Jump to content


Photo

v1.4 and v1.5 Latest


  • Please log in to reply
378 replies to this topic

#1 Ubergeek

Ubergeek

    X-S Freak

  • Members
  • PipPipPipPipPip
  • 1,090 posts

Posted 12 September 2003 - 06:19 PM

Took the thumb out of my ass and tested v1.4 today along with the help of Troed.

First discovery is that a hacked X2 bios (4977) was flashed onboard and would not boot. Indicating possible TEA changes (initially assumed RC4 but that was unfounded as per the next finding)

Second discovery is that v1.4 Bios is identical to the 5101 Retail Bios. This of course indicates no RC4 changes.

Third discovery is that the 5101 would not boot over LPC indicating more hardware changes.

So if any of you want to become guinea pigs......


Try 5101 Original Bios with your LPC mods on a v1.4 - just to confirm findings

Try 5101 Original Bios with a 29 wire mod

Post your findings in here - keep it serious no silly questions - thanks

Thanks to Troed for his support - a huge talent in the scene.

#2 Troed

Troed

    X-S Expert

  • Members
  • PipPipPip
  • 523 posts

Posted 12 September 2003 - 06:44 PM

hey - you're the one with the tools wink.gif don't make me blush.

Just to make one thing clear: Atm the ONLY confirmed v1.4 boxes are the ones manufactured on 2003-07-29, with the 5 last digits in the serial number beginning with 33xxx.

If you can CONFIRM other dates/serials as 1.4 - please do so. Do NOT ask if xxxx and yyyy could be a v1.4 in this thread! This is not the place.

One theory worth consideration is that the v1.4 hardware _needs_ the 5101 bios for initialisation. That rules out modbioses since currently they're all based on older original Xbox bioses. A modbios based on 5101 would boot, if that theory holds. Please note - it's a theory among others. It's not tested yet.


#3 oz_paulb

oz_paulb

    X-S X-perience

  • Members
  • PipPip
  • 345 posts

Posted 12 September 2003 - 06:47 PM

QUOTE (Troed @ Sep 12 2003, 08:44 PM)
hey - you're the one with the tools wink.gif don't make me blush.

Just to make one thing clear: Atm the ONLY confirmed v1.4 boxes are the ones manufactured on 2003-07-29, with the 5 last digits in the serial number beginning with 33xxx.

If you can CONFIRM other dates/serials as 1.4 - please do so. Do NOT ask if xxxx and yyyy could be a v1.4 in this thread! This is not the place.

One theory worth consideration is that the v1.4 hardware _needs_ the 5101 bios for initialisation. That rules out modbioses since currently they're all based on older original Xbox bioses. A modbios based on 5101 would boot, if that theory holds. Please note - it's a theory among others. It's not tested yet.

It's been a while since I was looking at this stuff...

When the TEA version of the MCPX ROM came out, wasn't it also true that Visor's X-code workaround still worked?

Or, am I remembering incorrectly? (Again, it's been a while)

If it was true, I suppose someone should try the Visor X-code hack.

- Paulb


#4 chevrix

chevrix

    X-S Member

  • Members
  • Pip
  • 144 posts

Posted 12 September 2003 - 07:00 PM

QUOTE (Troed @ Sep 12 2003, 08:44 PM)
One theory worth consideration is that the v1.4 hardware _needs_ the 5101 bios for initialisation. That rules out modbioses since currently they're all based on older original Xbox bioses. A modbios based on 5101 would boot, if that theory holds. Please note - it's a theory among others. It's not tested yet.

Ubergeek just said
QUOTE
Third discovery is that the 5101 would not boot over LPC indicating more hardware changes.


So if I'm right, your theory is history now wink.gif

#5 Troed

Troed

    X-S Expert

  • Members
  • PipPipPip
  • 523 posts

Posted 12 September 2003 - 07:01 PM

QUOTE (chevrix @ Sep 12 2003, 08:00 PM)
QUOTE
Third discovery is that the 5101 would not boot over LPC indicating more hardware changes.


