to protect from booting an exact copy of a game from a DVD-R or other recordable media, microsoft gave each XEX file a 'mediaflag'. This mediaflag tells the Xbox 360 from which media (cd-r, dvd-r, dvd+r, dvd-rw, hdd, dvdxbox, dvdxbox360, ...) the XEX is allowed to boot. Changing this mediaflag in the XEX header is not an option as it'll break the signature of the file (see above), so ... what's done in this firmware hack is 'break' the detection of the disc.

Retail games usually get a mediaflag where they only allow 'dvdxbox360' (Xbox 360 discs - different than a normal DVD because it has some specific bad sectors and special info in lead-in/out that can't be written with a standard dvd burner). The modified firmware will trick the DVD drive into reporting a DVD-R (or other) as a DVDXBOX360 to the Xbox 360.

Read Original Artice: <a href="<a href="http://www.maxconsole.net/?mode=news&newsid=6367" target="_Blank">
The Xbox 360 Firmware 100% Hacked - PGR3 Back Up Running *Update* Video Available!</a>

the one thing I can still not understand,whe all know that PGR3 is a DL game 7gigs in total,yet they use a singel layer DVD(4.5gig) in the video,and say its a 1:1 backup :confused:

the one thing I can still not understand,whe all know that PGR3 is a DL game 7gigs in total,yet they use a singel layer DVD(4.5gig) in the video,and say its a 1:1 backup :confused:


Um how do you know its not a dual layer DVD 9 disc? The front of the disc is completly white with only sharpie writing on it so how do you get its only a DVD 5 disc?

the one thing I can still not understand,whe all know that PGR3 is a DL game 7gigs in total,yet they use a singel layer DVD(4.5gig) in the video,and say its a 1:1 backup :confused:
What makes u say its a single layer DVD? I mean it looks like a printable mesh to me (pretty suspect actually) but Im not sure how u can tell its single layer, cause if u can, that would pretty much debunk the video.

It's prolly 1:1 on a dual. Even if it isn't (big if), what would it matter. It's enough to quiet a lot of controversy
These best part was this :p :
"Anyway, If we had shown the back, ppl would have said that we had hid the xbox UNDER the table. if we had shown under the table, ppl would have said that we had hid the xbox IN the TV. If we had opened the TV, ppl would have said we had put a wireless receiver IN the TV. If we had shown all HW IN the TV, ppl would have said we had edited the video. Hehe."
it's so true

On the HQ video ,zoom in on the disc(when its upside down) you can see the outer rim of the data,A DL disc the data rim isnt that visable,might just be a shadow but Im allmost sure...

no matter what mumbo jumbo people say, until we get to try it ourselves it should definitely be considered faked up beyond all recognition

i dont even know if pritable dual layer disc exsist i havent looked much into dual layer media soo yeah

Look Im not saying its fake,dont get me wrong,its just interesting.

Most likely the only burnt the first layer of the disc(onto a normal DVD) and the second layer only contains data thats needed much later in the game,it would save them alot of $$ to test the discs that way.

example of printable DVD+RL media:
http://www.meritline.com/dual-layer-dvd-r-dl-double-layer-dvd-r-white-inkjet-sample.html

And on the xbox hacker site they do claim they used DL media.

its not a fake. my dl disks look like that. even the white top. and its good they arent releasing it so all these pirate kids dont download games and actually buy them.

Whell I gess I was wrong then :)

Well done, guys. I think the best part is not the hacking of the firmware - but the decency to say 'no' to releasing it into the wild. You're spot-on - little bastard kids would just pirate their asses off. All I would want a firmware hack for is homebrew (imagine XBMC running off the sheer grunt of a 360!).

Keep up the great work. You're a fine example of what hacking should have always been about - the challenge, not piracy.

wedge

Did any one els spot this on Team xecuters site:

What is this?

It's a modified firmware of the Xbox 360 DVD-ROM drive.

As you (should) know, all Xbox 360 executables (XEX files) are signed by
Microsoft (with a private key only MS has). This means that if you try to change
anything to the XEX file, the signature will be wrong and the file will not
boot.

Now ... to protect from booting an exact 1:1 copy of a game from a DVD-+R,
microsoft gave each XEX file a 'mediaflag'. This mediaflag tells the Xbox 360
from which media (cd-r, dvd-r, dvd+r, dvd-rw, hdd, dvdxbox, dvdxbox360, ...).
Changing this mediaflag in XEX is not an option as it'll break the signature
(see above), so ... what's done in this firmware hack is 'break' the detection
of the disc.



(Pretty much) all the information you need is in these threads.


http://www.xboxhacker.net/forums/index.php?topic=455.0


http://www.xboxhacker.net/forums/index.php?topic=329.0


http://www.xboxhacker.net/forums/index.php?topic=359.0


http://www.xboxhacker.net/forums/index.php?topic=258.0

From what we can tell so far is that the game image will have to be patched
too - We can smell a new feature for Qwix 2 Wink

The scene can expect a hack for all drives very soon (It's currently only
Hitachi) - you can be assured that it will be released although I don't think
modchips will be any kind of business as its a pure piracy mod - no homebrew at all.