So if I'm right, your theory is history now wink.gif

Umm no - more changes to the LPC does not prove that .. it's however more _likely_ that the MCPX-holes used to boot modbioses have been closed. I just want that theory out in the open so as not to forget it.

#6 stealth

stealth

    X-S Senior Member

  • Members
  • PipPip
  • 176 posts

Posted 12 September 2003 - 07:11 PM

For those who have 1.4's don't forget the phoenix bios loader _should_ work fine. It would be worthwhile for someone to test it to make sure. Assuming you haven't taken the new dash update, you can use the font or audio exploit to run it. If you HAVE taken the dash update, you either need to revert back, or just use the mechassult to load it (note that it will always reset on eject if you do)

#7 Chamrock

Chamrock

    X-S X-perience

  • XS-BANNED
  • PipPip
  • 351 posts
  • Xbox Version:v1.6
  • 360 version:v3.0 (falcon)

Posted 12 September 2003 - 07:17 PM

I also have some thoughts about this. Try to de-solder the flash BIOS rom on the 1.4 and solder it to a 1.2/1.3 mobo. If it wonīt work on the 1.2/1.3 and it is still same BIOS, it could just use a different RC4 key. But if the 1.4 rom boots up on a 1.2/1.3 mobo some other hardware changes has been implemented. De-soldering an MCPX and study it would be interesting to compare as well.

Since I am a mod installer I got my hands on a 1.4 Xbox in Sweden. I will post more info regarding itīs serial number later since I donīt have access to my DV cam atm.

#8 oz_paulb

oz_paulb

    X-S X-perience

  • Members
  • PipPip
  • 345 posts

Posted 12 September 2003 - 07:24 PM

QUOTE (Troed @ Sep 12 2003, 09:01 PM)
QUOTE (chevrix @ Sep 12 2003, 08:00 PM)
QUOTE
Third discovery is that the 5101 would not boot over LPC indicating more hardware changes.


So if I'm right, your theory is history now wink.gif

Umm no - more changes to the LPC does not prove that .. it's however more _likely_ that the MCPX-holes used to boot modbioses have been closed. I just want that theory out in the open so as not to forget it.

Of course there's a million things they could have changed on the LPC...

I assume there's still an LPC port. If so, that implies that they still use it for factory testing/etc.

It could be as simple as the addresses on the LPC bus used for ROM - instead of accessing really high (FFFFFFFF-sizeof(flash)) addresses, it could be in a completely different region of memory. Most LPC modchips for Xbox are made to respond to 'high' addresses.

If MS were smart, they wouldn't have made it so simple. But, you never know.

Does anyone have the ability to monitor Flash accesses (logic analyzer/etc)?

- Paulb


#9 XanTium

XanTium

    Xanta Powa!

  • Admin
  • 3,110 posts
  • Location:Solaris
  • Xbox Version:v1.0
  • 360 version:v1 (xenon)

Posted 12 September 2003 - 07:36 PM

I got information that v1.4 is using the new TV output chip (not gpu, I mean that chip near the video output).

All older xboxes used a 'Conexant' chip, now MS is using a 'Focus' chip ... don't know if this change occured at the same moment as the new v1.4.
Change to Focus was announced begin august: http://theregister.c...t/54/32204.html

Not sure it can help you, but I just try to give you the info I got.

#10 Troed

Troed

    X-S Expert

  • Members
  • PipPipPip
  • 523 posts

Posted 12 September 2003 - 07:37 PM

I cannot flash my TSOP atm, but if anyone has a v1.4 to _play_ with - it would be interesting to see if x2_4972_final_v1.1_256k boots from the TSOP. (Judging from Ubergeeks testing with the original bios not booting from LPC, that's not worth testing). Do note, if you flash your working v1.4 with anything but the original bios it might stop working. Only do this if you know you can reprogram it again.

The reason for testing 4972 is that it does not use the "multi-version" hack [sorry I honestly don't remember the actual naming, and xboxhacker.net is down and so the thread with all the v1.1-hack info].

Thanks stealth for pointing out that softmods should still work - yes - I fully agree.

Chamrock: 100% match between 5101 and the bios in the 1.4 proves the RC4 is the same - does it not? You don't need a DV-cam to post the date and serialnumber smile.gif

Paulb: The motherboard in the v1.4 looks exactly like a v1.3 - no changes to the naked eye except Thomson dvdrom (since aug 2002 all xboxes in Europe has had Philips or Samsung). [edit: see post below about Focus videochip]

Edited by Troed, 12 September 2003 - 07:43 PM.


#11 Troed

Troed

    X-S Expert

  • Members
  • PipPipPip
  • 523 posts

Posted 12 September 2003 - 07:39 PM

QUOTE (XanTium @ Sep 12 2003, 08:36 PM)
I got information that v1.4 is using the new TV output chip (not gpu, I mean that chip near the video output).

All older xboxes used a 'Conexant' chip, now MS is using a 'Focus' chip ... don't know if this change occured at the same moment as the new v1.4.

Damn I'm blind. Confirmed - v1.4 use the Focus videochip. That's the obvious way to see if you got a v1.4 as of now I guess, if it's not disproven by anyone with a v1.3 and a Focus ..

This seems to disqualify the pictures at http://www.the-conso...version_1_4.htm as being pictures of a v1.4. I have my 1.4 next to me and can state with 100% certainty that it's a Focus.

[edit: this makes my theory about the need for a modbios based on 5101 more credible]

Edited by Troed, 12 September 2003 - 07:40 PM.


#12 XanTium

XanTium

    Xanta Powa!

  • Admin
  • 3,110 posts
  • Location:Solaris
  • Xbox Version:v1.0
  • 360 version:v1 (xenon)

Posted 12 September 2003 - 07:52 PM

QUOTE (Troed @ Sep 12 2003, 10:37 PM)
I cannot flash my TSOP atm, but if anyone has a v1.4 to _play_ with - it would be interesting to see if x2_4972_final_v1.1_256k boots from the TSOP. (Judging from Ubergeeks testing with the original bios not booting from LPC, that's not worth testing). Do note, if you flash your working v1.4 with anything but the original bios it might stop working. Only do this if you know you can reprogram it again.

The reason for testing 4972 is that it does not use the "multi-version" hack [sorry I honestly don't remember the actual naming, and xboxhacker.net is down and so the thread with all the v1.1-hack info].

yes, I came up with the same idea.

Only problem here ... as far as I know it has never been checked/proven that the RC4 didn't change since v1.1 ... might sound logic that MS would have fixed the multi-version exploit if they changed the RC4 ... but well, MS is not too smart wink.gif

Guess I'll have to try 4972 v1.1 on my v1.2 (also has 5101 kernel, so RC4 will probably be same as v1.4 - but again that's a guess).

#13 mirx999

mirx999

    X-S Freak

  • Members
  • PipPipPipPipPip
  • 1,476 posts

Posted 12 September 2003 - 08:06 PM

well judging by the findings here....I would have to think that either the LPC was changed or the MCPX was changed...29 wire mods should be tested first, in my opinion and if those don't work, I think you should try Chamrock's idea and solder in a 1.3 Winbond TSOP into the 1.4. does grounding d0 still enable the LPC?

#14 madmaniac

madmaniac

    X-S Enthusiast

  • Members
  • 20 posts

Posted 12 September 2003 - 08:30 PM

Brilliant findings so far guys! In my hand I have a 29-wire modchip with 5101 on it, and tomorrow I will solder it in a 1.4! This will hopefully confirm many things!

I will keep you updated!

#15 Chamrock

Chamrock

    X-S X-perience

  • XS-BANNED
  • PipPip
  • 351 posts
  • Xbox Version:v1.6
  • 360 version:v3.0 (falcon)

Posted 12 September 2003 - 08:59 PM

Not sure if this will help, but this Xbox was manufactured in 2003-07-29 and the serial number is 6101517 33105. It is equipped with a FOCUS tv out chip and a Thomson DVD.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users