Does that mean there working on it :D

I would be floored if Xecuter were the ones to release this kind of hack. Like they said this has nothing to do with making a mod chip and mod chips is how they make there money.

I would be floored if Xecuter were the ones to release this kind of hack. Like they said this has nothing to do with making a mod chip and mod chips is how they make there money.

I wouldn't be floored if they were to do so, they have done some development in the past not DIRECTLY for money, maybe to improve reputation for sure and sales.

The fact that they clearly said (It's currently only Hitachi),might mean that they might have reproduced it allready,or Im just over excited and they where pionting at XH work,lets just wait and see what comes of this...

BTW here a direct link to the article http://www.teamxecuter.com/index.php?name=News&file=article&sid=215&CMSSESSID=20937309afea27df8bad9c230b293d10

Great News, but I dont think its so easy as it seems to break the protection (or protections) of xbox360.

I can smell a Duo360 laser mod being developed soon enough.. Someone just got to crack how to generate the DVD security key on the fly and we are all home free - replacement DVD lasers anyone?

People who want this spoon fed to them still don't seem to understand that it will only work on one xbox atm - you need to extract the 16 byte key from the DVD Drive to make it work on your console, which at this time you need some steady hands and a chip programmer to extract. There does seem to be some development on a compare and replace software fw programmer tho, still it would have to skip the sector with the key or every 360 would fry.

I just have one question about this though, what happens when you try to play a music CD in the console?

I think it would probebly be easyer to just patch the oreginal firmware on the fly,similar to whats done with Ps2's,that way the key ect... stays in the right place,only the data thats needed to be changes is changed.

you can extract the key and the firmware using software alone. no soldering needed. if you want to know how go read. you can't flash the drive using software. that requires desoldering.

What makes everyone so sure this video is even real? There is no reason why a 2nd xbox couldn't have been plugged into the back of the tv. So far we have been given 1 reason why this couldn't be, supposedly the 360 drive mechanisms don't work that way when you just insert a regular dvd-r on a non-hacked 360. Is everyone forgetting that there is a working dvd-r? Namely the kiosk iso? I'm not saying the video is fake but it could very easily be. Here's how: Take 360 apart, burn the kiosk disc to dvd-r, write PGR3 on it, put it in the 360 and hook up to the tv via composite. Hook up a 2nd 360 via scart/component in the back booting a retail PGR3. Voila. The "hacked" 360 will look like it's booting a dvd-r of PGR3, internal drive mechanisms and all, when in reality it's booting a dvd-r of the kiosk demo disc. The only real way to know if this is genuine is to either release the hacked firmware or make a new video showing which input the tv is on.

Greendude: the proof is in the details. learn some technical details that will help your understanding of how the drive authorization works. Its over on the forums where this hack was developed. you are still looking at it for face value of the video which i understand i do that mostly too but there is a whole back story of the development of this hack that helps prove it.

Major modchip teams have come out and said it is real. specificly Team Xecuter which has said they are attempting to reproduce this hack.

Also look at the high quailty orginal video that was posted with the orginal sound. It has perfect sync with the console turning on. This further proves it for me.

Another thing that proves it is that i have had personal contact with TheSpecialist back in december and his interests are purely technical and not in orcastrating hoaxes. He also include me in the list of people who made important contributions so i am more inclined to beleive it having participated in the orginal discussions.

the orginal post about the hack is here
http://www.xboxhacker.net/index.php?option=com_smf&Itemid=33&topic=481.0
it has the link for the orginal video with orginal sound before it was made into what the video was released as.

I believe that this actually does proves MS claim about the security.
The general gaming public isn't going to go thru all this as did this group.
So while the 360 was perhaps hacked, but only by a small margin.

chinese_fury: I will agree on the small margin due to the only running MS signed code but not on the general public remarks. I think many people are willing to open up their 360 drive and replace a flash ship or solder one in parrellel like was used for the first generation xbox 1 chips. while those were for the xboxs firmware itself it still proves the willingness of the public to solder a 31 wire solution into their box if it mods the box for their purposes.

That being said there are holes in the drive that allow the uploading and execution of your own code to the drive without modification. This i think will lead to pure software solutions. example.
hook drive up to pc->flash drive using custom application to a modifed firmware-> put it back in the box and roll.

wow, running backup games on the 360 without a mod?!? am i dreaming?? :D

ive happen to come across this dvd hack on a certain site.

Rared - 11.0MB
Unrared - 11.0MB

Il only be partying when the Xbox360 is fully exploited like the Xbox currently is, until then, il be sleeping....

i posted a tutorial on flashing the firmware, look for it thanks, posted in the wrong section sorry for the inconvience:eek:

do this hack need a modchip? what do i need to make it work? i read some where else, all you need is update your dvd player firmware.... is that it?

:confused: :confused: :confused:

Yep that all you need to do and If you live in the uk I can do it for you send me a pm.


vamos a ver

yo en verdad no lo creo pero bueno

i saw it my self